Class SecretManagerServiceClient (2.20.0)

Secret Manager Service.

Manages secrets and operations using those secrets. Implements a REST model with the following objects:

Equality

Instances of this class created via copy-construction or copy-assignment always compare equal. Instances created with equal std::shared_ptr<*Connection> objects compare equal. Objects that compare equal share the same underlying resources.

Performance

Creating a new instance of this class is a relatively expensive operation, new objects establish new connections to the service. In contrast, copy-construction, move-construction, and the corresponding assignment operations are relatively efficient as the copies share all underlying resources.

Thread Safety

Concurrent access to different instances of this class, even if they compare equal, is guaranteed to work. Two or more threads operating on the same instance of this class is not guaranteed to work. Since copy-construction and move-construction is a relatively efficient operation, consider using such a copy when using this class from multiple threads.

Constructors

SecretManagerServiceClient(SecretManagerServiceClient const &)

Copy and move support

Parameter
Name Description
SecretManagerServiceClient const &

SecretManagerServiceClient(SecretManagerServiceClient &&)

Copy and move support

Parameter
Name Description
SecretManagerServiceClient &&

SecretManagerServiceClient(std::shared_ptr< SecretManagerServiceConnection >, Options)

Parameters
Name Description
connection std::shared_ptr< SecretManagerServiceConnection >
opts Options

Operators

operator=(SecretManagerServiceClient const &)

Copy and move support

Parameter
Name Description
SecretManagerServiceClient const &
Returns
Type Description
SecretManagerServiceClient &

operator=(SecretManagerServiceClient &&)

Copy and move support

Parameter
Name Description
SecretManagerServiceClient &&
Returns
Type Description
SecretManagerServiceClient &

Functions

ListSecrets(std::string const &, Options)

Lists Secrets.

Parameters
Name Description
parent std::string const &

Required. The resource name of the project associated with the Secrets, in the format projects/*.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StreamRange< google::cloud::secretmanager::v1::Secret >

a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has begin() and end() member functions returning a iterator class meeting the input iterator requirements. The value type for this iterator is a StatusOr as the iteration may fail even after some values are retrieved successfully, for example, if there is a network disconnect. An empty set of results does not indicate an error, it indicates that there are no resources meeting the request criteria. On a successful iteration the StatusOr<T> contains elements of type google.cloud.secretmanager.v1.Secret, or rather, the C++ class generated by Protobuf from that type. Please consult the Protobuf documentation for details on the Protobuf mapping rules.

ListSecrets(google::cloud::secretmanager::v1::ListSecretsRequest, Options)

Lists Secrets.

Parameters
Name Description
request google::cloud::secretmanager::v1::ListSecretsRequest

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.ListSecretsRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StreamRange< google::cloud::secretmanager::v1::Secret >

a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has begin() and end() member functions returning a iterator class meeting the input iterator requirements. The value type for this iterator is a StatusOr as the iteration may fail even after some values are retrieved successfully, for example, if there is a network disconnect. An empty set of results does not indicate an error, it indicates that there are no resources meeting the request criteria. On a successful iteration the StatusOr<T> contains elements of type google.cloud.secretmanager.v1.Secret, or rather, the C++ class generated by Protobuf from that type. Please consult the Protobuf documentation for details on the Protobuf mapping rules.

CreateSecret(std::string const &, std::string const &, google::cloud::secretmanager::v1::Secret const &, Options)

Creates a new Secret containing no SecretVersions.

Parameters
Name Description
parent std::string const &

Required. The resource name of the project to associate with the Secret, in the format projects/*.

secret_id std::string const &

Required. This must be unique within the project.
A secret ID is a string with a maximum length of 255 characters and can contain uppercase and lowercase letters, numerals, and the hyphen (-) and underscore (_) characters.

secret google::cloud::secretmanager::v1::Secret const &

Required. A Secret with initial field values.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::Secret >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.Secret) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

CreateSecret(google::cloud::secretmanager::v1::CreateSecretRequest const &, Options)

Creates a new Secret containing no SecretVersions.

Parameters
Name Description
request google::cloud::secretmanager::v1::CreateSecretRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.CreateSecretRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::Secret >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.Secret) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

AddSecretVersion(std::string const &, google::cloud::secretmanager::v1::SecretPayload const &, Options)

Creates a new SecretVersion containing secret data and attaches it to an existing Secret.

Parameters
Name Description
parent std::string const &

Required. The resource name of the Secret to associate with the SecretVersion in the format projects/*/secrets/*.

payload google::cloud::secretmanager::v1::SecretPayload const &

Required. The secret payload of the SecretVersion.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

AddSecretVersion(google::cloud::secretmanager::v1::AddSecretVersionRequest const &, Options)

Creates a new SecretVersion containing secret data and attaches it to an existing Secret.

Parameters
Name Description
request google::cloud::secretmanager::v1::AddSecretVersionRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.AddSecretVersionRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetSecret(std::string const &, Options)

Gets metadata for a given Secret.

Parameters
Name Description
name std::string const &

Required. The resource name of the Secret, in the format projects/*/secrets/*.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::Secret >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.Secret) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetSecret(google::cloud::secretmanager::v1::GetSecretRequest const &, Options)

Gets metadata for a given Secret.

Parameters
Name Description
request google::cloud::secretmanager::v1::GetSecretRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.GetSecretRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::Secret >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.Secret) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

UpdateSecret(google::cloud::secretmanager::v1::Secret const &, google::protobuf::FieldMask const &, Options)

Updates metadata of an existing Secret.

Parameters
Name Description
secret google::cloud::secretmanager::v1::Secret const &

Required. Secret with updated field values.

update_mask google::protobuf::FieldMask const &

Required. Specifies the fields to be updated.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::Secret >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.Secret) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

UpdateSecret(google::cloud::secretmanager::v1::UpdateSecretRequest const &, Options)

Updates metadata of an existing Secret.

Parameters
Name Description
request google::cloud::secretmanager::v1::UpdateSecretRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.UpdateSecretRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::Secret >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.Secret) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

DeleteSecret(std::string const &, Options)

Deletes a Secret.

Parameters
Name Description
name std::string const &

Required. The resource name of the Secret to delete in the format projects/*/secrets/*.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
Status

a Status object. If the request failed, the status contains the details of the failure.

DeleteSecret(google::cloud::secretmanager::v1::DeleteSecretRequest const &, Options)

Deletes a Secret.

Parameters
Name Description
request google::cloud::secretmanager::v1::DeleteSecretRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.DeleteSecretRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
Status

a Status object. If the request failed, the status contains the details of the failure.

ListSecretVersions(std::string const &, Options)

This call does not return secret data.

Parameters
Name Description
parent std::string const &

Required. The resource name of the Secret associated with the SecretVersions to list, in the format projects/*/secrets/*.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StreamRange< google::cloud::secretmanager::v1::SecretVersion >

a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has begin() and end() member functions returning a iterator class meeting the input iterator requirements. The value type for this iterator is a StatusOr as the iteration may fail even after some values are retrieved successfully, for example, if there is a network disconnect. An empty set of results does not indicate an error, it indicates that there are no resources meeting the request criteria. On a successful iteration the StatusOr<T> contains elements of type google.cloud.secretmanager.v1.SecretVersion, or rather, the C++ class generated by Protobuf from that type. Please consult the Protobuf documentation for details on the Protobuf mapping rules.

ListSecretVersions(google::cloud::secretmanager::v1::ListSecretVersionsRequest, Options)

This call does not return secret data.

Parameters
Name Description
request google::cloud::secretmanager::v1::ListSecretVersionsRequest

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.ListSecretVersionsRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StreamRange< google::cloud::secretmanager::v1::SecretVersion >

a StreamRange to iterate of the results. See the documentation of this type for details. In brief, this class has begin() and end() member functions returning a iterator class meeting the input iterator requirements. The value type for this iterator is a StatusOr as the iteration may fail even after some values are retrieved successfully, for example, if there is a network disconnect. An empty set of results does not indicate an error, it indicates that there are no resources meeting the request criteria. On a successful iteration the StatusOr<T> contains elements of type google.cloud.secretmanager.v1.SecretVersion, or rather, the C++ class generated by Protobuf from that type. Please consult the Protobuf documentation for details on the Protobuf mapping rules.

GetSecretVersion(std::string const &, Options)

Gets metadata for a SecretVersion.

projects/*/secrets/*/versions/latest is an alias to the most recently created SecretVersion.

Parameters
Name Description
name std::string const &

Required. The resource name of the SecretVersion in the format projects/*/secrets/*/versions/*.
projects/*/secrets/*/versions/latest is an alias to the most recently created SecretVersion.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetSecretVersion(google::cloud::secretmanager::v1::GetSecretVersionRequest const &, Options)

Gets metadata for a SecretVersion.

projects/*/secrets/*/versions/latest is an alias to the most recently created SecretVersion.

Parameters
Name Description
request google::cloud::secretmanager::v1::GetSecretVersionRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.GetSecretVersionRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

AccessSecretVersion(std::string const &, Options)

Accesses a SecretVersion.

This call returns the secret data.

projects/*/secrets/*/versions/latest is an alias to the most recently created SecretVersion.

Parameters
Name Description
name std::string const &

Required. The resource name of the SecretVersion in the format projects/*/secrets/*/versions/*.
projects/*/secrets/*/versions/latest is an alias to the most recently created SecretVersion.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::AccessSecretVersionResponse >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.AccessSecretVersionResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

AccessSecretVersion(google::cloud::secretmanager::v1::AccessSecretVersionRequest const &, Options)

Accesses a SecretVersion.

This call returns the secret data.

projects/*/secrets/*/versions/latest is an alias to the most recently created SecretVersion.

Parameters
Name Description
request google::cloud::secretmanager::v1::AccessSecretVersionRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.AccessSecretVersionRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::AccessSecretVersionResponse >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.AccessSecretVersionResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

DisableSecretVersion(std::string const &, Options)

Disables a SecretVersion.

Sets the state of the SecretVersion to DISABLED.

Parameters
Name Description
name std::string const &

Required. The resource name of the SecretVersion to disable in the format projects/*/secrets/*/versions/*.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

DisableSecretVersion(google::cloud::secretmanager::v1::DisableSecretVersionRequest const &, Options)

Disables a SecretVersion.

Sets the state of the SecretVersion to DISABLED.

Parameters
Name Description
request google::cloud::secretmanager::v1::DisableSecretVersionRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.DisableSecretVersionRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

EnableSecretVersion(std::string const &, Options)

Enables a SecretVersion.

Sets the state of the SecretVersion to ENABLED.

Parameters
Name Description
name std::string const &

Required. The resource name of the SecretVersion to enable in the format projects/*/secrets/*/versions/*.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

EnableSecretVersion(google::cloud::secretmanager::v1::EnableSecretVersionRequest const &, Options)

Enables a SecretVersion.

Sets the state of the SecretVersion to ENABLED.

Parameters
Name Description
request google::cloud::secretmanager::v1::EnableSecretVersionRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.EnableSecretVersionRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

DestroySecretVersion(std::string const &, Options)

Destroys a SecretVersion.

Sets the state of the SecretVersion to DESTROYED and irrevocably destroys the secret data.

Parameters
Name Description
name std::string const &

Required. The resource name of the SecretVersion to destroy in the format projects/*/secrets/*/versions/*.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

DestroySecretVersion(google::cloud::secretmanager::v1::DestroySecretVersionRequest const &, Options)

Destroys a SecretVersion.

Sets the state of the SecretVersion to DESTROYED and irrevocably destroys the secret data.

Parameters
Name Description
request google::cloud::secretmanager::v1::DestroySecretVersionRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.secretmanager.v1.DestroySecretVersionRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::cloud::secretmanager::v1::SecretVersion >

the result of the RPC. The response message type (google.cloud.secretmanager.v1.SecretVersion) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

SetIamPolicy(google::iam::v1::SetIamPolicyRequest const &, Options)

Sets the access control policy on the specified secret.

Replaces any existing policy.

Permissions on SecretVersions are enforced according to the policy set on the associated Secret.

Parameters
Name Description
request google::iam::v1::SetIamPolicyRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v1.SetIamPolicyRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::Policy >

the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

GetIamPolicy(google::iam::v1::GetIamPolicyRequest const &, Options)

Gets the access control policy for a secret.

Returns empty policy if the secret exists and does not have a policy set.

Parameters
Name Description
request google::iam::v1::GetIamPolicyRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v1.GetIamPolicyRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::Policy >

the result of the RPC. The response message type (google.iam.v1.Policy) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.

TestIamPermissions(google::iam::v1::TestIamPermissionsRequest const &, Options)

Returns permissions that a caller has for the specified secret.

If the secret does not exist, this call returns an empty set of permissions, not a NOT_FOUND error.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

Parameters
Name Description
request google::iam::v1::TestIamPermissionsRequest const &

Unary RPCs, such as the one wrapped by this function, receive a single request proto message which includes all the inputs for the RPC. In this case, the proto message is a google.iam.v1.TestIamPermissionsRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.

opts Options

Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type Description
StatusOr< google::iam::v1::TestIamPermissionsResponse >

the result of the RPC. The response message type (google.iam.v1.TestIamPermissionsResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the StatusOr contains the error details.