Désactiver une version de secret

Rend inaccessible une version spécifique d'un secret.

Pages de documentation incluant cet exemple de code

Gérer les versions secrètes

Exemple de code

C#

Pour savoir comment installer et utiliser la bibliothèque cliente pour Secret Manager, consultez la page Bibliothèques clientes Secret Manager.

Afficher sur GitHub Commentaires


using Google.Cloud.SecretManager.V1;

public class DisableSecretVersionSample
{
    public SecretVersion DisableSecretVersion(
      string projectId = "my-project", string secretId = "my-secret", string secretVersionId = "123")
    {
        // Create the client.
        SecretManagerServiceClient client = SecretManagerServiceClient.Create();

        // Build the resource name.
        SecretVersionName secretVersionName = new SecretVersionName(projectId, secretId, secretVersionId);

        // Call the API.
        SecretVersion version = client.DisableSecretVersion(secretVersionName);
        return version;
    }
}

Go

Pour savoir comment installer et utiliser la bibliothèque cliente pour Secret Manager, consultez la page Bibliothèques clientes Secret Manager.

Afficher sur GitHub Commentaires

import (
	"context"
	"fmt"

	secretmanager "cloud.google.com/go/secretmanager/apiv1"
	secretmanagerpb "google.golang.org/genproto/googleapis/cloud/secretmanager/v1"
)

// disableSecretVersion disables the given secret version. Future requests will
// throw an error until the secret version is enabled. Other secrets versions
// are unaffected.
func disableSecretVersion(name string) error {
	// name := "projects/my-project/secrets/my-secret/versions/5"

	// Create the client.
	ctx := context.Background()
	client, err := secretmanager.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("failed to create secretmanager client: %v", err)
	}

	// Build the request.
	req := &secretmanagerpb.DisableSecretVersionRequest{
		Name: name,
	}

	// Call the API.
	if _, err := client.DisableSecretVersion(ctx, req); err != nil {
		return fmt.Errorf("failed to disable secret version: %v", err)
	}
	return nil
}

Java

Pour savoir comment installer et utiliser la bibliothèque cliente pour Secret Manager, consultez la page Bibliothèques clientes Secret Manager.

Afficher sur GitHub Commentaires

import com.google.cloud.secretmanager.v1.SecretManagerServiceClient;
import com.google.cloud.secretmanager.v1.SecretVersion;
import com.google.cloud.secretmanager.v1.SecretVersionName;
import java.io.IOException;

public class DisableSecretVersion {

  public void disableSecretVersion() throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    String secretId = "your-secret-id";
    String versionId = "your-version-id";
    disableSecretVersion(projectId, secretId, versionId);
  }

  // Disable an existing secret version.
  public void disableSecretVersion(String projectId, String secretId, String versionId)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
      // Build the name from the version.
      SecretVersionName secretVersionName = SecretVersionName.of(projectId, secretId, versionId);

      // Create the secret.
      SecretVersion version = client.disableSecretVersion(secretVersionName);
      System.out.printf("Disabled secret version %s\n", version.getName());
    }
  }
}

Node.js

Pour savoir comment installer et utiliser la bibliothèque cliente pour Secret Manager, consultez la page Bibliothèques clientes Secret Manager.

Afficher sur GitHub Commentaires

/**
 * TODO(developer): Uncomment these variables before running the sample.
 */
// const name = 'projects/my-project/secrets/my-secret/versions/5';

// Imports the Secret Manager library
const {SecretManagerServiceClient} = require('@google-cloud/secret-manager');

// Instantiates a client
const client = new SecretManagerServiceClient();

async function disableSecretVersion() {
  const [version] = await client.disableSecretVersion({
    name: name,
  });

  console.info(`Disabled ${version.name}`);
}

disableSecretVersion();

PHP

Pour savoir comment installer et utiliser la bibliothèque cliente pour Secret Manager, consultez la page Bibliothèques clientes Secret Manager.

Afficher sur GitHub Commentaires

// Import the Secret Manager client library.
use Google\Cloud\SecretManager\V1\SecretManagerServiceClient;

/** Uncomment and populate these variables in your code */
// $projectId = 'YOUR_GOOGLE_CLOUD_PROJECT' (e.g. 'my-project');
// $secretId = 'YOUR_SECRET_ID' (e.g. 'my-secret');
// $versionId = 'YOUR_VERSION_ID' (e.g. 'latest' or '5');

// Create the Secret Manager client.
$client = new SecretManagerServiceClient();

// Build the resource name of the secret version.
$name = $client->secretVersionName($projectId, $secretId, $versionId);

// Disable the secret version.
$response = $client->disableSecretVersion($name);

// Print a success message.
printf('Disabled secret version: %s', $response->getName());

Python

Pour savoir comment installer et utiliser la bibliothèque cliente pour Secret Manager, consultez la page Bibliothèques clientes Secret Manager.

Afficher sur GitHub Commentaires

def disable_secret_version(project_id, secret_id, version_id):
    """
    Disable the given secret version. Future requests will throw an error until
    the secret version is enabled. Other secrets versions are unaffected.
    """

    # Import the Secret Manager client library.
    from google.cloud import secretmanager

    # Create the Secret Manager client.
    client = secretmanager.SecretManagerServiceClient()

    # Build the resource name of the secret version
    name = f"projects/{project_id}/secrets/{secret_id}/versions/{version_id}"

    # Disable the secret version.
    response = client.disable_secret_version(request={"name": name})

    print("Disabled secret version: {}".format(response.name))

Ruby

Pour savoir comment installer et utiliser la bibliothèque cliente pour Secret Manager, consultez la page Bibliothèques clientes Secret Manager.

Afficher sur GitHub Commentaires

# project_id = "YOUR-GOOGLE-CLOUD-PROJECT"  # (e.g. "my-project")
# secret_id  = "YOUR-SECRET-ID"             # (e.g. "my-secret")
# version_id = "YOUR-VERSION"               # (e.g. "5" or "latest")

# Require the Secret Manager client library.
require "google/cloud/secret_manager"

# Create a Secret Manager client.
client = Google::Cloud::SecretManager.secret_manager_service

# Build the resource name of the secret version.
name = client.secret_version_path(
  project:        project_id,
  secret:         secret_id,
  secret_version: version_id
)

# Disable the secret version.
response = client.disable_secret_version name: name

# Print a success message.
puts "Disabled secret version: #{response.name}"