google-cloud-secret_manager-v1 0.5.1 → 0.10.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE.md +188 -190
- data/README.md +66 -2
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/client.rb +58 -32
- data/lib/google/cloud/secret_manager/v1/secret_manager_service/paths.rb +17 -0
- data/lib/google/cloud/secret_manager/v1/version.rb +1 -1
- data/lib/google/cloud/secretmanager/v1/resources_pb.rb +18 -0
- data/lib/google/cloud/secretmanager/v1/service_pb.rb +4 -0
- data/lib/google/cloud/secretmanager/v1/service_services_pb.rb +5 -5
- data/proto_docs/google/api/field_behavior.rb +6 -0
- data/proto_docs/google/cloud/secretmanager/v1/resources.rb +56 -0
- data/proto_docs/google/cloud/secretmanager/v1/service.rb +26 -2
- data/proto_docs/google/protobuf/duration.rb +98 -0
- data/proto_docs/google/protobuf/timestamp.rb +10 -1
- metadata +12 -9
@@ -66,7 +66,7 @@ module Google
|
|
66
66
|
parent_config = while namespace.any?
|
67
67
|
parent_name = namespace.join "::"
|
68
68
|
parent_const = const_get parent_name
|
69
|
-
break parent_const.configure if parent_const
|
69
|
+
break parent_const.configure if parent_const.respond_to? :configure
|
70
70
|
namespace.pop
|
71
71
|
end
|
72
72
|
default_config = Client::Configuration.new parent_config
|
@@ -90,9 +90,9 @@ module Google
|
|
90
90
|
default_config.rpcs.access_secret_version.timeout = 60.0
|
91
91
|
default_config.rpcs.access_secret_version.retry_policy = {
|
92
92
|
initial_delay: 1.0,
|
93
|
-
max_delay:
|
94
|
-
multiplier:
|
95
|
-
retry_codes:
|
93
|
+
max_delay: 60.0,
|
94
|
+
multiplier: 1.3,
|
95
|
+
retry_codes: [14, 2]
|
96
96
|
}
|
97
97
|
|
98
98
|
default_config.rpcs.disable_secret_version.timeout = 60.0
|
@@ -168,7 +168,13 @@ module Google
|
|
168
168
|
|
169
169
|
# Create credentials
|
170
170
|
credentials = @config.credentials
|
171
|
-
|
171
|
+
# Use self-signed JWT if the scope and endpoint are unchanged from default,
|
172
|
+
# but only if the default endpoint does not have a region prefix.
|
173
|
+
enable_self_signed_jwt = @config.scope == Client.configure.scope &&
|
174
|
+
@config.endpoint == Client.configure.endpoint &&
|
175
|
+
!@config.endpoint.split(".").first.include?("-")
|
176
|
+
credentials ||= Credentials.default scope: @config.scope,
|
177
|
+
enable_self_signed_jwt: enable_self_signed_jwt
|
172
178
|
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
173
179
|
credentials = Credentials.new credentials, scope: @config.scope
|
174
180
|
end
|
@@ -553,7 +559,7 @@ module Google
|
|
553
559
|
# @param options [::Gapic::CallOptions, ::Hash]
|
554
560
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
555
561
|
#
|
556
|
-
# @overload delete_secret(name: nil)
|
562
|
+
# @overload delete_secret(name: nil, etag: nil)
|
557
563
|
# Pass arguments to `delete_secret` via keyword arguments. Note that at
|
558
564
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
559
565
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -561,6 +567,10 @@ module Google
|
|
561
567
|
# @param name [::String]
|
562
568
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::Secret Secret} to delete in the format
|
563
569
|
# `projects/*/secrets/*`.
|
570
|
+
# @param etag [::String]
|
571
|
+
# Optional. Etag of the {::Google::Cloud::SecretManager::V1::Secret Secret}. The request succeeds if it matches
|
572
|
+
# the etag of the currently stored secret object. If the etag is omitted,
|
573
|
+
# the request succeeds.
|
564
574
|
#
|
565
575
|
# @yield [response, operation] Access the result along with the RPC operation
|
566
576
|
# @yieldparam response [::Google::Protobuf::Empty]
|
@@ -687,8 +697,8 @@ module Google
|
|
687
697
|
##
|
688
698
|
# Gets metadata for a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
689
699
|
#
|
690
|
-
# `projects/*/secrets/*/versions/latest` is an alias to the
|
691
|
-
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
700
|
+
# `projects/*/secrets/*/versions/latest` is an alias to the most recently
|
701
|
+
# created {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
692
702
|
#
|
693
703
|
# @overload get_secret_version(request, options = nil)
|
694
704
|
# Pass arguments to `get_secret_version` via a request object, either of type
|
@@ -708,8 +718,9 @@ module Google
|
|
708
718
|
# @param name [::String]
|
709
719
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} in the format
|
710
720
|
# `projects/*/secrets/*/versions/*`.
|
711
|
-
#
|
712
|
-
#
|
721
|
+
#
|
722
|
+
# `projects/*/secrets/*/versions/latest` is an alias to the most recently
|
723
|
+
# created {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
713
724
|
#
|
714
725
|
# @yield [response, operation] Access the result along with the RPC operation
|
715
726
|
# @yieldparam response [::Google::Cloud::SecretManager::V1::SecretVersion]
|
@@ -759,8 +770,8 @@ module Google
|
|
759
770
|
##
|
760
771
|
# Accesses a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. This call returns the secret data.
|
761
772
|
#
|
762
|
-
# `projects/*/secrets/*/versions/latest` is an alias to the
|
763
|
-
# {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
773
|
+
# `projects/*/secrets/*/versions/latest` is an alias to the most recently
|
774
|
+
# created {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
764
775
|
#
|
765
776
|
# @overload access_secret_version(request, options = nil)
|
766
777
|
# Pass arguments to `access_secret_version` via a request object, either of type
|
@@ -781,6 +792,9 @@ module Google
|
|
781
792
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} in the format
|
782
793
|
# `projects/*/secrets/*/versions/*`.
|
783
794
|
#
|
795
|
+
# `projects/*/secrets/*/versions/latest` is an alias to the most recently
|
796
|
+
# created {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
797
|
+
#
|
784
798
|
# @yield [response, operation] Access the result along with the RPC operation
|
785
799
|
# @yieldparam response [::Google::Cloud::SecretManager::V1::AccessSecretVersionResponse]
|
786
800
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
@@ -842,7 +856,7 @@ module Google
|
|
842
856
|
# @param options [::Gapic::CallOptions, ::Hash]
|
843
857
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
844
858
|
#
|
845
|
-
# @overload disable_secret_version(name: nil)
|
859
|
+
# @overload disable_secret_version(name: nil, etag: nil)
|
846
860
|
# Pass arguments to `disable_secret_version` via keyword arguments. Note that at
|
847
861
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
848
862
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -850,6 +864,10 @@ module Google
|
|
850
864
|
# @param name [::String]
|
851
865
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} to disable in the format
|
852
866
|
# `projects/*/secrets/*/versions/*`.
|
867
|
+
# @param etag [::String]
|
868
|
+
# Optional. Etag of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. The request succeeds if it matches
|
869
|
+
# the etag of the currently stored secret version object. If the etag is
|
870
|
+
# omitted, the request succeeds.
|
853
871
|
#
|
854
872
|
# @yield [response, operation] Access the result along with the RPC operation
|
855
873
|
# @yieldparam response [::Google::Cloud::SecretManager::V1::SecretVersion]
|
@@ -912,7 +930,7 @@ module Google
|
|
912
930
|
# @param options [::Gapic::CallOptions, ::Hash]
|
913
931
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
914
932
|
#
|
915
|
-
# @overload enable_secret_version(name: nil)
|
933
|
+
# @overload enable_secret_version(name: nil, etag: nil)
|
916
934
|
# Pass arguments to `enable_secret_version` via keyword arguments. Note that at
|
917
935
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
918
936
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -920,6 +938,10 @@ module Google
|
|
920
938
|
# @param name [::String]
|
921
939
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} to enable in the format
|
922
940
|
# `projects/*/secrets/*/versions/*`.
|
941
|
+
# @param etag [::String]
|
942
|
+
# Optional. Etag of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. The request succeeds if it matches
|
943
|
+
# the etag of the currently stored secret version object. If the etag is
|
944
|
+
# omitted, the request succeeds.
|
923
945
|
#
|
924
946
|
# @yield [response, operation] Access the result along with the RPC operation
|
925
947
|
# @yieldparam response [::Google::Cloud::SecretManager::V1::SecretVersion]
|
@@ -983,7 +1005,7 @@ module Google
|
|
983
1005
|
# @param options [::Gapic::CallOptions, ::Hash]
|
984
1006
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
985
1007
|
#
|
986
|
-
# @overload destroy_secret_version(name: nil)
|
1008
|
+
# @overload destroy_secret_version(name: nil, etag: nil)
|
987
1009
|
# Pass arguments to `destroy_secret_version` via keyword arguments. Note that at
|
988
1010
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
989
1011
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -991,6 +1013,10 @@ module Google
|
|
991
1013
|
# @param name [::String]
|
992
1014
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} to destroy in the format
|
993
1015
|
# `projects/*/secrets/*/versions/*`.
|
1016
|
+
# @param etag [::String]
|
1017
|
+
# Optional. Etag of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. The request succeeds if it matches
|
1018
|
+
# the etag of the currently stored secret version object. If the etag is
|
1019
|
+
# omitted, the request succeeds.
|
994
1020
|
#
|
995
1021
|
# @yield [response, operation] Access the result along with the RPC operation
|
996
1022
|
# @yieldparam response [::Google::Cloud::SecretManager::V1::SecretVersion]
|
@@ -1354,7 +1380,7 @@ module Google
|
|
1354
1380
|
config_attr :scope, nil, ::String, ::Array, nil
|
1355
1381
|
config_attr :lib_name, nil, ::String, nil
|
1356
1382
|
config_attr :lib_version, nil, ::String, nil
|
1357
|
-
config_attr(:channel_args, { "grpc.service_config_disable_resolution"=>1 }, ::Hash, nil)
|
1383
|
+
config_attr(:channel_args, { "grpc.service_config_disable_resolution" => 1 }, ::Hash, nil)
|
1358
1384
|
config_attr :interceptors, nil, ::Array, nil
|
1359
1385
|
config_attr :timeout, nil, ::Numeric, nil
|
1360
1386
|
config_attr :metadata, nil, ::Hash, nil
|
@@ -1375,7 +1401,7 @@ module Google
|
|
1375
1401
|
def rpcs
|
1376
1402
|
@rpcs ||= begin
|
1377
1403
|
parent_rpcs = nil
|
1378
|
-
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config
|
1404
|
+
parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
|
1379
1405
|
Rpcs.new parent_rpcs
|
1380
1406
|
end
|
1381
1407
|
end
|
@@ -1476,35 +1502,35 @@ module Google
|
|
1476
1502
|
|
1477
1503
|
# @private
|
1478
1504
|
def initialize parent_rpcs = nil
|
1479
|
-
list_secrets_config = parent_rpcs
|
1505
|
+
list_secrets_config = parent_rpcs.list_secrets if parent_rpcs.respond_to? :list_secrets
|
1480
1506
|
@list_secrets = ::Gapic::Config::Method.new list_secrets_config
|
1481
|
-
create_secret_config = parent_rpcs
|
1507
|
+
create_secret_config = parent_rpcs.create_secret if parent_rpcs.respond_to? :create_secret
|
1482
1508
|
@create_secret = ::Gapic::Config::Method.new create_secret_config
|
1483
|
-
add_secret_version_config = parent_rpcs
|
1509
|
+
add_secret_version_config = parent_rpcs.add_secret_version if parent_rpcs.respond_to? :add_secret_version
|
1484
1510
|
@add_secret_version = ::Gapic::Config::Method.new add_secret_version_config
|
1485
|
-
get_secret_config = parent_rpcs
|
1511
|
+
get_secret_config = parent_rpcs.get_secret if parent_rpcs.respond_to? :get_secret
|
1486
1512
|
@get_secret = ::Gapic::Config::Method.new get_secret_config
|
1487
|
-
update_secret_config = parent_rpcs
|
1513
|
+
update_secret_config = parent_rpcs.update_secret if parent_rpcs.respond_to? :update_secret
|
1488
1514
|
@update_secret = ::Gapic::Config::Method.new update_secret_config
|
1489
|
-
delete_secret_config = parent_rpcs
|
1515
|
+
delete_secret_config = parent_rpcs.delete_secret if parent_rpcs.respond_to? :delete_secret
|
1490
1516
|
@delete_secret = ::Gapic::Config::Method.new delete_secret_config
|
1491
|
-
list_secret_versions_config = parent_rpcs
|
1517
|
+
list_secret_versions_config = parent_rpcs.list_secret_versions if parent_rpcs.respond_to? :list_secret_versions
|
1492
1518
|
@list_secret_versions = ::Gapic::Config::Method.new list_secret_versions_config
|
1493
|
-
get_secret_version_config = parent_rpcs
|
1519
|
+
get_secret_version_config = parent_rpcs.get_secret_version if parent_rpcs.respond_to? :get_secret_version
|
1494
1520
|
@get_secret_version = ::Gapic::Config::Method.new get_secret_version_config
|
1495
|
-
access_secret_version_config = parent_rpcs
|
1521
|
+
access_secret_version_config = parent_rpcs.access_secret_version if parent_rpcs.respond_to? :access_secret_version
|
1496
1522
|
@access_secret_version = ::Gapic::Config::Method.new access_secret_version_config
|
1497
|
-
disable_secret_version_config = parent_rpcs
|
1523
|
+
disable_secret_version_config = parent_rpcs.disable_secret_version if parent_rpcs.respond_to? :disable_secret_version
|
1498
1524
|
@disable_secret_version = ::Gapic::Config::Method.new disable_secret_version_config
|
1499
|
-
enable_secret_version_config = parent_rpcs
|
1525
|
+
enable_secret_version_config = parent_rpcs.enable_secret_version if parent_rpcs.respond_to? :enable_secret_version
|
1500
1526
|
@enable_secret_version = ::Gapic::Config::Method.new enable_secret_version_config
|
1501
|
-
destroy_secret_version_config = parent_rpcs
|
1527
|
+
destroy_secret_version_config = parent_rpcs.destroy_secret_version if parent_rpcs.respond_to? :destroy_secret_version
|
1502
1528
|
@destroy_secret_version = ::Gapic::Config::Method.new destroy_secret_version_config
|
1503
|
-
set_iam_policy_config = parent_rpcs
|
1529
|
+
set_iam_policy_config = parent_rpcs.set_iam_policy if parent_rpcs.respond_to? :set_iam_policy
|
1504
1530
|
@set_iam_policy = ::Gapic::Config::Method.new set_iam_policy_config
|
1505
|
-
get_iam_policy_config = parent_rpcs
|
1531
|
+
get_iam_policy_config = parent_rpcs.get_iam_policy if parent_rpcs.respond_to? :get_iam_policy
|
1506
1532
|
@get_iam_policy = ::Gapic::Config::Method.new get_iam_policy_config
|
1507
|
-
test_iam_permissions_config = parent_rpcs
|
1533
|
+
test_iam_permissions_config = parent_rpcs.test_iam_permissions if parent_rpcs.respond_to? :test_iam_permissions
|
1508
1534
|
@test_iam_permissions = ::Gapic::Config::Method.new test_iam_permissions_config
|
1509
1535
|
|
1510
1536
|
yield self if block_given?
|
@@ -74,6 +74,23 @@ module Google
|
|
74
74
|
"projects/#{project}/secrets/#{secret}/versions/#{secret_version}"
|
75
75
|
end
|
76
76
|
|
77
|
+
##
|
78
|
+
# Create a fully-qualified Topic resource string.
|
79
|
+
#
|
80
|
+
# The resource will be in the following format:
|
81
|
+
#
|
82
|
+
# `projects/{project}/topics/{topic}`
|
83
|
+
#
|
84
|
+
# @param project [String]
|
85
|
+
# @param topic [String]
|
86
|
+
#
|
87
|
+
# @return [::String]
|
88
|
+
def topic_path project:, topic:
|
89
|
+
raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
|
90
|
+
|
91
|
+
"projects/#{project}/topics/#{topic}"
|
92
|
+
end
|
93
|
+
|
77
94
|
extend self
|
78
95
|
end
|
79
96
|
end
|
@@ -5,6 +5,7 @@ require 'google/protobuf'
|
|
5
5
|
|
6
6
|
require 'google/api/field_behavior_pb'
|
7
7
|
require 'google/api/resource_pb'
|
8
|
+
require 'google/protobuf/duration_pb'
|
8
9
|
require 'google/protobuf/timestamp_pb'
|
9
10
|
require 'google/api/annotations_pb'
|
10
11
|
Google::Protobuf::DescriptorPool.generated_pool.build do
|
@@ -14,6 +15,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
14
15
|
optional :replication, :message, 2, "google.cloud.secretmanager.v1.Replication"
|
15
16
|
optional :create_time, :message, 3, "google.protobuf.Timestamp"
|
16
17
|
map :labels, :string, :string, 4
|
18
|
+
repeated :topics, :message, 5, "google.cloud.secretmanager.v1.Topic"
|
19
|
+
optional :etag, :string, 8
|
20
|
+
optional :rotation, :message, 9, "google.cloud.secretmanager.v1.Rotation"
|
21
|
+
oneof :expiration do
|
22
|
+
optional :expire_time, :message, 6, "google.protobuf.Timestamp"
|
23
|
+
optional :ttl, :message, 7, "google.protobuf.Duration"
|
24
|
+
end
|
17
25
|
end
|
18
26
|
add_message "google.cloud.secretmanager.v1.SecretVersion" do
|
19
27
|
optional :name, :string, 1
|
@@ -21,6 +29,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
21
29
|
optional :destroy_time, :message, 3, "google.protobuf.Timestamp"
|
22
30
|
optional :state, :enum, 4, "google.cloud.secretmanager.v1.SecretVersion.State"
|
23
31
|
optional :replication_status, :message, 5, "google.cloud.secretmanager.v1.ReplicationStatus"
|
32
|
+
optional :etag, :string, 6
|
24
33
|
end
|
25
34
|
add_enum "google.cloud.secretmanager.v1.SecretVersion.State" do
|
26
35
|
value :STATE_UNSPECIFIED, 0
|
@@ -66,6 +75,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
66
75
|
add_message "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus" do
|
67
76
|
optional :kms_key_version_name, :string, 1
|
68
77
|
end
|
78
|
+
add_message "google.cloud.secretmanager.v1.Topic" do
|
79
|
+
optional :name, :string, 1
|
80
|
+
end
|
81
|
+
add_message "google.cloud.secretmanager.v1.Rotation" do
|
82
|
+
optional :next_rotation_time, :message, 1, "google.protobuf.Timestamp"
|
83
|
+
optional :rotation_period, :message, 2, "google.protobuf.Duration"
|
84
|
+
end
|
69
85
|
add_message "google.cloud.secretmanager.v1.SecretPayload" do
|
70
86
|
optional :data, :bytes, 1
|
71
87
|
end
|
@@ -89,6 +105,8 @@ module Google
|
|
89
105
|
ReplicationStatus::UserManagedStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus").msgclass
|
90
106
|
ReplicationStatus::UserManagedStatus::ReplicaStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus").msgclass
|
91
107
|
CustomerManagedEncryptionStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus").msgclass
|
108
|
+
Topic = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Topic").msgclass
|
109
|
+
Rotation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Rotation").msgclass
|
92
110
|
SecretPayload = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.SecretPayload").msgclass
|
93
111
|
end
|
94
112
|
end
|
@@ -62,15 +62,19 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
|
|
62
62
|
end
|
63
63
|
add_message "google.cloud.secretmanager.v1.DeleteSecretRequest" do
|
64
64
|
optional :name, :string, 1
|
65
|
+
optional :etag, :string, 2
|
65
66
|
end
|
66
67
|
add_message "google.cloud.secretmanager.v1.DisableSecretVersionRequest" do
|
67
68
|
optional :name, :string, 1
|
69
|
+
optional :etag, :string, 2
|
68
70
|
end
|
69
71
|
add_message "google.cloud.secretmanager.v1.EnableSecretVersionRequest" do
|
70
72
|
optional :name, :string, 1
|
73
|
+
optional :etag, :string, 2
|
71
74
|
end
|
72
75
|
add_message "google.cloud.secretmanager.v1.DestroySecretVersionRequest" do
|
73
76
|
optional :name, :string, 1
|
77
|
+
optional :etag, :string, 2
|
74
78
|
end
|
75
79
|
end
|
76
80
|
end
|
@@ -33,7 +33,7 @@ module Google
|
|
33
33
|
# * [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]
|
34
34
|
class Service
|
35
35
|
|
36
|
-
include GRPC::GenericService
|
36
|
+
include ::GRPC::GenericService
|
37
37
|
|
38
38
|
self.marshal_class_method = :encode
|
39
39
|
self.unmarshal_class_method = :decode
|
@@ -57,13 +57,13 @@ module Google
|
|
57
57
|
rpc :ListSecretVersions, ::Google::Cloud::SecretManager::V1::ListSecretVersionsRequest, ::Google::Cloud::SecretManager::V1::ListSecretVersionsResponse
|
58
58
|
# Gets metadata for a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
59
59
|
#
|
60
|
-
# `projects/*/secrets/*/versions/latest` is an alias to the
|
61
|
-
# [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
60
|
+
# `projects/*/secrets/*/versions/latest` is an alias to the most recently
|
61
|
+
# created [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
62
62
|
rpc :GetSecretVersion, ::Google::Cloud::SecretManager::V1::GetSecretVersionRequest, ::Google::Cloud::SecretManager::V1::SecretVersion
|
63
63
|
# Accesses a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. This call returns the secret data.
|
64
64
|
#
|
65
|
-
# `projects/*/secrets/*/versions/latest` is an alias to the
|
66
|
-
# [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
65
|
+
# `projects/*/secrets/*/versions/latest` is an alias to the most recently
|
66
|
+
# created [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
67
67
|
rpc :AccessSecretVersion, ::Google::Cloud::SecretManager::V1::AccessSecretVersionRequest, ::Google::Cloud::SecretManager::V1::AccessSecretVersionResponse
|
68
68
|
# Disables a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
|
69
69
|
#
|
@@ -54,6 +54,12 @@ module Google
|
|
54
54
|
# This indicates that the field may be set once in a request to create a
|
55
55
|
# resource, but may not be changed thereafter.
|
56
56
|
IMMUTABLE = 5
|
57
|
+
|
58
|
+
# Denotes that a (repeated) field is an unordered list.
|
59
|
+
# This indicates that the service may provide the elements of the list
|
60
|
+
# in any arbitrary order, rather than the order the user originally
|
61
|
+
# provided. Additionally, the list's order may or may not be stable.
|
62
|
+
UNORDERED_LIST = 6
|
57
63
|
end
|
58
64
|
end
|
59
65
|
end
|
@@ -50,6 +50,24 @@ module Google
|
|
50
50
|
# regular expression: `[\p{Ll}\p{Lo}\p{N}_-]{0,63}`
|
51
51
|
#
|
52
52
|
# No more than 64 labels can be assigned to a given resource.
|
53
|
+
# @!attribute [rw] topics
|
54
|
+
# @return [::Array<::Google::Cloud::SecretManager::V1::Topic>]
|
55
|
+
# Optional. A list of up to 10 Pub/Sub topics to which messages are published when
|
56
|
+
# control plane operations are called on the secret or its versions.
|
57
|
+
# @!attribute [rw] expire_time
|
58
|
+
# @return [::Google::Protobuf::Timestamp]
|
59
|
+
# Optional. Timestamp in UTC when the {::Google::Cloud::SecretManager::V1::Secret Secret} is scheduled to expire. This is
|
60
|
+
# always provided on output, regardless of what was sent on input.
|
61
|
+
# @!attribute [rw] ttl
|
62
|
+
# @return [::Google::Protobuf::Duration]
|
63
|
+
# Input only. The TTL for the {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
64
|
+
# @!attribute [rw] etag
|
65
|
+
# @return [::String]
|
66
|
+
# Optional. Etag of the currently stored {::Google::Cloud::SecretManager::V1::Secret Secret}.
|
67
|
+
# @!attribute [rw] rotation
|
68
|
+
# @return [::Google::Cloud::SecretManager::V1::Rotation]
|
69
|
+
# Optional. Rotation policy attached to the {::Google::Cloud::SecretManager::V1::Secret Secret}. May be excluded if there is no
|
70
|
+
# rotation policy.
|
53
71
|
class Secret
|
54
72
|
include ::Google::Protobuf::MessageExts
|
55
73
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -86,6 +104,9 @@ module Google
|
|
86
104
|
# @!attribute [rw] replication_status
|
87
105
|
# @return [::Google::Cloud::SecretManager::V1::ReplicationStatus]
|
88
106
|
# The replication status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
107
|
+
# @!attribute [r] etag
|
108
|
+
# @return [::String]
|
109
|
+
# Output only. Etag of the currently stored {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
89
110
|
class SecretVersion
|
90
111
|
include ::Google::Protobuf::MessageExts
|
91
112
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -258,6 +279,41 @@ module Google
|
|
258
279
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
259
280
|
end
|
260
281
|
|
282
|
+
# A Pub/Sub topic which Secret Manager will publish to when control plane
|
283
|
+
# events occur on this secret.
|
284
|
+
# @!attribute [rw] name
|
285
|
+
# @return [::String]
|
286
|
+
# Required. The resource name of the Pub/Sub topic that will be published to, in the
|
287
|
+
# following format: `projects/*/topics/*`. For publication to succeed, the
|
288
|
+
# Secret Manager P4SA must have `pubsub.publisher` permissions on the topic.
|
289
|
+
class Topic
|
290
|
+
include ::Google::Protobuf::MessageExts
|
291
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
292
|
+
end
|
293
|
+
|
294
|
+
# The rotation time and period for a {::Google::Cloud::SecretManager::V1::Secret Secret}. At next_rotation_time, Secret
|
295
|
+
# Manager will send a Pub/Sub notification to the topics configured on the
|
296
|
+
# Secret. {::Google::Cloud::SecretManager::V1::Secret#topics Secret.topics} must be set to configure rotation.
|
297
|
+
# @!attribute [rw] next_rotation_time
|
298
|
+
# @return [::Google::Protobuf::Timestamp]
|
299
|
+
# Optional. Timestamp in UTC at which the {::Google::Cloud::SecretManager::V1::Secret Secret} is scheduled to rotate. Cannot be
|
300
|
+
# set to less than 300s (5 min) in the future and at most 3153600000s (100
|
301
|
+
# years).
|
302
|
+
#
|
303
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time} MUST be set if {::Google::Cloud::SecretManager::V1::Rotation#rotation_period rotation_period} is set.
|
304
|
+
# @!attribute [rw] rotation_period
|
305
|
+
# @return [::Google::Protobuf::Duration]
|
306
|
+
# Input only. The Duration between rotation notifications. Must be in seconds
|
307
|
+
# and at least 3600s (1h) and at most 3153600000s (100 years).
|
308
|
+
#
|
309
|
+
# If {::Google::Cloud::SecretManager::V1::Rotation#rotation_period rotation_period} is set, {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time} must be set.
|
310
|
+
# {::Google::Cloud::SecretManager::V1::Rotation#next_rotation_time next_rotation_time} will be advanced by this period when the service
|
311
|
+
# automatically sends rotation notifications.
|
312
|
+
class Rotation
|
313
|
+
include ::Google::Protobuf::MessageExts
|
314
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
315
|
+
end
|
316
|
+
|
261
317
|
# A secret payload resource in the Secret Manager API. This contains the
|
262
318
|
# sensitive secret payload that is associated with a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
263
319
|
# @!attribute [rw] data
|
@@ -141,8 +141,9 @@ module Google
|
|
141
141
|
# @return [::String]
|
142
142
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} in the format
|
143
143
|
# `projects/*/secrets/*/versions/*`.
|
144
|
-
#
|
145
|
-
#
|
144
|
+
#
|
145
|
+
# `projects/*/secrets/*/versions/latest` is an alias to the most recently
|
146
|
+
# created {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
146
147
|
class GetSecretVersionRequest
|
147
148
|
include ::Google::Protobuf::MessageExts
|
148
149
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -165,6 +166,9 @@ module Google
|
|
165
166
|
# @return [::String]
|
166
167
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} in the format
|
167
168
|
# `projects/*/secrets/*/versions/*`.
|
169
|
+
#
|
170
|
+
# `projects/*/secrets/*/versions/latest` is an alias to the most recently
|
171
|
+
# created {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
|
168
172
|
class AccessSecretVersionRequest
|
169
173
|
include ::Google::Protobuf::MessageExts
|
170
174
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -188,6 +192,11 @@ module Google
|
|
188
192
|
# @return [::String]
|
189
193
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::Secret Secret} to delete in the format
|
190
194
|
# `projects/*/secrets/*`.
|
195
|
+
# @!attribute [rw] etag
|
196
|
+
# @return [::String]
|
197
|
+
# Optional. Etag of the {::Google::Cloud::SecretManager::V1::Secret Secret}. The request succeeds if it matches
|
198
|
+
# the etag of the currently stored secret object. If the etag is omitted,
|
199
|
+
# the request succeeds.
|
191
200
|
class DeleteSecretRequest
|
192
201
|
include ::Google::Protobuf::MessageExts
|
193
202
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -198,6 +207,11 @@ module Google
|
|
198
207
|
# @return [::String]
|
199
208
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} to disable in the format
|
200
209
|
# `projects/*/secrets/*/versions/*`.
|
210
|
+
# @!attribute [rw] etag
|
211
|
+
# @return [::String]
|
212
|
+
# Optional. Etag of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. The request succeeds if it matches
|
213
|
+
# the etag of the currently stored secret version object. If the etag is
|
214
|
+
# omitted, the request succeeds.
|
201
215
|
class DisableSecretVersionRequest
|
202
216
|
include ::Google::Protobuf::MessageExts
|
203
217
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -208,6 +222,11 @@ module Google
|
|
208
222
|
# @return [::String]
|
209
223
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} to enable in the format
|
210
224
|
# `projects/*/secrets/*/versions/*`.
|
225
|
+
# @!attribute [rw] etag
|
226
|
+
# @return [::String]
|
227
|
+
# Optional. Etag of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. The request succeeds if it matches
|
228
|
+
# the etag of the currently stored secret version object. If the etag is
|
229
|
+
# omitted, the request succeeds.
|
211
230
|
class EnableSecretVersionRequest
|
212
231
|
include ::Google::Protobuf::MessageExts
|
213
232
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -218,6 +237,11 @@ module Google
|
|
218
237
|
# @return [::String]
|
219
238
|
# Required. The resource name of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} to destroy in the format
|
220
239
|
# `projects/*/secrets/*/versions/*`.
|
240
|
+
# @!attribute [rw] etag
|
241
|
+
# @return [::String]
|
242
|
+
# Optional. Etag of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. The request succeeds if it matches
|
243
|
+
# the etag of the currently stored secret version object. If the etag is
|
244
|
+
# omitted, the request succeeds.
|
221
245
|
class DestroySecretVersionRequest
|
222
246
|
include ::Google::Protobuf::MessageExts
|
223
247
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|