google-cloud-secret_manager-v1 0.14.0 → 0.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +1 -1
- data/README.md +2 -2
- data/lib/google/cloud/secret_manager/v1/rest.rb +37 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/client.rb +8 -12
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/rest/client.rb +1473 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/rest/service_stub.rb +941 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/rest.rb +58 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service.rb +7 -1
- data/lib/google/cloud/secret_manager/v1/version.rb +1 -1
- data/lib/google/cloud/secret_manager/v1.rb +7 -2
- data/lib/google/cloud/secretmanager/v1/resources_pb.rb +1 -1
- data/proto_docs/google/api/client.rb +318 -0
- data/proto_docs/google/api/launch_stage.rb +71 -0
- data/proto_docs/google/cloud/secretmanager/v1/resources.rb +190 -97
- data/proto_docs/google/protobuf/empty.rb +0 -2
- metadata +15 -8
@@ -21,22 +21,27 @@ module Google
|
|
21
21
|
module Cloud
|
22
22
|
module SecretManager
|
23
23
|
module V1
|
24
|
-
# A {::Google::Cloud::SecretManager::V1::Secret Secret} is a logical secret whose
|
25
|
-
# be accessed.
|
24
|
+
# A {::Google::Cloud::SecretManager::V1::Secret Secret} is a logical secret whose
|
25
|
+
# value and versions can be accessed.
|
26
26
|
#
|
27
|
-
# A {::Google::Cloud::SecretManager::V1::Secret Secret} is made up of zero or more
|
28
|
-
#
|
27
|
+
# A {::Google::Cloud::SecretManager::V1::Secret Secret} is made up of zero or more
|
28
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} that represent
|
29
|
+
# the secret data.
|
29
30
|
# @!attribute [r] name
|
30
31
|
# @return [::String]
|
31
|
-
# Output only. The resource name of the
|
32
|
+
# Output only. The resource name of the
|
33
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} in the format
|
34
|
+
# `projects/*/secrets/*`.
|
32
35
|
# @!attribute [rw] replication
|
33
36
|
# @return [::Google::Cloud::SecretManager::V1::Replication]
|
34
|
-
# Required. Immutable. The replication policy of the secret data attached to
|
37
|
+
# Required. Immutable. The replication policy of the secret data attached to
|
38
|
+
# the {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
35
39
|
#
|
36
40
|
# The replication policy cannot be changed after the Secret has been created.
|
37
41
|
# @!attribute [r] create_time
|
38
42
|
# @return [::Google::Protobuf::Timestamp]
|
39
|
-
# Output only. The time at which the
|
43
|
+
# Output only. The time at which the
|
44
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} was created.
|
40
45
|
# @!attribute [rw] labels
|
41
46
|
# @return [::Google::Protobuf::Map{::String => ::String}]
|
42
47
|
# The labels assigned to this Secret.
|
@@ -52,22 +57,26 @@ module Google
|
|
52
57
|
# No more than 64 labels can be assigned to a given resource.
|
53
58
|
# @!attribute [rw] topics
|
54
59
|
# @return [::Array<::Google::Cloud::SecretManager::V1::Topic>]
|
55
|
-
# Optional. A list of up to 10 Pub/Sub topics to which messages are published
|
56
|
-
# control plane operations are called on the secret or its versions.
|
60
|
+
# Optional. A list of up to 10 Pub/Sub topics to which messages are published
|
61
|
+
# when control plane operations are called on the secret or its versions.
|
57
62
|
# @!attribute [rw] expire_time
|
58
63
|
# @return [::Google::Protobuf::Timestamp]
|
59
|
-
# Optional. Timestamp in UTC when the
|
60
|
-
#
|
64
|
+
# Optional. Timestamp in UTC when the
|
65
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} is scheduled to expire.
|
66
|
+
# This is always provided on output, regardless of what was sent on input.
|
61
67
|
# @!attribute [rw] ttl
|
62
68
|
# @return [::Google::Protobuf::Duration]
|
63
|
-
# Input only. The TTL for the
|
69
|
+
# Input only. The TTL for the
|
70
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
64
71
|
# @!attribute [rw] etag
|
65
72
|
# @return [::String]
|
66
|
-
# Optional. Etag of the currently stored
|
73
|
+
# Optional. Etag of the currently stored
|
74
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
67
75
|
# @!attribute [rw] rotation
|
68
76
|
# @return [::Google::Cloud::SecretManager::V1::Rotation]
|
69
|
-
# Optional. Rotation policy attached to the
|
70
|
-
#
|
77
|
+
# Optional. Rotation policy attached to the
|
78
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}. May be excluded if there is
|
79
|
+
# no rotation policy.
|
71
80
|
# @!attribute [rw] version_aliases
|
72
81
|
# @return [::Google::Protobuf::Map{::String => ::Integer}]
|
73
82
|
# Optional. Mapping from version alias to version name.
|
@@ -81,6 +90,20 @@ module Google
|
|
81
90
|
# Version-Alias pairs will be viewable via GetSecret and modifiable via
|
82
91
|
# UpdateSecret. At launch access by alias will only be supported on
|
83
92
|
# GetSecretVersion and AccessSecretVersion.
|
93
|
+
# @!attribute [rw] annotations
|
94
|
+
# @return [::Google::Protobuf::Map{::String => ::String}]
|
95
|
+
# Optional. Custom metadata about the secret.
|
96
|
+
#
|
97
|
+
# Annotations are distinct from various forms of labels.
|
98
|
+
# Annotations exist to allow client tools to store their own state
|
99
|
+
# information without requiring a database.
|
100
|
+
#
|
101
|
+
# Annotation keys must be between 1 and 63 characters long, have a UTF-8
|
102
|
+
# encoding of maximum 128 bytes, begin and end with an alphanumeric character
|
103
|
+
# ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and
|
104
|
+
# alphanumerics in between these symbols.
|
105
|
+
#
|
106
|
+
# The total size of annotation keys and values must be less than 16KiB.
|
84
107
|
class Secret
|
85
108
|
include ::Google::Protobuf::MessageExts
|
86
109
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -102,57 +125,83 @@ module Google
|
|
102
125
|
include ::Google::Protobuf::MessageExts
|
103
126
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
104
127
|
end
|
128
|
+
|
129
|
+
# @!attribute [rw] key
|
130
|
+
# @return [::String]
|
131
|
+
# @!attribute [rw] value
|
132
|
+
# @return [::String]
|
133
|
+
class AnnotationsEntry
|
134
|
+
include ::Google::Protobuf::MessageExts
|
135
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
136
|
+
end
|
105
137
|
end
|
106
138
|
|
107
139
|
# A secret version resource in the Secret Manager API.
|
108
140
|
# @!attribute [r] name
|
109
141
|
# @return [::String]
|
110
|
-
# Output only. The resource name of the
|
111
|
-
# format
|
142
|
+
# Output only. The resource name of the
|
143
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} in the format
|
144
|
+
# `projects/*/secrets/*/versions/*`.
|
112
145
|
#
|
113
|
-
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} IDs in a
|
114
|
-
#
|
146
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} IDs in a
|
147
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} start at 1 and are
|
148
|
+
# incremented for each subsequent version of the secret.
|
115
149
|
# @!attribute [r] create_time
|
116
150
|
# @return [::Google::Protobuf::Timestamp]
|
117
|
-
# Output only. The time at which the
|
151
|
+
# Output only. The time at which the
|
152
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} was created.
|
118
153
|
# @!attribute [r] destroy_time
|
119
154
|
# @return [::Google::Protobuf::Timestamp]
|
120
|
-
# Output only. The time this
|
121
|
-
#
|
155
|
+
# Output only. The time this
|
156
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} was destroyed.
|
157
|
+
# Only present if {::Google::Cloud::SecretManager::V1::SecretVersion#state state}
|
158
|
+
# is
|
122
159
|
# {::Google::Cloud::SecretManager::V1::SecretVersion::State::DESTROYED DESTROYED}.
|
123
160
|
# @!attribute [r] state
|
124
161
|
# @return [::Google::Cloud::SecretManager::V1::SecretVersion::State]
|
125
|
-
# Output only. The current state of the
|
162
|
+
# Output only. The current state of the
|
163
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
126
164
|
# @!attribute [rw] replication_status
|
127
165
|
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus]
|
128
|
-
# The replication status of the
|
166
|
+
# The replication status of the
|
167
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
129
168
|
# @!attribute [r] etag
|
130
169
|
# @return [::String]
|
131
|
-
# Output only. Etag of the currently stored
|
170
|
+
# Output only. Etag of the currently stored
|
171
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
132
172
|
# @!attribute [r] client_specified_payload_checksum
|
133
173
|
# @return [::Boolean]
|
134
|
-
# Output only. True if payload checksum specified in
|
135
|
-
#
|
174
|
+
# Output only. True if payload checksum specified in
|
175
|
+
# {::Google::Cloud::SecretManager::V1::SecretPayload SecretPayload} object has
|
176
|
+
# been received by
|
177
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client SecretManagerService}
|
178
|
+
# on
|
136
179
|
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client#add_secret_version SecretManagerService.AddSecretVersion}.
|
137
180
|
class SecretVersion
|
138
181
|
include ::Google::Protobuf::MessageExts
|
139
182
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
140
183
|
|
141
|
-
# The state of a
|
184
|
+
# The state of a
|
185
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}, indicating if
|
186
|
+
# it can be accessed.
|
142
187
|
module State
|
143
188
|
# Not specified. This value is unused and invalid.
|
144
189
|
STATE_UNSPECIFIED = 0
|
145
190
|
|
146
|
-
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may be
|
191
|
+
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may be
|
192
|
+
# accessed.
|
147
193
|
ENABLED = 1
|
148
194
|
|
149
|
-
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may not
|
150
|
-
# is still available and can be placed
|
195
|
+
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} may not
|
196
|
+
# be accessed, but the secret data is still available and can be placed
|
197
|
+
# back into the
|
198
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion::State::ENABLED ENABLED}
|
151
199
|
# state.
|
152
200
|
DISABLED = 2
|
153
201
|
|
154
|
-
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} is
|
155
|
-
# stored. A version may not
|
202
|
+
# The {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} is
|
203
|
+
# destroyed and the secret data is no longer stored. A version may not
|
204
|
+
# leave this state once entered.
|
156
205
|
DESTROYED = 3
|
157
206
|
end
|
158
207
|
end
|
@@ -160,54 +209,65 @@ module Google
|
|
160
209
|
# A policy that defines the replication and encryption configuration of data.
|
161
210
|
# @!attribute [rw] automatic
|
162
211
|
# @return [::Google::Cloud::SecretManager::V1::Replication::Automatic]
|
163
|
-
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will automatically be
|
212
|
+
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will automatically be
|
213
|
+
# replicated without any restrictions.
|
164
214
|
# @!attribute [rw] user_managed
|
165
215
|
# @return [::Google::Cloud::SecretManager::V1::Replication::UserManaged]
|
166
|
-
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will only be
|
216
|
+
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will only be
|
217
|
+
# replicated into the locations specified.
|
167
218
|
class Replication
|
168
219
|
include ::Google::Protobuf::MessageExts
|
169
220
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
170
221
|
|
171
|
-
# A replication policy that replicates the
|
222
|
+
# A replication policy that replicates the
|
223
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} payload without any
|
172
224
|
# restrictions.
|
173
225
|
# @!attribute [rw] customer_managed_encryption
|
174
226
|
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
|
175
|
-
# Optional. The customer-managed encryption configuration of the
|
176
|
-
#
|
227
|
+
# Optional. The customer-managed encryption configuration of the
|
228
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}. If no configuration is
|
229
|
+
# provided, Google-managed default encryption is used.
|
177
230
|
#
|
178
|
-
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption
|
179
|
-
#
|
180
|
-
#
|
231
|
+
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption
|
232
|
+
# configuration only apply to
|
233
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added
|
234
|
+
# afterwards. They do not apply retroactively to existing
|
235
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
|
181
236
|
class Automatic
|
182
237
|
include ::Google::Protobuf::MessageExts
|
183
238
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
184
239
|
end
|
185
240
|
|
186
|
-
# A replication policy that replicates the
|
187
|
-
#
|
241
|
+
# A replication policy that replicates the
|
242
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} payload into the locations
|
243
|
+
# specified in [Secret.replication.user_managed.replicas][]
|
188
244
|
# @!attribute [rw] replicas
|
189
245
|
# @return [::Array<::Google::Cloud::SecretManager::V1::Replication::UserManaged::Replica>]
|
190
|
-
# Required. The list of Replicas for this
|
246
|
+
# Required. The list of Replicas for this
|
247
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
191
248
|
#
|
192
249
|
# Cannot be empty.
|
193
250
|
class UserManaged
|
194
251
|
include ::Google::Protobuf::MessageExts
|
195
252
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
196
253
|
|
197
|
-
# Represents a Replica for this
|
254
|
+
# Represents a Replica for this
|
255
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
198
256
|
# @!attribute [rw] location
|
199
257
|
# @return [::String]
|
200
258
|
# The canonical IDs of the location to replicate data.
|
201
259
|
# For example: `"us-east1"`.
|
202
260
|
# @!attribute [rw] customer_managed_encryption
|
203
261
|
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
|
204
|
-
# Optional. The customer-managed encryption configuration of the
|
205
|
-
# Replica][Replication.UserManaged.Replica]. If no
|
206
|
-
# provided, Google-managed default encryption is used.
|
262
|
+
# Optional. The customer-managed encryption configuration of the
|
263
|
+
# [User-Managed Replica][Replication.UserManaged.Replica]. If no
|
264
|
+
# configuration is provided, Google-managed default encryption is used.
|
207
265
|
#
|
208
|
-
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret}
|
209
|
-
#
|
210
|
-
#
|
266
|
+
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret}
|
267
|
+
# encryption configuration only apply to
|
268
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added
|
269
|
+
# afterwards. They do not apply retroactively to existing
|
270
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
|
211
271
|
class Replica
|
212
272
|
include ::Google::Protobuf::MessageExts
|
213
273
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -219,15 +279,17 @@ module Google
|
|
219
279
|
# encryption keys (CMEK).
|
220
280
|
# @!attribute [rw] kms_key_name
|
221
281
|
# @return [::String]
|
222
|
-
# Required. The resource name of the Cloud KMS CryptoKey used to encrypt
|
223
|
-
# payloads.
|
282
|
+
# Required. The resource name of the Cloud KMS CryptoKey used to encrypt
|
283
|
+
# secret payloads.
|
224
284
|
#
|
225
|
-
# For secrets using the
|
226
|
-
#
|
227
|
-
#
|
285
|
+
# For secrets using the
|
286
|
+
# {::Google::Cloud::SecretManager::V1::Replication::UserManaged UserManaged}
|
287
|
+
# replication policy type, Cloud KMS CryptoKeys must reside in the same
|
288
|
+
# location as the [replica location][Secret.UserManaged.Replica.location].
|
228
289
|
#
|
229
|
-
# For secrets using the
|
230
|
-
#
|
290
|
+
# For secrets using the
|
291
|
+
# {::Google::Cloud::SecretManager::V1::Replication::Automatic Automatic}
|
292
|
+
# replication policy type, Cloud KMS CryptoKeys must reside in `global`.
|
231
293
|
#
|
232
294
|
# The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
|
233
295
|
class CustomerManagedEncryption
|
@@ -235,58 +297,70 @@ module Google
|
|
235
297
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
236
298
|
end
|
237
299
|
|
238
|
-
# The replication status of a
|
300
|
+
# The replication status of a
|
301
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
239
302
|
# @!attribute [rw] automatic
|
240
303
|
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::AutomaticStatus]
|
241
|
-
# Describes the replication status of a
|
304
|
+
# Describes the replication status of a
|
305
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
|
242
306
|
# automatic replication.
|
243
307
|
#
|
244
|
-
# Only populated if the parent
|
245
|
-
#
|
308
|
+
# Only populated if the parent
|
309
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} has an automatic
|
310
|
+
# replication policy.
|
246
311
|
# @!attribute [rw] user_managed
|
247
312
|
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus]
|
248
|
-
# Describes the replication status of a
|
313
|
+
# Describes the replication status of a
|
314
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
|
249
315
|
# user-managed replication.
|
250
316
|
#
|
251
|
-
# Only populated if the parent
|
252
|
-
#
|
317
|
+
# Only populated if the parent
|
318
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} has a user-managed
|
319
|
+
# replication policy.
|
253
320
|
class ReplicationStatus
|
254
321
|
include ::Google::Protobuf::MessageExts
|
255
322
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
256
323
|
|
257
|
-
# The replication status of a
|
324
|
+
# The replication status of a
|
325
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using
|
326
|
+
# automatic replication.
|
258
327
|
#
|
259
|
-
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret}
|
260
|
-
# policy.
|
328
|
+
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret}
|
329
|
+
# has an automatic replication policy.
|
261
330
|
# @!attribute [r] customer_managed_encryption
|
262
331
|
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
|
263
|
-
# Output only. The customer-managed encryption status of the
|
332
|
+
# Output only. The customer-managed encryption status of the
|
333
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
|
264
334
|
# populated if customer-managed encryption is used.
|
265
335
|
class AutomaticStatus
|
266
336
|
include ::Google::Protobuf::MessageExts
|
267
337
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
268
338
|
end
|
269
339
|
|
270
|
-
# The replication status of a
|
271
|
-
#
|
340
|
+
# The replication status of a
|
341
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using
|
342
|
+
# user-managed replication.
|
272
343
|
#
|
273
|
-
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret}
|
274
|
-
# policy.
|
344
|
+
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret}
|
345
|
+
# has a user-managed replication policy.
|
275
346
|
# @!attribute [r] replicas
|
276
347
|
# @return [::Array<::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus::ReplicaStatus>]
|
277
|
-
# Output only. The list of replica statuses for the
|
348
|
+
# Output only. The list of replica statuses for the
|
349
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
278
350
|
class UserManagedStatus
|
279
351
|
include ::Google::Protobuf::MessageExts
|
280
352
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
281
353
|
|
282
|
-
# Describes the status of a user-managed replica for the
|
354
|
+
# Describes the status of a user-managed replica for the
|
355
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
283
356
|
# @!attribute [r] location
|
284
357
|
# @return [::String]
|
285
358
|
# Output only. The canonical ID of the replica location.
|
286
359
|
# For example: `"us-east1"`.
|
287
360
|
# @!attribute [r] customer_managed_encryption
|
288
361
|
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
|
289
|
-
# Output only. The customer-managed encryption status of the
|
362
|
+
# Output only. The customer-managed encryption status of the
|
363
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
|
290
364
|
# populated if customer-managed encryption is used.
|
291
365
|
class ReplicaStatus
|
292
366
|
include ::Google::Protobuf::MessageExts
|
@@ -298,8 +372,8 @@ module Google
|
|
298
372
|
# Describes the status of customer-managed encryption.
|
299
373
|
# @!attribute [rw] kms_key_version_name
|
300
374
|
# @return [::String]
|
301
|
-
# Required. The resource name of the Cloud KMS CryptoKeyVersion used to
|
302
|
-
# secret payload, in the following format:
|
375
|
+
# Required. The resource name of the Cloud KMS CryptoKeyVersion used to
|
376
|
+
# encrypt the secret payload, in the following format:
|
303
377
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.
|
304
378
|
class CustomerManagedEncryptionStatus
|
305
379
|
include ::Google::Protobuf::MessageExts
|
@@ -310,50 +384,69 @@ module Google
|
|
310
384
|
# events occur on this secret.
|
311
385
|
# @!attribute [rw] name
|
312
386
|
# @return [::String]
|
313
|
-
# Required. The resource name of the Pub/Sub topic that will be published to,
|
314
|
-
# following format: `projects/*/topics/*`. For publication to succeed,
|
315
|
-
# Secret Manager P4SA must have `pubsub.publisher` permissions on the
|
387
|
+
# Required. The resource name of the Pub/Sub topic that will be published to,
|
388
|
+
# in the following format: `projects/*/topics/*`. For publication to succeed,
|
389
|
+
# the Secret Manager P4SA must have `pubsub.publisher` permissions on the
|
390
|
+
# topic.
|
316
391
|
class Topic
|
317
392
|
include ::Google::Protobuf::MessageExts
|
318
393
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
319
394
|
end
|
320
395
|
|
321
|
-
# The rotation time and period for a
|
396
|
+
# The rotation time and period for a
|
397
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret}. At next_rotation_time, Secret
|
322
398
|
# Manager will send a Pub/Sub notification to the topics configured on the
|
323
|
-
# Secret. {::Google::Cloud::SecretManager::V1::Secret#topics Secret.topics} must be
|
399
|
+
# Secret. {::Google::Cloud::SecretManager::V1::Secret#topics Secret.topics} must be
|
400
|
+
# set to configure rotation.
|
324
401
|
# @!attribute [rw] next_rotation_time
|
325
402
|
# @return [::Google::Protobuf::Timestamp]
|
326
|
-
# Optional. Timestamp in UTC at which the
|
327
|
-
#
|
328
|
-
#
|
403
|
+
# Optional. Timestamp in UTC at which the
|
404
|
+
# {::Google::Cloud::SecretManager::V1::Secret Secret} is scheduled to rotate.
|
405
|
+
# Cannot be set to less than 300s (5 min) in the future and at most
|
406
|
+
# 3153600000s (100 years).
|
329
407
|
#
|
330
|
-
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time}
|
408
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time}
|
409
|
+
# MUST be set if
|
410
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#rotation_period rotation_period}
|
411
|
+
# is set.
|
331
412
|
# @!attribute [rw] rotation_period
|
332
413
|
# @return [::Google::Protobuf::Duration]
|
333
414
|
# Input only. The Duration between rotation notifications. Must be in seconds
|
334
415
|
# and at least 3600s (1h) and at most 3153600000s (100 years).
|
335
416
|
#
|
336
|
-
# If
|
337
|
-
# {::Google::Cloud::SecretManager::V1::Rotation#
|
338
|
-
#
|
417
|
+
# If
|
418
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#rotation_period rotation_period}
|
419
|
+
# is set,
|
420
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time}
|
421
|
+
# must be set.
|
422
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time}
|
423
|
+
# will be advanced by this period when the service automatically sends
|
424
|
+
# rotation notifications.
|
339
425
|
class Rotation
|
340
426
|
include ::Google::Protobuf::MessageExts
|
341
427
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
342
428
|
end
|
343
429
|
|
344
430
|
# A secret payload resource in the Secret Manager API. This contains the
|
345
|
-
# sensitive secret payload that is associated with a
|
431
|
+
# sensitive secret payload that is associated with a
|
432
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
346
433
|
# @!attribute [rw] data
|
347
434
|
# @return [::String]
|
348
435
|
# The secret data. Must be no larger than 64KiB.
|
349
436
|
# @!attribute [rw] data_crc32c
|
350
437
|
# @return [::Integer]
|
351
|
-
# Optional. If specified,
|
352
|
-
#
|
353
|
-
#
|
354
|
-
# {::Google::Cloud::SecretManager::V1::
|
355
|
-
#
|
356
|
-
#
|
438
|
+
# Optional. If specified,
|
439
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client SecretManagerService}
|
440
|
+
# will verify the integrity of the received
|
441
|
+
# {::Google::Cloud::SecretManager::V1::SecretPayload#data data} on
|
442
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client#add_secret_version SecretManagerService.AddSecretVersion}
|
443
|
+
# calls using the crc32c checksum and store it to include in future
|
444
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client#access_secret_version SecretManagerService.AccessSecretVersion}
|
445
|
+
# responses. If a checksum is not provided in the
|
446
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client#add_secret_version SecretManagerService.AddSecretVersion}
|
447
|
+
# request, the
|
448
|
+
# {::Google::Cloud::SecretManager::V1::SecretManagerService::Client SecretManagerService}
|
449
|
+
# will generate and store one for you.
|
357
450
|
#
|
358
451
|
# The CRC32C value is encoded as a Int64 for compatibility, and can be
|
359
452
|
# safely downconverted to uint32 in languages that support this type.
|
@@ -26,8 +26,6 @@ module Google
|
|
26
26
|
# service Foo {
|
27
27
|
# rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);
|
28
28
|
# }
|
29
|
-
#
|
30
|
-
# The JSON representation for `Empty` is empty JSON object `{}`.
|
31
29
|
class Empty
|
32
30
|
include ::Google::Protobuf::MessageExts
|
33
31
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-secret_manager-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.16.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-03-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version:
|
19
|
+
version: 0.18.0
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version:
|
29
|
+
version: 0.18.0
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|
@@ -64,14 +64,14 @@ dependencies:
|
|
64
64
|
requirements:
|
65
65
|
- - "~>"
|
66
66
|
- !ruby/object:Gem::Version
|
67
|
-
version: 1.26.
|
67
|
+
version: 1.26.3
|
68
68
|
type: :development
|
69
69
|
prerelease: false
|
70
70
|
version_requirements: !ruby/object:Gem::Requirement
|
71
71
|
requirements:
|
72
72
|
- - "~>"
|
73
73
|
- !ruby/object:Gem::Version
|
74
|
-
version: 1.26.
|
74
|
+
version: 1.26.3
|
75
75
|
- !ruby/object:Gem::Dependency
|
76
76
|
name: minitest
|
77
77
|
requirement: !ruby/object:Gem::Requirement
|
@@ -187,16 +187,22 @@ files:
|
|
187
187
|
- README.md
|
188
188
|
- lib/google-cloud-secret_manager-v1.rb
|
189
189
|
- lib/google/cloud/secret_manager/v1.rb
|
190
|
+
- lib/google/cloud/secret_manager/v1/rest.rb
|
190
191
|
- lib/google/cloud/secret_manager/v1/secret_manager_service.rb
|
191
192
|
- lib/google/cloud/secret_manager/v1/secret_manager_service/client.rb
|
192
193
|
- lib/google/cloud/secret_manager/v1/secret_manager_service/credentials.rb
|
193
194
|
- lib/google/cloud/secret_manager/v1/secret_manager_service/paths.rb
|
195
|
+
- lib/google/cloud/secret_manager/v1/secret_manager_service/rest.rb
|
196
|
+
- lib/google/cloud/secret_manager/v1/secret_manager_service/rest/client.rb
|
197
|
+
- lib/google/cloud/secret_manager/v1/secret_manager_service/rest/service_stub.rb
|
194
198
|
- lib/google/cloud/secret_manager/v1/version.rb
|
195
199
|
- lib/google/cloud/secretmanager/v1/resources_pb.rb
|
196
200
|
- lib/google/cloud/secretmanager/v1/service_pb.rb
|
197
201
|
- lib/google/cloud/secretmanager/v1/service_services_pb.rb
|
198
202
|
- proto_docs/README.md
|
203
|
+
- proto_docs/google/api/client.rb
|
199
204
|
- proto_docs/google/api/field_behavior.rb
|
205
|
+
- proto_docs/google/api/launch_stage.rb
|
200
206
|
- proto_docs/google/api/resource.rb
|
201
207
|
- proto_docs/google/cloud/secretmanager/v1/resources.rb
|
202
208
|
- proto_docs/google/cloud/secretmanager/v1/service.rb
|
@@ -227,8 +233,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
227
233
|
- !ruby/object:Gem::Version
|
228
234
|
version: '0'
|
229
235
|
requirements: []
|
230
|
-
rubygems_version: 3.
|
236
|
+
rubygems_version: 3.4.2
|
231
237
|
signing_key:
|
232
238
|
specification_version: 4
|
233
|
-
summary:
|
239
|
+
summary: Stores sensitive data such as API keys, passwords, and certificates. Provides
|
240
|
+
convenience while improving security.
|
234
241
|
test_files: []
|