Reference documentation and code samples for the Secret Manager V1 API class Google::Cloud::SecretManager::V1::Secret.
A Secret is a logical secret whose value and versions can be accessed.
A Secret is made up of zero or more SecretVersions that represent the secret data.
Inherits
- Object
Extended By
- Google::Protobuf::MessageExts::ClassMethods
Includes
- Google::Protobuf::MessageExts
Methods
#annotations
def annotations() -> ::Google::Protobuf::Map{::String => ::String}
-
(::Google::Protobuf::Map{::String => ::String}) — Optional. Custom metadata about the secret.
Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database.
Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols.
The total size of annotation keys and values must be less than 16KiB.
#annotations=
def annotations=(value) -> ::Google::Protobuf::Map{::String => ::String}
-
value (::Google::Protobuf::Map{::String => ::String}) — Optional. Custom metadata about the secret.
Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database.
Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols.
The total size of annotation keys and values must be less than 16KiB.
-
(::Google::Protobuf::Map{::String => ::String}) — Optional. Custom metadata about the secret.
Annotations are distinct from various forms of labels. Annotations exist to allow client tools to store their own state information without requiring a database.
Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and may have dashes (-), underscores (_), dots (.), and alphanumerics in between these symbols.
The total size of annotation keys and values must be less than 16KiB.
#create_time
def create_time() -> ::Google::Protobuf::Timestamp
- (::Google::Protobuf::Timestamp) — Output only. The time at which the Secret was created.
#customer_managed_encryption
def customer_managed_encryption() -> ::Google::Cloud::SecretManager::V1::CustomerManagedEncryption
-
(::Google::Cloud::SecretManager::V1::CustomerManagedEncryption) — Optional. The customer-managed encryption configuration of the Regionalised
Secrets. If no configuration is provided, Google-managed default encryption
is used.
Updates to the Secret encryption configuration only apply to SecretVersions added afterwards. They do not apply retroactively to existing SecretVersions.
#customer_managed_encryption=
def customer_managed_encryption=(value) -> ::Google::Cloud::SecretManager::V1::CustomerManagedEncryption
-
value (::Google::Cloud::SecretManager::V1::CustomerManagedEncryption) — Optional. The customer-managed encryption configuration of the Regionalised
Secrets. If no configuration is provided, Google-managed default encryption
is used.
Updates to the Secret encryption configuration only apply to SecretVersions added afterwards. They do not apply retroactively to existing SecretVersions.
-
(::Google::Cloud::SecretManager::V1::CustomerManagedEncryption) — Optional. The customer-managed encryption configuration of the Regionalised
Secrets. If no configuration is provided, Google-managed default encryption
is used.
Updates to the Secret encryption configuration only apply to SecretVersions added afterwards. They do not apply retroactively to existing SecretVersions.
#etag
def etag() -> ::String
- (::String) — Optional. Etag of the currently stored Secret.
#etag=
def etag=(value) -> ::String
- value (::String) — Optional. Etag of the currently stored Secret.
- (::String) — Optional. Etag of the currently stored Secret.
#expire_time
def expire_time() -> ::Google::Protobuf::Timestamp
- (::Google::Protobuf::Timestamp) — Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
#expire_time=
def expire_time=(value) -> ::Google::Protobuf::Timestamp
- value (::Google::Protobuf::Timestamp) — Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
- (::Google::Protobuf::Timestamp) — Optional. Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input.
#labels
def labels() -> ::Google::Protobuf::Map{::String => ::String}
-
(::Google::Protobuf::Map{::String => ::String}) — The labels assigned to this Secret.
Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression:
[\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression:
[\p{Ll}\p{Lo}\p{N}_-]{0,63}
No more than 64 labels can be assigned to a given resource.
#labels=
def labels=(value) -> ::Google::Protobuf::Map{::String => ::String}
-
value (::Google::Protobuf::Map{::String => ::String}) — The labels assigned to this Secret.
Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression:
[\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression:
[\p{Ll}\p{Lo}\p{N}_-]{0,63}
No more than 64 labels can be assigned to a given resource.
-
(::Google::Protobuf::Map{::String => ::String}) — The labels assigned to this Secret.
Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression:
[\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62}
Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression:
[\p{Ll}\p{Lo}\p{N}_-]{0,63}
No more than 64 labels can be assigned to a given resource.
#name
def name() -> ::String
-
(::String) — Output only. The resource name of the
Secret in the format
projects/*/secrets/*
.
#replication
def replication() -> ::Google::Cloud::SecretManager::V1::Replication
-
(::Google::Cloud::SecretManager::V1::Replication) — Optional. Immutable. The replication policy of the secret data attached to
the Secret.
The replication policy cannot be changed after the Secret has been created.
#replication=
def replication=(value) -> ::Google::Cloud::SecretManager::V1::Replication
-
value (::Google::Cloud::SecretManager::V1::Replication) — Optional. Immutable. The replication policy of the secret data attached to
the Secret.
The replication policy cannot be changed after the Secret has been created.
-
(::Google::Cloud::SecretManager::V1::Replication) — Optional. Immutable. The replication policy of the secret data attached to
the Secret.
The replication policy cannot be changed after the Secret has been created.
#rotation
def rotation() -> ::Google::Cloud::SecretManager::V1::Rotation
- (::Google::Cloud::SecretManager::V1::Rotation) — Optional. Rotation policy attached to the Secret. May be excluded if there is no rotation policy.
#rotation=
def rotation=(value) -> ::Google::Cloud::SecretManager::V1::Rotation
- value (::Google::Cloud::SecretManager::V1::Rotation) — Optional. Rotation policy attached to the Secret. May be excluded if there is no rotation policy.
- (::Google::Cloud::SecretManager::V1::Rotation) — Optional. Rotation policy attached to the Secret. May be excluded if there is no rotation policy.
#topics
def topics() -> ::Array<::Google::Cloud::SecretManager::V1::Topic>
- (::Array<::Google::Cloud::SecretManager::V1::Topic>) — Optional. A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.
#topics=
def topics=(value) -> ::Array<::Google::Cloud::SecretManager::V1::Topic>
- value (::Array<::Google::Cloud::SecretManager::V1::Topic>) — Optional. A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.
- (::Array<::Google::Cloud::SecretManager::V1::Topic>) — Optional. A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.
#ttl
def ttl() -> ::Google::Protobuf::Duration
- (::Google::Protobuf::Duration) — Input only. The TTL for the Secret.
#ttl=
def ttl=(value) -> ::Google::Protobuf::Duration
- value (::Google::Protobuf::Duration) — Input only. The TTL for the Secret.
- (::Google::Protobuf::Duration) — Input only. The TTL for the Secret.
#version_aliases
def version_aliases() -> ::Google::Protobuf::Map{::String => ::Integer}
-
(::Google::Protobuf::Map{::String => ::Integer}) — Optional. Mapping from version alias to version name.
A version alias is a string with a maximum length of 63 characters and can contain uppercase and lowercase letters, numerals, and the hyphen (
-
) and underscore ('_') characters. An alias string must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.Version-Alias pairs will be viewable via GetSecret and modifiable via UpdateSecret. Access by alias is only be supported on GetSecretVersion and AccessSecretVersion.
#version_aliases=
def version_aliases=(value) -> ::Google::Protobuf::Map{::String => ::Integer}
-
value (::Google::Protobuf::Map{::String => ::Integer}) — Optional. Mapping from version alias to version name.
A version alias is a string with a maximum length of 63 characters and can contain uppercase and lowercase letters, numerals, and the hyphen (
-
) and underscore ('_') characters. An alias string must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.Version-Alias pairs will be viewable via GetSecret and modifiable via UpdateSecret. Access by alias is only be supported on GetSecretVersion and AccessSecretVersion.
-
(::Google::Protobuf::Map{::String => ::Integer}) — Optional. Mapping from version alias to version name.
A version alias is a string with a maximum length of 63 characters and can contain uppercase and lowercase letters, numerals, and the hyphen (
-
) and underscore ('_') characters. An alias string must start with a letter and cannot be the string 'latest' or 'NEW'. No more than 50 aliases can be assigned to a given secret.Version-Alias pairs will be viewable via GetSecret and modifiable via UpdateSecret. Access by alias is only be supported on GetSecretVersion and AccessSecretVersion.
#version_destroy_ttl
def version_destroy_ttl() -> ::Google::Protobuf::Duration
-
(::Google::Protobuf::Duration) — Optional. Secret Version TTL after destruction request
This is a part of the Delayed secret version destroy feature. For secret with TTL>0, version destruction doesn't happen immediately on calling destroy instead the version goes to a disabled state and destruction happens after the TTL expires.
#version_destroy_ttl=
def version_destroy_ttl=(value) -> ::Google::Protobuf::Duration
-
value (::Google::Protobuf::Duration) — Optional. Secret Version TTL after destruction request
This is a part of the Delayed secret version destroy feature. For secret with TTL>0, version destruction doesn't happen immediately on calling destroy instead the version goes to a disabled state and destruction happens after the TTL expires.
-
(::Google::Protobuf::Duration) — Optional. Secret Version TTL after destruction request
This is a part of the Delayed secret version destroy feature. For secret with TTL>0, version destruction doesn't happen immediately on calling destroy instead the version goes to a disabled state and destruction happens after the TTL expires.