google-cloud-secret_manager-v1 0.4.3 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/google/cloud/secret_manager/v1.rb +3 -0
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/client.rb +3 -3
- data/lib/google/cloud/secret_manager/v1/version.rb +1 -1
- data/lib/google/cloud/secretmanager/v1/resources_pb.rb +36 -0
- data/lib/google/cloud/secretmanager/v1/service_services_pb.rb +15 -18
- data/proto_docs/google/api/resource.rb +50 -14
- data/proto_docs/google/cloud/secretmanager/v1/resources.rb +119 -1
- data/proto_docs/google/protobuf/duration.rb +98 -0
- metadata +6 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2661aeba908fe278c44a630a39dfe2b02dae220a52892ff0cb83f053aedf3ef9
|
4
|
+
data.tar.gz: 7e530986a32fa5821977177b957b5c4d2b5b436aa5e512c994deba64ac135331
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3a5b8939ecf7496ce7a4318c1395b7fd3999b815bf7fab66010df3db467d4098ff828c68794b2f406944b07d5687a7d843d8a139070580270eda7ddbdb55e96e
|
7
|
+
data.tar.gz: 37092d92c82917f057d58e6d72feaff6a65d51266c7b1ac977bed9ee8ee7dacb3eda75d342edf79aa395bd692c9f39949f417e8755cafebf7286186ff4d75029
|
@@ -92,7 +92,7 @@ module Google
|
|
92
92
|
initial_delay: 1.0,
|
93
93
|
max_delay: 60.0,
|
94
94
|
multiplier: 1.3,
|
95
|
-
retry_codes: [
|
95
|
+
retry_codes: [14, 2]
|
96
96
|
}
|
97
97
|
|
98
98
|
default_config.rpcs.disable_secret_version.timeout = 60.0
|
@@ -1347,7 +1347,7 @@ module Google
|
|
1347
1347
|
|
1348
1348
|
config_attr :endpoint, "secretmanager.googleapis.com", ::String
|
1349
1349
|
config_attr :credentials, nil do |value|
|
1350
|
-
allowed = [::String, ::Hash, ::Proc, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
1350
|
+
allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
|
1351
1351
|
allowed += [::GRPC::Core::Channel, ::GRPC::Core::ChannelCredentials] if defined? ::GRPC
|
1352
1352
|
allowed.any? { |klass| klass === value }
|
1353
1353
|
end
|
@@ -1387,7 +1387,7 @@ module Google
|
|
1387
1387
|
# Each configuration object is of type `Gapic::Config::Method` and includes
|
1388
1388
|
# the following configuration fields:
|
1389
1389
|
#
|
1390
|
-
# * `timeout` (*type:* `Numeric`) - The call timeout in
|
1390
|
+
# * `timeout` (*type:* `Numeric`) - The call timeout in seconds
|
1391
1391
|
# * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional gRPC headers
|
1392
1392
|
# * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
|
1393
1393
|
# include the following keys:
|
@@ -5,6 +5,7 @@ require 'google/protobuf'
|
|
5
5
|
|
6
6
|
require 'google/api/field_behavior_pb'
|
7
7
|
require 'google/api/resource_pb'
|
8
|
+
require 'google/protobuf/duration_pb'
|
8
9
|
require 'google/protobuf/timestamp_pb'
|
9
10
|
require 'google/api/annotations_pb'
|
10
11
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
@@ -14,12 +15,17 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
14
15
|
optional :replication, :message, 2, "google.cloud.secretmanager.v1.Replication"
|
15
16
|
optional :create_time, :message, 3, "google.protobuf.Timestamp"
|
16
17
|
map :labels, :string, :string, 4
|
18
|
+
oneof :expiration do
|
19
|
+
optional :expire_time, :message, 6, "google.protobuf.Timestamp"
|
20
|
+
optional :ttl, :message, 7, "google.protobuf.Duration"
|
21
|
+
end
|
17
22
|
end
|
18
23
|
add_message "google.cloud.secretmanager.v1.SecretVersion" do
|
19
24
|
optional :name, :string, 1
|
20
25
|
optional :create_time, :message, 2, "google.protobuf.Timestamp"
|
21
26
|
optional :destroy_time, :message, 3, "google.protobuf.Timestamp"
|
22
27
|
optional :state, :enum, 4, "google.cloud.secretmanager.v1.SecretVersion.State"
|
28
|
+
optional :replication_status, :message, 5, "google.cloud.secretmanager.v1.ReplicationStatus"
|
23
29
|
end
|
24
30
|
add_enum "google.cloud.secretmanager.v1.SecretVersion.State" do
|
25
31
|
value :STATE_UNSPECIFIED, 0
|
@@ -34,12 +40,36 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
34
40
|
end
|
35
41
|
end
|
36
42
|
add_message "google.cloud.secretmanager.v1.Replication.Automatic" do
|
43
|
+
optional :customer_managed_encryption, :message, 1, "google.cloud.secretmanager.v1.CustomerManagedEncryption"
|
37
44
|
end
|
38
45
|
add_message "google.cloud.secretmanager.v1.Replication.UserManaged" do
|
39
46
|
repeated :replicas, :message, 1, "google.cloud.secretmanager.v1.Replication.UserManaged.Replica"
|
40
47
|
end
|
41
48
|
add_message "google.cloud.secretmanager.v1.Replication.UserManaged.Replica" do
|
42
49
|
optional :location, :string, 1
|
50
|
+
optional :customer_managed_encryption, :message, 2, "google.cloud.secretmanager.v1.CustomerManagedEncryption"
|
51
|
+
end
|
52
|
+
add_message "google.cloud.secretmanager.v1.CustomerManagedEncryption" do
|
53
|
+
optional :kms_key_name, :string, 1
|
54
|
+
end
|
55
|
+
add_message "google.cloud.secretmanager.v1.ReplicationStatus" do
|
56
|
+
oneof :replication_status do
|
57
|
+
optional :automatic, :message, 1, "google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus"
|
58
|
+
optional :user_managed, :message, 2, "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus"
|
59
|
+
end
|
60
|
+
end
|
61
|
+
add_message "google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus" do
|
62
|
+
optional :customer_managed_encryption, :message, 1, "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus"
|
63
|
+
end
|
64
|
+
add_message "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus" do
|
65
|
+
repeated :replicas, :message, 1, "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus"
|
66
|
+
end
|
67
|
+
add_message "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus" do
|
68
|
+
optional :location, :string, 1
|
69
|
+
optional :customer_managed_encryption, :message, 2, "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus"
|
70
|
+
end
|
71
|
+
add_message "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus" do
|
72
|
+
optional :kms_key_version_name, :string, 1
|
43
73
|
end
|
44
74
|
add_message "google.cloud.secretmanager.v1.SecretPayload" do
|
45
75
|
optional :data, :bytes, 1
|
@@ -58,6 +88,12 @@ module Google
|
|
58
88
|
Replication::Automatic = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.Automatic").msgclass
|
59
89
|
Replication::UserManaged = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.UserManaged").msgclass
|
60
90
|
Replication::UserManaged::Replica = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.UserManaged.Replica").msgclass
|
91
|
+
CustomerManagedEncryption = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.CustomerManagedEncryption").msgclass
|
92
|
+
ReplicationStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus").msgclass
|
93
|
+
ReplicationStatus::AutomaticStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus").msgclass
|
94
|
+
ReplicationStatus::UserManagedStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus").msgclass
|
95
|
+
ReplicationStatus::UserManagedStatus::ReplicaStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus").msgclass
|
96
|
+
CustomerManagedEncryptionStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus").msgclass
|
61
97
|
SecretPayload = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.SecretPayload").msgclass
|
62
98
|
end
|
63
99
|
end
|
@@ -24,9 +24,6 @@ module Google
|
|
24
24
|
module SecretManager
|
25
25
|
module V1
|
26
26
|
module SecretManagerService
|
27
|
-
# `projects/*/secrets/*/versions/latest` is an alias to the `latest`
|
28
|
-
# [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
29
|
-
#
|
30
27
|
# Secret Manager Service
|
31
28
|
#
|
32
29
|
# Manages secrets and operations using those secrets. Implements a REST
|
@@ -43,56 +40,56 @@ module Google
|
|
43
40
|
self.service_name = 'google.cloud.secretmanager.v1.SecretManagerService'
|
44
41
|
|
45
42
|
# Lists [Secrets][google.cloud.secretmanager.v1.Secret].
|
46
|
-
rpc :ListSecrets, Google::Cloud::SecretManager::V1::ListSecretsRequest, Google::Cloud::SecretManager::V1::ListSecretsResponse
|
43
|
+
rpc :ListSecrets, ::Google::Cloud::SecretManager::V1::ListSecretsRequest, ::Google::Cloud::SecretManager::V1::ListSecretsResponse
|
47
44
|
# Creates a new [Secret][google.cloud.secretmanager.v1.Secret] containing no [SecretVersions][google.cloud.secretmanager.v1.SecretVersion].
|
48
|
-
rpc :CreateSecret, Google::Cloud::SecretManager::V1::CreateSecretRequest, Google::Cloud::SecretManager::V1::Secret
|
45
|
+
rpc :CreateSecret, ::Google::Cloud::SecretManager::V1::CreateSecretRequest, ::Google::Cloud::SecretManager::V1::Secret
|
49
46
|
# Creates a new [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] containing secret data and attaches
|
50
47
|
# it to an existing [Secret][google.cloud.secretmanager.v1.Secret].
|
51
|
-
rpc :AddSecretVersion, Google::Cloud::SecretManager::V1::AddSecretVersionRequest, Google::Cloud::SecretManager::V1::SecretVersion
|
48
|
+
rpc :AddSecretVersion, ::Google::Cloud::SecretManager::V1::AddSecretVersionRequest, ::Google::Cloud::SecretManager::V1::SecretVersion
|
52
49
|
# Gets metadata for a given [Secret][google.cloud.secretmanager.v1.Secret].
|
53
|
-
rpc :GetSecret, Google::Cloud::SecretManager::V1::GetSecretRequest, Google::Cloud::SecretManager::V1::Secret
|
50
|
+
rpc :GetSecret, ::Google::Cloud::SecretManager::V1::GetSecretRequest, ::Google::Cloud::SecretManager::V1::Secret
|
54
51
|
# Updates metadata of an existing [Secret][google.cloud.secretmanager.v1.Secret].
|
55
|
-
rpc :UpdateSecret, Google::Cloud::SecretManager::V1::UpdateSecretRequest, Google::Cloud::SecretManager::V1::Secret
|
52
|
+
rpc :UpdateSecret, ::Google::Cloud::SecretManager::V1::UpdateSecretRequest, ::Google::Cloud::SecretManager::V1::Secret
|
56
53
|
# Deletes a [Secret][google.cloud.secretmanager.v1.Secret].
|
57
|
-
rpc :DeleteSecret, Google::Cloud::SecretManager::V1::DeleteSecretRequest, Google::Protobuf::Empty
|
54
|
+
rpc :DeleteSecret, ::Google::Cloud::SecretManager::V1::DeleteSecretRequest, ::Google::Protobuf::Empty
|
58
55
|
# Lists [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. This call does not return secret
|
59
56
|
# data.
|
60
|
-
rpc :ListSecretVersions, Google::Cloud::SecretManager::V1::ListSecretVersionsRequest, Google::Cloud::SecretManager::V1::ListSecretVersionsResponse
|
57
|
+
rpc :ListSecretVersions, ::Google::Cloud::SecretManager::V1::ListSecretVersionsRequest, ::Google::Cloud::SecretManager::V1::ListSecretVersionsResponse
|
61
58
|
# Gets metadata for a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
62
59
|
#
|
63
60
|
# `projects/*/secrets/*/versions/latest` is an alias to the `latest`
|
64
61
|
# [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
65
|
-
rpc :GetSecretVersion, Google::Cloud::SecretManager::V1::GetSecretVersionRequest, Google::Cloud::SecretManager::V1::SecretVersion
|
62
|
+
rpc :GetSecretVersion, ::Google::Cloud::SecretManager::V1::GetSecretVersionRequest, ::Google::Cloud::SecretManager::V1::SecretVersion
|
66
63
|
# Accesses a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. This call returns the secret data.
|
67
64
|
#
|
68
65
|
# `projects/*/secrets/*/versions/latest` is an alias to the `latest`
|
69
66
|
# [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
70
|
-
rpc :AccessSecretVersion, Google::Cloud::SecretManager::V1::AccessSecretVersionRequest, Google::Cloud::SecretManager::V1::AccessSecretVersionResponse
|
67
|
+
rpc :AccessSecretVersion, ::Google::Cloud::SecretManager::V1::AccessSecretVersionRequest, ::Google::Cloud::SecretManager::V1::AccessSecretVersionResponse
|
71
68
|
# Disables a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
72
69
|
#
|
73
70
|
# Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
|
74
71
|
# [DISABLED][google.cloud.secretmanager.v1.SecretVersion.State.DISABLED].
|
75
|
-
rpc :DisableSecretVersion, Google::Cloud::SecretManager::V1::DisableSecretVersionRequest, Google::Cloud::SecretManager::V1::SecretVersion
|
72
|
+
rpc :DisableSecretVersion, ::Google::Cloud::SecretManager::V1::DisableSecretVersionRequest, ::Google::Cloud::SecretManager::V1::SecretVersion
|
76
73
|
# Enables a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
77
74
|
#
|
78
75
|
# Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
|
79
76
|
# [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED].
|
80
|
-
rpc :EnableSecretVersion, Google::Cloud::SecretManager::V1::EnableSecretVersionRequest, Google::Cloud::SecretManager::V1::SecretVersion
|
77
|
+
rpc :EnableSecretVersion, ::Google::Cloud::SecretManager::V1::EnableSecretVersionRequest, ::Google::Cloud::SecretManager::V1::SecretVersion
|
81
78
|
# Destroys a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
82
79
|
#
|
83
80
|
# Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
|
84
81
|
# [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED] and irrevocably destroys the
|
85
82
|
# secret data.
|
86
|
-
rpc :DestroySecretVersion, Google::Cloud::SecretManager::V1::DestroySecretVersionRequest, Google::Cloud::SecretManager::V1::SecretVersion
|
83
|
+
rpc :DestroySecretVersion, ::Google::Cloud::SecretManager::V1::DestroySecretVersionRequest, ::Google::Cloud::SecretManager::V1::SecretVersion
|
87
84
|
# Sets the access control policy on the specified secret. Replaces any
|
88
85
|
# existing policy.
|
89
86
|
#
|
90
87
|
# Permissions on [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] are enforced according
|
91
88
|
# to the policy set on the associated [Secret][google.cloud.secretmanager.v1.Secret].
|
92
|
-
rpc :SetIamPolicy, Google::Iam::V1::SetIamPolicyRequest, Google::Iam::V1::Policy
|
89
|
+
rpc :SetIamPolicy, ::Google::Iam::V1::SetIamPolicyRequest, ::Google::Iam::V1::Policy
|
93
90
|
# Gets the access control policy for a secret.
|
94
91
|
# Returns empty policy if the secret exists and does not have a policy set.
|
95
|
-
rpc :GetIamPolicy, Google::Iam::V1::GetIamPolicyRequest, Google::Iam::V1::Policy
|
92
|
+
rpc :GetIamPolicy, ::Google::Iam::V1::GetIamPolicyRequest, ::Google::Iam::V1::Policy
|
96
93
|
# Returns permissions that a caller has for the specified secret.
|
97
94
|
# If the secret does not exist, this call returns an empty set of
|
98
95
|
# permissions, not a NOT_FOUND error.
|
@@ -100,7 +97,7 @@ module Google
|
|
100
97
|
# Note: This operation is designed to be used for building permission-aware
|
101
98
|
# UIs and command-line tools, not for authorization checking. This operation
|
102
99
|
# may "fail open" without warning.
|
103
|
-
rpc :TestIamPermissions, Google::Iam::V1::TestIamPermissionsRequest, Google::Iam::V1::TestIamPermissionsResponse
|
100
|
+
rpc :TestIamPermissions, ::Google::Iam::V1::TestIamPermissionsRequest, ::Google::Iam::V1::TestIamPermissionsResponse
|
104
101
|
end
|
105
102
|
|
106
103
|
Stub = Service.rpc_stub_class
|
@@ -43,12 +43,12 @@ module Google
|
|
43
43
|
#
|
44
44
|
# The ResourceDescriptor Yaml config will look like:
|
45
45
|
#
|
46
|
-
#
|
47
|
-
#
|
48
|
-
#
|
49
|
-
#
|
50
|
-
#
|
51
|
-
#
|
46
|
+
# resources:
|
47
|
+
# - type: "pubsub.googleapis.com/Topic"
|
48
|
+
# name_descriptor:
|
49
|
+
# - pattern: "projects/{project}/topics/{topic}"
|
50
|
+
# parent_type: "cloudresourcemanager.googleapis.com/Project"
|
51
|
+
# parent_name_extractor: "projects/{project}"
|
52
52
|
#
|
53
53
|
# Sometimes, resources have multiple patterns, typically because they can
|
54
54
|
# live under multiple parents.
|
@@ -183,15 +183,24 @@ module Google
|
|
183
183
|
# }
|
184
184
|
# @!attribute [rw] plural
|
185
185
|
# @return [::String]
|
186
|
-
# The plural name used in the resource name, such as
|
187
|
-
# the name of 'projects/\\{project}'
|
188
|
-
#
|
186
|
+
# The plural name used in the resource name and permission names, such as
|
187
|
+
# 'projects' for the resource name of 'projects/\\{project}' and the permission
|
188
|
+
# name of 'cloudresourcemanager.googleapis.com/projects.get'. It is the same
|
189
|
+
# concept of the `plural` field in k8s CRD spec
|
189
190
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
191
|
+
#
|
192
|
+
# Note: The plural form is required even for singleton resources. See
|
193
|
+
# https://aip.dev/156
|
190
194
|
# @!attribute [rw] singular
|
191
195
|
# @return [::String]
|
192
196
|
# The same concept of the `singular` field in k8s CRD spec
|
193
197
|
# https://kubernetes.io/docs/tasks/access-kubernetes-api/custom-resources/custom-resource-definitions/
|
194
198
|
# Such as "project" for the `resourcemanager.googleapis.com/Project` type.
|
199
|
+
# @!attribute [rw] style
|
200
|
+
# @return [::Array<::Google::Api::ResourceDescriptor::Style>]
|
201
|
+
# Style flag(s) for this resource.
|
202
|
+
# These indicate that a resource is expected to conform to a given
|
203
|
+
# style. See the specific style flags for additional information.
|
195
204
|
class ResourceDescriptor
|
196
205
|
include ::Google::Protobuf::MessageExts
|
197
206
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -211,6 +220,22 @@ module Google
|
|
211
220
|
# that from being necessary once there are multiple patterns.)
|
212
221
|
FUTURE_MULTI_PATTERN = 2
|
213
222
|
end
|
223
|
+
|
224
|
+
# A flag representing a specific style that a resource claims to conform to.
|
225
|
+
module Style
|
226
|
+
# The unspecified value. Do not use.
|
227
|
+
STYLE_UNSPECIFIED = 0
|
228
|
+
|
229
|
+
# This resource is intended to be "declarative-friendly".
|
230
|
+
#
|
231
|
+
# Declarative-friendly resources must be more strictly consistent, and
|
232
|
+
# setting this to true communicates to tools that this resource should
|
233
|
+
# adhere to declarative-friendly expectations.
|
234
|
+
#
|
235
|
+
# Note: This is used by the API linter (linter.aip.dev) to enable
|
236
|
+
# additional checks.
|
237
|
+
DECLARATIVE_FRIENDLY = 1
|
238
|
+
end
|
214
239
|
end
|
215
240
|
|
216
241
|
# Defines a proto annotation that describes a string field that refers to
|
@@ -226,6 +251,17 @@ module Google
|
|
226
251
|
# type: "pubsub.googleapis.com/Topic"
|
227
252
|
# }];
|
228
253
|
# }
|
254
|
+
#
|
255
|
+
# Occasionally, a field may reference an arbitrary resource. In this case,
|
256
|
+
# APIs use the special value * in their resource reference.
|
257
|
+
#
|
258
|
+
# Example:
|
259
|
+
#
|
260
|
+
# message GetIamPolicyRequest {
|
261
|
+
# string resource = 2 [(google.api.resource_reference) = {
|
262
|
+
# type: "*"
|
263
|
+
# }];
|
264
|
+
# }
|
229
265
|
# @!attribute [rw] child_type
|
230
266
|
# @return [::String]
|
231
267
|
# The resource type of a child collection that the annotated field
|
@@ -234,11 +270,11 @@ module Google
|
|
234
270
|
#
|
235
271
|
# Example:
|
236
272
|
#
|
237
|
-
#
|
238
|
-
#
|
239
|
-
#
|
240
|
-
#
|
241
|
-
#
|
273
|
+
# message ListLogEntriesRequest {
|
274
|
+
# string parent = 1 [(google.api.resource_reference) = {
|
275
|
+
# child_type: "logging.googleapis.com/LogEntry"
|
276
|
+
# };
|
277
|
+
# }
|
242
278
|
class ResourceReference
|
243
279
|
include ::Google::Protobuf::MessageExts
|
244
280
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -50,6 +50,13 @@ module Google
|
|
50
50
|
# regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`
|
51
51
|
#
|
52
52
|
# No more than 64 labels can be assigned to a given resource.
|
53
|
+
# @!attribute [rw] expire_time
|
54
|
+
# @return [::Google::Protobuf::Timestamp]
|
55
|
+
# Optional. Timestamp in UTC when the {::Google::Cloud::SecretManager::V1::Secret Secret} is scheduled to expire. This is
|
56
|
+
# always provided on output, regardless of what was sent on input.
|
57
|
+
# @!attribute [rw] ttl
|
58
|
+
# @return [::Google::Protobuf::Duration]
|
59
|
+
# Input only. The TTL for the {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
53
60
|
class Secret
|
54
61
|
include ::Google::Protobuf::MessageExts
|
55
62
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -83,6 +90,9 @@ module Google
|
|
83
90
|
# @!attribute [r] state
|
84
91
|
# @return [::Google::Cloud::SecretManager::V1::SecretVersion::State]
|
85
92
|
# Output only. The current state of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
93
|
+
# @!attribute [rw] replication_status
|
94
|
+
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus]
|
95
|
+
# The replication status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
86
96
|
class SecretVersion
|
87
97
|
include ::Google::Protobuf::MessageExts
|
88
98
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -106,7 +116,7 @@ module Google
|
|
106
116
|
end
|
107
117
|
end
|
108
118
|
|
109
|
-
# A policy that defines the replication configuration of data.
|
119
|
+
# A policy that defines the replication and encryption configuration of data.
|
110
120
|
# @!attribute [rw] automatic
|
111
121
|
# @return [::Google::Cloud::SecretManager::V1::Replication::Automatic]
|
112
122
|
# The {::Google::Cloud::SecretManager::V1::Secret Secret} will automatically be replicated without any restrictions.
|
@@ -119,6 +129,14 @@ module Google
|
|
119
129
|
|
120
130
|
# A replication policy that replicates the {::Google::Cloud::SecretManager::V1::Secret Secret} payload without any
|
121
131
|
# restrictions.
|
132
|
+
# @!attribute [rw] customer_managed_encryption
|
133
|
+
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
|
134
|
+
# Optional. The customer-managed encryption configuration of the {::Google::Cloud::SecretManager::V1::Secret Secret}. If no
|
135
|
+
# configuration is provided, Google-managed default encryption is used.
|
136
|
+
#
|
137
|
+
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption configuration only apply to
|
138
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added afterwards. They do not apply
|
139
|
+
# retroactively to existing {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
|
122
140
|
class Automatic
|
123
141
|
include ::Google::Protobuf::MessageExts
|
124
142
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -140,6 +158,15 @@ module Google
|
|
140
158
|
# @return [::String]
|
141
159
|
# The canonical IDs of the location to replicate data.
|
142
160
|
# For example: `"us-east1"`.
|
161
|
+
# @!attribute [rw] customer_managed_encryption
|
162
|
+
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
|
163
|
+
# Optional. The customer-managed encryption configuration of the [User-Managed
|
164
|
+
# Replica][Replication.UserManaged.Replica]. If no configuration is
|
165
|
+
# provided, Google-managed default encryption is used.
|
166
|
+
#
|
167
|
+
# Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption configuration only apply to
|
168
|
+
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added afterwards. They do not apply
|
169
|
+
# retroactively to existing {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
|
143
170
|
class Replica
|
144
171
|
include ::Google::Protobuf::MessageExts
|
145
172
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -147,6 +174,97 @@ module Google
|
|
147
174
|
end
|
148
175
|
end
|
149
176
|
|
177
|
+
# Configuration for encrypting secret payloads using customer-managed
|
178
|
+
# encryption keys (CMEK).
|
179
|
+
# @!attribute [rw] kms_key_name
|
180
|
+
# @return [::String]
|
181
|
+
# Required. The resource name of the Cloud KMS CryptoKey used to encrypt secret
|
182
|
+
# payloads.
|
183
|
+
#
|
184
|
+
# For secrets using the {::Google::Cloud::SecretManager::V1::Replication::UserManaged UserManaged} replication
|
185
|
+
# policy type, Cloud KMS CryptoKeys must reside in the same location as the
|
186
|
+
# [replica location][Secret.UserManaged.Replica.location].
|
187
|
+
#
|
188
|
+
# For secrets using the {::Google::Cloud::SecretManager::V1::Replication::Automatic Automatic} replication policy
|
189
|
+
# type, Cloud KMS CryptoKeys must reside in `global`.
|
190
|
+
#
|
191
|
+
# The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
|
192
|
+
class CustomerManagedEncryption
|
193
|
+
include ::Google::Protobuf::MessageExts
|
194
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
195
|
+
end
|
196
|
+
|
197
|
+
# The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
198
|
+
# @!attribute [rw] automatic
|
199
|
+
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::AutomaticStatus]
|
200
|
+
# Describes the replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
|
201
|
+
# automatic replication.
|
202
|
+
#
|
203
|
+
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has an automatic replication
|
204
|
+
# policy.
|
205
|
+
# @!attribute [rw] user_managed
|
206
|
+
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus]
|
207
|
+
# Describes the replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
|
208
|
+
# user-managed replication.
|
209
|
+
#
|
210
|
+
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has a user-managed replication
|
211
|
+
# policy.
|
212
|
+
class ReplicationStatus
|
213
|
+
include ::Google::Protobuf::MessageExts
|
214
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
215
|
+
|
216
|
+
# The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using automatic replication.
|
217
|
+
#
|
218
|
+
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has an automatic replication
|
219
|
+
# policy.
|
220
|
+
# @!attribute [r] customer_managed_encryption
|
221
|
+
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
|
222
|
+
# Output only. The customer-managed encryption status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
|
223
|
+
# populated if customer-managed encryption is used.
|
224
|
+
class AutomaticStatus
|
225
|
+
include ::Google::Protobuf::MessageExts
|
226
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
227
|
+
end
|
228
|
+
|
229
|
+
# The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using user-managed
|
230
|
+
# replication.
|
231
|
+
#
|
232
|
+
# Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has a user-managed replication
|
233
|
+
# policy.
|
234
|
+
# @!attribute [r] replicas
|
235
|
+
# @return [::Array<::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus::ReplicaStatus>]
|
236
|
+
# Output only. The list of replica statuses for the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
237
|
+
class UserManagedStatus
|
238
|
+
include ::Google::Protobuf::MessageExts
|
239
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
240
|
+
|
241
|
+
# Describes the status of a user-managed replica for the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
242
|
+
# @!attribute [r] location
|
243
|
+
# @return [::String]
|
244
|
+
# Output only. The canonical ID of the replica location.
|
245
|
+
# For example: `"us-east1"`.
|
246
|
+
# @!attribute [r] customer_managed_encryption
|
247
|
+
# @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
|
248
|
+
# Output only. The customer-managed encryption status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
|
249
|
+
# populated if customer-managed encryption is used.
|
250
|
+
class ReplicaStatus
|
251
|
+
include ::Google::Protobuf::MessageExts
|
252
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
253
|
+
end
|
254
|
+
end
|
255
|
+
end
|
256
|
+
|
257
|
+
# Describes the status of customer-managed encryption.
|
258
|
+
# @!attribute [rw] kms_key_version_name
|
259
|
+
# @return [::String]
|
260
|
+
# Required. The resource name of the Cloud KMS CryptoKeyVersion used to encrypt the
|
261
|
+
# secret payload, in the following format:
|
262
|
+
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.
|
263
|
+
class CustomerManagedEncryptionStatus
|
264
|
+
include ::Google::Protobuf::MessageExts
|
265
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
266
|
+
end
|
267
|
+
|
150
268
|
# A secret payload resource in the Secret Manager API. This contains the
|
151
269
|
# sensitive secret payload that is associated with a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
152
270
|
# @!attribute [rw] data
|
@@ -0,0 +1,98 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2021 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Protobuf
|
22
|
+
# A Duration represents a signed, fixed-length span of time represented
|
23
|
+
# as a count of seconds and fractions of seconds at nanosecond
|
24
|
+
# resolution. It is independent of any calendar and concepts like "day"
|
25
|
+
# or "month". It is related to Timestamp in that the difference between
|
26
|
+
# two Timestamp values is a Duration and it can be added or subtracted
|
27
|
+
# from a Timestamp. Range is approximately +-10,000 years.
|
28
|
+
#
|
29
|
+
# # Examples
|
30
|
+
#
|
31
|
+
# Example 1: Compute Duration from two Timestamps in pseudo code.
|
32
|
+
#
|
33
|
+
# Timestamp start = ...;
|
34
|
+
# Timestamp end = ...;
|
35
|
+
# Duration duration = ...;
|
36
|
+
#
|
37
|
+
# duration.seconds = end.seconds - start.seconds;
|
38
|
+
# duration.nanos = end.nanos - start.nanos;
|
39
|
+
#
|
40
|
+
# if (duration.seconds < 0 && duration.nanos > 0) {
|
41
|
+
# duration.seconds += 1;
|
42
|
+
# duration.nanos -= 1000000000;
|
43
|
+
# } else if (duration.seconds > 0 && duration.nanos < 0) {
|
44
|
+
# duration.seconds -= 1;
|
45
|
+
# duration.nanos += 1000000000;
|
46
|
+
# }
|
47
|
+
#
|
48
|
+
# Example 2: Compute Timestamp from Timestamp + Duration in pseudo code.
|
49
|
+
#
|
50
|
+
# Timestamp start = ...;
|
51
|
+
# Duration duration = ...;
|
52
|
+
# Timestamp end = ...;
|
53
|
+
#
|
54
|
+
# end.seconds = start.seconds + duration.seconds;
|
55
|
+
# end.nanos = start.nanos + duration.nanos;
|
56
|
+
#
|
57
|
+
# if (end.nanos < 0) {
|
58
|
+
# end.seconds -= 1;
|
59
|
+
# end.nanos += 1000000000;
|
60
|
+
# } else if (end.nanos >= 1000000000) {
|
61
|
+
# end.seconds += 1;
|
62
|
+
# end.nanos -= 1000000000;
|
63
|
+
# }
|
64
|
+
#
|
65
|
+
# Example 3: Compute Duration from datetime.timedelta in Python.
|
66
|
+
#
|
67
|
+
# td = datetime.timedelta(days=3, minutes=10)
|
68
|
+
# duration = Duration()
|
69
|
+
# duration.FromTimedelta(td)
|
70
|
+
#
|
71
|
+
# # JSON Mapping
|
72
|
+
#
|
73
|
+
# In JSON format, the Duration type is encoded as a string rather than an
|
74
|
+
# object, where the string ends in the suffix "s" (indicating seconds) and
|
75
|
+
# is preceded by the number of seconds, with nanoseconds expressed as
|
76
|
+
# fractional seconds. For example, 3 seconds with 0 nanoseconds should be
|
77
|
+
# encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should
|
78
|
+
# be expressed in JSON format as "3.000000001s", and 3 seconds and 1
|
79
|
+
# microsecond should be expressed in JSON format as "3.000001s".
|
80
|
+
# @!attribute [rw] seconds
|
81
|
+
# @return [::Integer]
|
82
|
+
# Signed seconds of the span of time. Must be from -315,576,000,000
|
83
|
+
# to +315,576,000,000 inclusive. Note: these bounds are computed from:
|
84
|
+
# 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
|
85
|
+
# @!attribute [rw] nanos
|
86
|
+
# @return [::Integer]
|
87
|
+
# Signed fractions of a second at nanosecond resolution of the span
|
88
|
+
# of time. Durations less than one second are represented with a 0
|
89
|
+
# `seconds` field and a positive or negative `nanos` field. For durations
|
90
|
+
# of one second or more, a non-zero value for the `nanos` field must be
|
91
|
+
# of the same sign as the `seconds` field. Must be from -999,999,999
|
92
|
+
# to +999,999,999 inclusive.
|
93
|
+
class Duration
|
94
|
+
include ::Google::Protobuf::MessageExts
|
95
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-secret_manager-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-01-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.3'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '0.
|
26
|
+
version: '0.3'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: google-cloud-errors
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -201,6 +201,7 @@ files:
|
|
201
201
|
- proto_docs/google/iam/v1/iam_policy.rb
|
202
202
|
- proto_docs/google/iam/v1/options.rb
|
203
203
|
- proto_docs/google/iam/v1/policy.rb
|
204
|
+
- proto_docs/google/protobuf/duration.rb
|
204
205
|
- proto_docs/google/protobuf/empty.rb
|
205
206
|
- proto_docs/google/protobuf/field_mask.rb
|
206
207
|
- proto_docs/google/protobuf/timestamp.rb
|
@@ -224,7 +225,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
224
225
|
- !ruby/object:Gem::Version
|
225
226
|
version: '0'
|
226
227
|
requirements: []
|
227
|
-
rubygems_version: 3.
|
228
|
+
rubygems_version: 3.2.6
|
228
229
|
signing_key:
|
229
230
|
specification_version: 4
|
230
231
|
summary: API Client library for the Secret Manager V1 API
|