StaticSecret

akeyless 2.0.1, Apr 27 26

Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community

akeyless-community/terraform-provider-akeyless

Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community

akeyless-community/terraform-provider-akeyless

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as akeyless from "@pulumi/akeyless";

const secret = new akeyless.StaticSecret("secret", {
    path: "terraform/secret",
    value: "this value was set from terraform",
});

import pulumi
import pulumi_akeyless as akeyless

secret = akeyless.StaticSecret("secret",
    path="terraform/secret",
    value="this value was set from terraform")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/akeyless/v2/akeyless"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := akeyless.NewStaticSecret(ctx, "secret", &akeyless.StaticSecretArgs{
			Path:  pulumi.String("terraform/secret"),
			Value: pulumi.String("this value was set from terraform"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Akeyless = Pulumi.Akeyless;

return await Deployment.RunAsync(() => 
{
    var secret = new Akeyless.StaticSecret("secret", new()
    {
        Path = "terraform/secret",
        Value = "this value was set from terraform",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.akeyless.StaticSecret;
import com.pulumi.akeyless.StaticSecretArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var secret = new StaticSecret("secret", StaticSecretArgs.builder()
            .path("terraform/secret")
            .value("this value was set from terraform")
            .build());

    }
}

resources:
  secret:
    type: akeyless:StaticSecret
    properties:
      path: terraform/secret
      value: this value was set from terraform

Create StaticSecret Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new StaticSecret(name: string, args: StaticSecretArgs, opts?: CustomResourceOptions);

@overload
def StaticSecret(resource_name: str,
                 args: StaticSecretArgs,
                 opts: Optional[ResourceOptions] = None)

@overload
def StaticSecret(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 path: Optional[str] = None,
                 protection_key: Optional[str] = None,
                 secure_access_ssh_user: Optional[str] = None,
                 delete_protection: Optional[str] = None,
                 description: Optional[str] = None,
                 format: Optional[str] = None,
                 ignore_cache: Optional[str] = None,
                 inject_urls: Optional[Sequence[str]] = None,
                 item_custom_fields: Optional[Mapping[str, str]] = None,
                 keep_prev_version: Optional[str] = None,
                 max_versions: Optional[str] = None,
                 multiline_value: Optional[bool] = None,
                 password: Optional[str] = None,
                 change_event: Optional[str] = None,
                 accessibility: Optional[str] = None,
                 custom_field: Optional[Mapping[str, str]] = None,
                 secure_access_certificate_issuer: Optional[str] = None,
                 secure_access_web: Optional[bool] = None,
                 secure_access_hosts: Optional[Sequence[str]] = None,
                 secure_access_rdp_user: Optional[str] = None,
                 secure_access_ssh_creds: Optional[str] = None,
                 secure_access_enable: Optional[str] = None,
                 secure_access_url: Optional[str] = None,
                 secure_access_gateway: Optional[str] = None,
                 secure_access_web_browsing: Optional[bool] = None,
                 secure_access_web_proxy: Optional[bool] = None,
                 static_secret_id: Optional[str] = None,
                 tags: Optional[Sequence[str]] = None,
                 type: Optional[str] = None,
                 username: Optional[str] = None,
                 value: Optional[str] = None)

func NewStaticSecret(ctx *Context, name string, args StaticSecretArgs, opts ...ResourceOption) (*StaticSecret, error)

public StaticSecret(string name, StaticSecretArgs args, CustomResourceOptions? opts = null)

public StaticSecret(String name, StaticSecretArgs args)
public StaticSecret(String name, StaticSecretArgs args, CustomResourceOptions options)

type: akeyless:StaticSecret
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args StaticSecretArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args StaticSecretArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args StaticSecretArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args StaticSecretArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args StaticSecretArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var staticSecretResource = new Akeyless.StaticSecret("staticSecretResource", new()
{
    Path = "string",
    ProtectionKey = "string",
    SecureAccessSshUser = "string",
    DeleteProtection = "string",
    Description = "string",
    Format = "string",
    IgnoreCache = "string",
    InjectUrls = new[]
    {
        "string",
    },
    ItemCustomFields = 
    {
        { "string", "string" },
    },
    KeepPrevVersion = "string",
    MaxVersions = "string",
    MultilineValue = false,
    Password = "string",
    ChangeEvent = "string",
    Accessibility = "string",
    CustomField = 
    {
        { "string", "string" },
    },
    SecureAccessCertificateIssuer = "string",
    SecureAccessWeb = false,
    SecureAccessHosts = new[]
    {
        "string",
    },
    SecureAccessRdpUser = "string",
    SecureAccessSshCreds = "string",
    SecureAccessEnable = "string",
    SecureAccessUrl = "string",
    SecureAccessGateway = "string",
    SecureAccessWebBrowsing = false,
    SecureAccessWebProxy = false,
    StaticSecretId = "string",
    Tags = new[]
    {
        "string",
    },
    Type = "string",
    Username = "string",
    Value = "string",
});

example, err := akeyless.NewStaticSecret(ctx, "staticSecretResource", &akeyless.StaticSecretArgs{
	Path:                pulumi.String("string"),
	ProtectionKey:       pulumi.String("string"),
	SecureAccessSshUser: pulumi.String("string"),
	DeleteProtection:    pulumi.String("string"),
	Description:         pulumi.String("string"),
	Format:              pulumi.String("string"),
	IgnoreCache:         pulumi.String("string"),
	InjectUrls: pulumi.StringArray{
		pulumi.String("string"),
	},
	ItemCustomFields: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	KeepPrevVersion: pulumi.String("string"),
	MaxVersions:     pulumi.String("string"),
	MultilineValue:  pulumi.Bool(false),
	Password:        pulumi.String("string"),
	ChangeEvent:     pulumi.String("string"),
	Accessibility:   pulumi.String("string"),
	CustomField: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	SecureAccessCertificateIssuer: pulumi.String("string"),
	SecureAccessWeb:               pulumi.Bool(false),
	SecureAccessHosts: pulumi.StringArray{
		pulumi.String("string"),
	},
	SecureAccessRdpUser:     pulumi.String("string"),
	SecureAccessSshCreds:    pulumi.String("string"),
	SecureAccessEnable:      pulumi.String("string"),
	SecureAccessUrl:         pulumi.String("string"),
	SecureAccessGateway:     pulumi.String("string"),
	SecureAccessWebBrowsing: pulumi.Bool(false),
	SecureAccessWebProxy:    pulumi.Bool(false),
	StaticSecretId:          pulumi.String("string"),
	Tags: pulumi.StringArray{
		pulumi.String("string"),
	},
	Type:     pulumi.String("string"),
	Username: pulumi.String("string"),
	Value:    pulumi.String("string"),
})

var staticSecretResource = new StaticSecret("staticSecretResource", StaticSecretArgs.builder()
    .path("string")
    .protectionKey("string")
    .secureAccessSshUser("string")
    .deleteProtection("string")
    .description("string")
    .format("string")
    .ignoreCache("string")
    .injectUrls("string")
    .itemCustomFields(Map.of("string", "string"))
    .keepPrevVersion("string")
    .maxVersions("string")
    .multilineValue(false)
    .password("string")
    .changeEvent("string")
    .accessibility("string")
    .customField(Map.of("string", "string"))
    .secureAccessCertificateIssuer("string")
    .secureAccessWeb(false)
    .secureAccessHosts("string")
    .secureAccessRdpUser("string")
    .secureAccessSshCreds("string")
    .secureAccessEnable("string")
    .secureAccessUrl("string")
    .secureAccessGateway("string")
    .secureAccessWebBrowsing(false)
    .secureAccessWebProxy(false)
    .staticSecretId("string")
    .tags("string")
    .type("string")
    .username("string")
    .value("string")
    .build());

static_secret_resource = akeyless.StaticSecret("staticSecretResource",
    path="string",
    protection_key="string",
    secure_access_ssh_user="string",
    delete_protection="string",
    description="string",
    format="string",
    ignore_cache="string",
    inject_urls=["string"],
    item_custom_fields={
        "string": "string",
    },
    keep_prev_version="string",
    max_versions="string",
    multiline_value=False,
    password="string",
    change_event="string",
    accessibility="string",
    custom_field={
        "string": "string",
    },
    secure_access_certificate_issuer="string",
    secure_access_web=False,
    secure_access_hosts=["string"],
    secure_access_rdp_user="string",
    secure_access_ssh_creds="string",
    secure_access_enable="string",
    secure_access_url="string",
    secure_access_gateway="string",
    secure_access_web_browsing=False,
    secure_access_web_proxy=False,
    static_secret_id="string",
    tags=["string"],
    type="string",
    username="string",
    value="string")

const staticSecretResource = new akeyless.StaticSecret("staticSecretResource", {
    path: "string",
    protectionKey: "string",
    secureAccessSshUser: "string",
    deleteProtection: "string",
    description: "string",
    format: "string",
    ignoreCache: "string",
    injectUrls: ["string"],
    itemCustomFields: {
        string: "string",
    },
    keepPrevVersion: "string",
    maxVersions: "string",
    multilineValue: false,
    password: "string",
    changeEvent: "string",
    accessibility: "string",
    customField: {
        string: "string",
    },
    secureAccessCertificateIssuer: "string",
    secureAccessWeb: false,
    secureAccessHosts: ["string"],
    secureAccessRdpUser: "string",
    secureAccessSshCreds: "string",
    secureAccessEnable: "string",
    secureAccessUrl: "string",
    secureAccessGateway: "string",
    secureAccessWebBrowsing: false,
    secureAccessWebProxy: false,
    staticSecretId: "string",
    tags: ["string"],
    type: "string",
    username: "string",
    value: "string",
});

type: akeyless:StaticSecret
properties:
    accessibility: string
    changeEvent: string
    customField:
        string: string
    deleteProtection: string
    description: string
    format: string
    ignoreCache: string
    injectUrls:
        - string
    itemCustomFields:
        string: string
    keepPrevVersion: string
    maxVersions: string
    multilineValue: false
    password: string
    path: string
    protectionKey: string
    secureAccessCertificateIssuer: string
    secureAccessEnable: string
    secureAccessGateway: string
    secureAccessHosts:
        - string
    secureAccessRdpUser: string
    secureAccessSshCreds: string
    secureAccessSshUser: string
    secureAccessUrl: string
    secureAccessWeb: false
    secureAccessWebBrowsing: false
    secureAccessWebProxy: false
    staticSecretId: string
    tags:
        - string
    type: string
    username: string
    value: string

StaticSecret Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The StaticSecret resource accepts the following input properties:

Path string: The path where the secret will be stored.
Accessibility string: For personal password manager
ChangeEvent string: Trigger an event when a secret value changed true/false
CustomField Dictionary<string, string>: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
DeleteProtection string: Protection from accidental deletion of this auth method, [true/false]
Description string: Description of the object
Format string: Secret format text/json/key-value
IgnoreCache string: Retrieve the Secret value without checking the Gateway's cache [true/false]
InjectUrls List<string>: List of URLs associated with the item (relevant only for type 'password')
ItemCustomFields Dictionary<string, string>: Additional custom fields to associate with the item
KeepPrevVersion string: Whether to keep previous version [true/false]. If not set, use default according to account settings
MaxVersions string: Set the maximum number of versions, limited by the account settings defaults
MultilineValue bool: The provided value is a multiline value (separated by ' ')
Password string: Password value (relevant only for type 'password')
ProtectionKey string: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
SecureAccessCertificateIssuer string: Path to the SSH Certificate Issuer for your Akeyless Secure Access
SecureAccessEnable string: Enable/Disable secure remote access, [true/false]
SecureAccessGateway string: Secure Remote Access Gateway
SecureAccessHosts List<string>: Target servers for connections., For multiple values repeat this flag.
SecureAccessRdpUser string: Remote Desktop Username
SecureAccessSshCreds string: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
SecureAccessSshUser string: Override the SSH username as indicated in SSH Certificate Issuer
SecureAccessUrl string: Destination URL to inject secrets.
SecureAccessWeb bool: Enable Web Secure Remote Access
SecureAccessWebBrowsing bool: Secure browser via Akeyless's Secure Remote Access (SRA)
SecureAccessWebProxy bool: Web-Proxy via Akeyless's Secure Remote Access (SRA)
StaticSecretId string: The ID of this resource.
Tags List<string>: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
Type string: Secret type [generic/password]
Username string: Username value (relevant only for type 'password')
Value string: The secret content.

Path string: The path where the secret will be stored.
Accessibility string: For personal password manager
ChangeEvent string: Trigger an event when a secret value changed true/false
CustomField map[string]string: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
DeleteProtection string: Protection from accidental deletion of this auth method, [true/false]
Description string: Description of the object
Format string: Secret format text/json/key-value
IgnoreCache string: Retrieve the Secret value without checking the Gateway's cache [true/false]
InjectUrls []string: List of URLs associated with the item (relevant only for type 'password')
ItemCustomFields map[string]string: Additional custom fields to associate with the item
KeepPrevVersion string: Whether to keep previous version [true/false]. If not set, use default according to account settings
MaxVersions string: Set the maximum number of versions, limited by the account settings defaults
MultilineValue bool: The provided value is a multiline value (separated by ' ')
Password string: Password value (relevant only for type 'password')
ProtectionKey string: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
SecureAccessCertificateIssuer string: Path to the SSH Certificate Issuer for your Akeyless Secure Access
SecureAccessEnable string: Enable/Disable secure remote access, [true/false]
SecureAccessGateway string: Secure Remote Access Gateway
SecureAccessHosts []string: Target servers for connections., For multiple values repeat this flag.
SecureAccessRdpUser string: Remote Desktop Username
SecureAccessSshCreds string: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
SecureAccessSshUser string: Override the SSH username as indicated in SSH Certificate Issuer
SecureAccessUrl string: Destination URL to inject secrets.
SecureAccessWeb bool: Enable Web Secure Remote Access
SecureAccessWebBrowsing bool: Secure browser via Akeyless's Secure Remote Access (SRA)
SecureAccessWebProxy bool: Web-Proxy via Akeyless's Secure Remote Access (SRA)
StaticSecretId string: The ID of this resource.
Tags []string: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
Type string: Secret type [generic/password]
Username string: Username value (relevant only for type 'password')
Value string: The secret content.

path String: The path where the secret will be stored.
accessibility String: For personal password manager
changeEvent String: Trigger an event when a secret value changed true/false
customField Map<String,String>: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
deleteProtection String: Protection from accidental deletion of this auth method, [true/false]
description String: Description of the object
format String: Secret format text/json/key-value
ignoreCache String: Retrieve the Secret value without checking the Gateway's cache [true/false]
injectUrls List<String>: List of URLs associated with the item (relevant only for type 'password')
itemCustomFields Map<String,String>: Additional custom fields to associate with the item
keepPrevVersion String: Whether to keep previous version [true/false]. If not set, use default according to account settings
maxVersions String: Set the maximum number of versions, limited by the account settings defaults
multilineValue Boolean: The provided value is a multiline value (separated by ' ')
password String: Password value (relevant only for type 'password')
protectionKey String: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
secureAccessCertificateIssuer String: Path to the SSH Certificate Issuer for your Akeyless Secure Access
secureAccessEnable String: Enable/Disable secure remote access, [true/false]
secureAccessGateway String: Secure Remote Access Gateway
secureAccessHosts List<String>: Target servers for connections., For multiple values repeat this flag.
secureAccessRdpUser String: Remote Desktop Username
secureAccessSshCreds String: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
secureAccessSshUser String: Override the SSH username as indicated in SSH Certificate Issuer
secureAccessUrl String: Destination URL to inject secrets.
secureAccessWeb Boolean: Enable Web Secure Remote Access
secureAccessWebBrowsing Boolean: Secure browser via Akeyless's Secure Remote Access (SRA)
secureAccessWebProxy Boolean: Web-Proxy via Akeyless's Secure Remote Access (SRA)
staticSecretId String: The ID of this resource.
tags List<String>: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
type String: Secret type [generic/password]
username String: Username value (relevant only for type 'password')
value String: The secret content.

path string: The path where the secret will be stored.
accessibility string: For personal password manager
changeEvent string: Trigger an event when a secret value changed true/false
customField {[key: string]: string}: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
deleteProtection string: Protection from accidental deletion of this auth method, [true/false]
description string: Description of the object
format string: Secret format text/json/key-value
ignoreCache string: Retrieve the Secret value without checking the Gateway's cache [true/false]
injectUrls string[]: List of URLs associated with the item (relevant only for type 'password')
itemCustomFields {[key: string]: string}: Additional custom fields to associate with the item
keepPrevVersion string: Whether to keep previous version [true/false]. If not set, use default according to account settings
maxVersions string: Set the maximum number of versions, limited by the account settings defaults
multilineValue boolean: The provided value is a multiline value (separated by ' ')
password string: Password value (relevant only for type 'password')
protectionKey string: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
secureAccessCertificateIssuer string: Path to the SSH Certificate Issuer for your Akeyless Secure Access
secureAccessEnable string: Enable/Disable secure remote access, [true/false]
secureAccessGateway string: Secure Remote Access Gateway
secureAccessHosts string[]: Target servers for connections., For multiple values repeat this flag.
secureAccessRdpUser string: Remote Desktop Username
secureAccessSshCreds string: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
secureAccessSshUser string: Override the SSH username as indicated in SSH Certificate Issuer
secureAccessUrl string: Destination URL to inject secrets.
secureAccessWeb boolean: Enable Web Secure Remote Access
secureAccessWebBrowsing boolean: Secure browser via Akeyless's Secure Remote Access (SRA)
secureAccessWebProxy boolean: Web-Proxy via Akeyless's Secure Remote Access (SRA)
staticSecretId string: The ID of this resource.
tags string[]: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
type string: Secret type [generic/password]
username string: Username value (relevant only for type 'password')
value string: The secret content.

path str: The path where the secret will be stored.
accessibility str: For personal password manager
change_event str: Trigger an event when a secret value changed true/false
custom_field Mapping[str, str]: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
delete_protection str: Protection from accidental deletion of this auth method, [true/false]
description str: Description of the object
format str: Secret format text/json/key-value
ignore_cache str: Retrieve the Secret value without checking the Gateway's cache [true/false]
inject_urls Sequence[str]: List of URLs associated with the item (relevant only for type 'password')
item_custom_fields Mapping[str, str]: Additional custom fields to associate with the item
keep_prev_version str: Whether to keep previous version [true/false]. If not set, use default according to account settings
max_versions str: Set the maximum number of versions, limited by the account settings defaults
multiline_value bool: The provided value is a multiline value (separated by ' ')
password str: Password value (relevant only for type 'password')
protection_key str: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
secure_access_certificate_issuer str: Path to the SSH Certificate Issuer for your Akeyless Secure Access
secure_access_enable str: Enable/Disable secure remote access, [true/false]
secure_access_gateway str: Secure Remote Access Gateway
secure_access_hosts Sequence[str]: Target servers for connections., For multiple values repeat this flag.
secure_access_rdp_user str: Remote Desktop Username
secure_access_ssh_creds str: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
secure_access_ssh_user str: Override the SSH username as indicated in SSH Certificate Issuer
secure_access_url str: Destination URL to inject secrets.
secure_access_web bool: Enable Web Secure Remote Access
secure_access_web_browsing bool: Secure browser via Akeyless's Secure Remote Access (SRA)
secure_access_web_proxy bool: Web-Proxy via Akeyless's Secure Remote Access (SRA)
static_secret_id str: The ID of this resource.
tags Sequence[str]: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
type str: Secret type [generic/password]
username str: Username value (relevant only for type 'password')
value str: The secret content.

path String: The path where the secret will be stored.
accessibility String: For personal password manager
changeEvent String: Trigger an event when a secret value changed true/false
customField Map<String>: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
deleteProtection String: Protection from accidental deletion of this auth method, [true/false]
description String: Description of the object
format String: Secret format text/json/key-value
ignoreCache String: Retrieve the Secret value without checking the Gateway's cache [true/false]
injectUrls List<String>: List of URLs associated with the item (relevant only for type 'password')
itemCustomFields Map<String>: Additional custom fields to associate with the item
keepPrevVersion String: Whether to keep previous version [true/false]. If not set, use default according to account settings
maxVersions String: Set the maximum number of versions, limited by the account settings defaults
multilineValue Boolean: The provided value is a multiline value (separated by ' ')
password String: Password value (relevant only for type 'password')
protectionKey String: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
secureAccessCertificateIssuer String: Path to the SSH Certificate Issuer for your Akeyless Secure Access
secureAccessEnable String: Enable/Disable secure remote access, [true/false]
secureAccessGateway String: Secure Remote Access Gateway
secureAccessHosts List<String>: Target servers for connections., For multiple values repeat this flag.
secureAccessRdpUser String: Remote Desktop Username
secureAccessSshCreds String: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
secureAccessSshUser String: Override the SSH username as indicated in SSH Certificate Issuer
secureAccessUrl String: Destination URL to inject secrets.
secureAccessWeb Boolean: Enable Web Secure Remote Access
secureAccessWebBrowsing Boolean: Secure browser via Akeyless's Secure Remote Access (SRA)
secureAccessWebProxy Boolean: Web-Proxy via Akeyless's Secure Remote Access (SRA)
staticSecretId String: The ID of this resource.
tags List<String>: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
type String: Secret type [generic/password]
username String: Username value (relevant only for type 'password')
value String: The secret content.

Outputs

All input properties are implicitly available as output properties. Additionally, the StaticSecret resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Version double: The version of the secret.

Id string: The provider-assigned unique ID for this managed resource.
Version float64: The version of the secret.

id String: The provider-assigned unique ID for this managed resource.
version Double: The version of the secret.

id string: The provider-assigned unique ID for this managed resource.
version number: The version of the secret.

id str: The provider-assigned unique ID for this managed resource.
version float: The version of the secret.

id String: The provider-assigned unique ID for this managed resource.
version Number: The version of the secret.

Look up Existing StaticSecret Resource

Get an existing StaticSecret resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: StaticSecretState, opts?: CustomResourceOptions): StaticSecret

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        accessibility: Optional[str] = None,
        change_event: Optional[str] = None,
        custom_field: Optional[Mapping[str, str]] = None,
        delete_protection: Optional[str] = None,
        description: Optional[str] = None,
        format: Optional[str] = None,
        ignore_cache: Optional[str] = None,
        inject_urls: Optional[Sequence[str]] = None,
        item_custom_fields: Optional[Mapping[str, str]] = None,
        keep_prev_version: Optional[str] = None,
        max_versions: Optional[str] = None,
        multiline_value: Optional[bool] = None,
        password: Optional[str] = None,
        path: Optional[str] = None,
        protection_key: Optional[str] = None,
        secure_access_certificate_issuer: Optional[str] = None,
        secure_access_enable: Optional[str] = None,
        secure_access_gateway: Optional[str] = None,
        secure_access_hosts: Optional[Sequence[str]] = None,
        secure_access_rdp_user: Optional[str] = None,
        secure_access_ssh_creds: Optional[str] = None,
        secure_access_ssh_user: Optional[str] = None,
        secure_access_url: Optional[str] = None,
        secure_access_web: Optional[bool] = None,
        secure_access_web_browsing: Optional[bool] = None,
        secure_access_web_proxy: Optional[bool] = None,
        static_secret_id: Optional[str] = None,
        tags: Optional[Sequence[str]] = None,
        type: Optional[str] = None,
        username: Optional[str] = None,
        value: Optional[str] = None,
        version: Optional[float] = None) -> StaticSecret

func GetStaticSecret(ctx *Context, name string, id IDInput, state *StaticSecretState, opts ...ResourceOption) (*StaticSecret, error)

public static StaticSecret Get(string name, Input<string> id, StaticSecretState? state, CustomResourceOptions? opts = null)

public static StaticSecret get(String name, Output<String> id, StaticSecretState state, CustomResourceOptions options)

resources:  _:    type: akeyless:StaticSecret    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Accessibility string: For personal password manager
ChangeEvent string: Trigger an event when a secret value changed true/false
CustomField Dictionary<string, string>: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
DeleteProtection string: Protection from accidental deletion of this auth method, [true/false]
Description string: Description of the object
Format string: Secret format text/json/key-value
IgnoreCache string: Retrieve the Secret value without checking the Gateway's cache [true/false]
InjectUrls List<string>: List of URLs associated with the item (relevant only for type 'password')
ItemCustomFields Dictionary<string, string>: Additional custom fields to associate with the item
KeepPrevVersion string: Whether to keep previous version [true/false]. If not set, use default according to account settings
MaxVersions string: Set the maximum number of versions, limited by the account settings defaults
MultilineValue bool: The provided value is a multiline value (separated by ' ')
Password string: Password value (relevant only for type 'password')
Path string: The path where the secret will be stored.
ProtectionKey string: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
SecureAccessCertificateIssuer string: Path to the SSH Certificate Issuer for your Akeyless Secure Access
SecureAccessEnable string: Enable/Disable secure remote access, [true/false]
SecureAccessGateway string: Secure Remote Access Gateway
SecureAccessHosts List<string>: Target servers for connections., For multiple values repeat this flag.
SecureAccessRdpUser string: Remote Desktop Username
SecureAccessSshCreds string: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
SecureAccessSshUser string: Override the SSH username as indicated in SSH Certificate Issuer
SecureAccessUrl string: Destination URL to inject secrets.
SecureAccessWeb bool: Enable Web Secure Remote Access
SecureAccessWebBrowsing bool: Secure browser via Akeyless's Secure Remote Access (SRA)
SecureAccessWebProxy bool: Web-Proxy via Akeyless's Secure Remote Access (SRA)
StaticSecretId string: The ID of this resource.
Tags List<string>: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
Type string: Secret type [generic/password]
Username string: Username value (relevant only for type 'password')
Value string: The secret content.
Version double: The version of the secret.

Accessibility string: For personal password manager
ChangeEvent string: Trigger an event when a secret value changed true/false
CustomField map[string]string: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
DeleteProtection string: Protection from accidental deletion of this auth method, [true/false]
Description string: Description of the object
Format string: Secret format text/json/key-value
IgnoreCache string: Retrieve the Secret value without checking the Gateway's cache [true/false]
InjectUrls []string: List of URLs associated with the item (relevant only for type 'password')
ItemCustomFields map[string]string: Additional custom fields to associate with the item
KeepPrevVersion string: Whether to keep previous version [true/false]. If not set, use default according to account settings
MaxVersions string: Set the maximum number of versions, limited by the account settings defaults
MultilineValue bool: The provided value is a multiline value (separated by ' ')
Password string: Password value (relevant only for type 'password')
Path string: The path where the secret will be stored.
ProtectionKey string: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
SecureAccessCertificateIssuer string: Path to the SSH Certificate Issuer for your Akeyless Secure Access
SecureAccessEnable string: Enable/Disable secure remote access, [true/false]
SecureAccessGateway string: Secure Remote Access Gateway
SecureAccessHosts []string: Target servers for connections., For multiple values repeat this flag.
SecureAccessRdpUser string: Remote Desktop Username
SecureAccessSshCreds string: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
SecureAccessSshUser string: Override the SSH username as indicated in SSH Certificate Issuer
SecureAccessUrl string: Destination URL to inject secrets.
SecureAccessWeb bool: Enable Web Secure Remote Access
SecureAccessWebBrowsing bool: Secure browser via Akeyless's Secure Remote Access (SRA)
SecureAccessWebProxy bool: Web-Proxy via Akeyless's Secure Remote Access (SRA)
StaticSecretId string: The ID of this resource.
Tags []string: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
Type string: Secret type [generic/password]
Username string: Username value (relevant only for type 'password')
Value string: The secret content.
Version float64: The version of the secret.

accessibility String: For personal password manager
changeEvent String: Trigger an event when a secret value changed true/false
customField Map<String,String>: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
deleteProtection String: Protection from accidental deletion of this auth method, [true/false]
description String: Description of the object
format String: Secret format text/json/key-value
ignoreCache String: Retrieve the Secret value without checking the Gateway's cache [true/false]
injectUrls List<String>: List of URLs associated with the item (relevant only for type 'password')
itemCustomFields Map<String,String>: Additional custom fields to associate with the item
keepPrevVersion String: Whether to keep previous version [true/false]. If not set, use default according to account settings
maxVersions String: Set the maximum number of versions, limited by the account settings defaults
multilineValue Boolean: The provided value is a multiline value (separated by ' ')
password String: Password value (relevant only for type 'password')
path String: The path where the secret will be stored.
protectionKey String: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
secureAccessCertificateIssuer String: Path to the SSH Certificate Issuer for your Akeyless Secure Access
secureAccessEnable String: Enable/Disable secure remote access, [true/false]
secureAccessGateway String: Secure Remote Access Gateway
secureAccessHosts List<String>: Target servers for connections., For multiple values repeat this flag.
secureAccessRdpUser String: Remote Desktop Username
secureAccessSshCreds String: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
secureAccessSshUser String: Override the SSH username as indicated in SSH Certificate Issuer
secureAccessUrl String: Destination URL to inject secrets.
secureAccessWeb Boolean: Enable Web Secure Remote Access
secureAccessWebBrowsing Boolean: Secure browser via Akeyless's Secure Remote Access (SRA)
secureAccessWebProxy Boolean: Web-Proxy via Akeyless's Secure Remote Access (SRA)
staticSecretId String: The ID of this resource.
tags List<String>: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
type String: Secret type [generic/password]
username String: Username value (relevant only for type 'password')
value String: The secret content.
version Double: The version of the secret.

accessibility string: For personal password manager
changeEvent string: Trigger an event when a secret value changed true/false
customField {[key: string]: string}: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
deleteProtection string: Protection from accidental deletion of this auth method, [true/false]
description string: Description of the object
format string: Secret format text/json/key-value
ignoreCache string: Retrieve the Secret value without checking the Gateway's cache [true/false]
injectUrls string[]: List of URLs associated with the item (relevant only for type 'password')
itemCustomFields {[key: string]: string}: Additional custom fields to associate with the item
keepPrevVersion string: Whether to keep previous version [true/false]. If not set, use default according to account settings
maxVersions string: Set the maximum number of versions, limited by the account settings defaults
multilineValue boolean: The provided value is a multiline value (separated by ' ')
password string: Password value (relevant only for type 'password')
path string: The path where the secret will be stored.
protectionKey string: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
secureAccessCertificateIssuer string: Path to the SSH Certificate Issuer for your Akeyless Secure Access
secureAccessEnable string: Enable/Disable secure remote access, [true/false]
secureAccessGateway string: Secure Remote Access Gateway
secureAccessHosts string[]: Target servers for connections., For multiple values repeat this flag.
secureAccessRdpUser string: Remote Desktop Username
secureAccessSshCreds string: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
secureAccessSshUser string: Override the SSH username as indicated in SSH Certificate Issuer
secureAccessUrl string: Destination URL to inject secrets.
secureAccessWeb boolean: Enable Web Secure Remote Access
secureAccessWebBrowsing boolean: Secure browser via Akeyless's Secure Remote Access (SRA)
secureAccessWebProxy boolean: Web-Proxy via Akeyless's Secure Remote Access (SRA)
staticSecretId string: The ID of this resource.
tags string[]: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
type string: Secret type [generic/password]
username string: Username value (relevant only for type 'password')
value string: The secret content.
version number: The version of the secret.

accessibility str: For personal password manager
change_event str: Trigger an event when a secret value changed true/false
custom_field Mapping[str, str]: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
delete_protection str: Protection from accidental deletion of this auth method, [true/false]
description str: Description of the object
format str: Secret format text/json/key-value
ignore_cache str: Retrieve the Secret value without checking the Gateway's cache [true/false]
inject_urls Sequence[str]: List of URLs associated with the item (relevant only for type 'password')
item_custom_fields Mapping[str, str]: Additional custom fields to associate with the item
keep_prev_version str: Whether to keep previous version [true/false]. If not set, use default according to account settings
max_versions str: Set the maximum number of versions, limited by the account settings defaults
multiline_value bool: The provided value is a multiline value (separated by ' ')
password str: Password value (relevant only for type 'password')
path str: The path where the secret will be stored.
protection_key str: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
secure_access_certificate_issuer str: Path to the SSH Certificate Issuer for your Akeyless Secure Access
secure_access_enable str: Enable/Disable secure remote access, [true/false]
secure_access_gateway str: Secure Remote Access Gateway
secure_access_hosts Sequence[str]: Target servers for connections., For multiple values repeat this flag.
secure_access_rdp_user str: Remote Desktop Username
secure_access_ssh_creds str: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
secure_access_ssh_user str: Override the SSH username as indicated in SSH Certificate Issuer
secure_access_url str: Destination URL to inject secrets.
secure_access_web bool: Enable Web Secure Remote Access
secure_access_web_browsing bool: Secure browser via Akeyless's Secure Remote Access (SRA)
secure_access_web_proxy bool: Web-Proxy via Akeyless's Secure Remote Access (SRA)
static_secret_id str: The ID of this resource.
tags Sequence[str]: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
type str: Secret type [generic/password]
username str: Username value (relevant only for type 'password')
value str: The secret content.
version float: The version of the secret.

accessibility String: For personal password manager
changeEvent String: Trigger an event when a secret value changed true/false
customField Map<String>: Additional custom fields to associate with the item (e.g fieldName1=value1) (relevant only for type 'password')
deleteProtection String: Protection from accidental deletion of this auth method, [true/false]
description String: Description of the object
format String: Secret format text/json/key-value
ignoreCache String: Retrieve the Secret value without checking the Gateway's cache [true/false]
injectUrls List<String>: List of URLs associated with the item (relevant only for type 'password')
itemCustomFields Map<String>: Additional custom fields to associate with the item
keepPrevVersion String: Whether to keep previous version [true/false]. If not set, use default according to account settings
maxVersions String: Set the maximum number of versions, limited by the account settings defaults
multilineValue Boolean: The provided value is a multiline value (separated by ' ')
password String: Password value (relevant only for type 'password')
path String: The path where the secret will be stored.
protectionKey String: The name of a key that is used to encrypt the secret value (if empty, the account default protectionKey key will be used)
secureAccessCertificateIssuer String: Path to the SSH Certificate Issuer for your Akeyless Secure Access
secureAccessEnable String: Enable/Disable secure remote access, [true/false]
secureAccessGateway String: Secure Remote Access Gateway
secureAccessHosts List<String>: Target servers for connections., For multiple values repeat this flag.
secureAccessRdpUser String: Remote Desktop Username
secureAccessSshCreds String: Static-Secret values contains SSH Credentials, either Private Key or Password [password/private-key]
secureAccessSshUser String: Override the SSH username as indicated in SSH Certificate Issuer
secureAccessUrl String: Destination URL to inject secrets.
secureAccessWeb Boolean: Enable Web Secure Remote Access
secureAccessWebBrowsing Boolean: Secure browser via Akeyless's Secure Remote Access (SRA)
secureAccessWebProxy Boolean: Web-Proxy via Akeyless's Secure Remote Access (SRA)
staticSecretId String: The ID of this resource.
tags List<String>: List of the tags attached to this secret. To specify multiple tags use argument multiple times: -t Tag1 -t Tag2
type String: Secret type [generic/password]
username String: Username value (relevant only for type 'password')
value String: The secret content.
version Number: The version of the secret.

Import

$ pulumi import akeyless:index/staticSecret:StaticSecret example /full-secret-path/and-name-in-akeyless

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: akeyless akeyless-community/terraform-provider-akeyless
License
Notes: This Pulumi package is based on the akeyless Terraform Provider.

Viewing docs for akeyless 2.0.1
published on Monday, Apr 27, 2026 by akeyless-community

Schema (JSON)

akeyless-community/terraform-provider-akeyless

akeyless.StaticSecret

On this page

On this page

Example Usage

Create StaticSecret Resource

Constructor syntax

Parameters

Constructor example

StaticSecret Resource Properties

Inputs

Outputs

Look up Existing StaticSecret Resource

Import

Package Details

On this page

On this page