Variables
SecretVersion_State_name, SecretVersion_State_value
var (
SecretVersion_State_name = map[int32]string{
0: "STATE_UNSPECIFIED",
1: "ENABLED",
2: "DISABLED",
3: "DESTROYED",
}
SecretVersion_State_value = map[string]int32{
"STATE_UNSPECIFIED": 0,
"ENABLED": 1,
"DISABLED": 2,
"DESTROYED": 3,
}
)Enum value maps for SecretVersion_State.
File_google_cloud_secretmanager_v1_resources_proto
var File_google_cloud_secretmanager_v1_resources_proto protoreflect.FileDescriptorFile_google_cloud_secretmanager_v1_service_proto
var File_google_cloud_secretmanager_v1_service_proto protoreflect.FileDescriptorFunctions
func RegisterSecretManagerServiceServer
func RegisterSecretManagerServiceServer(s *grpc.Server, srv SecretManagerServiceServer)AccessSecretVersionRequest
type AccessSecretVersionRequest struct {
// Required. The resource name of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] in the format
// `projects/*/secrets/*/versions/*`.
//
// `projects/*/secrets/*/versions/latest` is an alias to the most recently
// created [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion].
func (*AccessSecretVersionRequest) Descriptor
func (*AccessSecretVersionRequest) Descriptor() ([]byte, []int)Deprecated: Use AccessSecretVersionRequest.ProtoReflect.Descriptor instead.
func (*AccessSecretVersionRequest) GetName
func (x *AccessSecretVersionRequest) GetName() stringfunc (*AccessSecretVersionRequest) ProtoMessage
func (*AccessSecretVersionRequest) ProtoMessage()func (*AccessSecretVersionRequest) ProtoReflect
func (x *AccessSecretVersionRequest) ProtoReflect() protoreflect.Messagefunc (*AccessSecretVersionRequest) Reset
func (x *AccessSecretVersionRequest) Reset()func (*AccessSecretVersionRequest) String
func (x *AccessSecretVersionRequest) String() stringAccessSecretVersionResponse
type AccessSecretVersionResponse struct {
// The resource name of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] in the format
// `projects/*/secrets/*/versions/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Secret payload
Payload *SecretPayload `protobuf:"bytes,2,opt,name=payload,proto3" json:"payload,omitempty"`
// contains filtered or unexported fields
}Response message for [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion].
func (*AccessSecretVersionResponse) Descriptor
func (*AccessSecretVersionResponse) Descriptor() ([]byte, []int)Deprecated: Use AccessSecretVersionResponse.ProtoReflect.Descriptor instead.
func (*AccessSecretVersionResponse) GetName
func (x *AccessSecretVersionResponse) GetName() stringfunc (*AccessSecretVersionResponse) GetPayload
func (x *AccessSecretVersionResponse) GetPayload() *SecretPayloadfunc (*AccessSecretVersionResponse) ProtoMessage
func (*AccessSecretVersionResponse) ProtoMessage()func (*AccessSecretVersionResponse) ProtoReflect
func (x *AccessSecretVersionResponse) ProtoReflect() protoreflect.Messagefunc (*AccessSecretVersionResponse) Reset
func (x *AccessSecretVersionResponse) Reset()func (*AccessSecretVersionResponse) String
func (x *AccessSecretVersionResponse) String() stringAddSecretVersionRequest
type AddSecretVersionRequest struct {
// Required. The resource name of the [Secret][google.cloud.secretmanager.v1.Secret] to associate with the
// [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] in the format `projects/*/secrets/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Required. The secret payload of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
Payload *SecretPayload `protobuf:"bytes,2,opt,name=payload,proto3" json:"payload,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion].
func (*AddSecretVersionRequest) Descriptor
func (*AddSecretVersionRequest) Descriptor() ([]byte, []int)Deprecated: Use AddSecretVersionRequest.ProtoReflect.Descriptor instead.
func (*AddSecretVersionRequest) GetParent
func (x *AddSecretVersionRequest) GetParent() stringfunc (*AddSecretVersionRequest) GetPayload
func (x *AddSecretVersionRequest) GetPayload() *SecretPayloadfunc (*AddSecretVersionRequest) ProtoMessage
func (*AddSecretVersionRequest) ProtoMessage()func (*AddSecretVersionRequest) ProtoReflect
func (x *AddSecretVersionRequest) ProtoReflect() protoreflect.Messagefunc (*AddSecretVersionRequest) Reset
func (x *AddSecretVersionRequest) Reset()func (*AddSecretVersionRequest) String
func (x *AddSecretVersionRequest) String() stringCreateSecretRequest
type CreateSecretRequest struct {
// Required. The resource name of the project to associate with the
// [Secret][google.cloud.secretmanager.v1.Secret], in the format `projects/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Required. This must be unique within the project.
//
// A secret ID is a string with a maximum length of 255 characters and can
// contain uppercase and lowercase letters, numerals, and the hyphen (`-`) and
// underscore (`_`) characters.
SecretId string `protobuf:"bytes,2,opt,name=secret_id,json=secretId,proto3" json:"secret_id,omitempty"`
// Required. A [Secret][google.cloud.secretmanager.v1.Secret] with initial field values.
Secret *Secret `protobuf:"bytes,3,opt,name=secret,proto3" json:"secret,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1.SecretManagerService.CreateSecret].
func (*CreateSecretRequest) Descriptor
func (*CreateSecretRequest) Descriptor() ([]byte, []int)Deprecated: Use CreateSecretRequest.ProtoReflect.Descriptor instead.
func (*CreateSecretRequest) GetParent
func (x *CreateSecretRequest) GetParent() stringfunc (*CreateSecretRequest) GetSecret
func (x *CreateSecretRequest) GetSecret() *Secretfunc (*CreateSecretRequest) GetSecretId
func (x *CreateSecretRequest) GetSecretId() stringfunc (*CreateSecretRequest) ProtoMessage
func (*CreateSecretRequest) ProtoMessage()func (*CreateSecretRequest) ProtoReflect
func (x *CreateSecretRequest) ProtoReflect() protoreflect.Messagefunc (*CreateSecretRequest) Reset
func (x *CreateSecretRequest) Reset()func (*CreateSecretRequest) String
func (x *CreateSecretRequest) String() stringCustomerManagedEncryption
type CustomerManagedEncryption struct {
// Required. The resource name of the Cloud KMS CryptoKey used to encrypt
// secret payloads.
//
// For secrets using the
// [UserManaged][google.cloud.secretmanager.v1.Replication.UserManaged]
// replication policy type, Cloud KMS CryptoKeys must reside in the same
// location as the [replica location][Secret.UserManaged.Replica.location].
//
// For secrets using the
// [Automatic][google.cloud.secretmanager.v1.Replication.Automatic]
// replication policy type, Cloud KMS CryptoKeys must reside in `global`.
//
// The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
KmsKeyName string `protobuf:"bytes,1,opt,name=kms_key_name,json=kmsKeyName,proto3" json:"kms_key_name,omitempty"`
// contains filtered or unexported fields
}Configuration for encrypting secret payloads using customer-managed encryption keys (CMEK).
func (*CustomerManagedEncryption) Descriptor
func (*CustomerManagedEncryption) Descriptor() ([]byte, []int)Deprecated: Use CustomerManagedEncryption.ProtoReflect.Descriptor instead.
func (*CustomerManagedEncryption) GetKmsKeyName
func (x *CustomerManagedEncryption) GetKmsKeyName() stringfunc (*CustomerManagedEncryption) ProtoMessage
func (*CustomerManagedEncryption) ProtoMessage()func (*CustomerManagedEncryption) ProtoReflect
func (x *CustomerManagedEncryption) ProtoReflect() protoreflect.Messagefunc (*CustomerManagedEncryption) Reset
func (x *CustomerManagedEncryption) Reset()func (*CustomerManagedEncryption) String
func (x *CustomerManagedEncryption) String() stringCustomerManagedEncryptionStatus
type CustomerManagedEncryptionStatus struct {
// Required. The resource name of the Cloud KMS CryptoKeyVersion used to
// encrypt the secret payload, in the following format:
// `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.
KmsKeyVersionName string `protobuf:"bytes,1,opt,name=kms_key_version_name,json=kmsKeyVersionName,proto3" json:"kms_key_version_name,omitempty"`
// contains filtered or unexported fields
}Describes the status of customer-managed encryption.
func (*CustomerManagedEncryptionStatus) Descriptor
func (*CustomerManagedEncryptionStatus) Descriptor() ([]byte, []int)Deprecated: Use CustomerManagedEncryptionStatus.ProtoReflect.Descriptor instead.
func (*CustomerManagedEncryptionStatus) GetKmsKeyVersionName
func (x *CustomerManagedEncryptionStatus) GetKmsKeyVersionName() stringfunc (*CustomerManagedEncryptionStatus) ProtoMessage
func (*CustomerManagedEncryptionStatus) ProtoMessage()func (*CustomerManagedEncryptionStatus) ProtoReflect
func (x *CustomerManagedEncryptionStatus) ProtoReflect() protoreflect.Messagefunc (*CustomerManagedEncryptionStatus) Reset
func (x *CustomerManagedEncryptionStatus) Reset()func (*CustomerManagedEncryptionStatus) String
func (x *CustomerManagedEncryptionStatus) String() stringDeleteSecretRequest
type DeleteSecretRequest struct {
// Required. The resource name of the [Secret][google.cloud.secretmanager.v1.Secret] to delete in the format
// `projects/*/secrets/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Optional. Etag of the [Secret][google.cloud.secretmanager.v1.Secret]. The request succeeds if it matches
// the etag of the currently stored secret object. If the etag is omitted,
// the request succeeds.
Etag string `protobuf:"bytes,2,opt,name=etag,proto3" json:"etag,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1.SecretManagerService.DeleteSecret].
func (*DeleteSecretRequest) Descriptor
func (*DeleteSecretRequest) Descriptor() ([]byte, []int)Deprecated: Use DeleteSecretRequest.ProtoReflect.Descriptor instead.
func (*DeleteSecretRequest) GetEtag
func (x *DeleteSecretRequest) GetEtag() stringfunc (*DeleteSecretRequest) GetName
func (x *DeleteSecretRequest) GetName() stringfunc (*DeleteSecretRequest) ProtoMessage
func (*DeleteSecretRequest) ProtoMessage()func (*DeleteSecretRequest) ProtoReflect
func (x *DeleteSecretRequest) ProtoReflect() protoreflect.Messagefunc (*DeleteSecretRequest) Reset
func (x *DeleteSecretRequest) Reset()func (*DeleteSecretRequest) String
func (x *DeleteSecretRequest) String() stringDestroySecretVersionRequest
type DestroySecretVersionRequest struct {
// Required. The resource name of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to destroy in the format
// `projects/*/secrets/*/versions/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Optional. Etag of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. The request succeeds if it matches
// the etag of the currently stored secret version object. If the etag is
// omitted, the request succeeds.
Etag string `protobuf:"bytes,2,opt,name=etag,proto3" json:"etag,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DestroySecretVersion].
func (*DestroySecretVersionRequest) Descriptor
func (*DestroySecretVersionRequest) Descriptor() ([]byte, []int)Deprecated: Use DestroySecretVersionRequest.ProtoReflect.Descriptor instead.
func (*DestroySecretVersionRequest) GetEtag
func (x *DestroySecretVersionRequest) GetEtag() stringfunc (*DestroySecretVersionRequest) GetName
func (x *DestroySecretVersionRequest) GetName() stringfunc (*DestroySecretVersionRequest) ProtoMessage
func (*DestroySecretVersionRequest) ProtoMessage()func (*DestroySecretVersionRequest) ProtoReflect
func (x *DestroySecretVersionRequest) ProtoReflect() protoreflect.Messagefunc (*DestroySecretVersionRequest) Reset
func (x *DestroySecretVersionRequest) Reset()func (*DestroySecretVersionRequest) String
func (x *DestroySecretVersionRequest) String() stringDisableSecretVersionRequest
type DisableSecretVersionRequest struct {
// Required. The resource name of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to disable in the format
// `projects/*/secrets/*/versions/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Optional. Etag of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. The request succeeds if it matches
// the etag of the currently stored secret version object. If the etag is
// omitted, the request succeeds.
Etag string `protobuf:"bytes,2,opt,name=etag,proto3" json:"etag,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.DisableSecretVersion].
func (*DisableSecretVersionRequest) Descriptor
func (*DisableSecretVersionRequest) Descriptor() ([]byte, []int)Deprecated: Use DisableSecretVersionRequest.ProtoReflect.Descriptor instead.
func (*DisableSecretVersionRequest) GetEtag
func (x *DisableSecretVersionRequest) GetEtag() stringfunc (*DisableSecretVersionRequest) GetName
func (x *DisableSecretVersionRequest) GetName() stringfunc (*DisableSecretVersionRequest) ProtoMessage
func (*DisableSecretVersionRequest) ProtoMessage()func (*DisableSecretVersionRequest) ProtoReflect
func (x *DisableSecretVersionRequest) ProtoReflect() protoreflect.Messagefunc (*DisableSecretVersionRequest) Reset
func (x *DisableSecretVersionRequest) Reset()func (*DisableSecretVersionRequest) String
func (x *DisableSecretVersionRequest) String() stringEnableSecretVersionRequest
type EnableSecretVersionRequest struct {
// Required. The resource name of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to enable in the format
// `projects/*/secrets/*/versions/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// Optional. Etag of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. The request succeeds if it matches
// the etag of the currently stored secret version object. If the etag is
// omitted, the request succeeds.
Etag string `protobuf:"bytes,2,opt,name=etag,proto3" json:"etag,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.EnableSecretVersion].
func (*EnableSecretVersionRequest) Descriptor
func (*EnableSecretVersionRequest) Descriptor() ([]byte, []int)Deprecated: Use EnableSecretVersionRequest.ProtoReflect.Descriptor instead.
func (*EnableSecretVersionRequest) GetEtag
func (x *EnableSecretVersionRequest) GetEtag() stringfunc (*EnableSecretVersionRequest) GetName
func (x *EnableSecretVersionRequest) GetName() stringfunc (*EnableSecretVersionRequest) ProtoMessage
func (*EnableSecretVersionRequest) ProtoMessage()func (*EnableSecretVersionRequest) ProtoReflect
func (x *EnableSecretVersionRequest) ProtoReflect() protoreflect.Messagefunc (*EnableSecretVersionRequest) Reset
func (x *EnableSecretVersionRequest) Reset()func (*EnableSecretVersionRequest) String
func (x *EnableSecretVersionRequest) String() stringGetSecretRequest
type GetSecretRequest struct {
// Required. The resource name of the [Secret][google.cloud.secretmanager.v1.Secret], in the format `projects/*/secrets/*`.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.GetSecret][google.cloud.secretmanager.v1.SecretManagerService.GetSecret].
func (*GetSecretRequest) Descriptor
func (*GetSecretRequest) Descriptor() ([]byte, []int)Deprecated: Use GetSecretRequest.ProtoReflect.Descriptor instead.
func (*GetSecretRequest) GetName
func (x *GetSecretRequest) GetName() stringfunc (*GetSecretRequest) ProtoMessage
func (*GetSecretRequest) ProtoMessage()func (*GetSecretRequest) ProtoReflect
func (x *GetSecretRequest) ProtoReflect() protoreflect.Messagefunc (*GetSecretRequest) Reset
func (x *GetSecretRequest) Reset()func (*GetSecretRequest) String
func (x *GetSecretRequest) String() stringGetSecretVersionRequest
type GetSecretVersionRequest struct {
// Required. The resource name of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] in the format
// `projects/*/secrets/*/versions/*`.
//
// `projects/*/secrets/*/versions/latest` is an alias to the most recently
// created [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.GetSecretVersion].
func (*GetSecretVersionRequest) Descriptor
func (*GetSecretVersionRequest) Descriptor() ([]byte, []int)Deprecated: Use GetSecretVersionRequest.ProtoReflect.Descriptor instead.
func (*GetSecretVersionRequest) GetName
func (x *GetSecretVersionRequest) GetName() stringfunc (*GetSecretVersionRequest) ProtoMessage
func (*GetSecretVersionRequest) ProtoMessage()func (*GetSecretVersionRequest) ProtoReflect
func (x *GetSecretVersionRequest) ProtoReflect() protoreflect.Messagefunc (*GetSecretVersionRequest) Reset
func (x *GetSecretVersionRequest) Reset()func (*GetSecretVersionRequest) String
func (x *GetSecretVersionRequest) String() stringListSecretVersionsRequest
type ListSecretVersionsRequest struct {
// Required. The resource name of the [Secret][google.cloud.secretmanager.v1.Secret] associated with the
// [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] to list, in the format
// `projects/*/secrets/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. The maximum number of results to be returned in a single page. If
// set to 0, the server decides the number of results to return. If the
// number is greater than 25000, it is capped at 25000.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. Pagination token, returned earlier via
// ListSecretVersionsResponse.next_page_token][].
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// Optional. Filter string, adhering to the rules in
// [List-operation
// filtering](https://cloud.google.com/secret-manager/docs/filtering). List
// only secret versions matching the filter. If filter is empty, all secret
// versions are listed.
Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions].
func (*ListSecretVersionsRequest) Descriptor
func (*ListSecretVersionsRequest) Descriptor() ([]byte, []int)Deprecated: Use ListSecretVersionsRequest.ProtoReflect.Descriptor instead.
func (*ListSecretVersionsRequest) GetFilter
func (x *ListSecretVersionsRequest) GetFilter() stringfunc (*ListSecretVersionsRequest) GetPageSize
func (x *ListSecretVersionsRequest) GetPageSize() int32func (*ListSecretVersionsRequest) GetPageToken
func (x *ListSecretVersionsRequest) GetPageToken() stringfunc (*ListSecretVersionsRequest) GetParent
func (x *ListSecretVersionsRequest) GetParent() stringfunc (*ListSecretVersionsRequest) ProtoMessage
func (*ListSecretVersionsRequest) ProtoMessage()func (*ListSecretVersionsRequest) ProtoReflect
func (x *ListSecretVersionsRequest) ProtoReflect() protoreflect.Messagefunc (*ListSecretVersionsRequest) Reset
func (x *ListSecretVersionsRequest) Reset()func (*ListSecretVersionsRequest) String
func (x *ListSecretVersionsRequest) String() stringListSecretVersionsResponse
type ListSecretVersionsResponse struct {
// The list of [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] sorted in reverse by
// create_time (newest first).
Versions []*SecretVersion `protobuf:"bytes,1,rep,name=versions,proto3" json:"versions,omitempty"`
// A token to retrieve the next page of results. Pass this value in
// [ListSecretVersionsRequest.page_token][google.cloud.secretmanager.v1.ListSecretVersionsRequest.page_token] to retrieve the next page.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// The total number of [SecretVersions][google.cloud.secretmanager.v1.SecretVersion].
TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
// contains filtered or unexported fields
}Response message for [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1.SecretManagerService.ListSecretVersions].
func (*ListSecretVersionsResponse) Descriptor
func (*ListSecretVersionsResponse) Descriptor() ([]byte, []int)Deprecated: Use ListSecretVersionsResponse.ProtoReflect.Descriptor instead.
func (*ListSecretVersionsResponse) GetNextPageToken
func (x *ListSecretVersionsResponse) GetNextPageToken() stringfunc (*ListSecretVersionsResponse) GetTotalSize
func (x *ListSecretVersionsResponse) GetTotalSize() int32func (*ListSecretVersionsResponse) GetVersions
func (x *ListSecretVersionsResponse) GetVersions() []*SecretVersionfunc (*ListSecretVersionsResponse) ProtoMessage
func (*ListSecretVersionsResponse) ProtoMessage()func (*ListSecretVersionsResponse) ProtoReflect
func (x *ListSecretVersionsResponse) ProtoReflect() protoreflect.Messagefunc (*ListSecretVersionsResponse) Reset
func (x *ListSecretVersionsResponse) Reset()func (*ListSecretVersionsResponse) String
func (x *ListSecretVersionsResponse) String() stringListSecretsRequest
type ListSecretsRequest struct {
// Required. The resource name of the project associated with the
// [Secrets][google.cloud.secretmanager.v1.Secret], in the format `projects/*`.
Parent string `protobuf:"bytes,1,opt,name=parent,proto3" json:"parent,omitempty"`
// Optional. The maximum number of results to be returned in a single page. If
// set to 0, the server decides the number of results to return. If the
// number is greater than 25000, it is capped at 25000.
PageSize int32 `protobuf:"varint,2,opt,name=page_size,json=pageSize,proto3" json:"page_size,omitempty"`
// Optional. Pagination token, returned earlier via
// [ListSecretsResponse.next_page_token][google.cloud.secretmanager.v1.ListSecretsResponse.next_page_token].
PageToken string `protobuf:"bytes,3,opt,name=page_token,json=pageToken,proto3" json:"page_token,omitempty"`
// Optional. Filter string, adhering to the rules in
// [List-operation
// filtering](https://cloud.google.com/secret-manager/docs/filtering). List
// only secrets matching the filter. If filter is empty, all secrets are
// listed.
Filter string `protobuf:"bytes,4,opt,name=filter,proto3" json:"filter,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets].
func (*ListSecretsRequest) Descriptor
func (*ListSecretsRequest) Descriptor() ([]byte, []int)Deprecated: Use ListSecretsRequest.ProtoReflect.Descriptor instead.
func (*ListSecretsRequest) GetFilter
func (x *ListSecretsRequest) GetFilter() stringfunc (*ListSecretsRequest) GetPageSize
func (x *ListSecretsRequest) GetPageSize() int32func (*ListSecretsRequest) GetPageToken
func (x *ListSecretsRequest) GetPageToken() stringfunc (*ListSecretsRequest) GetParent
func (x *ListSecretsRequest) GetParent() stringfunc (*ListSecretsRequest) ProtoMessage
func (*ListSecretsRequest) ProtoMessage()func (*ListSecretsRequest) ProtoReflect
func (x *ListSecretsRequest) ProtoReflect() protoreflect.Messagefunc (*ListSecretsRequest) Reset
func (x *ListSecretsRequest) Reset()func (*ListSecretsRequest) String
func (x *ListSecretsRequest) String() stringListSecretsResponse
type ListSecretsResponse struct {
// The list of [Secrets][google.cloud.secretmanager.v1.Secret] sorted in reverse by create_time (newest
// first).
Secrets []*Secret `protobuf:"bytes,1,rep,name=secrets,proto3" json:"secrets,omitempty"`
// A token to retrieve the next page of results. Pass this value in
// [ListSecretsRequest.page_token][google.cloud.secretmanager.v1.ListSecretsRequest.page_token] to retrieve the next page.
NextPageToken string `protobuf:"bytes,2,opt,name=next_page_token,json=nextPageToken,proto3" json:"next_page_token,omitempty"`
// The total number of [Secrets][google.cloud.secretmanager.v1.Secret].
TotalSize int32 `protobuf:"varint,3,opt,name=total_size,json=totalSize,proto3" json:"total_size,omitempty"`
// contains filtered or unexported fields
}Response message for [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1.SecretManagerService.ListSecrets].
func (*ListSecretsResponse) Descriptor
func (*ListSecretsResponse) Descriptor() ([]byte, []int)Deprecated: Use ListSecretsResponse.ProtoReflect.Descriptor instead.
func (*ListSecretsResponse) GetNextPageToken
func (x *ListSecretsResponse) GetNextPageToken() stringfunc (*ListSecretsResponse) GetSecrets
func (x *ListSecretsResponse) GetSecrets() []*Secretfunc (*ListSecretsResponse) GetTotalSize
func (x *ListSecretsResponse) GetTotalSize() int32func (*ListSecretsResponse) ProtoMessage
func (*ListSecretsResponse) ProtoMessage()func (*ListSecretsResponse) ProtoReflect
func (x *ListSecretsResponse) ProtoReflect() protoreflect.Messagefunc (*ListSecretsResponse) Reset
func (x *ListSecretsResponse) Reset()func (*ListSecretsResponse) String
func (x *ListSecretsResponse) String() stringReplication
type Replication struct {
// The replication policy for this secret.
//
// Types that are assignable to Replication:
//
// *Replication_Automatic_
// *Replication_UserManaged_
Replication isReplication_Replication `protobuf_oneof:"replication"`
// contains filtered or unexported fields
}A policy that defines the replication and encryption configuration of data.
func (*Replication) Descriptor
func (*Replication) Descriptor() ([]byte, []int)Deprecated: Use Replication.ProtoReflect.Descriptor instead.
func (*Replication) GetAutomatic
func (x *Replication) GetAutomatic() *Replication_Automaticfunc (*Replication) GetReplication
func (m *Replication) GetReplication() isReplication_Replicationfunc (*Replication) GetUserManaged
func (x *Replication) GetUserManaged() *Replication_UserManagedfunc (*Replication) ProtoMessage
func (*Replication) ProtoMessage()func (*Replication) ProtoReflect
func (x *Replication) ProtoReflect() protoreflect.Messagefunc (*Replication) Reset
func (x *Replication) Reset()func (*Replication) String
func (x *Replication) String() stringReplicationStatus
type ReplicationStatus struct {
// The replication status of the
// [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// Types that are assignable to ReplicationStatus:
//
// *ReplicationStatus_Automatic
// *ReplicationStatus_UserManaged
ReplicationStatus isReplicationStatus_ReplicationStatus `protobuf_oneof:"replication_status"`
// contains filtered or unexported fields
}The replication status of a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
func (*ReplicationStatus) Descriptor
func (*ReplicationStatus) Descriptor() ([]byte, []int)Deprecated: Use ReplicationStatus.ProtoReflect.Descriptor instead.
func (*ReplicationStatus) GetAutomatic
func (x *ReplicationStatus) GetAutomatic() *ReplicationStatus_AutomaticStatusfunc (*ReplicationStatus) GetReplicationStatus
func (m *ReplicationStatus) GetReplicationStatus() isReplicationStatus_ReplicationStatusfunc (*ReplicationStatus) GetUserManaged
func (x *ReplicationStatus) GetUserManaged() *ReplicationStatus_UserManagedStatusfunc (*ReplicationStatus) ProtoMessage
func (*ReplicationStatus) ProtoMessage()func (*ReplicationStatus) ProtoReflect
func (x *ReplicationStatus) ProtoReflect() protoreflect.Messagefunc (*ReplicationStatus) Reset
func (x *ReplicationStatus) Reset()func (*ReplicationStatus) String
func (x *ReplicationStatus) String() stringReplicationStatus_Automatic
type ReplicationStatus_Automatic struct {
// Describes the replication status of a
// [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] with
// automatic replication.
//
// Only populated if the parent
// [Secret][google.cloud.secretmanager.v1.Secret] has an automatic
// replication policy.
Automatic *ReplicationStatus_AutomaticStatus `protobuf:"bytes,1,opt,name=automatic,proto3,oneof"`
}ReplicationStatus_AutomaticStatus
type ReplicationStatus_AutomaticStatus struct {
CustomerManagedEncryption *CustomerManagedEncryptionStatus "" /* 138 byte string literal not displayed */
}The replication status of a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] using automatic replication.
Only populated if the parent [Secret][google.cloud.secretmanager.v1.Secret] has an automatic replication policy.
func (*ReplicationStatus_AutomaticStatus) Descriptor
func (*ReplicationStatus_AutomaticStatus) Descriptor() ([]byte, []int)Deprecated: Use ReplicationStatus_AutomaticStatus.ProtoReflect.Descriptor instead.
func (*ReplicationStatus_AutomaticStatus) GetCustomerManagedEncryption
func (x *ReplicationStatus_AutomaticStatus) GetCustomerManagedEncryption() *CustomerManagedEncryptionStatusfunc (*ReplicationStatus_AutomaticStatus) ProtoMessage
func (*ReplicationStatus_AutomaticStatus) ProtoMessage()func (*ReplicationStatus_AutomaticStatus) ProtoReflect
func (x *ReplicationStatus_AutomaticStatus) ProtoReflect() protoreflect.Messagefunc (*ReplicationStatus_AutomaticStatus) Reset
func (x *ReplicationStatus_AutomaticStatus) Reset()func (*ReplicationStatus_AutomaticStatus) String
func (x *ReplicationStatus_AutomaticStatus) String() stringReplicationStatus_UserManaged
type ReplicationStatus_UserManaged struct {
// Describes the replication status of a
// [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] with
// user-managed replication.
//
// Only populated if the parent
// [Secret][google.cloud.secretmanager.v1.Secret] has a user-managed
// replication policy.
UserManaged *ReplicationStatus_UserManagedStatus `protobuf:"bytes,2,opt,name=user_managed,json=userManaged,proto3,oneof"`
}ReplicationStatus_UserManagedStatus
type ReplicationStatus_UserManagedStatus struct {
// Output only. The list of replica statuses for the
// [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
Replicas []*ReplicationStatus_UserManagedStatus_ReplicaStatus `protobuf:"bytes,1,rep,name=replicas,proto3" json:"replicas,omitempty"`
// contains filtered or unexported fields
}The replication status of a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] using user-managed replication.
Only populated if the parent [Secret][google.cloud.secretmanager.v1.Secret] has a user-managed replication policy.
func (*ReplicationStatus_UserManagedStatus) Descriptor
func (*ReplicationStatus_UserManagedStatus) Descriptor() ([]byte, []int)Deprecated: Use ReplicationStatus_UserManagedStatus.ProtoReflect.Descriptor instead.
func (*ReplicationStatus_UserManagedStatus) GetReplicas
func (x *ReplicationStatus_UserManagedStatus) GetReplicas() []*ReplicationStatus_UserManagedStatus_ReplicaStatusfunc (*ReplicationStatus_UserManagedStatus) ProtoMessage
func (*ReplicationStatus_UserManagedStatus) ProtoMessage()func (*ReplicationStatus_UserManagedStatus) ProtoReflect
func (x *ReplicationStatus_UserManagedStatus) ProtoReflect() protoreflect.Messagefunc (*ReplicationStatus_UserManagedStatus) Reset
func (x *ReplicationStatus_UserManagedStatus) Reset()func (*ReplicationStatus_UserManagedStatus) String
func (x *ReplicationStatus_UserManagedStatus) String() stringReplicationStatus_UserManagedStatus_ReplicaStatus
type ReplicationStatus_UserManagedStatus_ReplicaStatus struct {
Location string `protobuf:"bytes,1,opt,name=location,proto3" json:"location,omitempty"`
CustomerManagedEncryption *CustomerManagedEncryptionStatus "" /* 138 byte string literal not displayed */
}Describes the status of a user-managed replica for the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
func (*ReplicationStatus_UserManagedStatus_ReplicaStatus) Descriptor
func (*ReplicationStatus_UserManagedStatus_ReplicaStatus) Descriptor() ([]byte, []int)Deprecated: Use ReplicationStatus_UserManagedStatus_ReplicaStatus.ProtoReflect.Descriptor instead.
func (*ReplicationStatus_UserManagedStatus_ReplicaStatus) GetCustomerManagedEncryption
func (x *ReplicationStatus_UserManagedStatus_ReplicaStatus) GetCustomerManagedEncryption() *CustomerManagedEncryptionStatusfunc (*ReplicationStatus_UserManagedStatus_ReplicaStatus) GetLocation
func (x *ReplicationStatus_UserManagedStatus_ReplicaStatus) GetLocation() stringfunc (*ReplicationStatus_UserManagedStatus_ReplicaStatus) ProtoMessage
func (*ReplicationStatus_UserManagedStatus_ReplicaStatus) ProtoMessage()func (*ReplicationStatus_UserManagedStatus_ReplicaStatus) ProtoReflect
func (x *ReplicationStatus_UserManagedStatus_ReplicaStatus) ProtoReflect() protoreflect.Messagefunc (*ReplicationStatus_UserManagedStatus_ReplicaStatus) Reset
func (x *ReplicationStatus_UserManagedStatus_ReplicaStatus) Reset()func (*ReplicationStatus_UserManagedStatus_ReplicaStatus) String
func (x *ReplicationStatus_UserManagedStatus_ReplicaStatus) String() stringReplication_Automatic
type Replication_Automatic struct {
CustomerManagedEncryption *CustomerManagedEncryption "" /* 138 byte string literal not displayed */
}A replication policy that replicates the [Secret][google.cloud.secretmanager.v1.Secret] payload without any restrictions.
func (*Replication_Automatic) Descriptor
func (*Replication_Automatic) Descriptor() ([]byte, []int)Deprecated: Use Replication_Automatic.ProtoReflect.Descriptor instead.
func (*Replication_Automatic) GetCustomerManagedEncryption
func (x *Replication_Automatic) GetCustomerManagedEncryption() *CustomerManagedEncryptionfunc (*Replication_Automatic) ProtoMessage
func (*Replication_Automatic) ProtoMessage()func (*Replication_Automatic) ProtoReflect
func (x *Replication_Automatic) ProtoReflect() protoreflect.Messagefunc (*Replication_Automatic) Reset
func (x *Replication_Automatic) Reset()func (*Replication_Automatic) String
func (x *Replication_Automatic) String() stringReplication_Automatic_
type Replication_Automatic_ struct {
// The [Secret][google.cloud.secretmanager.v1.Secret] will automatically be
// replicated without any restrictions.
Automatic *Replication_Automatic `protobuf:"bytes,1,opt,name=automatic,proto3,oneof"`
}Replication_UserManaged
type Replication_UserManaged struct {
// Required. The list of Replicas for this
// [Secret][google.cloud.secretmanager.v1.Secret].
//
// Cannot be empty.
Replicas []*Replication_UserManaged_Replica `protobuf:"bytes,1,rep,name=replicas,proto3" json:"replicas,omitempty"`
// contains filtered or unexported fields
}A replication policy that replicates the [Secret][google.cloud.secretmanager.v1.Secret] payload into the locations specified in [Secret.replication.user_managed.replicas][]
func (*Replication_UserManaged) Descriptor
func (*Replication_UserManaged) Descriptor() ([]byte, []int)Deprecated: Use Replication_UserManaged.ProtoReflect.Descriptor instead.
func (*Replication_UserManaged) GetReplicas
func (x *Replication_UserManaged) GetReplicas() []*Replication_UserManaged_Replicafunc (*Replication_UserManaged) ProtoMessage
func (*Replication_UserManaged) ProtoMessage()func (*Replication_UserManaged) ProtoReflect
func (x *Replication_UserManaged) ProtoReflect() protoreflect.Messagefunc (*Replication_UserManaged) Reset
func (x *Replication_UserManaged) Reset()func (*Replication_UserManaged) String
func (x *Replication_UserManaged) String() stringReplication_UserManaged_
type Replication_UserManaged_ struct {
// The [Secret][google.cloud.secretmanager.v1.Secret] will only be
// replicated into the locations specified.
UserManaged *Replication_UserManaged `protobuf:"bytes,2,opt,name=user_managed,json=userManaged,proto3,oneof"`
}Replication_UserManaged_Replica
type Replication_UserManaged_Replica struct {
Location string `protobuf:"bytes,1,opt,name=location,proto3" json:"location,omitempty"`
CustomerManagedEncryption *CustomerManagedEncryption "" /* 138 byte string literal not displayed */
}Represents a Replica for this [Secret][google.cloud.secretmanager.v1.Secret].
func (*Replication_UserManaged_Replica) Descriptor
func (*Replication_UserManaged_Replica) Descriptor() ([]byte, []int)Deprecated: Use Replication_UserManaged_Replica.ProtoReflect.Descriptor instead.
func (*Replication_UserManaged_Replica) GetCustomerManagedEncryption
func (x *Replication_UserManaged_Replica) GetCustomerManagedEncryption() *CustomerManagedEncryptionfunc (*Replication_UserManaged_Replica) GetLocation
func (x *Replication_UserManaged_Replica) GetLocation() stringfunc (*Replication_UserManaged_Replica) ProtoMessage
func (*Replication_UserManaged_Replica) ProtoMessage()func (*Replication_UserManaged_Replica) ProtoReflect
func (x *Replication_UserManaged_Replica) ProtoReflect() protoreflect.Messagefunc (*Replication_UserManaged_Replica) Reset
func (x *Replication_UserManaged_Replica) Reset()func (*Replication_UserManaged_Replica) String
func (x *Replication_UserManaged_Replica) String() stringRotation
type Rotation struct {
// Optional. Timestamp in UTC at which the
// [Secret][google.cloud.secretmanager.v1.Secret] is scheduled to rotate.
// Cannot be set to less than 300s (5 min) in the future and at most
// 3153600000s (100 years).
//
// [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time]
// MUST be set if
// [rotation_period][google.cloud.secretmanager.v1.Rotation.rotation_period]
// is set.
NextRotationTime *timestamppb.Timestamp `protobuf:"bytes,1,opt,name=next_rotation_time,json=nextRotationTime,proto3" json:"next_rotation_time,omitempty"`
// Input only. The Duration between rotation notifications. Must be in seconds
// and at least 3600s (1h) and at most 3153600000s (100 years).
//
// If
// [rotation_period][google.cloud.secretmanager.v1.Rotation.rotation_period]
// is set,
// [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time]
// must be set.
// [next_rotation_time][google.cloud.secretmanager.v1.Rotation.next_rotation_time]
// will be advanced by this period when the service automatically sends
// rotation notifications.
RotationPeriod *durationpb.Duration `protobuf:"bytes,2,opt,name=rotation_period,json=rotationPeriod,proto3" json:"rotation_period,omitempty"`
// contains filtered or unexported fields
}The rotation time and period for a [Secret][google.cloud.secretmanager.v1.Secret]. At next_rotation_time, Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. [Secret.topics][google.cloud.secretmanager.v1.Secret.topics] must be set to configure rotation.
func (*Rotation) Descriptor
Deprecated: Use Rotation.ProtoReflect.Descriptor instead.
func (*Rotation) GetNextRotationTime
func (x *Rotation) GetNextRotationTime() *timestamppb.Timestampfunc (*Rotation) GetRotationPeriod
func (x *Rotation) GetRotationPeriod() *durationpb.Durationfunc (*Rotation) ProtoMessage
func (*Rotation) ProtoMessage()func (*Rotation) ProtoReflect
func (x *Rotation) ProtoReflect() protoreflect.Messagefunc (*Rotation) Reset
func (x *Rotation) Reset()func (*Rotation) String
Secret
type Secret struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
Replication *Replication `protobuf:"bytes,2,opt,name=replication,proto3" json:"replication,omitempty"`
CreateTime *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
Labels map[string]string "" /* 153 byte string literal not displayed */
Topics []*Topic `protobuf:"bytes,5,rep,name=topics,proto3" json:"topics,omitempty"`
Expiration isSecret_Expiration `protobuf_oneof:"expiration"`
Etag string `protobuf:"bytes,8,opt,name=etag,proto3" json:"etag,omitempty"`
Rotation *Rotation `protobuf:"bytes,9,opt,name=rotation,proto3" json:"rotation,omitempty"`
VersionAliases map[string]int64 "" /* 193 byte string literal not displayed */
Annotations map[string]string "" /* 164 byte string literal not displayed */
}A [Secret][google.cloud.secretmanager.v1.Secret] is a logical secret whose value and versions can be accessed.
A [Secret][google.cloud.secretmanager.v1.Secret] is made up of zero or more [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] that represent the secret data.
func (*Secret) Descriptor
Deprecated: Use Secret.ProtoReflect.Descriptor instead.
func (*Secret) GetAnnotations
func (*Secret) GetCreateTime
func (x *Secret) GetCreateTime() *timestamppb.Timestampfunc (*Secret) GetEtag
func (*Secret) GetExpiration
func (m *Secret) GetExpiration() isSecret_Expirationfunc (*Secret) GetExpireTime
func (x *Secret) GetExpireTime() *timestamppb.Timestampfunc (*Secret) GetLabels
func (*Secret) GetName
func (*Secret) GetReplication
func (x *Secret) GetReplication() *Replicationfunc (*Secret) GetRotation
func (*Secret) GetTopics
func (*Secret) GetTtl
func (x *Secret) GetTtl() *durationpb.Durationfunc (*Secret) GetVersionAliases
func (*Secret) ProtoMessage
func (*Secret) ProtoMessage()func (*Secret) ProtoReflect
func (x *Secret) ProtoReflect() protoreflect.Messagefunc (*Secret) Reset
func (x *Secret) Reset()func (*Secret) String
SecretManagerServiceClient
type SecretManagerServiceClient interface {
// Lists [Secrets][google.cloud.secretmanager.v1.Secret].
ListSecrets(ctx context.Context, in *ListSecretsRequest, opts ...grpc.CallOption) (*ListSecretsResponse, error)
// Creates a new [Secret][google.cloud.secretmanager.v1.Secret] containing no [SecretVersions][google.cloud.secretmanager.v1.SecretVersion].
CreateSecret(ctx context.Context, in *CreateSecretRequest, opts ...grpc.CallOption) (*Secret, error)
// Creates a new [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] containing secret data and attaches
// it to an existing [Secret][google.cloud.secretmanager.v1.Secret].
AddSecretVersion(ctx context.Context, in *AddSecretVersionRequest, opts ...grpc.CallOption) (*SecretVersion, error)
// Gets metadata for a given [Secret][google.cloud.secretmanager.v1.Secret].
GetSecret(ctx context.Context, in *GetSecretRequest, opts ...grpc.CallOption) (*Secret, error)
// Updates metadata of an existing [Secret][google.cloud.secretmanager.v1.Secret].
UpdateSecret(ctx context.Context, in *UpdateSecretRequest, opts ...grpc.CallOption) (*Secret, error)
// Deletes a [Secret][google.cloud.secretmanager.v1.Secret].
DeleteSecret(ctx context.Context, in *DeleteSecretRequest, opts ...grpc.CallOption) (*emptypb.Empty, error)
// Lists [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. This call does not return secret
// data.
ListSecretVersions(ctx context.Context, in *ListSecretVersionsRequest, opts ...grpc.CallOption) (*ListSecretVersionsResponse, error)
// Gets metadata for a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// `projects/*/secrets/*/versions/latest` is an alias to the most recently
// created [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
GetSecretVersion(ctx context.Context, in *GetSecretVersionRequest, opts ...grpc.CallOption) (*SecretVersion, error)
// Accesses a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. This call returns the secret data.
//
// `projects/*/secrets/*/versions/latest` is an alias to the most recently
// created [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
AccessSecretVersion(ctx context.Context, in *AccessSecretVersionRequest, opts ...grpc.CallOption) (*AccessSecretVersionResponse, error)
// Disables a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
// [DISABLED][google.cloud.secretmanager.v1.SecretVersion.State.DISABLED].
DisableSecretVersion(ctx context.Context, in *DisableSecretVersionRequest, opts ...grpc.CallOption) (*SecretVersion, error)
// Enables a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
// [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED].
EnableSecretVersion(ctx context.Context, in *EnableSecretVersionRequest, opts ...grpc.CallOption) (*SecretVersion, error)
// Destroys a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
// [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED] and irrevocably destroys the
// secret data.
DestroySecretVersion(ctx context.Context, in *DestroySecretVersionRequest, opts ...grpc.CallOption) (*SecretVersion, error)
// Sets the access control policy on the specified secret. Replaces any
// existing policy.
//
// Permissions on [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] are enforced according
// to the policy set on the associated [Secret][google.cloud.secretmanager.v1.Secret].
SetIamPolicy(ctx context.Context, in *iampb.SetIamPolicyRequest, opts ...grpc.CallOption) (*iampb.Policy, error)
// Gets the access control policy for a secret.
// Returns empty policy if the secret exists and does not have a policy set.
GetIamPolicy(ctx context.Context, in *iampb.GetIamPolicyRequest, opts ...grpc.CallOption) (*iampb.Policy, error)
// Returns permissions that a caller has for the specified secret.
// If the secret does not exist, this call returns an empty set of
// permissions, not a NOT_FOUND error.
//
// Note: This operation is designed to be used for building permission-aware
// UIs and command-line tools, not for authorization checking. This operation
// may "fail open" without warning.
TestIamPermissions(ctx context.Context, in *iampb.TestIamPermissionsRequest, opts ...grpc.CallOption) (*iampb.TestIamPermissionsResponse, error)
}SecretManagerServiceClient is the client API for SecretManagerService service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://godoc.org/google.golang.org/grpc#ClientConn.NewStream.
func NewSecretManagerServiceClient
func NewSecretManagerServiceClient(cc grpc.ClientConnInterface) SecretManagerServiceClientSecretManagerServiceServer
type SecretManagerServiceServer interface {
// Lists [Secrets][google.cloud.secretmanager.v1.Secret].
ListSecrets(context.Context, *ListSecretsRequest) (*ListSecretsResponse, error)
// Creates a new [Secret][google.cloud.secretmanager.v1.Secret] containing no [SecretVersions][google.cloud.secretmanager.v1.SecretVersion].
CreateSecret(context.Context, *CreateSecretRequest) (*Secret, error)
// Creates a new [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] containing secret data and attaches
// it to an existing [Secret][google.cloud.secretmanager.v1.Secret].
AddSecretVersion(context.Context, *AddSecretVersionRequest) (*SecretVersion, error)
// Gets metadata for a given [Secret][google.cloud.secretmanager.v1.Secret].
GetSecret(context.Context, *GetSecretRequest) (*Secret, error)
// Updates metadata of an existing [Secret][google.cloud.secretmanager.v1.Secret].
UpdateSecret(context.Context, *UpdateSecretRequest) (*Secret, error)
// Deletes a [Secret][google.cloud.secretmanager.v1.Secret].
DeleteSecret(context.Context, *DeleteSecretRequest) (*emptypb.Empty, error)
// Lists [SecretVersions][google.cloud.secretmanager.v1.SecretVersion]. This call does not return secret
// data.
ListSecretVersions(context.Context, *ListSecretVersionsRequest) (*ListSecretVersionsResponse, error)
// Gets metadata for a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// `projects/*/secrets/*/versions/latest` is an alias to the most recently
// created [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
GetSecretVersion(context.Context, *GetSecretVersionRequest) (*SecretVersion, error)
// Accesses a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion]. This call returns the secret data.
//
// `projects/*/secrets/*/versions/latest` is an alias to the most recently
// created [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
AccessSecretVersion(context.Context, *AccessSecretVersionRequest) (*AccessSecretVersionResponse, error)
// Disables a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
// [DISABLED][google.cloud.secretmanager.v1.SecretVersion.State.DISABLED].
DisableSecretVersion(context.Context, *DisableSecretVersionRequest) (*SecretVersion, error)
// Enables a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
// [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED].
EnableSecretVersion(context.Context, *EnableSecretVersionRequest) (*SecretVersion, error)
// Destroys a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
//
// Sets the [state][google.cloud.secretmanager.v1.SecretVersion.state] of the [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] to
// [DESTROYED][google.cloud.secretmanager.v1.SecretVersion.State.DESTROYED] and irrevocably destroys the
// secret data.
DestroySecretVersion(context.Context, *DestroySecretVersionRequest) (*SecretVersion, error)
// Sets the access control policy on the specified secret. Replaces any
// existing policy.
//
// Permissions on [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] are enforced according
// to the policy set on the associated [Secret][google.cloud.secretmanager.v1.Secret].
SetIamPolicy(context.Context, *iampb.SetIamPolicyRequest) (*iampb.Policy, error)
// Gets the access control policy for a secret.
// Returns empty policy if the secret exists and does not have a policy set.
GetIamPolicy(context.Context, *iampb.GetIamPolicyRequest) (*iampb.Policy, error)
// Returns permissions that a caller has for the specified secret.
// If the secret does not exist, this call returns an empty set of
// permissions, not a NOT_FOUND error.
//
// Note: This operation is designed to be used for building permission-aware
// UIs and command-line tools, not for authorization checking. This operation
// may "fail open" without warning.
TestIamPermissions(context.Context, *iampb.TestIamPermissionsRequest) (*iampb.TestIamPermissionsResponse, error)
}SecretManagerServiceServer is the server API for SecretManagerService service.
SecretPayload
type SecretPayload struct {
// The secret data. Must be no larger than 64KiB.
Data []byte `protobuf:"bytes,1,opt,name=data,proto3" json:"data,omitempty"`
// Optional. If specified,
// [SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService]
// will verify the integrity of the received
// [data][google.cloud.secretmanager.v1.SecretPayload.data] on
// [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]
// calls using the crc32c checksum and store it to include in future
// [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AccessSecretVersion]
// responses. If a checksum is not provided in the
// [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1.SecretManagerService.AddSecretVersion]
// request, the
// [SecretManagerService][google.cloud.secretmanager.v1.SecretManagerService]
// will generate and store one for you.
//
// The CRC32C value is encoded as a Int64 for compatibility, and can be
// safely downconverted to uint32 in languages that support this type.
// https://cloud.google.com/apis/design/design_patterns#integer_types
DataCrc32C *int64 `protobuf:"varint,2,opt,name=data_crc32c,json=dataCrc32c,proto3,oneof" json:"data_crc32c,omitempty"`
// contains filtered or unexported fields
}A secret payload resource in the Secret Manager API. This contains the sensitive secret payload that is associated with a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion].
func (*SecretPayload) Descriptor
func (*SecretPayload) Descriptor() ([]byte, []int)Deprecated: Use SecretPayload.ProtoReflect.Descriptor instead.
func (*SecretPayload) GetData
func (x *SecretPayload) GetData() []bytefunc (*SecretPayload) GetDataCrc32C
func (x *SecretPayload) GetDataCrc32C() int64func (*SecretPayload) ProtoMessage
func (*SecretPayload) ProtoMessage()func (*SecretPayload) ProtoReflect
func (x *SecretPayload) ProtoReflect() protoreflect.Messagefunc (*SecretPayload) Reset
func (x *SecretPayload) Reset()func (*SecretPayload) String
func (x *SecretPayload) String() stringSecretVersion
type SecretVersion struct {
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
CreateTime *timestamppb.Timestamp `protobuf:"bytes,2,opt,name=create_time,json=createTime,proto3" json:"create_time,omitempty"`
DestroyTime *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=destroy_time,json=destroyTime,proto3" json:"destroy_time,omitempty"`
State SecretVersion_State `protobuf:"varint,4,opt,name=state,proto3,enum=google.cloud.secretmanager.v1.SecretVersion_State" json:"state,omitempty"`
ReplicationStatus *ReplicationStatus `protobuf:"bytes,5,opt,name=replication_status,json=replicationStatus,proto3" json:"replication_status,omitempty"`
Etag string `protobuf:"bytes,6,opt,name=etag,proto3" json:"etag,omitempty"`
ClientSpecifiedPayloadChecksum bool "" /* 156 byte string literal not displayed */
}A secret version resource in the Secret Manager API.
func (*SecretVersion) Descriptor
func (*SecretVersion) Descriptor() ([]byte, []int)Deprecated: Use SecretVersion.ProtoReflect.Descriptor instead.
func (*SecretVersion) GetClientSpecifiedPayloadChecksum
func (x *SecretVersion) GetClientSpecifiedPayloadChecksum() boolfunc (*SecretVersion) GetCreateTime
func (x *SecretVersion) GetCreateTime() *timestamppb.Timestampfunc (*SecretVersion) GetDestroyTime
func (x *SecretVersion) GetDestroyTime() *timestamppb.Timestampfunc (*SecretVersion) GetEtag
func (x *SecretVersion) GetEtag() stringfunc (*SecretVersion) GetName
func (x *SecretVersion) GetName() stringfunc (*SecretVersion) GetReplicationStatus
func (x *SecretVersion) GetReplicationStatus() *ReplicationStatusfunc (*SecretVersion) GetState
func (x *SecretVersion) GetState() SecretVersion_Statefunc (*SecretVersion) ProtoMessage
func (*SecretVersion) ProtoMessage()func (*SecretVersion) ProtoReflect
func (x *SecretVersion) ProtoReflect() protoreflect.Messagefunc (*SecretVersion) Reset
func (x *SecretVersion) Reset()func (*SecretVersion) String
func (x *SecretVersion) String() stringSecretVersion_State
type SecretVersion_State int32The state of a [SecretVersion][google.cloud.secretmanager.v1.SecretVersion], indicating if it can be accessed.
SecretVersion_STATE_UNSPECIFIED, SecretVersion_ENABLED, SecretVersion_DISABLED, SecretVersion_DESTROYED
const (
// Not specified. This value is unused and invalid.
SecretVersion_STATE_UNSPECIFIED SecretVersion_State = 0
// The [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] may be
// accessed.
SecretVersion_ENABLED SecretVersion_State = 1
// The [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] may not
// be accessed, but the secret data is still available and can be placed
// back into the
// [ENABLED][google.cloud.secretmanager.v1.SecretVersion.State.ENABLED]
// state.
SecretVersion_DISABLED SecretVersion_State = 2
// The [SecretVersion][google.cloud.secretmanager.v1.SecretVersion] is
// destroyed and the secret data is no longer stored. A version may not
// leave this state once entered.
SecretVersion_DESTROYED SecretVersion_State = 3
)func (SecretVersion_State) Descriptor
func (SecretVersion_State) Descriptor() protoreflect.EnumDescriptorfunc (SecretVersion_State) Enum
func (x SecretVersion_State) Enum() *SecretVersion_Statefunc (SecretVersion_State) EnumDescriptor
func (SecretVersion_State) EnumDescriptor() ([]byte, []int)Deprecated: Use SecretVersion_State.Descriptor instead.
func (SecretVersion_State) Number
func (x SecretVersion_State) Number() protoreflect.EnumNumberfunc (SecretVersion_State) String
func (x SecretVersion_State) String() stringfunc (SecretVersion_State) Type
func (SecretVersion_State) Type() protoreflect.EnumTypeSecret_ExpireTime
type Secret_ExpireTime struct {
// Optional. Timestamp in UTC when the
// [Secret][google.cloud.secretmanager.v1.Secret] is scheduled to expire.
// This is always provided on output, regardless of what was sent on input.
ExpireTime *timestamppb.Timestamp `protobuf:"bytes,6,opt,name=expire_time,json=expireTime,proto3,oneof"`
}Secret_Ttl
type Secret_Ttl struct {
// Input only. The TTL for the
// [Secret][google.cloud.secretmanager.v1.Secret].
Ttl *durationpb.Duration `protobuf:"bytes,7,opt,name=ttl,proto3,oneof"`
}Topic
type Topic struct {
// Required. The resource name of the Pub/Sub topic that will be published to,
// in the following format: `projects/*/topics/*`. For publication to succeed,
// the Secret Manager P4SA must have `pubsub.publisher` permissions on the
// topic.
Name string `protobuf:"bytes,1,opt,name=name,proto3" json:"name,omitempty"`
// contains filtered or unexported fields
}A Pub/Sub topic which Secret Manager will publish to when control plane events occur on this secret.
func (*Topic) Descriptor
Deprecated: Use Topic.ProtoReflect.Descriptor instead.
func (*Topic) GetName
func (*Topic) ProtoMessage
func (*Topic) ProtoMessage()func (*Topic) ProtoReflect
func (x *Topic) ProtoReflect() protoreflect.Messagefunc (*Topic) Reset
func (x *Topic) Reset()func (*Topic) String
UnimplementedSecretManagerServiceServer
type UnimplementedSecretManagerServiceServer struct {
}UnimplementedSecretManagerServiceServer can be embedded to have forward compatible implementations.
func (*UnimplementedSecretManagerServiceServer) AccessSecretVersion
func (*UnimplementedSecretManagerServiceServer) AccessSecretVersion(context.Context, *AccessSecretVersionRequest) (*AccessSecretVersionResponse, error)func (*UnimplementedSecretManagerServiceServer) AddSecretVersion
func (*UnimplementedSecretManagerServiceServer) AddSecretVersion(context.Context, *AddSecretVersionRequest) (*SecretVersion, error)func (*UnimplementedSecretManagerServiceServer) CreateSecret
func (*UnimplementedSecretManagerServiceServer) CreateSecret(context.Context, *CreateSecretRequest) (*Secret, error)func (*UnimplementedSecretManagerServiceServer) DeleteSecret
func (*UnimplementedSecretManagerServiceServer) DeleteSecret(context.Context, *DeleteSecretRequest) (*emptypb.Empty, error)func (*UnimplementedSecretManagerServiceServer) DestroySecretVersion
func (*UnimplementedSecretManagerServiceServer) DestroySecretVersion(context.Context, *DestroySecretVersionRequest) (*SecretVersion, error)func (*UnimplementedSecretManagerServiceServer) DisableSecretVersion
func (*UnimplementedSecretManagerServiceServer) DisableSecretVersion(context.Context, *DisableSecretVersionRequest) (*SecretVersion, error)func (*UnimplementedSecretManagerServiceServer) EnableSecretVersion
func (*UnimplementedSecretManagerServiceServer) EnableSecretVersion(context.Context, *EnableSecretVersionRequest) (*SecretVersion, error)func (*UnimplementedSecretManagerServiceServer) GetIamPolicy
func (*UnimplementedSecretManagerServiceServer) GetIamPolicy(context.Context, *iampb.GetIamPolicyRequest) (*iampb.Policy, error)func (*UnimplementedSecretManagerServiceServer) GetSecret
func (*UnimplementedSecretManagerServiceServer) GetSecret(context.Context, *GetSecretRequest) (*Secret, error)func (*UnimplementedSecretManagerServiceServer) GetSecretVersion
func (*UnimplementedSecretManagerServiceServer) GetSecretVersion(context.Context, *GetSecretVersionRequest) (*SecretVersion, error)func (*UnimplementedSecretManagerServiceServer) ListSecretVersions
func (*UnimplementedSecretManagerServiceServer) ListSecretVersions(context.Context, *ListSecretVersionsRequest) (*ListSecretVersionsResponse, error)func (*UnimplementedSecretManagerServiceServer) ListSecrets
func (*UnimplementedSecretManagerServiceServer) ListSecrets(context.Context, *ListSecretsRequest) (*ListSecretsResponse, error)func (*UnimplementedSecretManagerServiceServer) SetIamPolicy
func (*UnimplementedSecretManagerServiceServer) SetIamPolicy(context.Context, *iampb.SetIamPolicyRequest) (*iampb.Policy, error)func (*UnimplementedSecretManagerServiceServer) TestIamPermissions
func (*UnimplementedSecretManagerServiceServer) TestIamPermissions(context.Context, *iampb.TestIamPermissionsRequest) (*iampb.TestIamPermissionsResponse, error)func (*UnimplementedSecretManagerServiceServer) UpdateSecret
func (*UnimplementedSecretManagerServiceServer) UpdateSecret(context.Context, *UpdateSecretRequest) (*Secret, error)UpdateSecretRequest
type UpdateSecretRequest struct {
// Required. [Secret][google.cloud.secretmanager.v1.Secret] with updated field values.
Secret *Secret `protobuf:"bytes,1,opt,name=secret,proto3" json:"secret,omitempty"`
// Required. Specifies the fields to be updated.
UpdateMask *fieldmaskpb.FieldMask `protobuf:"bytes,2,opt,name=update_mask,json=updateMask,proto3" json:"update_mask,omitempty"`
// contains filtered or unexported fields
}Request message for [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1.SecretManagerService.UpdateSecret].
func (*UpdateSecretRequest) Descriptor
func (*UpdateSecretRequest) Descriptor() ([]byte, []int)Deprecated: Use UpdateSecretRequest.ProtoReflect.Descriptor instead.
func (*UpdateSecretRequest) GetSecret
func (x *UpdateSecretRequest) GetSecret() *Secretfunc (*UpdateSecretRequest) GetUpdateMask
func (x *UpdateSecretRequest) GetUpdateMask() *fieldmaskpb.FieldMaskfunc (*UpdateSecretRequest) ProtoMessage
func (*UpdateSecretRequest) ProtoMessage()func (*UpdateSecretRequest) ProtoReflect
func (x *UpdateSecretRequest) ProtoReflect() protoreflect.Messagefunc (*UpdateSecretRequest) Reset
func (x *UpdateSecretRequest) Reset()func (*UpdateSecretRequest) String
func (x *UpdateSecretRequest) String() string