« prev ^ index » next coverage.py v7.3.1, created at 2023-09-25 06:37 +0000
1# -*- coding: utf-8 -*-
2# Copyright 2023 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16from collections import OrderedDict
17import functools
18import re
19from typing import (
20 Dict,
21 Mapping,
22 MutableMapping,
23 MutableSequence,
24 Optional,
25 Sequence,
26 Tuple,
27 Type,
28 Union,
29)
31from google.api_core import exceptions as core_exceptions
32from google.api_core import gapic_v1
33from google.api_core import retry as retries
34from google.api_core.client_options import ClientOptions
35from google.auth import credentials as ga_credentials # type: ignore
36from google.oauth2 import service_account # type: ignore
38from google.cloud.secretmanager_v1beta1 import gapic_version as package_version
40try:
41 OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault]
42except AttributeError: # pragma: NO COVER
43 OptionalRetry = Union[retries.Retry, object] # type: ignore
45from google.iam.v1 import iam_policy_pb2 # type: ignore
46from google.iam.v1 import policy_pb2 # type: ignore
47from google.protobuf import field_mask_pb2 # type: ignore
48from google.protobuf import timestamp_pb2 # type: ignore
50from google.cloud.secretmanager_v1beta1.services.secret_manager_service import pagers
51from google.cloud.secretmanager_v1beta1.types import resources, service
53from .client import SecretManagerServiceClient
54from .transports.base import DEFAULT_CLIENT_INFO, SecretManagerServiceTransport
55from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport
58class SecretManagerServiceAsyncClient:
59 """Secret Manager Service
61 Manages secrets and operations using those secrets. Implements a
62 REST model with the following objects:
64 - [Secret][google.cloud.secrets.v1beta1.Secret]
65 - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
66 """
68 _client: SecretManagerServiceClient
70 DEFAULT_ENDPOINT = SecretManagerServiceClient.DEFAULT_ENDPOINT
71 DEFAULT_MTLS_ENDPOINT = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT
73 secret_path = staticmethod(SecretManagerServiceClient.secret_path)
74 parse_secret_path = staticmethod(SecretManagerServiceClient.parse_secret_path)
75 secret_version_path = staticmethod(SecretManagerServiceClient.secret_version_path)
76 parse_secret_version_path = staticmethod(
77 SecretManagerServiceClient.parse_secret_version_path
78 )
79 common_billing_account_path = staticmethod(
80 SecretManagerServiceClient.common_billing_account_path
81 )
82 parse_common_billing_account_path = staticmethod(
83 SecretManagerServiceClient.parse_common_billing_account_path
84 )
85 common_folder_path = staticmethod(SecretManagerServiceClient.common_folder_path)
86 parse_common_folder_path = staticmethod(
87 SecretManagerServiceClient.parse_common_folder_path
88 )
89 common_organization_path = staticmethod(
90 SecretManagerServiceClient.common_organization_path
91 )
92 parse_common_organization_path = staticmethod(
93 SecretManagerServiceClient.parse_common_organization_path
94 )
95 common_project_path = staticmethod(SecretManagerServiceClient.common_project_path)
96 parse_common_project_path = staticmethod(
97 SecretManagerServiceClient.parse_common_project_path
98 )
99 common_location_path = staticmethod(SecretManagerServiceClient.common_location_path)
100 parse_common_location_path = staticmethod(
101 SecretManagerServiceClient.parse_common_location_path
102 )
104 @classmethod
105 def from_service_account_info(cls, info: dict, *args, **kwargs):
106 """Creates an instance of this client using the provided credentials
107 info.
109 Args:
110 info (dict): The service account private key info.
111 args: Additional arguments to pass to the constructor.
112 kwargs: Additional arguments to pass to the constructor.
114 Returns:
115 SecretManagerServiceAsyncClient: The constructed client.
116 """
117 return SecretManagerServiceClient.from_service_account_info.__func__(SecretManagerServiceAsyncClient, info, *args, **kwargs) # type: ignore
119 @classmethod
120 def from_service_account_file(cls, filename: str, *args, **kwargs):
121 """Creates an instance of this client using the provided credentials
122 file.
124 Args:
125 filename (str): The path to the service account private key json
126 file.
127 args: Additional arguments to pass to the constructor.
128 kwargs: Additional arguments to pass to the constructor.
130 Returns:
131 SecretManagerServiceAsyncClient: The constructed client.
132 """
133 return SecretManagerServiceClient.from_service_account_file.__func__(SecretManagerServiceAsyncClient, filename, *args, **kwargs) # type: ignore
135 from_service_account_json = from_service_account_file
137 @classmethod
138 def get_mtls_endpoint_and_cert_source(
139 cls, client_options: Optional[ClientOptions] = None
140 ):
141 """Return the API endpoint and client cert source for mutual TLS.
143 The client cert source is determined in the following order:
144 (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the
145 client cert source is None.
146 (2) if `client_options.client_cert_source` is provided, use the provided one; if the
147 default client cert source exists, use the default one; otherwise the client cert
148 source is None.
150 The API endpoint is determined in the following order:
151 (1) if `client_options.api_endpoint` if provided, use the provided one.
152 (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the
153 default mTLS endpoint; if the environment variable is "never", use the default API
154 endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise
155 use the default API endpoint.
157 More details can be found at https://google.aip.dev/auth/4114.
159 Args:
160 client_options (google.api_core.client_options.ClientOptions): Custom options for the
161 client. Only the `api_endpoint` and `client_cert_source` properties may be used
162 in this method.
164 Returns:
165 Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the
166 client cert source to use.
168 Raises:
169 google.auth.exceptions.MutualTLSChannelError: If any errors happen.
170 """
171 return SecretManagerServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore
173 @property
174 def transport(self) -> SecretManagerServiceTransport:
175 """Returns the transport used by the client instance.
177 Returns:
178 SecretManagerServiceTransport: The transport used by the client instance.
179 """
180 return self._client.transport
182 get_transport_class = functools.partial(
183 type(SecretManagerServiceClient).get_transport_class,
184 type(SecretManagerServiceClient),
185 )
187 def __init__(
188 self,
189 *,
190 credentials: Optional[ga_credentials.Credentials] = None,
191 transport: Union[str, SecretManagerServiceTransport] = "grpc_asyncio",
192 client_options: Optional[ClientOptions] = None,
193 client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
194 ) -> None:
195 """Instantiates the secret manager service client.
197 Args:
198 credentials (Optional[google.auth.credentials.Credentials]): The
199 authorization credentials to attach to requests. These
200 credentials identify the application to the service; if none
201 are specified, the client will attempt to ascertain the
202 credentials from the environment.
203 transport (Union[str, ~.SecretManagerServiceTransport]): The
204 transport to use. If set to None, a transport is chosen
205 automatically.
206 client_options (ClientOptions): Custom options for the client. It
207 won't take effect if a ``transport`` instance is provided.
208 (1) The ``api_endpoint`` property can be used to override the
209 default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT
210 environment variable can also be used to override the endpoint:
211 "always" (always use the default mTLS endpoint), "never" (always
212 use the default regular endpoint) and "auto" (auto switch to the
213 default mTLS endpoint if client certificate is present, this is
214 the default value). However, the ``api_endpoint`` property takes
215 precedence if provided.
216 (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable
217 is "true", then the ``client_cert_source`` property can be used
218 to provide client certificate for mutual TLS transport. If
219 not provided, the default SSL client certificate will be used if
220 present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not
221 set, no client certificate will be used.
223 Raises:
224 google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport
225 creation failed for any reason.
226 """
227 self._client = SecretManagerServiceClient(
228 credentials=credentials,
229 transport=transport,
230 client_options=client_options,
231 client_info=client_info,
232 )
234 async def list_secrets(
235 self,
236 request: Optional[Union[service.ListSecretsRequest, dict]] = None,
237 *,
238 parent: Optional[str] = None,
239 retry: OptionalRetry = gapic_v1.method.DEFAULT,
240 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
241 metadata: Sequence[Tuple[str, str]] = (),
242 ) -> pagers.ListSecretsAsyncPager:
243 r"""Lists [Secrets][google.cloud.secrets.v1beta1.Secret].
245 .. code-block:: python
247 # This snippet has been automatically generated and should be regarded as a
248 # code template only.
249 # It will require modifications to work:
250 # - It may require correct/in-range values for request initialization.
251 # - It may require specifying regional endpoints when creating the service
252 # client as shown in:
253 # https://googleapis.dev/python/google-api-core/latest/client_options.html
254 from google.cloud import secretmanager_v1beta1
256 async def sample_list_secrets():
257 # Create a client
258 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
260 # Initialize request argument(s)
261 request = secretmanager_v1beta1.ListSecretsRequest(
262 parent="parent_value",
263 )
265 # Make the request
266 page_result = client.list_secrets(request=request)
268 # Handle the response
269 async for response in page_result:
270 print(response)
272 Args:
273 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.ListSecretsRequest, dict]]):
274 The request object. Request message for
275 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets].
276 parent (:class:`str`):
277 Required. The resource name of the project associated
278 with the [Secrets][google.cloud.secrets.v1beta1.Secret],
279 in the format ``projects/*``.
281 This corresponds to the ``parent`` field
282 on the ``request`` instance; if ``request`` is provided, this
283 should not be set.
284 retry (google.api_core.retry.Retry): Designation of what errors, if any,
285 should be retried.
286 timeout (float): The timeout for this request.
287 metadata (Sequence[Tuple[str, str]]): Strings which should be
288 sent along with the request as metadata.
290 Returns:
291 google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretsAsyncPager:
292 Response message for
293 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets].
295 Iterating over this object will yield results and
296 resolve additional pages automatically.
298 """
299 # Create or coerce a protobuf request object.
300 # Quick check: If we got a request object, we should *not* have
301 # gotten any keyword arguments that map to the request.
302 has_flattened_params = any([parent])
303 if request is not None and has_flattened_params:
304 raise ValueError(
305 "If the `request` argument is set, then none of "
306 "the individual field arguments should be set."
307 )
309 request = service.ListSecretsRequest(request)
311 # If we have keyword arguments corresponding to fields on the
312 # request, apply these.
313 if parent is not None:
314 request.parent = parent
316 # Wrap the RPC method; this adds retry and timeout information,
317 # and friendly error handling.
318 rpc = gapic_v1.method_async.wrap_method(
319 self._client._transport.list_secrets,
320 default_timeout=60.0,
321 client_info=DEFAULT_CLIENT_INFO,
322 )
324 # Certain fields should be provided within the metadata header;
325 # add these here.
326 metadata = tuple(metadata) + (
327 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)),
328 )
330 # Send the request.
331 response = await rpc(
332 request,
333 retry=retry,
334 timeout=timeout,
335 metadata=metadata,
336 )
338 # This method is paged; wrap the response in a pager, which provides
339 # an `__aiter__` convenience method.
340 response = pagers.ListSecretsAsyncPager(
341 method=rpc,
342 request=request,
343 response=response,
344 metadata=metadata,
345 )
347 # Done; return the response.
348 return response
350 async def create_secret(
351 self,
352 request: Optional[Union[service.CreateSecretRequest, dict]] = None,
353 *,
354 parent: Optional[str] = None,
355 secret_id: Optional[str] = None,
356 secret: Optional[resources.Secret] = None,
357 retry: OptionalRetry = gapic_v1.method.DEFAULT,
358 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
359 metadata: Sequence[Tuple[str, str]] = (),
360 ) -> resources.Secret:
361 r"""Creates a new [Secret][google.cloud.secrets.v1beta1.Secret]
362 containing no
363 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion].
365 .. code-block:: python
367 # This snippet has been automatically generated and should be regarded as a
368 # code template only.
369 # It will require modifications to work:
370 # - It may require correct/in-range values for request initialization.
371 # - It may require specifying regional endpoints when creating the service
372 # client as shown in:
373 # https://googleapis.dev/python/google-api-core/latest/client_options.html
374 from google.cloud import secretmanager_v1beta1
376 async def sample_create_secret():
377 # Create a client
378 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
380 # Initialize request argument(s)
381 request = secretmanager_v1beta1.CreateSecretRequest(
382 parent="parent_value",
383 secret_id="secret_id_value",
384 )
386 # Make the request
387 response = await client.create_secret(request=request)
389 # Handle the response
390 print(response)
392 Args:
393 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.CreateSecretRequest, dict]]):
394 The request object. Request message for
395 [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret].
396 parent (:class:`str`):
397 Required. The resource name of the project to associate
398 with the [Secret][google.cloud.secrets.v1beta1.Secret],
399 in the format ``projects/*``.
401 This corresponds to the ``parent`` field
402 on the ``request`` instance; if ``request`` is provided, this
403 should not be set.
404 secret_id (:class:`str`):
405 Required. This must be unique within the project.
407 A secret ID is a string with a maximum length of 255
408 characters and can contain uppercase and lowercase
409 letters, numerals, and the hyphen (``-``) and underscore
410 (``_``) characters.
412 This corresponds to the ``secret_id`` field
413 on the ``request`` instance; if ``request`` is provided, this
414 should not be set.
415 secret (:class:`google.cloud.secretmanager_v1beta1.types.Secret`):
416 Required. A
417 [Secret][google.cloud.secrets.v1beta1.Secret] with
418 initial field values.
420 This corresponds to the ``secret`` field
421 on the ``request`` instance; if ``request`` is provided, this
422 should not be set.
423 retry (google.api_core.retry.Retry): Designation of what errors, if any,
424 should be retried.
425 timeout (float): The timeout for this request.
426 metadata (Sequence[Tuple[str, str]]): Strings which should be
427 sent along with the request as metadata.
429 Returns:
430 google.cloud.secretmanager_v1beta1.types.Secret:
431 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can
432 be accessed.
434 A [Secret][google.cloud.secrets.v1beta1.Secret] is
435 made up of zero or more
436 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
437 that represent the secret data.
439 """
440 # Create or coerce a protobuf request object.
441 # Quick check: If we got a request object, we should *not* have
442 # gotten any keyword arguments that map to the request.
443 has_flattened_params = any([parent, secret_id, secret])
444 if request is not None and has_flattened_params:
445 raise ValueError(
446 "If the `request` argument is set, then none of "
447 "the individual field arguments should be set."
448 )
450 request = service.CreateSecretRequest(request)
452 # If we have keyword arguments corresponding to fields on the
453 # request, apply these.
454 if parent is not None:
455 request.parent = parent
456 if secret_id is not None:
457 request.secret_id = secret_id
458 if secret is not None:
459 request.secret = secret
461 # Wrap the RPC method; this adds retry and timeout information,
462 # and friendly error handling.
463 rpc = gapic_v1.method_async.wrap_method(
464 self._client._transport.create_secret,
465 default_timeout=60.0,
466 client_info=DEFAULT_CLIENT_INFO,
467 )
469 # Certain fields should be provided within the metadata header;
470 # add these here.
471 metadata = tuple(metadata) + (
472 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)),
473 )
475 # Send the request.
476 response = await rpc(
477 request,
478 retry=retry,
479 timeout=timeout,
480 metadata=metadata,
481 )
483 # Done; return the response.
484 return response
486 async def add_secret_version(
487 self,
488 request: Optional[Union[service.AddSecretVersionRequest, dict]] = None,
489 *,
490 parent: Optional[str] = None,
491 payload: Optional[resources.SecretPayload] = None,
492 retry: OptionalRetry = gapic_v1.method.DEFAULT,
493 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
494 metadata: Sequence[Tuple[str, str]] = (),
495 ) -> resources.SecretVersion:
496 r"""Creates a new
497 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
498 containing secret data and attaches it to an existing
499 [Secret][google.cloud.secrets.v1beta1.Secret].
501 .. code-block:: python
503 # This snippet has been automatically generated and should be regarded as a
504 # code template only.
505 # It will require modifications to work:
506 # - It may require correct/in-range values for request initialization.
507 # - It may require specifying regional endpoints when creating the service
508 # client as shown in:
509 # https://googleapis.dev/python/google-api-core/latest/client_options.html
510 from google.cloud import secretmanager_v1beta1
512 async def sample_add_secret_version():
513 # Create a client
514 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
516 # Initialize request argument(s)
517 request = secretmanager_v1beta1.AddSecretVersionRequest(
518 parent="parent_value",
519 )
521 # Make the request
522 response = await client.add_secret_version(request=request)
524 # Handle the response
525 print(response)
527 Args:
528 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.AddSecretVersionRequest, dict]]):
529 The request object. Request message for
530 [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion].
531 parent (:class:`str`):
532 Required. The resource name of the
533 [Secret][google.cloud.secrets.v1beta1.Secret] to
534 associate with the
535 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
536 in the format ``projects/*/secrets/*``.
538 This corresponds to the ``parent`` field
539 on the ``request`` instance; if ``request`` is provided, this
540 should not be set.
541 payload (:class:`google.cloud.secretmanager_v1beta1.types.SecretPayload`):
542 Required. The secret payload of the
543 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
545 This corresponds to the ``payload`` field
546 on the ``request`` instance; if ``request`` is provided, this
547 should not be set.
548 retry (google.api_core.retry.Retry): Designation of what errors, if any,
549 should be retried.
550 timeout (float): The timeout for this request.
551 metadata (Sequence[Tuple[str, str]]): Strings which should be
552 sent along with the request as metadata.
554 Returns:
555 google.cloud.secretmanager_v1beta1.types.SecretVersion:
556 A secret version resource in the
557 Secret Manager API.
559 """
560 # Create or coerce a protobuf request object.
561 # Quick check: If we got a request object, we should *not* have
562 # gotten any keyword arguments that map to the request.
563 has_flattened_params = any([parent, payload])
564 if request is not None and has_flattened_params:
565 raise ValueError(
566 "If the `request` argument is set, then none of "
567 "the individual field arguments should be set."
568 )
570 request = service.AddSecretVersionRequest(request)
572 # If we have keyword arguments corresponding to fields on the
573 # request, apply these.
574 if parent is not None:
575 request.parent = parent
576 if payload is not None:
577 request.payload = payload
579 # Wrap the RPC method; this adds retry and timeout information,
580 # and friendly error handling.
581 rpc = gapic_v1.method_async.wrap_method(
582 self._client._transport.add_secret_version,
583 default_timeout=60.0,
584 client_info=DEFAULT_CLIENT_INFO,
585 )
587 # Certain fields should be provided within the metadata header;
588 # add these here.
589 metadata = tuple(metadata) + (
590 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)),
591 )
593 # Send the request.
594 response = await rpc(
595 request,
596 retry=retry,
597 timeout=timeout,
598 metadata=metadata,
599 )
601 # Done; return the response.
602 return response
604 async def get_secret(
605 self,
606 request: Optional[Union[service.GetSecretRequest, dict]] = None,
607 *,
608 name: Optional[str] = None,
609 retry: OptionalRetry = gapic_v1.method.DEFAULT,
610 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
611 metadata: Sequence[Tuple[str, str]] = (),
612 ) -> resources.Secret:
613 r"""Gets metadata for a given
614 [Secret][google.cloud.secrets.v1beta1.Secret].
616 .. code-block:: python
618 # This snippet has been automatically generated and should be regarded as a
619 # code template only.
620 # It will require modifications to work:
621 # - It may require correct/in-range values for request initialization.
622 # - It may require specifying regional endpoints when creating the service
623 # client as shown in:
624 # https://googleapis.dev/python/google-api-core/latest/client_options.html
625 from google.cloud import secretmanager_v1beta1
627 async def sample_get_secret():
628 # Create a client
629 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
631 # Initialize request argument(s)
632 request = secretmanager_v1beta1.GetSecretRequest(
633 name="name_value",
634 )
636 # Make the request
637 response = await client.get_secret(request=request)
639 # Handle the response
640 print(response)
642 Args:
643 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.GetSecretRequest, dict]]):
644 The request object. Request message for
645 [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret].
646 name (:class:`str`):
647 Required. The resource name of the
648 [Secret][google.cloud.secrets.v1beta1.Secret], in the
649 format ``projects/*/secrets/*``.
651 This corresponds to the ``name`` field
652 on the ``request`` instance; if ``request`` is provided, this
653 should not be set.
654 retry (google.api_core.retry.Retry): Designation of what errors, if any,
655 should be retried.
656 timeout (float): The timeout for this request.
657 metadata (Sequence[Tuple[str, str]]): Strings which should be
658 sent along with the request as metadata.
660 Returns:
661 google.cloud.secretmanager_v1beta1.types.Secret:
662 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can
663 be accessed.
665 A [Secret][google.cloud.secrets.v1beta1.Secret] is
666 made up of zero or more
667 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
668 that represent the secret data.
670 """
671 # Create or coerce a protobuf request object.
672 # Quick check: If we got a request object, we should *not* have
673 # gotten any keyword arguments that map to the request.
674 has_flattened_params = any([name])
675 if request is not None and has_flattened_params:
676 raise ValueError(
677 "If the `request` argument is set, then none of "
678 "the individual field arguments should be set."
679 )
681 request = service.GetSecretRequest(request)
683 # If we have keyword arguments corresponding to fields on the
684 # request, apply these.
685 if name is not None:
686 request.name = name
688 # Wrap the RPC method; this adds retry and timeout information,
689 # and friendly error handling.
690 rpc = gapic_v1.method_async.wrap_method(
691 self._client._transport.get_secret,
692 default_timeout=60.0,
693 client_info=DEFAULT_CLIENT_INFO,
694 )
696 # Certain fields should be provided within the metadata header;
697 # add these here.
698 metadata = tuple(metadata) + (
699 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
700 )
702 # Send the request.
703 response = await rpc(
704 request,
705 retry=retry,
706 timeout=timeout,
707 metadata=metadata,
708 )
710 # Done; return the response.
711 return response
713 async def update_secret(
714 self,
715 request: Optional[Union[service.UpdateSecretRequest, dict]] = None,
716 *,
717 secret: Optional[resources.Secret] = None,
718 update_mask: Optional[field_mask_pb2.FieldMask] = None,
719 retry: OptionalRetry = gapic_v1.method.DEFAULT,
720 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
721 metadata: Sequence[Tuple[str, str]] = (),
722 ) -> resources.Secret:
723 r"""Updates metadata of an existing
724 [Secret][google.cloud.secrets.v1beta1.Secret].
726 .. code-block:: python
728 # This snippet has been automatically generated and should be regarded as a
729 # code template only.
730 # It will require modifications to work:
731 # - It may require correct/in-range values for request initialization.
732 # - It may require specifying regional endpoints when creating the service
733 # client as shown in:
734 # https://googleapis.dev/python/google-api-core/latest/client_options.html
735 from google.cloud import secretmanager_v1beta1
737 async def sample_update_secret():
738 # Create a client
739 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
741 # Initialize request argument(s)
742 request = secretmanager_v1beta1.UpdateSecretRequest(
743 )
745 # Make the request
746 response = await client.update_secret(request=request)
748 # Handle the response
749 print(response)
751 Args:
752 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.UpdateSecretRequest, dict]]):
753 The request object. Request message for
754 [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret].
755 secret (:class:`google.cloud.secretmanager_v1beta1.types.Secret`):
756 Required. [Secret][google.cloud.secrets.v1beta1.Secret]
757 with updated field values.
759 This corresponds to the ``secret`` field
760 on the ``request`` instance; if ``request`` is provided, this
761 should not be set.
762 update_mask (:class:`google.protobuf.field_mask_pb2.FieldMask`):
763 Required. Specifies the fields to be
764 updated.
766 This corresponds to the ``update_mask`` field
767 on the ``request`` instance; if ``request`` is provided, this
768 should not be set.
769 retry (google.api_core.retry.Retry): Designation of what errors, if any,
770 should be retried.
771 timeout (float): The timeout for this request.
772 metadata (Sequence[Tuple[str, str]]): Strings which should be
773 sent along with the request as metadata.
775 Returns:
776 google.cloud.secretmanager_v1beta1.types.Secret:
777 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can
778 be accessed.
780 A [Secret][google.cloud.secrets.v1beta1.Secret] is
781 made up of zero or more
782 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
783 that represent the secret data.
785 """
786 # Create or coerce a protobuf request object.
787 # Quick check: If we got a request object, we should *not* have
788 # gotten any keyword arguments that map to the request.
789 has_flattened_params = any([secret, update_mask])
790 if request is not None and has_flattened_params:
791 raise ValueError(
792 "If the `request` argument is set, then none of "
793 "the individual field arguments should be set."
794 )
796 request = service.UpdateSecretRequest(request)
798 # If we have keyword arguments corresponding to fields on the
799 # request, apply these.
800 if secret is not None:
801 request.secret = secret
802 if update_mask is not None:
803 request.update_mask = update_mask
805 # Wrap the RPC method; this adds retry and timeout information,
806 # and friendly error handling.
807 rpc = gapic_v1.method_async.wrap_method(
808 self._client._transport.update_secret,
809 default_timeout=60.0,
810 client_info=DEFAULT_CLIENT_INFO,
811 )
813 # Certain fields should be provided within the metadata header;
814 # add these here.
815 metadata = tuple(metadata) + (
816 gapic_v1.routing_header.to_grpc_metadata(
817 (("secret.name", request.secret.name),)
818 ),
819 )
821 # Send the request.
822 response = await rpc(
823 request,
824 retry=retry,
825 timeout=timeout,
826 metadata=metadata,
827 )
829 # Done; return the response.
830 return response
832 async def delete_secret(
833 self,
834 request: Optional[Union[service.DeleteSecretRequest, dict]] = None,
835 *,
836 name: Optional[str] = None,
837 retry: OptionalRetry = gapic_v1.method.DEFAULT,
838 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
839 metadata: Sequence[Tuple[str, str]] = (),
840 ) -> None:
841 r"""Deletes a [Secret][google.cloud.secrets.v1beta1.Secret].
843 .. code-block:: python
845 # This snippet has been automatically generated and should be regarded as a
846 # code template only.
847 # It will require modifications to work:
848 # - It may require correct/in-range values for request initialization.
849 # - It may require specifying regional endpoints when creating the service
850 # client as shown in:
851 # https://googleapis.dev/python/google-api-core/latest/client_options.html
852 from google.cloud import secretmanager_v1beta1
854 async def sample_delete_secret():
855 # Create a client
856 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
858 # Initialize request argument(s)
859 request = secretmanager_v1beta1.DeleteSecretRequest(
860 name="name_value",
861 )
863 # Make the request
864 await client.delete_secret(request=request)
866 Args:
867 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DeleteSecretRequest, dict]]):
868 The request object. Request message for
869 [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret].
870 name (:class:`str`):
871 Required. The resource name of the
872 [Secret][google.cloud.secrets.v1beta1.Secret] to delete
873 in the format ``projects/*/secrets/*``.
875 This corresponds to the ``name`` field
876 on the ``request`` instance; if ``request`` is provided, this
877 should not be set.
878 retry (google.api_core.retry.Retry): Designation of what errors, if any,
879 should be retried.
880 timeout (float): The timeout for this request.
881 metadata (Sequence[Tuple[str, str]]): Strings which should be
882 sent along with the request as metadata.
883 """
884 # Create or coerce a protobuf request object.
885 # Quick check: If we got a request object, we should *not* have
886 # gotten any keyword arguments that map to the request.
887 has_flattened_params = any([name])
888 if request is not None and has_flattened_params:
889 raise ValueError(
890 "If the `request` argument is set, then none of "
891 "the individual field arguments should be set."
892 )
894 request = service.DeleteSecretRequest(request)
896 # If we have keyword arguments corresponding to fields on the
897 # request, apply these.
898 if name is not None:
899 request.name = name
901 # Wrap the RPC method; this adds retry and timeout information,
902 # and friendly error handling.
903 rpc = gapic_v1.method_async.wrap_method(
904 self._client._transport.delete_secret,
905 default_timeout=60.0,
906 client_info=DEFAULT_CLIENT_INFO,
907 )
909 # Certain fields should be provided within the metadata header;
910 # add these here.
911 metadata = tuple(metadata) + (
912 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
913 )
915 # Send the request.
916 await rpc(
917 request,
918 retry=retry,
919 timeout=timeout,
920 metadata=metadata,
921 )
923 async def list_secret_versions(
924 self,
925 request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None,
926 *,
927 parent: Optional[str] = None,
928 retry: OptionalRetry = gapic_v1.method.DEFAULT,
929 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
930 metadata: Sequence[Tuple[str, str]] = (),
931 ) -> pagers.ListSecretVersionsAsyncPager:
932 r"""Lists
933 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion].
934 This call does not return secret data.
936 .. code-block:: python
938 # This snippet has been automatically generated and should be regarded as a
939 # code template only.
940 # It will require modifications to work:
941 # - It may require correct/in-range values for request initialization.
942 # - It may require specifying regional endpoints when creating the service
943 # client as shown in:
944 # https://googleapis.dev/python/google-api-core/latest/client_options.html
945 from google.cloud import secretmanager_v1beta1
947 async def sample_list_secret_versions():
948 # Create a client
949 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
951 # Initialize request argument(s)
952 request = secretmanager_v1beta1.ListSecretVersionsRequest(
953 parent="parent_value",
954 )
956 # Make the request
957 page_result = client.list_secret_versions(request=request)
959 # Handle the response
960 async for response in page_result:
961 print(response)
963 Args:
964 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest, dict]]):
965 The request object. Request message for
966 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions].
967 parent (:class:`str`):
968 Required. The resource name of the
969 [Secret][google.cloud.secrets.v1beta1.Secret] associated
970 with the
971 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
972 to list, in the format ``projects/*/secrets/*``.
974 This corresponds to the ``parent`` field
975 on the ``request`` instance; if ``request`` is provided, this
976 should not be set.
977 retry (google.api_core.retry.Retry): Designation of what errors, if any,
978 should be retried.
979 timeout (float): The timeout for this request.
980 metadata (Sequence[Tuple[str, str]]): Strings which should be
981 sent along with the request as metadata.
983 Returns:
984 google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager:
985 Response message for
986 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions].
988 Iterating over this object will yield results and
989 resolve additional pages automatically.
991 """
992 # Create or coerce a protobuf request object.
993 # Quick check: If we got a request object, we should *not* have
994 # gotten any keyword arguments that map to the request.
995 has_flattened_params = any([parent])
996 if request is not None and has_flattened_params:
997 raise ValueError(
998 "If the `request` argument is set, then none of "
999 "the individual field arguments should be set."
1000 )
1002 request = service.ListSecretVersionsRequest(request)
1004 # If we have keyword arguments corresponding to fields on the
1005 # request, apply these.
1006 if parent is not None:
1007 request.parent = parent
1009 # Wrap the RPC method; this adds retry and timeout information,
1010 # and friendly error handling.
1011 rpc = gapic_v1.method_async.wrap_method(
1012 self._client._transport.list_secret_versions,
1013 default_timeout=60.0,
1014 client_info=DEFAULT_CLIENT_INFO,
1015 )
1017 # Certain fields should be provided within the metadata header;
1018 # add these here.
1019 metadata = tuple(metadata) + (
1020 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)),
1021 )
1023 # Send the request.
1024 response = await rpc(
1025 request,
1026 retry=retry,
1027 timeout=timeout,
1028 metadata=metadata,
1029 )
1031 # This method is paged; wrap the response in a pager, which provides
1032 # an `__aiter__` convenience method.
1033 response = pagers.ListSecretVersionsAsyncPager(
1034 method=rpc,
1035 request=request,
1036 response=response,
1037 metadata=metadata,
1038 )
1040 # Done; return the response.
1041 return response
1043 async def get_secret_version(
1044 self,
1045 request: Optional[Union[service.GetSecretVersionRequest, dict]] = None,
1046 *,
1047 name: Optional[str] = None,
1048 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1049 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1050 metadata: Sequence[Tuple[str, str]] = (),
1051 ) -> resources.SecretVersion:
1052 r"""Gets metadata for a
1053 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1055 ``projects/*/secrets/*/versions/latest`` is an alias to the
1056 ``latest``
1057 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1059 .. code-block:: python
1061 # This snippet has been automatically generated and should be regarded as a
1062 # code template only.
1063 # It will require modifications to work:
1064 # - It may require correct/in-range values for request initialization.
1065 # - It may require specifying regional endpoints when creating the service
1066 # client as shown in:
1067 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1068 from google.cloud import secretmanager_v1beta1
1070 async def sample_get_secret_version():
1071 # Create a client
1072 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1074 # Initialize request argument(s)
1075 request = secretmanager_v1beta1.GetSecretVersionRequest(
1076 name="name_value",
1077 )
1079 # Make the request
1080 response = await client.get_secret_version(request=request)
1082 # Handle the response
1083 print(response)
1085 Args:
1086 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.GetSecretVersionRequest, dict]]):
1087 The request object. Request message for
1088 [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion].
1089 name (:class:`str`):
1090 Required. The resource name of the
1091 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1092 in the format ``projects/*/secrets/*/versions/*``.
1093 ``projects/*/secrets/*/versions/latest`` is an alias to
1094 the ``latest``
1095 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1097 This corresponds to the ``name`` field
1098 on the ``request`` instance; if ``request`` is provided, this
1099 should not be set.
1100 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1101 should be retried.
1102 timeout (float): The timeout for this request.
1103 metadata (Sequence[Tuple[str, str]]): Strings which should be
1104 sent along with the request as metadata.
1106 Returns:
1107 google.cloud.secretmanager_v1beta1.types.SecretVersion:
1108 A secret version resource in the
1109 Secret Manager API.
1111 """
1112 # Create or coerce a protobuf request object.
1113 # Quick check: If we got a request object, we should *not* have
1114 # gotten any keyword arguments that map to the request.
1115 has_flattened_params = any([name])
1116 if request is not None and has_flattened_params:
1117 raise ValueError(
1118 "If the `request` argument is set, then none of "
1119 "the individual field arguments should be set."
1120 )
1122 request = service.GetSecretVersionRequest(request)
1124 # If we have keyword arguments corresponding to fields on the
1125 # request, apply these.
1126 if name is not None:
1127 request.name = name
1129 # Wrap the RPC method; this adds retry and timeout information,
1130 # and friendly error handling.
1131 rpc = gapic_v1.method_async.wrap_method(
1132 self._client._transport.get_secret_version,
1133 default_timeout=60.0,
1134 client_info=DEFAULT_CLIENT_INFO,
1135 )
1137 # Certain fields should be provided within the metadata header;
1138 # add these here.
1139 metadata = tuple(metadata) + (
1140 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1141 )
1143 # Send the request.
1144 response = await rpc(
1145 request,
1146 retry=retry,
1147 timeout=timeout,
1148 metadata=metadata,
1149 )
1151 # Done; return the response.
1152 return response
1154 async def access_secret_version(
1155 self,
1156 request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None,
1157 *,
1158 name: Optional[str] = None,
1159 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1160 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1161 metadata: Sequence[Tuple[str, str]] = (),
1162 ) -> service.AccessSecretVersionResponse:
1163 r"""Accesses a
1164 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1165 This call returns the secret data.
1167 ``projects/*/secrets/*/versions/latest`` is an alias to the
1168 ``latest``
1169 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1171 .. code-block:: python
1173 # This snippet has been automatically generated and should be regarded as a
1174 # code template only.
1175 # It will require modifications to work:
1176 # - It may require correct/in-range values for request initialization.
1177 # - It may require specifying regional endpoints when creating the service
1178 # client as shown in:
1179 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1180 from google.cloud import secretmanager_v1beta1
1182 async def sample_access_secret_version():
1183 # Create a client
1184 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1186 # Initialize request argument(s)
1187 request = secretmanager_v1beta1.AccessSecretVersionRequest(
1188 name="name_value",
1189 )
1191 # Make the request
1192 response = await client.access_secret_version(request=request)
1194 # Handle the response
1195 print(response)
1197 Args:
1198 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.AccessSecretVersionRequest, dict]]):
1199 The request object. Request message for
1200 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion].
1201 name (:class:`str`):
1202 Required. The resource name of the
1203 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1204 in the format ``projects/*/secrets/*/versions/*``.
1206 This corresponds to the ``name`` field
1207 on the ``request`` instance; if ``request`` is provided, this
1208 should not be set.
1209 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1210 should be retried.
1211 timeout (float): The timeout for this request.
1212 metadata (Sequence[Tuple[str, str]]): Strings which should be
1213 sent along with the request as metadata.
1215 Returns:
1216 google.cloud.secretmanager_v1beta1.types.AccessSecretVersionResponse:
1217 Response message for
1218 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion].
1220 """
1221 # Create or coerce a protobuf request object.
1222 # Quick check: If we got a request object, we should *not* have
1223 # gotten any keyword arguments that map to the request.
1224 has_flattened_params = any([name])
1225 if request is not None and has_flattened_params:
1226 raise ValueError(
1227 "If the `request` argument is set, then none of "
1228 "the individual field arguments should be set."
1229 )
1231 request = service.AccessSecretVersionRequest(request)
1233 # If we have keyword arguments corresponding to fields on the
1234 # request, apply these.
1235 if name is not None:
1236 request.name = name
1238 # Wrap the RPC method; this adds retry and timeout information,
1239 # and friendly error handling.
1240 rpc = gapic_v1.method_async.wrap_method(
1241 self._client._transport.access_secret_version,
1242 default_retry=retries.Retry(
1243 initial=1.0,
1244 maximum=60.0,
1245 multiplier=1.3,
1246 predicate=retries.if_exception_type(
1247 core_exceptions.ServiceUnavailable,
1248 core_exceptions.Unknown,
1249 ),
1250 deadline=60.0,
1251 ),
1252 default_timeout=60.0,
1253 client_info=DEFAULT_CLIENT_INFO,
1254 )
1256 # Certain fields should be provided within the metadata header;
1257 # add these here.
1258 metadata = tuple(metadata) + (
1259 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1260 )
1262 # Send the request.
1263 response = await rpc(
1264 request,
1265 retry=retry,
1266 timeout=timeout,
1267 metadata=metadata,
1268 )
1270 # Done; return the response.
1271 return response
1273 async def disable_secret_version(
1274 self,
1275 request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None,
1276 *,
1277 name: Optional[str] = None,
1278 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1279 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1280 metadata: Sequence[Tuple[str, str]] = (),
1281 ) -> resources.SecretVersion:
1282 r"""Disables a
1283 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1285 Sets the
1286 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the
1287 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to
1288 [DISABLED][google.cloud.secrets.v1beta1.SecretVersion.State.DISABLED].
1290 .. code-block:: python
1292 # This snippet has been automatically generated and should be regarded as a
1293 # code template only.
1294 # It will require modifications to work:
1295 # - It may require correct/in-range values for request initialization.
1296 # - It may require specifying regional endpoints when creating the service
1297 # client as shown in:
1298 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1299 from google.cloud import secretmanager_v1beta1
1301 async def sample_disable_secret_version():
1302 # Create a client
1303 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1305 # Initialize request argument(s)
1306 request = secretmanager_v1beta1.DisableSecretVersionRequest(
1307 name="name_value",
1308 )
1310 # Make the request
1311 response = await client.disable_secret_version(request=request)
1313 # Handle the response
1314 print(response)
1316 Args:
1317 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DisableSecretVersionRequest, dict]]):
1318 The request object. Request message for
1319 [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion].
1320 name (:class:`str`):
1321 Required. The resource name of the
1322 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1323 to disable in the format
1324 ``projects/*/secrets/*/versions/*``.
1326 This corresponds to the ``name`` field
1327 on the ``request`` instance; if ``request`` is provided, this
1328 should not be set.
1329 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1330 should be retried.
1331 timeout (float): The timeout for this request.
1332 metadata (Sequence[Tuple[str, str]]): Strings which should be
1333 sent along with the request as metadata.
1335 Returns:
1336 google.cloud.secretmanager_v1beta1.types.SecretVersion:
1337 A secret version resource in the
1338 Secret Manager API.
1340 """
1341 # Create or coerce a protobuf request object.
1342 # Quick check: If we got a request object, we should *not* have
1343 # gotten any keyword arguments that map to the request.
1344 has_flattened_params = any([name])
1345 if request is not None and has_flattened_params:
1346 raise ValueError(
1347 "If the `request` argument is set, then none of "
1348 "the individual field arguments should be set."
1349 )
1351 request = service.DisableSecretVersionRequest(request)
1353 # If we have keyword arguments corresponding to fields on the
1354 # request, apply these.
1355 if name is not None:
1356 request.name = name
1358 # Wrap the RPC method; this adds retry and timeout information,
1359 # and friendly error handling.
1360 rpc = gapic_v1.method_async.wrap_method(
1361 self._client._transport.disable_secret_version,
1362 default_timeout=60.0,
1363 client_info=DEFAULT_CLIENT_INFO,
1364 )
1366 # Certain fields should be provided within the metadata header;
1367 # add these here.
1368 metadata = tuple(metadata) + (
1369 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1370 )
1372 # Send the request.
1373 response = await rpc(
1374 request,
1375 retry=retry,
1376 timeout=timeout,
1377 metadata=metadata,
1378 )
1380 # Done; return the response.
1381 return response
1383 async def enable_secret_version(
1384 self,
1385 request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None,
1386 *,
1387 name: Optional[str] = None,
1388 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1389 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1390 metadata: Sequence[Tuple[str, str]] = (),
1391 ) -> resources.SecretVersion:
1392 r"""Enables a
1393 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1395 Sets the
1396 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the
1397 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to
1398 [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED].
1400 .. code-block:: python
1402 # This snippet has been automatically generated and should be regarded as a
1403 # code template only.
1404 # It will require modifications to work:
1405 # - It may require correct/in-range values for request initialization.
1406 # - It may require specifying regional endpoints when creating the service
1407 # client as shown in:
1408 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1409 from google.cloud import secretmanager_v1beta1
1411 async def sample_enable_secret_version():
1412 # Create a client
1413 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1415 # Initialize request argument(s)
1416 request = secretmanager_v1beta1.EnableSecretVersionRequest(
1417 name="name_value",
1418 )
1420 # Make the request
1421 response = await client.enable_secret_version(request=request)
1423 # Handle the response
1424 print(response)
1426 Args:
1427 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.EnableSecretVersionRequest, dict]]):
1428 The request object. Request message for
1429 [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion].
1430 name (:class:`str`):
1431 Required. The resource name of the
1432 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1433 to enable in the format
1434 ``projects/*/secrets/*/versions/*``.
1436 This corresponds to the ``name`` field
1437 on the ``request`` instance; if ``request`` is provided, this
1438 should not be set.
1439 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1440 should be retried.
1441 timeout (float): The timeout for this request.
1442 metadata (Sequence[Tuple[str, str]]): Strings which should be
1443 sent along with the request as metadata.
1445 Returns:
1446 google.cloud.secretmanager_v1beta1.types.SecretVersion:
1447 A secret version resource in the
1448 Secret Manager API.
1450 """
1451 # Create or coerce a protobuf request object.
1452 # Quick check: If we got a request object, we should *not* have
1453 # gotten any keyword arguments that map to the request.
1454 has_flattened_params = any([name])
1455 if request is not None and has_flattened_params:
1456 raise ValueError(
1457 "If the `request` argument is set, then none of "
1458 "the individual field arguments should be set."
1459 )
1461 request = service.EnableSecretVersionRequest(request)
1463 # If we have keyword arguments corresponding to fields on the
1464 # request, apply these.
1465 if name is not None:
1466 request.name = name
1468 # Wrap the RPC method; this adds retry and timeout information,
1469 # and friendly error handling.
1470 rpc = gapic_v1.method_async.wrap_method(
1471 self._client._transport.enable_secret_version,
1472 default_timeout=60.0,
1473 client_info=DEFAULT_CLIENT_INFO,
1474 )
1476 # Certain fields should be provided within the metadata header;
1477 # add these here.
1478 metadata = tuple(metadata) + (
1479 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1480 )
1482 # Send the request.
1483 response = await rpc(
1484 request,
1485 retry=retry,
1486 timeout=timeout,
1487 metadata=metadata,
1488 )
1490 # Done; return the response.
1491 return response
1493 async def destroy_secret_version(
1494 self,
1495 request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None,
1496 *,
1497 name: Optional[str] = None,
1498 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1499 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1500 metadata: Sequence[Tuple[str, str]] = (),
1501 ) -> resources.SecretVersion:
1502 r"""Destroys a
1503 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1505 Sets the
1506 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the
1507 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to
1508 [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED]
1509 and irrevocably destroys the secret data.
1511 .. code-block:: python
1513 # This snippet has been automatically generated and should be regarded as a
1514 # code template only.
1515 # It will require modifications to work:
1516 # - It may require correct/in-range values for request initialization.
1517 # - It may require specifying regional endpoints when creating the service
1518 # client as shown in:
1519 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1520 from google.cloud import secretmanager_v1beta1
1522 async def sample_destroy_secret_version():
1523 # Create a client
1524 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1526 # Initialize request argument(s)
1527 request = secretmanager_v1beta1.DestroySecretVersionRequest(
1528 name="name_value",
1529 )
1531 # Make the request
1532 response = await client.destroy_secret_version(request=request)
1534 # Handle the response
1535 print(response)
1537 Args:
1538 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DestroySecretVersionRequest, dict]]):
1539 The request object. Request message for
1540 [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion].
1541 name (:class:`str`):
1542 Required. The resource name of the
1543 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1544 to destroy in the format
1545 ``projects/*/secrets/*/versions/*``.
1547 This corresponds to the ``name`` field
1548 on the ``request`` instance; if ``request`` is provided, this
1549 should not be set.
1550 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1551 should be retried.
1552 timeout (float): The timeout for this request.
1553 metadata (Sequence[Tuple[str, str]]): Strings which should be
1554 sent along with the request as metadata.
1556 Returns:
1557 google.cloud.secretmanager_v1beta1.types.SecretVersion:
1558 A secret version resource in the
1559 Secret Manager API.
1561 """
1562 # Create or coerce a protobuf request object.
1563 # Quick check: If we got a request object, we should *not* have
1564 # gotten any keyword arguments that map to the request.
1565 has_flattened_params = any([name])
1566 if request is not None and has_flattened_params:
1567 raise ValueError(
1568 "If the `request` argument is set, then none of "
1569 "the individual field arguments should be set."
1570 )
1572 request = service.DestroySecretVersionRequest(request)
1574 # If we have keyword arguments corresponding to fields on the
1575 # request, apply these.
1576 if name is not None:
1577 request.name = name
1579 # Wrap the RPC method; this adds retry and timeout information,
1580 # and friendly error handling.
1581 rpc = gapic_v1.method_async.wrap_method(
1582 self._client._transport.destroy_secret_version,
1583 default_timeout=60.0,
1584 client_info=DEFAULT_CLIENT_INFO,
1585 )
1587 # Certain fields should be provided within the metadata header;
1588 # add these here.
1589 metadata = tuple(metadata) + (
1590 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1591 )
1593 # Send the request.
1594 response = await rpc(
1595 request,
1596 retry=retry,
1597 timeout=timeout,
1598 metadata=metadata,
1599 )
1601 # Done; return the response.
1602 return response
1604 async def set_iam_policy(
1605 self,
1606 request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None,
1607 *,
1608 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1609 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1610 metadata: Sequence[Tuple[str, str]] = (),
1611 ) -> policy_pb2.Policy:
1612 r"""Sets the access control policy on the specified secret. Replaces
1613 any existing policy.
1615 Permissions on
1616 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] are
1617 enforced according to the policy set on the associated
1618 [Secret][google.cloud.secrets.v1beta1.Secret].
1620 .. code-block:: python
1622 # This snippet has been automatically generated and should be regarded as a
1623 # code template only.
1624 # It will require modifications to work:
1625 # - It may require correct/in-range values for request initialization.
1626 # - It may require specifying regional endpoints when creating the service
1627 # client as shown in:
1628 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1629 from google.cloud import secretmanager_v1beta1
1630 from google.iam.v1 import iam_policy_pb2 # type: ignore
1632 async def sample_set_iam_policy():
1633 # Create a client
1634 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1636 # Initialize request argument(s)
1637 request = iam_policy_pb2.SetIamPolicyRequest(
1638 resource="resource_value",
1639 )
1641 # Make the request
1642 response = await client.set_iam_policy(request=request)
1644 # Handle the response
1645 print(response)
1647 Args:
1648 request (Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]]):
1649 The request object. Request message for ``SetIamPolicy`` method.
1650 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1651 should be retried.
1652 timeout (float): The timeout for this request.
1653 metadata (Sequence[Tuple[str, str]]): Strings which should be
1654 sent along with the request as metadata.
1656 Returns:
1657 google.iam.v1.policy_pb2.Policy:
1658 An Identity and Access Management (IAM) policy, which specifies access
1659 controls for Google Cloud resources.
1661 A Policy is a collection of bindings. A binding binds
1662 one or more members, or principals, to a single role.
1663 Principals can be user accounts, service accounts,
1664 Google groups, and domains (such as G Suite). A role
1665 is a named list of permissions; each role can be an
1666 IAM predefined role or a user-created custom role.
1668 For some types of Google Cloud resources, a binding
1669 can also specify a condition, which is a logical
1670 expression that allows access to a resource only if
1671 the expression evaluates to true. A condition can add
1672 constraints based on attributes of the request, the
1673 resource, or both. To learn which resources support
1674 conditions in their IAM policies, see the [IAM
1675 documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies).
1677 **JSON example:**
1679 :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \`
1681 **YAML example:**
1683 :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \`
1685 For a description of IAM and its features, see the
1686 [IAM
1687 documentation](\ https://cloud.google.com/iam/docs/).
1689 """
1690 # Create or coerce a protobuf request object.
1691 # The request isn't a proto-plus wrapped type,
1692 # so it must be constructed via keyword expansion.
1693 if isinstance(request, dict):
1694 request = iam_policy_pb2.SetIamPolicyRequest(**request)
1696 # Wrap the RPC method; this adds retry and timeout information,
1697 # and friendly error handling.
1698 rpc = gapic_v1.method_async.wrap_method(
1699 self._client._transport.set_iam_policy,
1700 default_timeout=60.0,
1701 client_info=DEFAULT_CLIENT_INFO,
1702 )
1704 # Certain fields should be provided within the metadata header;
1705 # add these here.
1706 metadata = tuple(metadata) + (
1707 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)),
1708 )
1710 # Send the request.
1711 response = await rpc(
1712 request,
1713 retry=retry,
1714 timeout=timeout,
1715 metadata=metadata,
1716 )
1718 # Done; return the response.
1719 return response
1721 async def get_iam_policy(
1722 self,
1723 request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None,
1724 *,
1725 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1726 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1727 metadata: Sequence[Tuple[str, str]] = (),
1728 ) -> policy_pb2.Policy:
1729 r"""Gets the access control policy for a secret.
1730 Returns empty policy if the secret exists and does not
1731 have a policy set.
1733 .. code-block:: python
1735 # This snippet has been automatically generated and should be regarded as a
1736 # code template only.
1737 # It will require modifications to work:
1738 # - It may require correct/in-range values for request initialization.
1739 # - It may require specifying regional endpoints when creating the service
1740 # client as shown in:
1741 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1742 from google.cloud import secretmanager_v1beta1
1743 from google.iam.v1 import iam_policy_pb2 # type: ignore
1745 async def sample_get_iam_policy():
1746 # Create a client
1747 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1749 # Initialize request argument(s)
1750 request = iam_policy_pb2.GetIamPolicyRequest(
1751 resource="resource_value",
1752 )
1754 # Make the request
1755 response = await client.get_iam_policy(request=request)
1757 # Handle the response
1758 print(response)
1760 Args:
1761 request (Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]]):
1762 The request object. Request message for ``GetIamPolicy`` method.
1763 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1764 should be retried.
1765 timeout (float): The timeout for this request.
1766 metadata (Sequence[Tuple[str, str]]): Strings which should be
1767 sent along with the request as metadata.
1769 Returns:
1770 google.iam.v1.policy_pb2.Policy:
1771 An Identity and Access Management (IAM) policy, which specifies access
1772 controls for Google Cloud resources.
1774 A Policy is a collection of bindings. A binding binds
1775 one or more members, or principals, to a single role.
1776 Principals can be user accounts, service accounts,
1777 Google groups, and domains (such as G Suite). A role
1778 is a named list of permissions; each role can be an
1779 IAM predefined role or a user-created custom role.
1781 For some types of Google Cloud resources, a binding
1782 can also specify a condition, which is a logical
1783 expression that allows access to a resource only if
1784 the expression evaluates to true. A condition can add
1785 constraints based on attributes of the request, the
1786 resource, or both. To learn which resources support
1787 conditions in their IAM policies, see the [IAM
1788 documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies).
1790 **JSON example:**
1792 :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \`
1794 **YAML example:**
1796 :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \`
1798 For a description of IAM and its features, see the
1799 [IAM
1800 documentation](\ https://cloud.google.com/iam/docs/).
1802 """
1803 # Create or coerce a protobuf request object.
1804 # The request isn't a proto-plus wrapped type,
1805 # so it must be constructed via keyword expansion.
1806 if isinstance(request, dict):
1807 request = iam_policy_pb2.GetIamPolicyRequest(**request)
1809 # Wrap the RPC method; this adds retry and timeout information,
1810 # and friendly error handling.
1811 rpc = gapic_v1.method_async.wrap_method(
1812 self._client._transport.get_iam_policy,
1813 default_timeout=60.0,
1814 client_info=DEFAULT_CLIENT_INFO,
1815 )
1817 # Certain fields should be provided within the metadata header;
1818 # add these here.
1819 metadata = tuple(metadata) + (
1820 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)),
1821 )
1823 # Send the request.
1824 response = await rpc(
1825 request,
1826 retry=retry,
1827 timeout=timeout,
1828 metadata=metadata,
1829 )
1831 # Done; return the response.
1832 return response
1834 async def test_iam_permissions(
1835 self,
1836 request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None,
1837 *,
1838 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1839 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1840 metadata: Sequence[Tuple[str, str]] = (),
1841 ) -> iam_policy_pb2.TestIamPermissionsResponse:
1842 r"""Returns permissions that a caller has for the specified secret.
1843 If the secret does not exist, this call returns an empty set of
1844 permissions, not a NOT_FOUND error.
1846 Note: This operation is designed to be used for building
1847 permission-aware UIs and command-line tools, not for
1848 authorization checking. This operation may "fail open" without
1849 warning.
1851 .. code-block:: python
1853 # This snippet has been automatically generated and should be regarded as a
1854 # code template only.
1855 # It will require modifications to work:
1856 # - It may require correct/in-range values for request initialization.
1857 # - It may require specifying regional endpoints when creating the service
1858 # client as shown in:
1859 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1860 from google.cloud import secretmanager_v1beta1
1861 from google.iam.v1 import iam_policy_pb2 # type: ignore
1863 async def sample_test_iam_permissions():
1864 # Create a client
1865 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1867 # Initialize request argument(s)
1868 request = iam_policy_pb2.TestIamPermissionsRequest(
1869 resource="resource_value",
1870 permissions=['permissions_value1', 'permissions_value2'],
1871 )
1873 # Make the request
1874 response = await client.test_iam_permissions(request=request)
1876 # Handle the response
1877 print(response)
1879 Args:
1880 request (Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]]):
1881 The request object. Request message for ``TestIamPermissions`` method.
1882 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1883 should be retried.
1884 timeout (float): The timeout for this request.
1885 metadata (Sequence[Tuple[str, str]]): Strings which should be
1886 sent along with the request as metadata.
1888 Returns:
1889 google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse:
1890 Response message for TestIamPermissions method.
1891 """
1892 # Create or coerce a protobuf request object.
1893 # The request isn't a proto-plus wrapped type,
1894 # so it must be constructed via keyword expansion.
1895 if isinstance(request, dict):
1896 request = iam_policy_pb2.TestIamPermissionsRequest(**request)
1898 # Wrap the RPC method; this adds retry and timeout information,
1899 # and friendly error handling.
1900 rpc = gapic_v1.method_async.wrap_method(
1901 self._client._transport.test_iam_permissions,
1902 default_timeout=60.0,
1903 client_info=DEFAULT_CLIENT_INFO,
1904 )
1906 # Certain fields should be provided within the metadata header;
1907 # add these here.
1908 metadata = tuple(metadata) + (
1909 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)),
1910 )
1912 # Send the request.
1913 response = await rpc(
1914 request,
1915 retry=retry,
1916 timeout=timeout,
1917 metadata=metadata,
1918 )
1920 # Done; return the response.
1921 return response
1923 async def __aenter__(self) -> "SecretManagerServiceAsyncClient":
1924 return self
1926 async def __aexit__(self, exc_type, exc, tb):
1927 await self.transport.close()
1930DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(
1931 gapic_version=package_version.__version__
1932)
1935__all__ = ("SecretManagerServiceAsyncClient",)