Reference documentation and code samples for the Google Cloud Functions V1 Client class SecretVolume.
Configuration for a secret volume. It has the information necessary to fetch the secret value from Secret Manager and make it available as files mounted at the requested paths within the application container. Secret value is not a part of the configuration. Every file system read operation performs a lookup in Secret Manager to retrieve the secret value.
Generated from protobuf message google.cloud.functions.v1.SecretVolume
Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ mount_path |
string
The path within the container to mount the secret volume. For example, setting the mount_path as |
↳ project_id |
string
Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it is populated with the function's project, assuming that the secret exists in the same project as the function. |
↳ secret |
string
Name of the secret in Secret Manager (not the full resource name). |
↳ versions |
array<Google\Cloud\Functions\V1\SecretVolume\SecretVersion>
List of secret versions to mount for this secret. If empty, the |
getMountPath
The path within the container to mount the secret volume. For example,
setting the mount_path as /etc/secrets
mounts the secret value files
under the /etc/secrets
directory. This directory is also completely
shadowed and unavailable to mount any other secrets.
Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log
Returns | |
---|---|
Type | Description |
string |
setMountPath
The path within the container to mount the secret volume. For example,
setting the mount_path as /etc/secrets
mounts the secret value files
under the /etc/secrets
directory. This directory is also completely
shadowed and unavailable to mount any other secrets.
Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getProjectId
Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it is populated with the function's project, assuming that the secret exists in the same project as the function.
Returns | |
---|---|
Type | Description |
string |
setProjectId
Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it is populated with the function's project, assuming that the secret exists in the same project as the function.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getSecret
Name of the secret in Secret Manager (not the full resource name).
Returns | |
---|---|
Type | Description |
string |
setSecret
Name of the secret in Secret Manager (not the full resource name).
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getVersions
List of secret versions to mount for this secret. If empty, the latest
version of the secret is made available in a file named after the
secret under the mount point.
Returns | |
---|---|
Type | Description |
Google\Protobuf\Internal\RepeatedField |
setVersions
List of secret versions to mount for this secret. If empty, the latest
version of the secret is made available in a file named after the
secret under the mount point.
Parameter | |
---|---|
Name | Description |
var |
array<Google\Cloud\Functions\V1\SecretVolume\SecretVersion>
|
Returns | |
---|---|
Type | Description |
$this |