google-cloud-secret_manager-v1 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,59 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Api
22
+ # An indicator of the behavior of a given field (for example, that a field
23
+ # is required in requests, or given as output but ignored as input).
24
+ # This **does not** change the behavior in protocol buffers itself; it only
25
+ # denotes the behavior and may affect how API tooling handles the field.
26
+ #
27
+ # Note: This enum **may** receive new values in the future.
28
+ module FieldBehavior
29
+ # Conventional default for enums. Do not use this.
30
+ FIELD_BEHAVIOR_UNSPECIFIED = 0
31
+
32
+ # Specifically denotes a field as optional.
33
+ # While all fields in protocol buffers are optional, this may be specified
34
+ # for emphasis if appropriate.
35
+ OPTIONAL = 1
36
+
37
+ # Denotes a field as required.
38
+ # This indicates that the field **must** be provided as part of the request,
39
+ # and failure to do so will cause an error (usually `INVALID_ARGUMENT`).
40
+ REQUIRED = 2
41
+
42
+ # Denotes a field as output only.
43
+ # This indicates that the field is provided in responses, but including the
44
+ # field in a request does nothing (the server *must* ignore it and
45
+ # *must not* throw an error as a result of the field's presence).
46
+ OUTPUT_ONLY = 3
47
+
48
+ # Denotes a field as input only.
49
+ # This indicates that the field is provided in requests, and the
50
+ # corresponding field is not included in output.
51
+ INPUT_ONLY = 4
52
+
53
+ # Denotes a field as immutable.
54
+ # This indicates that the field may be set once in a request to create a
55
+ # resource, but may not be changed thereafter.
56
+ IMMUTABLE = 5
57
+ end
58
+ end
59
+ end
@@ -0,0 +1,247 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Api
22
+ # A simple descriptor of a resource type.
23
+ #
24
+ # ResourceDescriptor annotates a resource message (either by means of a
25
+ # protobuf annotation or use in the service config), and associates the
26
+ # resource's schema, the resource type, and the pattern of the resource name.
27
+ #
28
+ # Example:
29
+ #
30
+ # message Topic {
31
+ # // Indicates this message defines a resource schema.
32
+ # // Declares the resource type in the format of {service}/{kind}.
33
+ # // For Kubernetes resources, the format is {api group}/{kind}.
34
+ # option (google.api.resource) = {
35
+ # type: "pubsub.googleapis.com/Topic"
36
+ # name_descriptor: {
37
+ # pattern: "projects/{project}/topics/{topic}"
38
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
39
+ # parent_name_extractor: "projects/{project}"
40
+ # }
41
+ # };
42
+ # }
43
+ #
44
+ # The ResourceDescriptor Yaml config will look like:
45
+ #
46
+ # resources:
47
+ # - type: "pubsub.googleapis.com/Topic"
48
+ # name_descriptor:
49
+ # - pattern: "projects/\\{project}/topics/\\{topic}"
50
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
51
+ # parent_name_extractor: "projects/\\{project}"
52
+ #
53
+ # Sometimes, resources have multiple patterns, typically because they can
54
+ # live under multiple parents.
55
+ #
56
+ # Example:
57
+ #
58
+ # message LogEntry {
59
+ # option (google.api.resource) = {
60
+ # type: "logging.googleapis.com/LogEntry"
61
+ # name_descriptor: {
62
+ # pattern: "projects/{project}/logs/{log}"
63
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
64
+ # parent_name_extractor: "projects/{project}"
65
+ # }
66
+ # name_descriptor: {
67
+ # pattern: "folders/{folder}/logs/{log}"
68
+ # parent_type: "cloudresourcemanager.googleapis.com/Folder"
69
+ # parent_name_extractor: "folders/{folder}"
70
+ # }
71
+ # name_descriptor: {
72
+ # pattern: "organizations/{organization}/logs/{log}"
73
+ # parent_type: "cloudresourcemanager.googleapis.com/Organization"
74
+ # parent_name_extractor: "organizations/{organization}"
75
+ # }
76
+ # name_descriptor: {
77
+ # pattern: "billingAccounts/{billing_account}/logs/{log}"
78
+ # parent_type: "billing.googleapis.com/BillingAccount"
79
+ # parent_name_extractor: "billingAccounts/{billing_account}"
80
+ # }
81
+ # };
82
+ # }
83
+ #
84
+ # The ResourceDescriptor Yaml config will look like:
85
+ #
86
+ # resources:
87
+ # - type: 'logging.googleapis.com/LogEntry'
88
+ # name_descriptor:
89
+ # - pattern: "projects/{project}/logs/{log}"
90
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
91
+ # parent_name_extractor: "projects/{project}"
92
+ # - pattern: "folders/{folder}/logs/{log}"
93
+ # parent_type: "cloudresourcemanager.googleapis.com/Folder"
94
+ # parent_name_extractor: "folders/{folder}"
95
+ # - pattern: "organizations/{organization}/logs/{log}"
96
+ # parent_type: "cloudresourcemanager.googleapis.com/Organization"
97
+ # parent_name_extractor: "organizations/{organization}"
98
+ # - pattern: "billingAccounts/{billing_account}/logs/{log}"
99
+ # parent_type: "billing.googleapis.com/BillingAccount"
100
+ # parent_name_extractor: "billingAccounts/{billing_account}"
101
+ #
102
+ # For flexible resources, the resource name doesn't contain parent names, but
103
+ # the resource itself has parents for policy evaluation.
104
+ #
105
+ # Example:
106
+ #
107
+ # message Shelf {
108
+ # option (google.api.resource) = {
109
+ # type: "library.googleapis.com/Shelf"
110
+ # name_descriptor: {
111
+ # pattern: "shelves/{shelf}"
112
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
113
+ # }
114
+ # name_descriptor: {
115
+ # pattern: "shelves/{shelf}"
116
+ # parent_type: "cloudresourcemanager.googleapis.com/Folder"
117
+ # }
118
+ # };
119
+ # }
120
+ #
121
+ # The ResourceDescriptor Yaml config will look like:
122
+ #
123
+ # resources:
124
+ # - type: 'library.googleapis.com/Shelf'
125
+ # name_descriptor:
126
+ # - pattern: "shelves/{shelf}"
127
+ # parent_type: "cloudresourcemanager.googleapis.com/Project"
128
+ # - pattern: "shelves/{shelf}"
129
+ # parent_type: "cloudresourcemanager.googleapis.com/Folder"
130
+ # @!attribute [rw] type
131
+ # @return [String]
132
+ # The resource type. It must be in the format of
133
+ # \\{service_name}/\\{resource_type_kind}. The `resource_type_kind` must be
134
+ # singular and must not include version numbers.
135
+ #
136
+ # Example: `storage.googleapis.com/Bucket`
137
+ #
138
+ # The value of the resource_type_kind must follow the regular expression
139
+ # /[A-Za-z][a-zA-Z0-9]+/. It should start with an upper case character and
140
+ # should use PascalCase (UpperCamelCase). The maximum number of
141
+ # characters allowed for the `resource_type_kind` is 100.
142
+ # @!attribute [rw] pattern
143
+ # @return [Array<String>]
144
+ # Optional. The relative resource name pattern associated with this resource
145
+ # type. The DNS prefix of the full resource name shouldn't be specified here.
146
+ #
147
+ # The path pattern must follow the syntax, which aligns with HTTP binding
148
+ # syntax:
149
+ #
150
+ # Template = Segment { "/" Segment } ;
151
+ # Segment = LITERAL | Variable ;
152
+ # Variable = "{" LITERAL "}" ;
153
+ #
154
+ # Examples:
155
+ #
156
+ # - "projects/\\{project}/topics/\\{topic}"
157
+ # - "projects/\\{project}/knowledgeBases/\\{knowledge_base}"
158
+ #
159
+ # The components in braces correspond to the IDs for each resource in the
160
+ # hierarchy. It is expected that, if multiple patterns are provided,
161
+ # the same component name (e.g. "project") refers to IDs of the same
162
+ # type of resource.
163
+ # @!attribute [rw] name_field
164
+ # @return [String]
165
+ # Optional. The field on the resource that designates the resource name
166
+ # field. If omitted, this is assumed to be "name".
167
+ # @!attribute [rw] history
168
+ # @return [Google::Api::ResourceDescriptor::History]
169
+ # Optional. The historical or future-looking state of the resource pattern.
170
+ #
171
+ # Example:
172
+ #
173
+ # // The InspectTemplate message originally only supported resource
174
+ # // names with organization, and project was added later.
175
+ # message InspectTemplate {
176
+ # option (google.api.resource) = {
177
+ # type: "dlp.googleapis.com/InspectTemplate"
178
+ # pattern:
179
+ # "organizations/{organization}/inspectTemplates/{inspect_template}"
180
+ # pattern: "projects/{project}/inspectTemplates/{inspect_template}"
181
+ # history: ORIGINALLY_SINGLE_PATTERN
182
+ # };
183
+ # }
184
+ # @!attribute [rw] plural
185
+ # @return [String]
186
+ # The plural name used in the resource name, such as 'projects' for
187
+ # the name of 'projects/\\{project}'. It is the same concept of the `plural`
188
+ # field in k8s CRD spec
189
+ # https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
190
+ # @!attribute [rw] singular
191
+ # @return [String]
192
+ # The same concept of the `singular` field in k8s CRD spec
193
+ # https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
194
+ # Such as "project" for the `resourcemanager.googleapis.com/Project` type.
195
+ class ResourceDescriptor
196
+ include Google::Protobuf::MessageExts
197
+ extend Google::Protobuf::MessageExts::ClassMethods
198
+
199
+ # A description of the historical or future-looking state of the
200
+ # resource pattern.
201
+ module History
202
+ # The "unset" value.
203
+ HISTORY_UNSPECIFIED = 0
204
+
205
+ # The resource originally had one pattern and launched as such, and
206
+ # additional patterns were added later.
207
+ ORIGINALLY_SINGLE_PATTERN = 1
208
+
209
+ # The resource has one pattern, but the API owner expects to add more
210
+ # later. (This is the inverse of ORIGINALLY_SINGLE_PATTERN, and prevents
211
+ # that from being necessary once there are multiple patterns.)
212
+ FUTURE_MULTI_PATTERN = 2
213
+ end
214
+ end
215
+
216
+ # Defines a proto annotation that describes a string field that refers to
217
+ # an API resource.
218
+ # @!attribute [rw] type
219
+ # @return [String]
220
+ # The resource type that the annotated field references.
221
+ #
222
+ # Example:
223
+ #
224
+ # message Subscription {
225
+ # string topic = 2 [(google.api.resource_reference) = {
226
+ # type: "pubsub.googleapis.com/Topic"
227
+ # }];
228
+ # }
229
+ # @!attribute [rw] child_type
230
+ # @return [String]
231
+ # The resource type of a child collection that the annotated field
232
+ # references. This is useful for annotating the `parent` field that
233
+ # doesn't have a fixed resource type.
234
+ #
235
+ # Example:
236
+ #
237
+ # message ListLogEntriesRequest {
238
+ # string parent = 1 [(google.api.resource_reference) = {
239
+ # child_type: "logging.googleapis.com/LogEntry"
240
+ # };
241
+ # }
242
+ class ResourceReference
243
+ include Google::Protobuf::MessageExts
244
+ extend Google::Protobuf::MessageExts::ClassMethods
245
+ end
246
+ end
247
+ end
@@ -0,0 +1,162 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Cloud
22
+ module SecretManager
23
+ module V1
24
+ # A {Google::Cloud::SecretManager::V1::Secret Secret} is a logical secret whose value and versions can
25
+ # be accessed.
26
+ #
27
+ # A {Google::Cloud::SecretManager::V1::Secret Secret} is made up of zero or more {Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} that
28
+ # represent the secret data.
29
+ # @!attribute [r] name
30
+ # @return [String]
31
+ # Output only. The resource name of the {Google::Cloud::SecretManager::V1::Secret Secret} in the format `projects/*/secrets/*`.
32
+ # @!attribute [rw] replication
33
+ # @return [Google::Cloud::SecretManager::V1::Replication]
34
+ # Required. Immutable. The replication policy of the secret data attached to the {Google::Cloud::SecretManager::V1::Secret Secret}.
35
+ #
36
+ # The replication policy cannot be changed after the Secret has been created.
37
+ # @!attribute [r] create_time
38
+ # @return [Google::Protobuf::Timestamp]
39
+ # Output only. The time at which the {Google::Cloud::SecretManager::V1::Secret Secret} was created.
40
+ # @!attribute [rw] labels
41
+ # @return [Google::Protobuf::Map{String => String}]
42
+ # The labels assigned to this Secret.
43
+ #
44
+ # Label keys must be between 1 and 63 characters long, have a UTF-8 encoding
45
+ # of maximum 128 bytes, and must conform to the following PCRE regular
46
+ # expression: `[\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}`
47
+ #
48
+ # Label values must be between 0 and 63 characters long, have a UTF-8
49
+ # encoding of maximum 128 bytes, and must conform to the following PCRE
50
+ # regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`
51
+ #
52
+ # No more than 64 labels can be assigned to a given resource.
53
+ class Secret
54
+ include Google::Protobuf::MessageExts
55
+ extend Google::Protobuf::MessageExts::ClassMethods
56
+
57
+ # @!attribute [rw] key
58
+ # @return [String]
59
+ # @!attribute [rw] value
60
+ # @return [String]
61
+ class LabelsEntry
62
+ include Google::Protobuf::MessageExts
63
+ extend Google::Protobuf::MessageExts::ClassMethods
64
+ end
65
+ end
66
+
67
+ # A secret version resource in the Secret Manager API.
68
+ # @!attribute [r] name
69
+ # @return [String]
70
+ # Output only. The resource name of the {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} in the
71
+ # format `projects/*/secrets/*/versions/*`.
72
+ #
73
+ # {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} IDs in a {Google::Cloud::SecretManager::V1::Secret Secret} start at 1 and
74
+ # are incremented for each subsequent version of the secret.
75
+ # @!attribute [r] create_time
76
+ # @return [Google::Protobuf::Timestamp]
77
+ # Output only. The time at which the {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} was created.
78
+ # @!attribute [r] destroy_time
79
+ # @return [Google::Protobuf::Timestamp]
80
+ # Output only. The time this {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} was destroyed.
81
+ # Only present if {Google::Cloud::SecretManager::V1::SecretVersion#state state} is
82
+ # {Google::Cloud::SecretManager::V1::SecretVersion::State::DESTROYED DESTROYED}.
83
+ # @!attribute [r] state
84
+ # @return [Google::Cloud::SecretManager::V1::SecretVersion::State]
85
+ # Output only. The current state of the {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
86
+ class SecretVersion
87
+ include Google::Protobuf::MessageExts
88
+ extend Google::Protobuf::MessageExts::ClassMethods
89
+
90
+ # The state of a {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}, indicating if it can be accessed.
91
+ module State
92
+ # Not specified. This value is unused and invalid.
93
+ STATE_UNSPECIFIED = 0
94
+
95
+ # The {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may be accessed.
96
+ ENABLED = 1
97
+
98
+ # The {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may not be accessed, but the secret data
99
+ # is still available and can be placed back into the {Google::Cloud::SecretManager::V1::SecretVersion::State::ENABLED ENABLED}
100
+ # state.
101
+ DISABLED = 2
102
+
103
+ # The {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} is destroyed and the secret data is no longer
104
+ # stored. A version may not leave this state once entered.
105
+ DESTROYED = 3
106
+ end
107
+ end
108
+
109
+ # A policy that defines the replication configuration of data.
110
+ # @!attribute [rw] automatic
111
+ # @return [Google::Cloud::SecretManager::V1::Replication::Automatic]
112
+ # The {Google::Cloud::SecretManager::V1::Secret Secret} will automatically be replicated without any restrictions.
113
+ # @!attribute [rw] user_managed
114
+ # @return [Google::Cloud::SecretManager::V1::Replication::UserManaged]
115
+ # The {Google::Cloud::SecretManager::V1::Secret Secret} will only be replicated into the locations specified.
116
+ class Replication
117
+ include Google::Protobuf::MessageExts
118
+ extend Google::Protobuf::MessageExts::ClassMethods
119
+
120
+ # A replication policy that replicates the {Google::Cloud::SecretManager::V1::Secret Secret} payload without any
121
+ # restrictions.
122
+ class Automatic
123
+ include Google::Protobuf::MessageExts
124
+ extend Google::Protobuf::MessageExts::ClassMethods
125
+ end
126
+
127
+ # A replication policy that replicates the {Google::Cloud::SecretManager::V1::Secret Secret} payload into the
128
+ # locations specified in [Secret.replication.user_managed.replicas][]
129
+ # @!attribute [rw] replicas
130
+ # @return [Array<Google::Cloud::SecretManager::V1::Replication::UserManaged::Replica>]
131
+ # Required. The list of Replicas for this {Google::Cloud::SecretManager::V1::Secret Secret}.
132
+ #
133
+ # Cannot be empty.
134
+ class UserManaged
135
+ include Google::Protobuf::MessageExts
136
+ extend Google::Protobuf::MessageExts::ClassMethods
137
+
138
+ # Represents a Replica for this {Google::Cloud::SecretManager::V1::Secret Secret}.
139
+ # @!attribute [rw] location
140
+ # @return [String]
141
+ # The canonical IDs of the location to replicate data.
142
+ # For example: `"us-east1"`.
143
+ class Replica
144
+ include Google::Protobuf::MessageExts
145
+ extend Google::Protobuf::MessageExts::ClassMethods
146
+ end
147
+ end
148
+ end
149
+
150
+ # A secret payload resource in the Secret Manager API. This contains the
151
+ # sensitive secret data that is associated with a {Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
152
+ # @!attribute [rw] data
153
+ # @return [String]
154
+ # The secret data. Must be no larger than 64KiB.
155
+ class SecretPayload
156
+ include Google::Protobuf::MessageExts
157
+ extend Google::Protobuf::MessageExts::ClassMethods
158
+ end
159
+ end
160
+ end
161
+ end
162
+ end