» yandex_kms_secret_ciphertext

Encrypts given plaintext with the specified Yandex KMS key and provides access to the ciphertext.

For more information, see the official documentation.

» Example Usage

resource "yandex_kms_symmetric_key" "example" {
  name        = "example-symetric-key"
  description = "description for key"

resource "yandex_kms_secret_ciphertext" "password" {
  key_id      = "${yandex_kms_symmetric_key.example.id}"
  aad_context = "additional authenticated data"
  plaintext   = "strong password"

» Argument Reference

The following arguments are supported:

  • key_id - (Required) ID of the symmetric KMS key to use for encryption.

  • aad_context - (Optional) Additional authenticated data (AAD context), optional. If specified, this data will be required for decryption with the SymmetricDecryptRequest

  • plaintext - (Required) Plaintext to be encrypted.

» Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format {{key_id}}/{{ciphertext}}

  • ciphertext - Resulting ciphertext, encoded with "standard" base64 alphabet as defined in RFC 4648 section 4

» Timeouts

yandex_kms_secret_ciphertext provides the following configuration options for timeouts: