Google Cloud Functions V1 Client - Class SecretVolume (1.2.0)

Reference documentation and code samples for the Google Cloud Functions V1 Client class SecretVolume.

Configuration for a secret volume. It has the information necessary to fetch the secret value from Secret Manager and make it available as files mounted at the requested paths within the application container. Secret value is not a part of the configuration. Every file system read operation performs a lookup in Secret Manager to retrieve the secret value.

Generated from protobuf message google.cloud.functions.v1.SecretVolume

Methods

__construct

Constructor.

Parameters
NameDescription
data array

Optional. Data for populating the Message object.

↳ mount_path string

The path within the container to mount the secret volume. For example, setting the mount_path as /etc/secrets mounts the secret value files under the /etc/secrets directory. This directory is also completely shadowed and unavailable to mount any other secrets. Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log

↳ project_id string

Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it is populated with the function's project, assuming that the secret exists in the same project as the function.

↳ secret string

Name of the secret in Secret Manager (not the full resource name).

↳ versions array<Google\Cloud\Functions\V1\SecretVolume\SecretVersion>

List of secret versions to mount for this secret. If empty, the latest version of the secret is made available in a file named after the secret under the mount point.

getMountPath

The path within the container to mount the secret volume. For example, setting the mount_path as /etc/secrets mounts the secret value files under the /etc/secrets directory. This directory is also completely shadowed and unavailable to mount any other secrets.

Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log

Returns
TypeDescription
string

setMountPath

The path within the container to mount the secret volume. For example, setting the mount_path as /etc/secrets mounts the secret value files under the /etc/secrets directory. This directory is also completely shadowed and unavailable to mount any other secrets.

Recommended mount paths: /etc/secrets Restricted mount paths: /cloudsql, /dev/log, /pod, /proc, /var/log

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getProjectId

Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it is populated with the function's project, assuming that the secret exists in the same project as the function.

Returns
TypeDescription
string

setProjectId

Project identifier (preferrably project number but can also be the project ID) of the project that contains the secret. If not set, it is populated with the function's project, assuming that the secret exists in the same project as the function.

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getSecret

Name of the secret in Secret Manager (not the full resource name).

Returns
TypeDescription
string

setSecret

Name of the secret in Secret Manager (not the full resource name).

Parameter
NameDescription
var string
Returns
TypeDescription
$this

getVersions

List of secret versions to mount for this secret. If empty, the latest version of the secret is made available in a file named after the secret under the mount point.

Returns
TypeDescription
Google\Protobuf\Internal\RepeatedField

setVersions

List of secret versions to mount for this secret. If empty, the latest version of the secret is made available in a file named after the secret under the mount point.

Parameter
NameDescription
var array<Google\Cloud\Functions\V1\SecretVolume\SecretVersion>
Returns
TypeDescription
$this