The Workflows connector defines the built-in functions that can be used to access other Google Cloud products within a workflow.
This page provides an overview of the individual connector. There is no need to import or load connector libraries in a workflow—connectors work out of the box when used in a call step.
Secret Manager API
Stores sensitive data such as API keys, passwords, and certificates. Provides convenience while improving security. To learn more, see the Secret Manager API documentation.
Helper methods
You can use the helper method accessString
to retrieve the secret data as a
string. This is simpler than using the access
API as the secret data
is automatically decoded to a string format. To learn more, see the accessString documentation.
You can use the helper method addVersionString
to add a new secret value to an existing
secret. This is simpler than using the addVersion
API as the secret data is automatically
encoded to a base-64 string, which is required by addVersion
. To learn more, see
the addVersionString documentation.
In addition to using a call step, you can call the helper methods in an expression like this:
${googleapis.secretmanager.v1.projects.secrets.versions.accessString(secret_id, version, project_id)}
Secret Manager connector sample
YAML
JSON
Module: googleapis.secretmanager.v1.projects.locations
Functions | |
---|---|
get |
Gets information about a location. |
list |
Lists information about the supported locations for this service. |
Module: googleapis.secretmanager.v1.projects.secrets
Functions | |
---|---|
addVersion |
Creates a new SecretVersion containing secret data and attaches it to an existing Secret. |
addVersionBytes |
Creates a new SecretVersion containing secret data. The secret data needs to be in bytes format. |
addVersionString |
Creates a new SecretVersion containing secret data. The secret data needs to be in string format. |
create |
Creates a new Secret containing no SecretVersions. |
delete |
Deletes a Secret. |
get |
Gets metadata for a given Secret. |
getIamPolicy |
Gets the access control policy for a secret. Returns empty policy if the secret exists and does not have a policy set. |
list |
Lists Secrets. |
patch |
Updates metadata of an existing Secret. |
setIamPolicy |
Sets the access control policy on the specified secret. Replaces any existing policy. Permissions on SecretVersions are enforced according to the policy set on the associated Secret. |
testIamPermissions |
Returns permissions that a caller has for the specified secret. If the secret does not exist, this call returns an empty set of permissions, not a NOT_FOUND error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning. |
Module: googleapis.secretmanager.v1.projects.secrets.versions
Functions | |
---|---|
access |
Accesses a SecretVersion. This call returns the secret data.
projects/*/secrets/*/versions/latest is an alias to the most recently
created SecretVersion. |
accessBytes |
Accesses the secret value in bytes. |
accessRaw |
Should be removed and not recommended to use as it enforces UTF-8 conversion that could corrupt user's secret. |
accessString |
Accesses the secret value in string format. If the secret contains characters not in UTF-8 format, an error is raised. |
destroy |
Destroys a SecretVersion. Sets the state of the SecretVersion to DESTROYED and irrevocably destroys the secret data. |
disable |
Disables a SecretVersion. Sets the state of the SecretVersion to DISABLED. |
enable |
Enables a SecretVersion. Sets the state of the SecretVersion to ENABLED. |
get |
Gets metadata for a SecretVersion.
projects/*/secrets/*/versions/latest is an alias to the most recently
created SecretVersion. |
list |
Lists SecretVersions. This call does not return secret data. |