google-cloud-secret_manager-v1 0.4.5 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 40de2917c42610752af83241b3e6caf8aaea2d96f556760ec1c3bc1f228e4a38
-  data.tar.gz: f1bc93b7f2c698f63a6743cdc31d6499ed3e02e205c058ca4e1ff31ffbd6c9c8
+  metadata.gz: 60f66ce89caf973101116d6d957c9b4ba970b5330b1f8861031e8003c5c7a165
+  data.tar.gz: dd5055b0d36e650f2b725081fbda8db240da05986d388a2b202634cd0441dc97
 SHA512:
-  metadata.gz: 954e42a69775775b57edf61b86a5741f56d4af532433507b1d3e9c722c6ac918e3315fe4537d546f9eb2ec8c716f69f780c24935794bd9f3f166cc13949cb27d
-  data.tar.gz: 5b78fe9f987f30daf90fc9a04ff82d4cb1b220701a029c56f0d5c7461e53caa0f758703b4126bb501464bda51e53d4ce9d34474fba1b7700b419a2f8190625b2
+  metadata.gz: d1cc3dff17faab412f0fe300f5f3226045cf00f965ef0ed3073d052a372a71f62b999bc8b3ee2ae67dfc82a699dda3a411d4a69c6016cf0b8d783a3490a5ca34
+  data.tar.gz: 7ea0ce88abfc1b4423d27723d48857610a245a393b8f5a083664f5bbf6465d112cdbe3ac1986279aac74406c76c0bee05c5a872626c51b94270c996cf021a4a2

data/lib/google/cloud/secret_manager/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module SecretManager
       module V1
-        VERSION = "0.4.5"
+        VERSION = "0.5.0"
       end
     end
   end

data/lib/google/cloud/secretmanager/v1/resources_pb.rb

@@ -20,6 +20,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :create_time, :message, 2, "google.protobuf.Timestamp"
       optional :destroy_time, :message, 3, "google.protobuf.Timestamp"
       optional :state, :enum, 4, "google.cloud.secretmanager.v1.SecretVersion.State"
+      optional :replication_status, :message, 5, "google.cloud.secretmanager.v1.ReplicationStatus"
     end
     add_enum "google.cloud.secretmanager.v1.SecretVersion.State" do
       value :STATE_UNSPECIFIED, 0
@@ -34,12 +35,36 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       end
     end
     add_message "google.cloud.secretmanager.v1.Replication.Automatic" do
+      optional :customer_managed_encryption, :message, 1, "google.cloud.secretmanager.v1.CustomerManagedEncryption"
     end
     add_message "google.cloud.secretmanager.v1.Replication.UserManaged" do
       repeated :replicas, :message, 1, "google.cloud.secretmanager.v1.Replication.UserManaged.Replica"
     end
     add_message "google.cloud.secretmanager.v1.Replication.UserManaged.Replica" do
       optional :location, :string, 1
+      optional :customer_managed_encryption, :message, 2, "google.cloud.secretmanager.v1.CustomerManagedEncryption"
+    end
+    add_message "google.cloud.secretmanager.v1.CustomerManagedEncryption" do
+      optional :kms_key_name, :string, 1
+    end
+    add_message "google.cloud.secretmanager.v1.ReplicationStatus" do
+      oneof :replication_status do
+        optional :automatic, :message, 1, "google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus"
+        optional :user_managed, :message, 2, "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus"
+      end
+    end
+    add_message "google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus" do
+      optional :customer_managed_encryption, :message, 1, "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus"
+    end
+    add_message "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus" do
+      repeated :replicas, :message, 1, "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus"
+    end
+    add_message "google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus" do
+      optional :location, :string, 1
+      optional :customer_managed_encryption, :message, 2, "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus"
+    end
+    add_message "google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus" do
+      optional :kms_key_version_name, :string, 1
     end
     add_message "google.cloud.secretmanager.v1.SecretPayload" do
       optional :data, :bytes, 1
@@ -58,6 +83,12 @@ module Google
         Replication::Automatic = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.Automatic").msgclass
         Replication::UserManaged = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.UserManaged").msgclass
         Replication::UserManaged::Replica = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.Replication.UserManaged.Replica").msgclass
+        CustomerManagedEncryption = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.CustomerManagedEncryption").msgclass
+        ReplicationStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus").msgclass
+        ReplicationStatus::AutomaticStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.AutomaticStatus").msgclass
+        ReplicationStatus::UserManagedStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus").msgclass
+        ReplicationStatus::UserManagedStatus::ReplicaStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.ReplicationStatus.UserManagedStatus.ReplicaStatus").msgclass
+        CustomerManagedEncryptionStatus = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.CustomerManagedEncryptionStatus").msgclass
         SecretPayload = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.secretmanager.v1.SecretPayload").msgclass
       end
     end

data/lib/google/cloud/secretmanager/v1/service_services_pb.rb

@@ -24,9 +24,6 @@ module Google
     module SecretManager
       module V1
         module SecretManagerService
-          # `projects/*/secrets/*/versions/latest` is an alias to the `latest`
-          # [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
-          #
           # Secret Manager Service
           #
           # Manages secrets and operations using those secrets. Implements a REST

data/proto_docs/google/cloud/secretmanager/v1/resources.rb

@@ -83,6 +83,9 @@ module Google
         # @!attribute [r] state
         #   @return [::Google::Cloud::SecretManager::V1::SecretVersion::State]
         #     Output only. The current state of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
+        # @!attribute [rw] replication_status
+        #   @return [::Google::Cloud::SecretManager::V1::ReplicationStatus]
+        #     The replication status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
         class SecretVersion
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -106,7 +109,7 @@ module Google
           end
         end
 
-        # A policy that defines the replication configuration of data.
+        # A policy that defines the replication and encryption configuration of data.
         # @!attribute [rw] automatic
         #   @return [::Google::Cloud::SecretManager::V1::Replication::Automatic]
         #     The {::Google::Cloud::SecretManager::V1::Secret Secret} will automatically be replicated without any restrictions.
@@ -119,6 +122,14 @@ module Google
 
           # A replication policy that replicates the {::Google::Cloud::SecretManager::V1::Secret Secret} payload without any
           # restrictions.
+          # @!attribute [rw] customer_managed_encryption
+          #   @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
+          #     Optional. The customer-managed encryption configuration of the {::Google::Cloud::SecretManager::V1::Secret Secret}. If no
+          #     configuration is provided, Google-managed default encryption is used.
+          #
+          #     Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption configuration only apply to
+          #     {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added afterwards. They do not apply
+          #     retroactively to existing {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
           class Automatic
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -140,6 +151,15 @@ module Google
             #   @return [::String]
             #     The canonical IDs of the location to replicate data.
             #     For example: `"us-east1"`.
+            # @!attribute [rw] customer_managed_encryption
+            #   @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryption]
+            #     Optional. The customer-managed encryption configuration of the [User-Managed
+            #     Replica][Replication.UserManaged.Replica]. If no configuration is
+            #     provided, Google-managed default encryption is used.
+            #
+            #     Updates to the {::Google::Cloud::SecretManager::V1::Secret Secret} encryption configuration only apply to
+            #     {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions} added afterwards. They do not apply
+            #     retroactively to existing {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersions}.
             class Replica
               include ::Google::Protobuf::MessageExts
               extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -147,6 +167,97 @@ module Google
           end
         end
 
+        # Configuration for encrypting secret payloads using customer-managed
+        # encryption keys (CMEK).
+        # @!attribute [rw] kms_key_name
+        #   @return [::String]
+        #     Required. The resource name of the Cloud KMS CryptoKey used to encrypt secret
+        #     payloads.
+        #
+        #     For secrets using the {::Google::Cloud::SecretManager::V1::Replication::UserManaged UserManaged} replication
+        #     policy type, Cloud KMS CryptoKeys must reside in the same location as the
+        #     [replica location][Secret.UserManaged.Replica.location].
+        #
+        #     For secrets using the {::Google::Cloud::SecretManager::V1::Replication::Automatic Automatic} replication policy
+        #     type, Cloud KMS CryptoKeys must reside in `global`.
+        #
+        #     The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
+        class CustomerManagedEncryption
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
+        # @!attribute [rw] automatic
+        #   @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::AutomaticStatus]
+        #     Describes the replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
+        #     automatic replication.
+        #
+        #     Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has an automatic replication
+        #     policy.
+        # @!attribute [rw] user_managed
+        #   @return [::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus]
+        #     Describes the replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} with
+        #     user-managed replication.
+        #
+        #     Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has a user-managed replication
+        #     policy.
+        class ReplicationStatus
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+
+          # The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using automatic replication.
+          #
+          # Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has an automatic replication
+          # policy.
+          # @!attribute [r] customer_managed_encryption
+          #   @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
+          #     Output only. The customer-managed encryption status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
+          #     populated if customer-managed encryption is used.
+          class AutomaticStatus
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+
+          # The replication status of a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion} using user-managed
+          # replication.
+          #
+          # Only populated if the parent {::Google::Cloud::SecretManager::V1::Secret Secret} has a user-managed replication
+          # policy.
+          # @!attribute [r] replicas
+          #   @return [::Array<::Google::Cloud::SecretManager::V1::ReplicationStatus::UserManagedStatus::ReplicaStatus>]
+          #     Output only. The list of replica statuses for the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
+          class UserManagedStatus
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+
+            # Describes the status of a user-managed replica for the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
+            # @!attribute [r] location
+            #   @return [::String]
+            #     Output only. The canonical ID of the replica location.
+            #     For example: `"us-east1"`.
+            # @!attribute [r] customer_managed_encryption
+            #   @return [::Google::Cloud::SecretManager::V1::CustomerManagedEncryptionStatus]
+            #     Output only. The customer-managed encryption status of the {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}. Only
+            #     populated if customer-managed encryption is used.
+            class ReplicaStatus
+              include ::Google::Protobuf::MessageExts
+              extend ::Google::Protobuf::MessageExts::ClassMethods
+            end
+          end
+        end
+
+        # Describes the status of customer-managed encryption.
+        # @!attribute [rw] kms_key_version_name
+        #   @return [::String]
+        #     Required. The resource name of the Cloud KMS CryptoKeyVersion used to encrypt the
+        #     secret payload, in the following format:
+        #     `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.
+        class CustomerManagedEncryptionStatus
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # A secret payload resource in the Secret Manager API. This contains the
         # sensitive secret payload that is associated with a {::Google::Cloud::SecretManager::V1::SecretVersion SecretVersion}.
         # @!attribute [rw] data

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-secret_manager-v1
 version: !ruby/object:Gem::Version
-  version: 0.4.5
+  version: 0.5.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-10 00:00:00.000000000 Z
+date: 2020-09-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common