From 875a9fe06ab289ed32e9fb34a69a62fc63365a4a Mon Sep 17 00:00:00 2001
From: Josh van Leeuwen <me@joshvanl.dev>
Date: Fri, 29 Aug 2025 02:13:38 -0300
Subject: [PATCH] [1.16] Adds Tencent Cloud Secrets Manager (SSM) (#4833)

Signed-off-by: joshvanl <me@joshvanl.dev>
Signed-off-by: Mark Fussell <markfussell@gmail.com>
Co-authored-by: Mark Fussell <markfussell@gmail.com>
---
 .../tencentcloud-ssm.md                       | 66 +++++++++++++++++++
 .../secret_stores/tencentcloud.yaml           |  5 ++
 .../_partials/components/secret-stores.html   |  3 +-
 3 files changed, 73 insertions(+), 1 deletion(-)
 create mode 100644 daprdocs/content/en/reference/components-reference/supported-secret-stores/tencentcloud-ssm.md
 create mode 100644 daprdocs/data/components/secret_stores/tencentcloud.yaml

diff --git a/daprdocs/content/en/reference/components-reference/supported-secret-stores/tencentcloud-ssm.md b/daprdocs/content/en/reference/components-reference/supported-secret-stores/tencentcloud-ssm.md
new file mode 100644
index 000000000..15904b96d
--- /dev/null
+++ b/daprdocs/content/en/reference/components-reference/supported-secret-stores/tencentcloud-ssm.md
@@ -0,0 +1,66 @@
+---
+type: docs
+title: "Tencent Cloud Secrets Manager (SSM)"
+linkTitle: "Tencent Cloud Secrets Manager (SSM)"
+description: Detailed information on the Tencent Cloud Secrets Manager (SSM) - secret store component
+aliases:
+  - "/operations/components/setup-secret-store/supported-secret-stores/tencentcloud-ssm/"
+---
+
+## Component format
+
+To setup Tencent Cloud Secrets Manager (SSM) secret store create a component of type `secretstores.tencentcloud.ssm`.
+See [this guide]({{% ref "setup-secret-store.md#apply-the-configuration" %}}) on how to create and apply a secretstore configuration.
+See this guide on [referencing secrets]({{% ref component-secrets.md %}}) to retrieve and use the secret with Dapr components.
+
+```yaml
+apiVersion: dapr.io/v1alpha1
+kind: Component
+metadata:
+  name: tencentcloudssm
+spec:
+  type: secretstores.tencentcloud.ssm
+  version: v1
+  metadata:
+  - name: region
+    value: "[tencentcloud_region]"
+  - name: secretId
+    value: "[tencentcloud_secret_id]"
+  - name: secretKey
+    value: "[tencentcloud_secret_key]"
+  - name: token
+    value: "[tencentcloud_secret_token]"
+```
+
+{{% alert title="Warning" color="warning" %}}
+The above example uses secrets as plain strings.
+It is recommended to use a local secret store such as [Kubernetes secret store]({{% ref kubernetes-secret-store.md %}}) or a [local file]({{% ref file-secret-store.md %}}) to bootstrap secure key storage.
+{{% /alert %}}
+
+## Spec metadata fields
+
+| Field           | Required | Details                                                          | Example             |
+| --------------- | :------: | ---------------------------------------------------------------- | ------------------- |
+| region          |    Y     | The specific region the Tencent SSM instance is deployed in      | `"ap-beijing-3"`      |
+| secretId        |    Y     | The SecretId of the Tencent Cloud account                        | `"xyz"` |
+| secretKey       |    Y     | The SecretKey of the Tencent Cloud account                       | `"xyz"` |
+| token           |    N     | The Token of the Tencent Cloud account. This is required only if using temporary credentials | `""`                |
+
+## Optional per-request metadata properties
+
+The following [optional query parameters]({{% ref "secrets_api#query-parameters" %}}) can be provided when retrieving secrets from this secret store:
+
+Query Parameter | Description
+--------- | -----------
+`metadata.version_id` | Version for the given secret key.
+
+## Setup Tencent Cloud Secrets Manager (SSM)
+
+Setup Tencent Cloud Secrets Manager (SSM) using the Tencent Cloud documentation: https://www.tencentcloud.com/products/ssm
+
+## Related links
+
+- [Secrets building block]({{% ref secrets %}})
+- [How-To: Retrieve a secret]({{% ref "howto-secrets.md" %}})
+- [How-To: Reference secrets in Dapr components]({{% ref component-secrets.md %}})
+- [Secrets API reference]({{% ref secrets_api.md %}})
diff --git a/daprdocs/data/components/secret_stores/tencentcloud.yaml b/daprdocs/data/components/secret_stores/tencentcloud.yaml
new file mode 100644
index 000000000..590a042c3
--- /dev/null
+++ b/daprdocs/data/components/secret_stores/tencentcloud.yaml
@@ -0,0 +1,5 @@
+- component: Tencent Cloud Secrets Manager (SSM)
+  link: tencentcloud-ssm
+  state: Alpha
+  version: v1
+  since: "1.9"
diff --git a/daprdocs/layouts/_partials/components/secret-stores.html b/daprdocs/layouts/_partials/components/secret-stores.html
index aff2c7ad9..c4cbd8f38 100644
--- a/daprdocs/layouts/_partials/components/secret-stores.html
+++ b/daprdocs/layouts/_partials/components/secret-stores.html
@@ -1,9 +1,10 @@
 {{- $groups := dict
-" Generic" $.Site.Data.components.secret_stores.generic
+"Generic" $.Site.Data.components.secret_stores.generic
 "Microsoft Azure" $.Site.Data.components.secret_stores.azure
 "Alibaba Cloud" $.Site.Data.components.secret_stores.alibaba
 "Google Cloud Platform (GCP)" $.Site.Data.components.secret_stores.gcp
 "Amazon Web Services (AWS)" $.Site.Data.components.secret_stores.aws
+"Tencent Cloud" $.Site.Data.components.secret_stores.tencentcloud
 "HuaweiCloud Cloud" $.Site.Data.components.secret_stores.huaweicloud
 }}