google-cloud-secret_manager-v1 0.14.0 → 0.16.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +1 -1
- data/README.md +2 -2
- data/lib/google/cloud/secret_manager/v1/rest.rb +37 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/client.rb +8 -12
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/rest/client.rb +1473 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/rest/service_stub.rb +941 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/rest.rb +58 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service.rb +7 -1
- data/lib/google/cloud/secret_manager/v1/version.rb +1 -1
- data/lib/google/cloud/secret_manager/v1.rb +7 -2
- data/lib/google/cloud/secretmanager/v1/resources_pb.rb +1 -1
- data/proto_docs/google/api/client.rb +318 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/cloud/secretmanager/v1/resources.rb +190 -97
- data/proto_docs/google/protobuf/empty.rb +0 -2
- metadata +15 -8
@@ -21,22 +21,27 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module SecretManager
|
23
23
|
module V1
|
24
|
-
# A {::Google::Cloud::SecretManager::V1::Secret Secret} is a logical secret whose
|
25
|
-
# be accessed.
|
24
|
+
# A {::Google::Cloud::SecretManager::V1::Secret Secret} is a logical secret whose
|
25
|
+
# value and versions can be accessed.
|
26
26
|
#
|
27
|
-
# A {::Google::Cloud::SecretManager::V1::Secret Secret} is made up of zero or more
|
28
|
-
#
|
27
|
+
# A {::Google::Cloud::SecretManager::V1::Secret Secret} is made up of zero or more
|
28
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} that represent
|
29
|
+
# the secret data.
|
29
30
|
# @!attribute [r] name
|
30
31
|
# @return [::String]
|
31
|
-
# Output only. The resource name of the
|
32
|
+
# Output only. The resource name of the
|
33
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} in the format
|
34
|
+
# `projects/*/secrets/*`.
|
32
35
|
# @!attribute [rw] replication
|
33
36
|
# @return [::Google::Cloud::SecretManager::V1::Replication]
|
34
|
-
# Required. Immutable. The replication policy of the secret data attached to
|
37
|
+
# Required. Immutable. The replication policy of the secret data attached to
|
38
|
+
# the {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
35
39
|
#
|
36
40
|
# The replication policy cannot be changed after the Secret has been created.
|
37
41
|
# @!attribute [r] create_time
|
38
42
|
# @return [::Google::Protobuf::Timestamp]
|
39
|
-
# Output only. The time at which the
|
43
|
+
# Output only. The time at which the
|
44
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} was created.
|
40
45
|
# @!attribute [rw] labels
|
41
46
|
# @return [::Google::Protobuf::Map{::String => ::String}]
|
42
47
|
# The labels assigned to this Secret.
|
@@ -52,22 +57,26 @@ module Google
|
|
52
57
|
# No more than 64 labels can be assigned to a given resource.
|
53
58
|
# @!attribute [rw] topics
|
54
59
|
# @return [::Array<::Google::Cloud::SecretManager::V1::Topic>]
|
55
|
-
# Optional. A list of up to 10 Pub/Sub topics to which messages are published
|
56
|
-
# control plane operations are called on the secret or its versions.
|
60
|
+
# Optional. A list of up to 10 Pub/Sub topics to which messages are published
|
61
|
+
# when control plane operations are called on the secret or its versions.
|
57
62
|
# @!attribute [rw] expire_time
|
58
63
|
# @return [::Google::Protobuf::Timestamp]
|
59
|
-
# Optional. Timestamp in UTC when the
|
60
|
-
#
|
64
|
+
# Optional. Timestamp in UTC when the
|
65
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} is scheduled to expire.
|
66
|
+
# This is always provided on output, regardless of what was sent on input.
|
61
67
|
# @!attribute [rw] ttl
|
62
68
|
# @return [::Google::Protobuf::Duration]
|
63
|
-
# Input only. The TTL for the
|
69
|
+
# Input only. The TTL for the
|
70
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
64
71
|
# @!attribute [rw] etag
|
65
72
|
# @return [::String]
|
66
|
-
# Optional. Etag of the currently stored
|
73
|
+
# Optional. Etag of the currently stored
|
74
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
67
75
|
# @!attribute [rw] rotation
|
68
76
|
# @return [::Google::Cloud::SecretManager::V1::Rotation]
|
69
|
-
# Optional. Rotation policy attached to the
|
70
|
-
#
|
77
|
+
# Optional. Rotation policy attached to the
|
78
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}. May be excluded if there is
|
79
|
+
# no rotation policy.
|
71
80
|
# @!attribute [rw] version_aliases
|
72
81
|
# @return [::Google::Protobuf::Map{::String => ::Integer}]
|
73
82
|
# Optional. Mapping from version alias to version name.
|
@@ -81,6 +90,20 @@ module Google
|
|
81
90
|
# Version-Alias pairs will be viewable via GetSecret and modifiable via
|
82
91
|
# UpdateSecret. At launch access by alias will only be supported on
|
83
92
|
# GetSecretVersion and AccessSecretVersion.
|
93
|
+
# @!attribute [rw] annotations
|
94
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
95
|
+
# Optional. Custom metadata about the secret.
|
96
|
+
#
|
97
|
+
# Annotations are distinct from various forms of labels.
|
98
|
+
# Annotations exist to allow client tools to store their own state
|
99
|
+
# information without requiring a database.
|
100
|
+
#
|
101
|
+
# Annotation keys must be between 1 and 63 characters long, have a UTF-8
|
102
|
+
# encoding of maximum 128 bytes, begin and end with an alphanumeric character
|
103
|
+
# ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and
|
104
|
+
# alphanumerics in between these symbols.
|
105
|
+
#
|
106
|
+
# The total size of annotation keys and values must be less than 16KiB.
|
84
107
|
class Secret
|
85
108
|
include ::Google::Protobuf::MessageExts
|
86
109
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -102,57 +125,83 @@ module Google
|
|
102
125
|
include ::Google::Protobuf::MessageExts
|
103
126
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
104
127
|
end
|
128
|
+
|
129
|
+
# @!attribute [rw] key
|
130
|
+
# @return [::String]
|
131
|
+
# @!attribute [rw] value
|
132
|
+
# @return [::String]
|
133
|
+
class AnnotationsEntry
|
134
|
+
include ::Google::Protobuf::MessageExts
|
135
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
136
|
+
end
|
105
137
|
end
|
106
138
|
|
107
139
|
# A secret version resource in the Secret Manager API.
|
108
140
|
# @!attribute [r] name
|
109
141
|
# @return [::String]
|
110
|
-
# Output only. The resource name of the
|
111
|
-
# format
|
142
|
+
# Output only. The resource name of the
|
143
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} in the format
|
144
|
+
# `projects/*/secrets/*/versions/*`.
|
112
145
|
#
|
113
|
-
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} IDs in a
|
114
|
-
#
|
146
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} IDs in a
|
147
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} start at 1 and are
|
148
|
+
# incremented for each subsequent version of the secret.
|
115
149
|
# @!attribute [r] create_time
|
116
150
|
# @return [::Google::Protobuf::Timestamp]
|
117
|
-
# Output only. The time at which the
|
151
|
+
# Output only. The time at which the
|
152
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} was created.
|
118
153
|
# @!attribute [r] destroy_time
|
119
154
|
# @return [::Google::Protobuf::Timestamp]
|
120
|
-
# Output only. The time this
|
121
|
-
#
|
155
|
+
# Output only. The time this
|
156
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} was destroyed.
|
157
|
+
# Only present if {::Google::Cloud::SecretManager::V1::SecretVersion#state state}
|
158
|
+
# is
|
122
159
|
# {::Google::Cloud::SecretManager::V1::SecretVersion::State::DESTROYED DESTROYED}.
|
123
160
|
# @!attribute [r] state
|
124
161
|
# @return [::Google::Cloud::SecretManager::V1::SecretVersion::State]
|
125
|
-
# Output only. The current state of the
|
162
|
+
# Output only. The current state of the
|
163
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
126
164
|
# @!attribute [rw] replication_status
|
127
165
|
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus]
|
128
|
-
# The replication status of the
|
166
|
+
# The replication status of the
|
167
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
129
168
|
# @!attribute [r] etag
|
130
169
|
# @return [::String]
|
131
|
-
# Output only. Etag of the currently stored
|
170
|
+
# Output only. Etag of the currently stored
|
171
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
132
172
|
# @!attribute [r] client_specified_payload_checksum
|
133
173
|
# @return [::Boolean]
|
134
|
-
# Output only. True if payload checksum specified in
|
135
|
-
#
|
174
|
+
# Output only. True if payload checksum specified in
|
175
|
+
# {::Google::Cloud::SecretManager::V1::SecretPayload SecretPayload} object has
|
176
|
+
# been received by
|
177
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client SecretManagerService}
|
178
|
+
# on
|
136
179
|
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client#add_secret_version SecretManagerService.AddSecretVersion}.
|
137
180
|
class SecretVersion
|
138
181
|
include ::Google::Protobuf::MessageExts
|
139
182
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
140
183
|
|
141
|
-
# The state of a
|
184
|
+
# The state of a
|
185
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}, indicating if
|
186
|
+
# it can be accessed.
|
142
187
|
module State
|
143
188
|
# Not specified. This value is unused and invalid.
|
144
189
|
STATE_UNSPECIFIED = 0
|
145
190
|
|
146
|
-
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may be
|
191
|
+
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may be
|
192
|
+
# accessed.
|
147
193
|
ENABLED = 1
|
148
194
|
|
149
|
-
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may not
|
150
|
-
# is still available and can be placed
|
195
|
+
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may not
|
196
|
+
# be accessed, but the secret data is still available and can be placed
|
197
|
+
# back into the
|
198
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion::State::ENABLED ENABLED}
|
151
199
|
# state.
|
152
200
|
DISABLED = 2
|
153
201
|
|
154
|
-
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} is
|
155
|
-
# stored. A version may not
|
202
|
+
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} is
|
203
|
+
# destroyed and the secret data is no longer stored. A version may not
|
204
|
+
# leave this state once entered.
|
156
205
|
DESTROYED = 3
|
157
206
|
end
|
158
207
|
end
|
@@ -160,54 +209,65 @@ module Google
|
|
160
209
|
# A policy that defines the replication and encryption configuration of data.
|
161
210
|
# @!attribute [rw] automatic
|
162
211
|
# @return [::Google::Cloud::SecretManager::V1::Replication::Automatic]
|
163
|
-
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will automatically be
|
212
|
+
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will automatically be
|
213
|
+
# replicated without any restrictions.
|
164
214
|
# @!attribute [rw] user_managed
|
165
215
|
# @return [::Google::Cloud::SecretManager::V1::Replication::UserManaged]
|
166
|
-
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will only be
|
216
|
+
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will only be
|
217
|
+
# replicated into the locations specified.
|
167
218
|
class Replication
|
168
219
|
include ::Google::Protobuf::MessageExts
|
169
220
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
170
221
|
|
171
|
-
# A replication policy that replicates the
|
222
|
+
# A replication policy that replicates the
|
223
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} payload without any
|
172
224
|
# restrictions.
|
173
225
|
# @!attribute [rw] customer_managed_encryption
|
174
226
|
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
|
175
|
-
# Optional. The customer-managed encryption configuration of the
|
176
|
-
#
|
227
|
+
# Optional. The customer-managed encryption configuration of the
|
228
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}. If no configuration is
|
229
|
+
# provided, Google-managed default encryption is used.
|
177
230
|
#
|
178
|
-
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption
|
179
|
-
#
|
180
|
-
#
|
231
|
+
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption
|
232
|
+
# configuration only apply to
|
233
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added
|
234
|
+
# afterwards. They do not apply retroactively to existing
|
235
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
|
181
236
|
class Automatic
|
182
237
|
include ::Google::Protobuf::MessageExts
|
183
238
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
184
239
|
end
|
185
240
|
|
186
|
-
# A replication policy that replicates the
|
187
|
-
#
|
241
|
+
# A replication policy that replicates the
|
242
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} payload into the locations
|
243
|
+
# specified in [Secret.replication.user_managed.replicas][]
|
188
244
|
# @!attribute [rw] replicas
|
189
245
|
# @return [::Array<::Google::Cloud::SecretManager::V1::Replication::UserManaged::Replica>]
|
190
|
-
# Required. The list of Replicas for this
|
246
|
+
# Required. The list of Replicas for this
|
247
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
191
248
|
#
|
192
249
|
# Cannot be empty.
|
193
250
|
class UserManaged
|
194
251
|
include ::Google::Protobuf::MessageExts
|
195
252
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
196
253
|
|
197
|
-
# Represents a Replica for this
|
254
|
+
# Represents a Replica for this
|
255
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
198
256
|
# @!attribute [rw] location
|
199
257
|
# @return [::String]
|
200
258
|
# The canonical IDs of the location to replicate data.
|
201
259
|
# For example: `"us-east1"`.
|
202
260
|
# @!attribute [rw] customer_managed_encryption
|
203
261
|
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
|
204
|
-
# Optional. The customer-managed encryption configuration of the
|
205
|
-
# Replica][Replication.UserManaged.Replica]. If no
|
206
|
-
# provided, Google-managed default encryption is used.
|
262
|
+
# Optional. The customer-managed encryption configuration of the
|
263
|
+
# [User-Managed Replica][Replication.UserManaged.Replica]. If no
|
264
|
+
# configuration is provided, Google-managed default encryption is used.
|
207
265
|
#
|
208
|
-
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret}
|
209
|
-
#
|
210
|
-
#
|
266
|
+
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret}
|
267
|
+
# encryption configuration only apply to
|
268
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added
|
269
|
+
# afterwards. They do not apply retroactively to existing
|
270
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
|
211
271
|
class Replica
|
212
272
|
include ::Google::Protobuf::MessageExts
|
213
273
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -219,15 +279,17 @@ module Google
|
|
219
279
|
# encryption keys (CMEK).
|
220
280
|
# @!attribute [rw] kms_key_name
|
221
281
|
# @return [::String]
|
222
|
-
# Required. The resource name of the Cloud KMS CryptoKey used to encrypt
|
223
|
-
# payloads.
|
282
|
+
# Required. The resource name of the Cloud KMS CryptoKey used to encrypt
|
283
|
+
# secret payloads.
|
224
284
|
#
|
225
|
-
# For secrets using the
|
226
|
-
#
|
227
|
-
#
|
285
|
+
# For secrets using the
|
286
|
+
# {::Google::Cloud::SecretManager::V1::Replication::UserManaged UserManaged}
|
287
|
+
# replication policy type, Cloud KMS CryptoKeys must reside in the same
|
288
|
+
# location as the [replica location][Secret.UserManaged.Replica.location].
|
228
289
|
#
|
229
|
-
# For secrets using the
|
230
|
-
#
|
290
|
+
# For secrets using the
|
291
|
+
# {::Google::Cloud::SecretManager::V1::Replication::Automatic Automatic}
|
292
|
+
# replication policy type, Cloud KMS CryptoKeys must reside in `global`.
|
231
293
|
#
|
232
294
|
# The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
|
233
295
|
class CustomerManagedEncryption
|
@@ -235,58 +297,70 @@ module Google
|
|
235
297
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
236
298
|
end
|
237
299
|
|
238
|
-
# The replication status of a
|
300
|
+
# The replication status of a
|
301
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
239
302
|
# @!attribute [rw] automatic
|
240
303
|
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::AutomaticStatus]
|
241
|
-
# Describes the replication status of a
|
304
|
+
# Describes the replication status of a
|
305
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
|
242
306
|
# automatic replication.
|
243
307
|
#
|
244
|
-
# Only populated if the parent
|
245
|
-
#
|
308
|
+
# Only populated if the parent
|
309
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} has an automatic
|
310
|
+
# replication policy.
|
246
311
|
# @!attribute [rw] user_managed
|
247
312
|
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus]
|
248
|
-
# Describes the replication status of a
|
313
|
+
# Describes the replication status of a
|
314
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
|
249
315
|
# user-managed replication.
|
250
316
|
#
|
251
|
-
# Only populated if the parent
|
252
|
-
#
|
317
|
+
# Only populated if the parent
|
318
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} has a user-managed
|
319
|
+
# replication policy.
|
253
320
|
class ReplicationStatus
|
254
321
|
include ::Google::Protobuf::MessageExts
|
255
322
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
256
323
|
|
257
|
-
# The replication status of a
|
324
|
+
# The replication status of a
|
325
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using
|
326
|
+
# automatic replication.
|
258
327
|
#
|
259
|
-
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret}
|
260
|
-
# policy.
|
328
|
+
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret}
|
329
|
+
# has an automatic replication policy.
|
261
330
|
# @!attribute [r] customer_managed_encryption
|
262
331
|
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
|
263
|
-
# Output only. The customer-managed encryption status of the
|
332
|
+
# Output only. The customer-managed encryption status of the
|
333
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
|
264
334
|
# populated if customer-managed encryption is used.
|
265
335
|
class AutomaticStatus
|
266
336
|
include ::Google::Protobuf::MessageExts
|
267
337
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
268
338
|
end
|
269
339
|
|
270
|
-
# The replication status of a
|
271
|
-
#
|
340
|
+
# The replication status of a
|
341
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using
|
342
|
+
# user-managed replication.
|
272
343
|
#
|
273
|
-
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret}
|
274
|
-
# policy.
|
344
|
+
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret}
|
345
|
+
# has a user-managed replication policy.
|
275
346
|
# @!attribute [r] replicas
|
276
347
|
# @return [::Array<::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus::ReplicaStatus>]
|
277
|
-
# Output only. The list of replica statuses for the
|
348
|
+
# Output only. The list of replica statuses for the
|
349
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
278
350
|
class UserManagedStatus
|
279
351
|
include ::Google::Protobuf::MessageExts
|
280
352
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
281
353
|
|
282
|
-
# Describes the status of a user-managed replica for the
|
354
|
+
# Describes the status of a user-managed replica for the
|
355
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
283
356
|
# @!attribute [r] location
|
284
357
|
# @return [::String]
|
285
358
|
# Output only. The canonical ID of the replica location.
|
286
359
|
# For example: `"us-east1"`.
|
287
360
|
# @!attribute [r] customer_managed_encryption
|
288
361
|
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
|
289
|
-
# Output only. The customer-managed encryption status of the
|
362
|
+
# Output only. The customer-managed encryption status of the
|
363
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
|
290
364
|
# populated if customer-managed encryption is used.
|
291
365
|
class ReplicaStatus
|
292
366
|
include ::Google::Protobuf::MessageExts
|
@@ -298,8 +372,8 @@ module Google
|
|
298
372
|
# Describes the status of customer-managed encryption.
|
299
373
|
# @!attribute [rw] kms_key_version_name
|
300
374
|
# @return [::String]
|
301
|
-
# Required. The resource name of the Cloud KMS CryptoKeyVersion used to
|
302
|
-
# secret payload, in the following format:
|
375
|
+
# Required. The resource name of the Cloud KMS CryptoKeyVersion used to
|
376
|
+
# encrypt the secret payload, in the following format:
|
303
377
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.
|
304
378
|
class CustomerManagedEncryptionStatus
|
305
379
|
include ::Google::Protobuf::MessageExts
|
@@ -310,50 +384,69 @@ module Google
|
|
310
384
|
# events occur on this secret.
|
311
385
|
# @!attribute [rw] name
|
312
386
|
# @return [::String]
|
313
|
-
# Required. The resource name of the Pub/Sub topic that will be published to,
|
314
|
-
# following format: `projects/*/topics/*`. For publication to succeed,
|
315
|
-
# Secret Manager P4SA must have `pubsub.publisher` permissions on the
|
387
|
+
# Required. The resource name of the Pub/Sub topic that will be published to,
|
388
|
+
# in the following format: `projects/*/topics/*`. For publication to succeed,
|
389
|
+
# the Secret Manager P4SA must have `pubsub.publisher` permissions on the
|
390
|
+
# topic.
|
316
391
|
class Topic
|
317
392
|
include ::Google::Protobuf::MessageExts
|
318
393
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
319
394
|
end
|
320
395
|
|
321
|
-
# The rotation time and period for a
|
396
|
+
# The rotation time and period for a
|
397
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}. At next_rotation_time, Secret
|
322
398
|
# Manager will send a Pub/Sub notification to the topics configured on the
|
323
|
-
# Secret. {::Google::Cloud::SecretManager::V1::Secret#topics Secret.topics} must be
|
399
|
+
# Secret. {::Google::Cloud::SecretManager::V1::Secret#topics Secret.topics} must be
|
400
|
+
# set to configure rotation.
|
324
401
|
# @!attribute [rw] next_rotation_time
|
325
402
|
# @return [::Google::Protobuf::Timestamp]
|
326
|
-
# Optional. Timestamp in UTC at which the
|
327
|
-
#
|
328
|
-
#
|
403
|
+
# Optional. Timestamp in UTC at which the
|
404
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} is scheduled to rotate.
|
405
|
+
# Cannot be set to less than 300s (5 min) in the future and at most
|
406
|
+
# 3153600000s (100 years).
|
329
407
|
#
|
330
|
-
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time}
|
408
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time}
|
409
|
+
# MUST be set if
|
410
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#rotation_period rotation_period}
|
411
|
+
# is set.
|
331
412
|
# @!attribute [rw] rotation_period
|
332
413
|
# @return [::Google::Protobuf::Duration]
|
333
414
|
# Input only. The Duration between rotation notifications. Must be in seconds
|
334
415
|
# and at least 3600s (1h) and at most 3153600000s (100 years).
|
335
416
|
#
|
336
|
-
# If
|
337
|
-
# {::Google::Cloud::SecretManager::V1::Rotation#
|
338
|
-
#
|
417
|
+
# If
|
418
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#rotation_period rotation_period}
|
419
|
+
# is set,
|
420
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time}
|
421
|
+
# must be set.
|
422
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time}
|
423
|
+
# will be advanced by this period when the service automatically sends
|
424
|
+
# rotation notifications.
|
339
425
|
class Rotation
|
340
426
|
include ::Google::Protobuf::MessageExts
|
341
427
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
342
428
|
end
|
343
429
|
|
344
430
|
# A secret payload resource in the Secret Manager API. This contains the
|
345
|
-
# sensitive secret payload that is associated with a
|
431
|
+
# sensitive secret payload that is associated with a
|
432
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
346
433
|
# @!attribute [rw] data
|
347
434
|
# @return [::String]
|
348
435
|
# The secret data. Must be no larger than 64KiB.
|
349
436
|
# @!attribute [rw] data_crc32c
|
350
437
|
# @return [::Integer]
|
351
|
-
# Optional. If specified,
|
352
|
-
#
|
353
|
-
#
|
354
|
-
# {::Google::Cloud::SecretManager::V1::
|
355
|
-
#
|
356
|
-
#
|
438
|
+
# Optional. If specified,
|
439
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client SecretManagerService}
|
440
|
+
# will verify the integrity of the received
|
441
|
+
# {::Google::Cloud::SecretManager::V1::SecretPayload#data data} on
|
442
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client#add_secret_version SecretManagerService.AddSecretVersion}
|
443
|
+
# calls using the crc32c checksum and store it to include in future
|
444
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client#access_secret_version SecretManagerService.AccessSecretVersion}
|
445
|
+
# responses. If a checksum is not provided in the
|
446
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client#add_secret_version SecretManagerService.AddSecretVersion}
|
447
|
+
# request, the
|
448
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client SecretManagerService}
|
449
|
+
# will generate and store one for you.
|
357
450
|
#
|
358
451
|
# The CRC32C value is encoded as a Int64 for compatibility, and can be
|
359
452
|
# safely downconverted to uint32 in languages that support this type.
|
@@ -26,8 +26,6 @@ module Google
|
|
26
26
|
# service Foo {
|
27
27
|
# rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
|
28
28
|
# }
|
29
|
-
#
|
30
|
-
# The JSON representation for `Empty` is empty JSON object `{}`.
|
31
29
|
class Empty
|
32
30
|
include ::Google::Protobuf::MessageExts
|
33
31
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-secret_manager-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.16.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-03-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
19
|
+
version: 0.18.0
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version:
|
29
|
+
version: 0.18.0
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|
@@ -64,14 +64,14 @@ dependencies:
|
|
64
64
|
requirements:
|
65
65
|
- - "~>"
|
66
66
|
- !ruby/object:Gem::Version
|
67
|
-
version: 1.26.
|
67
|
+
version: 1.26.3
|
68
68
|
type: :development
|
69
69
|
prerelease: false
|
70
70
|
version_requirements: !ruby/object:Gem::Requirement
|
71
71
|
requirements:
|
72
72
|
- - "~>"
|
73
73
|
- !ruby/object:Gem::Version
|
74
|
-
version: 1.26.
|
74
|
+
version: 1.26.3
|
75
75
|
- !ruby/object:Gem::Dependency
|
76
76
|
name: minitest
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|
@@ -187,16 +187,22 @@ files:
|
|
187
187
|
- README.md
|
188
188
|
- lib/google-cloud-secret_manager-v1.rb
|
189
189
|
- lib/google/cloud/secret_manager/v1.rb
|
190
|
+
- lib/google/cloud/secret_manager/v1/rest.rb
|
190
191
|
- lib/google/cloud/secret_manager/v1/secret_manager_service.rb
|
191
192
|
- lib/google/cloud/secret_manager/v1/secret_manager_service/client.rb
|
192
193
|
- lib/google/cloud/secret_manager/v1/secret_manager_service/credentials.rb
|
193
194
|
- lib/google/cloud/secret_manager/v1/secret_manager_service/paths.rb
|
195
|
+
- lib/google/cloud/secret_manager/v1/secret_manager_service/rest.rb
|
196
|
+
- lib/google/cloud/secret_manager/v1/secret_manager_service/rest/client.rb
|
197
|
+
- lib/google/cloud/secret_manager/v1/secret_manager_service/rest/service_stub.rb
|
194
198
|
- lib/google/cloud/secret_manager/v1/version.rb
|
195
199
|
- lib/google/cloud/secretmanager/v1/resources_pb.rb
|
196
200
|
- lib/google/cloud/secretmanager/v1/service_pb.rb
|
197
201
|
- lib/google/cloud/secretmanager/v1/service_services_pb.rb
|
198
202
|
- proto_docs/README.md
|
203
|
+
- proto_docs/google/api/client.rb
|
199
204
|
- proto_docs/google/api/field_behavior.rb
|
205
|
+
- proto_docs/google/api/launch_stage.rb
|
200
206
|
- proto_docs/google/api/resource.rb
|
201
207
|
- proto_docs/google/cloud/secretmanager/v1/resources.rb
|
202
208
|
- proto_docs/google/cloud/secretmanager/v1/service.rb
|
@@ -227,8 +233,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
227
233
|
- !ruby/object:Gem::Version
|
228
234
|
version: '0'
|
229
235
|
requirements: []
|
230
|
-
rubygems_version: 3.
|
236
|
+
rubygems_version: 3.4.2
|
231
237
|
signing_key:
|
232
238
|
specification_version: 4
|
233
|
-
summary:
|
239
|
+
summary: Stores sensitive data such as API keys, passwords, and certificates. Provides
|
240
|
+
convenience while improving security.
|
234
241
|
test_files: []
|