Resource: Secret
A Secret
is a logical secret whose value and versions can be accessed.
A Secret
is made up of zero or more SecretVersions
that represent the secret data.
JSON representation |
---|
{ "name": string, "replication": { object ( |
Fields | |
---|---|
name |
Output only. The resource name of the |
replication |
Optional. Immutable. The replication policy of the secret data attached to the The replication policy cannot be changed after the Secret has been created. |
createTime |
Output only. The time at which the A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
labels |
The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: No more than 64 labels can be assigned to a given resource. An object containing a list of |
topics[] |
Optional. A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions. |
etag |
Optional. Etag of the currently stored |
rotation |
Optional. Rotation policy attached to the |
versionAliases |
Optional. Mapping from version alias to version name. A version alias is a string with a maximum length of 63 characters and can contain uppercase and lowercase letters, numerals, and the hyphen ( Version-Alias pairs will be viewable via secrets.get and modifiable via secrets.patch. Access by alias is only supported for GetSecretVersion and AccessSecretVersion. An object containing a list of |
annotations |
Optional. Custom metadata about the secret. Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database. Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols. The total size of annotation keys and values must be less than 16KiB. An object containing a list of |
versionDestroyTtl |
Optional. Secret Version TTL after destruction request This is a part of the Delayed secret version destroy feature. For secret with TTL>0, version destruction doesn't happen immediately on calling destroy instead the version goes to a disabled state and destruction happens after the TTL expires. A duration in seconds with up to nine fractional digits, ending with ' |
customerManagedEncryption |
Optional. The customer-managed encryption configuration of the Regionalised Secrets. If no configuration is provided, Google-managed default encryption is used. Updates to the |
Union field Expiration is not the recommended way to set time-based permissions. IAM Conditions is recommended for granting time-based permissions because the operation can be reversed. |
|
expireTime |
Optional. Timestamp in UTC when the A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: |
ttl |
Input only. The TTL for the A duration in seconds with up to nine fractional digits, ending with ' |
Methods |
|
---|---|
|
Creates a new SecretVersion containing secret data and attaches it to an existing Secret . |
|
Creates a new Secret containing no SecretVersions . |
|
Deletes a Secret . |
|
Gets metadata for a given Secret . |
|
Gets the access control policy for a secret. |
|
Lists Secrets . |
|
Updates metadata of an existing Secret . |
|
Sets the access control policy on the specified secret. |
|
Returns permissions that a caller has for the specified secret. |