Reference documentation and code samples for the Secret Manager V1 Client class SecretManagerServiceClient.
Service Description: Secret Manager Service
This class is currently experimental and may be subject to changes.
Methods
projectName
Formats a string containing the fully-qualified path to represent a project resource.
| Parameter | |
|---|---|
| Name | Description |
project |
string
|
| Returns | |
|---|---|
| Type | Description |
string | The formatted project resource. |
secretName
Formats a string containing the fully-qualified path to represent a secret resource.
| Parameters | |
|---|---|
| Name | Description |
project |
string
|
secret |
string
|
| Returns | |
|---|---|
| Type | Description |
string | The formatted secret resource. |
secretVersionName
Formats a string containing the fully-qualified path to represent a secret_version resource.
| Parameters | |
|---|---|
| Name | Description |
project |
string
|
secret |
string
|
secretVersion |
string
|
| Returns | |
|---|---|
| Type | Description |
string | The formatted secret_version resource. |
parseName
Parses a formatted name string and returns an associative array of the components in the name.
The following name formats are supported: Template: Pattern
- project: projects/{project}
- secret: projects/{project}/secrets/{secret}
- secretVersion: projects/{project}/secrets/{secret}/versions/{secret_version}
The optional $template argument can be supplied to specify a particular pattern, and must match one of the templates listed above. If no $template argument is provided, or if the $template argument does not match one of the templates listed, then parseName will check each of the supported templates, and return the first match.
| Parameters | |
|---|---|
| Name | Description |
formattedName |
string
The formatted name string |
template |
string
Optional name of template to match |
| Returns | |
|---|---|
| Type | Description |
array | An associative array from name component IDs to component values. |
__construct
Constructor.
| Parameters | |
|---|---|
| Name | Description |
options |
array
Optional. Options for configuring the service API wrapper. |
↳ apiEndpoint |
string
The address of the API remote host. May optionally include the port, formatted as "
|
↳ credentials |
string|array|FetchAuthTokenInterface|CredentialsWrapper
The credentials to be used by the client to authorize API calls. This option accepts either a path to a credentials file, or a decoded credentials file as a PHP array. Advanced usage: In addition, this option can also accept a pre-constructed Google\Auth\FetchAuthTokenInterface object or Google\ApiCore\CredentialsWrapper object. Note that when one of these objects are provided, any settings in $credentialsConfig will be ignored. |
↳ credentialsConfig |
array
Options used to configure credentials, including auth token caching, for the client. For a full list of supporting configuration options, see Google\ApiCore\CredentialsWrapper::build() . |
↳ disableRetries |
bool
Determines whether or not retries defined by the client configuration should be disabled. Defaults to |
↳ clientConfig |
string|array
Client method configuration, including retry settings. This option can be either a path to a JSON file, or a PHP array containing the decoded JSON data. By default this settings points to the default client config file, which is provided in the resources folder. |
↳ transport |
string|TransportInterface
The transport used for executing network requests. May be either the string |
↳ transportConfig |
array
Configuration options that will be used to construct the transport. Options for each supported transport type should be passed in a key for that transport. For example: $transportConfig = [ 'grpc' => [...], 'rest' => [...], ]; See the Google\ApiCore\Transport\GrpcTransport::build() and Google\ApiCore\Transport\RestTransport::build() methods for the supported options. |
↳ clientCertSource |
callable
A callable which returns the client cert as a string. This can be used to provide a certificate and private key to the transport layer for mTLS. |
__call
Handles execution of the async variants for each documented method.
| Parameters | |
|---|---|
| Name | Description |
method |
mixed
|
args |
mixed
|
accessSecretVersion
Accesses a SecretVersion. This call returns the secret data.
projects/*/secrets/*/versions/latest is an alias to the most recently
created SecretVersion.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::accessSecretVersionAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\AccessSecretVersionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\AccessSecretVersionResponse | |
addSecretVersion
Creates a new SecretVersion containing secret data and attaches it to an existing Secret.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::addSecretVersionAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\AddSecretVersionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\SecretVersion | |
createSecret
Creates a new Secret containing no SecretVersions.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::createSecretAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\CreateSecretRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\Secret | |
deleteSecret
Deletes a Secret.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::deleteSecretAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\DeleteSecretRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
destroySecretVersion
Destroys a SecretVersion.
Sets the state of the SecretVersion to DESTROYED and irrevocably destroys the secret data.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::destroySecretVersionAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\DestroySecretVersionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\SecretVersion | |
disableSecretVersion
Disables a SecretVersion.
Sets the state of the SecretVersion to DISABLED.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::disableSecretVersionAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\DisableSecretVersionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\SecretVersion | |
enableSecretVersion
Enables a SecretVersion.
Sets the state of the SecretVersion to ENABLED.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::enableSecretVersionAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\EnableSecretVersionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\SecretVersion | |
getIamPolicy
Gets the access control policy for a secret.
Returns empty policy if the secret exists and does not have a policy set.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::getIamPolicyAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\Iam\V1\GetIamPolicyRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\Iam\V1\Policy | |
getSecret
Gets metadata for a given Secret.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::getSecretAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\GetSecretRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\Secret | |
getSecretVersion
Gets metadata for a SecretVersion.
projects/*/secrets/*/versions/latest is an alias to the most recently
created SecretVersion.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::getSecretVersionAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\GetSecretVersionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\SecretVersion | |
listSecretVersions
Lists SecretVersions. This call does not return secret data.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::listSecretVersionsAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\ListSecretVersionsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\ApiCore\PagedListResponse | |
listSecrets
Lists Secrets.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::listSecretsAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\ListSecretsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\ApiCore\PagedListResponse | |
setIamPolicy
Sets the access control policy on the specified secret. Replaces any existing policy.
Permissions on SecretVersions are enforced according to the policy set on the associated Secret.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::setIamPolicyAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\Iam\V1\SetIamPolicyRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\Iam\V1\Policy | |
testIamPermissions
Returns permissions that a caller has for the specified secret.
If the secret does not exist, this call returns an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::testIamPermissionsAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\Iam\V1\TestIamPermissionsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\Iam\V1\TestIamPermissionsResponse | |
updateSecret
Updates metadata of an existing Secret.
The async variant is Google\Cloud\SecretManager\V1\Client\BaseClient\self::updateSecretAsync() .
| Parameters | |
|---|---|
| Name | Description |
request |
Google\Cloud\SecretManager\V1\UpdateSecretRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
| Returns | |
|---|---|
| Type | Description |
Google\Cloud\SecretManager\V1\Secret | |