1# -*- coding: utf-8 -*-
2# Copyright 2023 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16from collections import OrderedDict
17import functools
18import re
19from typing import (
20 Dict,
21 Mapping,
22 MutableMapping,
23 MutableSequence,
24 Optional,
25 Sequence,
26 Tuple,
27 Type,
28 Union,
29)
30
31from google.api_core import exceptions as core_exceptions
32from google.api_core import gapic_v1
33from google.api_core import retry as retries
34from google.api_core.client_options import ClientOptions
35from google.auth import credentials as ga_credentials # type: ignore
36from google.oauth2 import service_account # type: ignore
37
38from google.cloud.secretmanager_v1beta1 import gapic_version as package_version
39
40try:
41 OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault]
42except AttributeError: # pragma: NO COVER
43 OptionalRetry = Union[retries.Retry, object] # type: ignore
44
45from google.iam.v1 import iam_policy_pb2 # type: ignore
46from google.iam.v1 import policy_pb2 # type: ignore
47from google.protobuf import field_mask_pb2 # type: ignore
48from google.protobuf import timestamp_pb2 # type: ignore
49
50from google.cloud.secretmanager_v1beta1.services.secret_manager_service import pagers
51from google.cloud.secretmanager_v1beta1.types import resources, service
52
53from .client import SecretManagerServiceClient
54from .transports.base import DEFAULT_CLIENT_INFO, SecretManagerServiceTransport
55from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport
56
57
58class SecretManagerServiceAsyncClient:
59 """Secret Manager Service
60
61 Manages secrets and operations using those secrets. Implements a
62 REST model with the following objects:
63
64 - [Secret][google.cloud.secrets.v1beta1.Secret]
65 - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
66 """
67
68 _client: SecretManagerServiceClient
69
70 DEFAULT_ENDPOINT = SecretManagerServiceClient.DEFAULT_ENDPOINT
71 DEFAULT_MTLS_ENDPOINT = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT
72
73 secret_path = staticmethod(SecretManagerServiceClient.secret_path)
74 parse_secret_path = staticmethod(SecretManagerServiceClient.parse_secret_path)
75 secret_version_path = staticmethod(SecretManagerServiceClient.secret_version_path)
76 parse_secret_version_path = staticmethod(
77 SecretManagerServiceClient.parse_secret_version_path
78 )
79 common_billing_account_path = staticmethod(
80 SecretManagerServiceClient.common_billing_account_path
81 )
82 parse_common_billing_account_path = staticmethod(
83 SecretManagerServiceClient.parse_common_billing_account_path
84 )
85 common_folder_path = staticmethod(SecretManagerServiceClient.common_folder_path)
86 parse_common_folder_path = staticmethod(
87 SecretManagerServiceClient.parse_common_folder_path
88 )
89 common_organization_path = staticmethod(
90 SecretManagerServiceClient.common_organization_path
91 )
92 parse_common_organization_path = staticmethod(
93 SecretManagerServiceClient.parse_common_organization_path
94 )
95 common_project_path = staticmethod(SecretManagerServiceClient.common_project_path)
96 parse_common_project_path = staticmethod(
97 SecretManagerServiceClient.parse_common_project_path
98 )
99 common_location_path = staticmethod(SecretManagerServiceClient.common_location_path)
100 parse_common_location_path = staticmethod(
101 SecretManagerServiceClient.parse_common_location_path
102 )
103
104 @classmethod
105 def from_service_account_info(cls, info: dict, *args, **kwargs):
106 """Creates an instance of this client using the provided credentials
107 info.
108
109 Args:
110 info (dict): The service account private key info.
111 args: Additional arguments to pass to the constructor.
112 kwargs: Additional arguments to pass to the constructor.
113
114 Returns:
115 SecretManagerServiceAsyncClient: The constructed client.
116 """
117 return SecretManagerServiceClient.from_service_account_info.__func__(SecretManagerServiceAsyncClient, info, *args, **kwargs) # type: ignore
118
119 @classmethod
120 def from_service_account_file(cls, filename: str, *args, **kwargs):
121 """Creates an instance of this client using the provided credentials
122 file.
123
124 Args:
125 filename (str): The path to the service account private key json
126 file.
127 args: Additional arguments to pass to the constructor.
128 kwargs: Additional arguments to pass to the constructor.
129
130 Returns:
131 SecretManagerServiceAsyncClient: The constructed client.
132 """
133 return SecretManagerServiceClient.from_service_account_file.__func__(SecretManagerServiceAsyncClient, filename, *args, **kwargs) # type: ignore
134
135 from_service_account_json = from_service_account_file
136
137 @classmethod
138 def get_mtls_endpoint_and_cert_source(
139 cls, client_options: Optional[ClientOptions] = None
140 ):
141 """Return the API endpoint and client cert source for mutual TLS.
142
143 The client cert source is determined in the following order:
144 (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the
145 client cert source is None.
146 (2) if `client_options.client_cert_source` is provided, use the provided one; if the
147 default client cert source exists, use the default one; otherwise the client cert
148 source is None.
149
150 The API endpoint is determined in the following order:
151 (1) if `client_options.api_endpoint` if provided, use the provided one.
152 (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the
153 default mTLS endpoint; if the environment variable is "never", use the default API
154 endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise
155 use the default API endpoint.
156
157 More details can be found at https://google.aip.dev/auth/4114.
158
159 Args:
160 client_options (google.api_core.client_options.ClientOptions): Custom options for the
161 client. Only the `api_endpoint` and `client_cert_source` properties may be used
162 in this method.
163
164 Returns:
165 Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the
166 client cert source to use.
167
168 Raises:
169 google.auth.exceptions.MutualTLSChannelError: If any errors happen.
170 """
171 return SecretManagerServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore
172
173 @property
174 def transport(self) -> SecretManagerServiceTransport:
175 """Returns the transport used by the client instance.
176
177 Returns:
178 SecretManagerServiceTransport: The transport used by the client instance.
179 """
180 return self._client.transport
181
182 get_transport_class = functools.partial(
183 type(SecretManagerServiceClient).get_transport_class,
184 type(SecretManagerServiceClient),
185 )
186
187 def __init__(
188 self,
189 *,
190 credentials: Optional[ga_credentials.Credentials] = None,
191 transport: Union[str, SecretManagerServiceTransport] = "grpc_asyncio",
192 client_options: Optional[ClientOptions] = None,
193 client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
194 ) -> None:
195 """Instantiates the secret manager service client.
196
197 Args:
198 credentials (Optional[google.auth.credentials.Credentials]): The
199 authorization credentials to attach to requests. These
200 credentials identify the application to the service; if none
201 are specified, the client will attempt to ascertain the
202 credentials from the environment.
203 transport (Union[str, ~.SecretManagerServiceTransport]): The
204 transport to use. If set to None, a transport is chosen
205 automatically.
206 client_options (ClientOptions): Custom options for the client. It
207 won't take effect if a ``transport`` instance is provided.
208 (1) The ``api_endpoint`` property can be used to override the
209 default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT
210 environment variable can also be used to override the endpoint:
211 "always" (always use the default mTLS endpoint), "never" (always
212 use the default regular endpoint) and "auto" (auto switch to the
213 default mTLS endpoint if client certificate is present, this is
214 the default value). However, the ``api_endpoint`` property takes
215 precedence if provided.
216 (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable
217 is "true", then the ``client_cert_source`` property can be used
218 to provide client certificate for mutual TLS transport. If
219 not provided, the default SSL client certificate will be used if
220 present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not
221 set, no client certificate will be used.
222
223 Raises:
224 google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport
225 creation failed for any reason.
226 """
227 self._client = SecretManagerServiceClient(
228 credentials=credentials,
229 transport=transport,
230 client_options=client_options,
231 client_info=client_info,
232 )
233
234 async def list_secrets(
235 self,
236 request: Optional[Union[service.ListSecretsRequest, dict]] = None,
237 *,
238 parent: Optional[str] = None,
239 retry: OptionalRetry = gapic_v1.method.DEFAULT,
240 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
241 metadata: Sequence[Tuple[str, str]] = (),
242 ) -> pagers.ListSecretsAsyncPager:
243 r"""Lists [Secrets][google.cloud.secrets.v1beta1.Secret].
244
245 .. code-block:: python
246
247 # This snippet has been automatically generated and should be regarded as a
248 # code template only.
249 # It will require modifications to work:
250 # - It may require correct/in-range values for request initialization.
251 # - It may require specifying regional endpoints when creating the service
252 # client as shown in:
253 # https://googleapis.dev/python/google-api-core/latest/client_options.html
254 from google.cloud import secretmanager_v1beta1
255
256 async def sample_list_secrets():
257 # Create a client
258 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
259
260 # Initialize request argument(s)
261 request = secretmanager_v1beta1.ListSecretsRequest(
262 parent="parent_value",
263 )
264
265 # Make the request
266 page_result = client.list_secrets(request=request)
267
268 # Handle the response
269 async for response in page_result:
270 print(response)
271
272 Args:
273 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.ListSecretsRequest, dict]]):
274 The request object. Request message for
275 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets].
276 parent (:class:`str`):
277 Required. The resource name of the project associated
278 with the [Secrets][google.cloud.secrets.v1beta1.Secret],
279 in the format ``projects/*``.
280
281 This corresponds to the ``parent`` field
282 on the ``request`` instance; if ``request`` is provided, this
283 should not be set.
284 retry (google.api_core.retry.Retry): Designation of what errors, if any,
285 should be retried.
286 timeout (float): The timeout for this request.
287 metadata (Sequence[Tuple[str, str]]): Strings which should be
288 sent along with the request as metadata.
289
290 Returns:
291 google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretsAsyncPager:
292 Response message for
293 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets].
294
295 Iterating over this object will yield results and
296 resolve additional pages automatically.
297
298 """
299 # Create or coerce a protobuf request object.
300 # Quick check: If we got a request object, we should *not* have
301 # gotten any keyword arguments that map to the request.
302 has_flattened_params = any([parent])
303 if request is not None and has_flattened_params:
304 raise ValueError(
305 "If the `request` argument is set, then none of "
306 "the individual field arguments should be set."
307 )
308
309 request = service.ListSecretsRequest(request)
310
311 # If we have keyword arguments corresponding to fields on the
312 # request, apply these.
313 if parent is not None:
314 request.parent = parent
315
316 # Wrap the RPC method; this adds retry and timeout information,
317 # and friendly error handling.
318 rpc = gapic_v1.method_async.wrap_method(
319 self._client._transport.list_secrets,
320 default_timeout=60.0,
321 client_info=DEFAULT_CLIENT_INFO,
322 )
323
324 # Certain fields should be provided within the metadata header;
325 # add these here.
326 metadata = tuple(metadata) + (
327 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)),
328 )
329
330 # Send the request.
331 response = await rpc(
332 request,
333 retry=retry,
334 timeout=timeout,
335 metadata=metadata,
336 )
337
338 # This method is paged; wrap the response in a pager, which provides
339 # an `__aiter__` convenience method.
340 response = pagers.ListSecretsAsyncPager(
341 method=rpc,
342 request=request,
343 response=response,
344 metadata=metadata,
345 )
346
347 # Done; return the response.
348 return response
349
350 async def create_secret(
351 self,
352 request: Optional[Union[service.CreateSecretRequest, dict]] = None,
353 *,
354 parent: Optional[str] = None,
355 secret_id: Optional[str] = None,
356 secret: Optional[resources.Secret] = None,
357 retry: OptionalRetry = gapic_v1.method.DEFAULT,
358 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
359 metadata: Sequence[Tuple[str, str]] = (),
360 ) -> resources.Secret:
361 r"""Creates a new [Secret][google.cloud.secrets.v1beta1.Secret]
362 containing no
363 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion].
364
365 .. code-block:: python
366
367 # This snippet has been automatically generated and should be regarded as a
368 # code template only.
369 # It will require modifications to work:
370 # - It may require correct/in-range values for request initialization.
371 # - It may require specifying regional endpoints when creating the service
372 # client as shown in:
373 # https://googleapis.dev/python/google-api-core/latest/client_options.html
374 from google.cloud import secretmanager_v1beta1
375
376 async def sample_create_secret():
377 # Create a client
378 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
379
380 # Initialize request argument(s)
381 request = secretmanager_v1beta1.CreateSecretRequest(
382 parent="parent_value",
383 secret_id="secret_id_value",
384 )
385
386 # Make the request
387 response = await client.create_secret(request=request)
388
389 # Handle the response
390 print(response)
391
392 Args:
393 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.CreateSecretRequest, dict]]):
394 The request object. Request message for
395 [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret].
396 parent (:class:`str`):
397 Required. The resource name of the project to associate
398 with the [Secret][google.cloud.secrets.v1beta1.Secret],
399 in the format ``projects/*``.
400
401 This corresponds to the ``parent`` field
402 on the ``request`` instance; if ``request`` is provided, this
403 should not be set.
404 secret_id (:class:`str`):
405 Required. This must be unique within the project.
406
407 A secret ID is a string with a maximum length of 255
408 characters and can contain uppercase and lowercase
409 letters, numerals, and the hyphen (``-``) and underscore
410 (``_``) characters.
411
412 This corresponds to the ``secret_id`` field
413 on the ``request`` instance; if ``request`` is provided, this
414 should not be set.
415 secret (:class:`google.cloud.secretmanager_v1beta1.types.Secret`):
416 Required. A
417 [Secret][google.cloud.secrets.v1beta1.Secret] with
418 initial field values.
419
420 This corresponds to the ``secret`` field
421 on the ``request`` instance; if ``request`` is provided, this
422 should not be set.
423 retry (google.api_core.retry.Retry): Designation of what errors, if any,
424 should be retried.
425 timeout (float): The timeout for this request.
426 metadata (Sequence[Tuple[str, str]]): Strings which should be
427 sent along with the request as metadata.
428
429 Returns:
430 google.cloud.secretmanager_v1beta1.types.Secret:
431 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can
432 be accessed.
433
434 A [Secret][google.cloud.secrets.v1beta1.Secret] is
435 made up of zero or more
436 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
437 that represent the secret data.
438
439 """
440 # Create or coerce a protobuf request object.
441 # Quick check: If we got a request object, we should *not* have
442 # gotten any keyword arguments that map to the request.
443 has_flattened_params = any([parent, secret_id, secret])
444 if request is not None and has_flattened_params:
445 raise ValueError(
446 "If the `request` argument is set, then none of "
447 "the individual field arguments should be set."
448 )
449
450 request = service.CreateSecretRequest(request)
451
452 # If we have keyword arguments corresponding to fields on the
453 # request, apply these.
454 if parent is not None:
455 request.parent = parent
456 if secret_id is not None:
457 request.secret_id = secret_id
458 if secret is not None:
459 request.secret = secret
460
461 # Wrap the RPC method; this adds retry and timeout information,
462 # and friendly error handling.
463 rpc = gapic_v1.method_async.wrap_method(
464 self._client._transport.create_secret,
465 default_timeout=60.0,
466 client_info=DEFAULT_CLIENT_INFO,
467 )
468
469 # Certain fields should be provided within the metadata header;
470 # add these here.
471 metadata = tuple(metadata) + (
472 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)),
473 )
474
475 # Send the request.
476 response = await rpc(
477 request,
478 retry=retry,
479 timeout=timeout,
480 metadata=metadata,
481 )
482
483 # Done; return the response.
484 return response
485
486 async def add_secret_version(
487 self,
488 request: Optional[Union[service.AddSecretVersionRequest, dict]] = None,
489 *,
490 parent: Optional[str] = None,
491 payload: Optional[resources.SecretPayload] = None,
492 retry: OptionalRetry = gapic_v1.method.DEFAULT,
493 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
494 metadata: Sequence[Tuple[str, str]] = (),
495 ) -> resources.SecretVersion:
496 r"""Creates a new
497 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
498 containing secret data and attaches it to an existing
499 [Secret][google.cloud.secrets.v1beta1.Secret].
500
501 .. code-block:: python
502
503 # This snippet has been automatically generated and should be regarded as a
504 # code template only.
505 # It will require modifications to work:
506 # - It may require correct/in-range values for request initialization.
507 # - It may require specifying regional endpoints when creating the service
508 # client as shown in:
509 # https://googleapis.dev/python/google-api-core/latest/client_options.html
510 from google.cloud import secretmanager_v1beta1
511
512 async def sample_add_secret_version():
513 # Create a client
514 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
515
516 # Initialize request argument(s)
517 request = secretmanager_v1beta1.AddSecretVersionRequest(
518 parent="parent_value",
519 )
520
521 # Make the request
522 response = await client.add_secret_version(request=request)
523
524 # Handle the response
525 print(response)
526
527 Args:
528 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.AddSecretVersionRequest, dict]]):
529 The request object. Request message for
530 [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion].
531 parent (:class:`str`):
532 Required. The resource name of the
533 [Secret][google.cloud.secrets.v1beta1.Secret] to
534 associate with the
535 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
536 in the format ``projects/*/secrets/*``.
537
538 This corresponds to the ``parent`` field
539 on the ``request`` instance; if ``request`` is provided, this
540 should not be set.
541 payload (:class:`google.cloud.secretmanager_v1beta1.types.SecretPayload`):
542 Required. The secret payload of the
543 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
544
545 This corresponds to the ``payload`` field
546 on the ``request`` instance; if ``request`` is provided, this
547 should not be set.
548 retry (google.api_core.retry.Retry): Designation of what errors, if any,
549 should be retried.
550 timeout (float): The timeout for this request.
551 metadata (Sequence[Tuple[str, str]]): Strings which should be
552 sent along with the request as metadata.
553
554 Returns:
555 google.cloud.secretmanager_v1beta1.types.SecretVersion:
556 A secret version resource in the
557 Secret Manager API.
558
559 """
560 # Create or coerce a protobuf request object.
561 # Quick check: If we got a request object, we should *not* have
562 # gotten any keyword arguments that map to the request.
563 has_flattened_params = any([parent, payload])
564 if request is not None and has_flattened_params:
565 raise ValueError(
566 "If the `request` argument is set, then none of "
567 "the individual field arguments should be set."
568 )
569
570 request = service.AddSecretVersionRequest(request)
571
572 # If we have keyword arguments corresponding to fields on the
573 # request, apply these.
574 if parent is not None:
575 request.parent = parent
576 if payload is not None:
577 request.payload = payload
578
579 # Wrap the RPC method; this adds retry and timeout information,
580 # and friendly error handling.
581 rpc = gapic_v1.method_async.wrap_method(
582 self._client._transport.add_secret_version,
583 default_timeout=60.0,
584 client_info=DEFAULT_CLIENT_INFO,
585 )
586
587 # Certain fields should be provided within the metadata header;
588 # add these here.
589 metadata = tuple(metadata) + (
590 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)),
591 )
592
593 # Send the request.
594 response = await rpc(
595 request,
596 retry=retry,
597 timeout=timeout,
598 metadata=metadata,
599 )
600
601 # Done; return the response.
602 return response
603
604 async def get_secret(
605 self,
606 request: Optional[Union[service.GetSecretRequest, dict]] = None,
607 *,
608 name: Optional[str] = None,
609 retry: OptionalRetry = gapic_v1.method.DEFAULT,
610 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
611 metadata: Sequence[Tuple[str, str]] = (),
612 ) -> resources.Secret:
613 r"""Gets metadata for a given
614 [Secret][google.cloud.secrets.v1beta1.Secret].
615
616 .. code-block:: python
617
618 # This snippet has been automatically generated and should be regarded as a
619 # code template only.
620 # It will require modifications to work:
621 # - It may require correct/in-range values for request initialization.
622 # - It may require specifying regional endpoints when creating the service
623 # client as shown in:
624 # https://googleapis.dev/python/google-api-core/latest/client_options.html
625 from google.cloud import secretmanager_v1beta1
626
627 async def sample_get_secret():
628 # Create a client
629 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
630
631 # Initialize request argument(s)
632 request = secretmanager_v1beta1.GetSecretRequest(
633 name="name_value",
634 )
635
636 # Make the request
637 response = await client.get_secret(request=request)
638
639 # Handle the response
640 print(response)
641
642 Args:
643 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.GetSecretRequest, dict]]):
644 The request object. Request message for
645 [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret].
646 name (:class:`str`):
647 Required. The resource name of the
648 [Secret][google.cloud.secrets.v1beta1.Secret], in the
649 format ``projects/*/secrets/*``.
650
651 This corresponds to the ``name`` field
652 on the ``request`` instance; if ``request`` is provided, this
653 should not be set.
654 retry (google.api_core.retry.Retry): Designation of what errors, if any,
655 should be retried.
656 timeout (float): The timeout for this request.
657 metadata (Sequence[Tuple[str, str]]): Strings which should be
658 sent along with the request as metadata.
659
660 Returns:
661 google.cloud.secretmanager_v1beta1.types.Secret:
662 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can
663 be accessed.
664
665 A [Secret][google.cloud.secrets.v1beta1.Secret] is
666 made up of zero or more
667 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
668 that represent the secret data.
669
670 """
671 # Create or coerce a protobuf request object.
672 # Quick check: If we got a request object, we should *not* have
673 # gotten any keyword arguments that map to the request.
674 has_flattened_params = any([name])
675 if request is not None and has_flattened_params:
676 raise ValueError(
677 "If the `request` argument is set, then none of "
678 "the individual field arguments should be set."
679 )
680
681 request = service.GetSecretRequest(request)
682
683 # If we have keyword arguments corresponding to fields on the
684 # request, apply these.
685 if name is not None:
686 request.name = name
687
688 # Wrap the RPC method; this adds retry and timeout information,
689 # and friendly error handling.
690 rpc = gapic_v1.method_async.wrap_method(
691 self._client._transport.get_secret,
692 default_timeout=60.0,
693 client_info=DEFAULT_CLIENT_INFO,
694 )
695
696 # Certain fields should be provided within the metadata header;
697 # add these here.
698 metadata = tuple(metadata) + (
699 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
700 )
701
702 # Send the request.
703 response = await rpc(
704 request,
705 retry=retry,
706 timeout=timeout,
707 metadata=metadata,
708 )
709
710 # Done; return the response.
711 return response
712
713 async def update_secret(
714 self,
715 request: Optional[Union[service.UpdateSecretRequest, dict]] = None,
716 *,
717 secret: Optional[resources.Secret] = None,
718 update_mask: Optional[field_mask_pb2.FieldMask] = None,
719 retry: OptionalRetry = gapic_v1.method.DEFAULT,
720 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
721 metadata: Sequence[Tuple[str, str]] = (),
722 ) -> resources.Secret:
723 r"""Updates metadata of an existing
724 [Secret][google.cloud.secrets.v1beta1.Secret].
725
726 .. code-block:: python
727
728 # This snippet has been automatically generated and should be regarded as a
729 # code template only.
730 # It will require modifications to work:
731 # - It may require correct/in-range values for request initialization.
732 # - It may require specifying regional endpoints when creating the service
733 # client as shown in:
734 # https://googleapis.dev/python/google-api-core/latest/client_options.html
735 from google.cloud import secretmanager_v1beta1
736
737 async def sample_update_secret():
738 # Create a client
739 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
740
741 # Initialize request argument(s)
742 request = secretmanager_v1beta1.UpdateSecretRequest(
743 )
744
745 # Make the request
746 response = await client.update_secret(request=request)
747
748 # Handle the response
749 print(response)
750
751 Args:
752 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.UpdateSecretRequest, dict]]):
753 The request object. Request message for
754 [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret].
755 secret (:class:`google.cloud.secretmanager_v1beta1.types.Secret`):
756 Required. [Secret][google.cloud.secrets.v1beta1.Secret]
757 with updated field values.
758
759 This corresponds to the ``secret`` field
760 on the ``request`` instance; if ``request`` is provided, this
761 should not be set.
762 update_mask (:class:`google.protobuf.field_mask_pb2.FieldMask`):
763 Required. Specifies the fields to be
764 updated.
765
766 This corresponds to the ``update_mask`` field
767 on the ``request`` instance; if ``request`` is provided, this
768 should not be set.
769 retry (google.api_core.retry.Retry): Designation of what errors, if any,
770 should be retried.
771 timeout (float): The timeout for this request.
772 metadata (Sequence[Tuple[str, str]]): Strings which should be
773 sent along with the request as metadata.
774
775 Returns:
776 google.cloud.secretmanager_v1beta1.types.Secret:
777 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can
778 be accessed.
779
780 A [Secret][google.cloud.secrets.v1beta1.Secret] is
781 made up of zero or more
782 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
783 that represent the secret data.
784
785 """
786 # Create or coerce a protobuf request object.
787 # Quick check: If we got a request object, we should *not* have
788 # gotten any keyword arguments that map to the request.
789 has_flattened_params = any([secret, update_mask])
790 if request is not None and has_flattened_params:
791 raise ValueError(
792 "If the `request` argument is set, then none of "
793 "the individual field arguments should be set."
794 )
795
796 request = service.UpdateSecretRequest(request)
797
798 # If we have keyword arguments corresponding to fields on the
799 # request, apply these.
800 if secret is not None:
801 request.secret = secret
802 if update_mask is not None:
803 request.update_mask = update_mask
804
805 # Wrap the RPC method; this adds retry and timeout information,
806 # and friendly error handling.
807 rpc = gapic_v1.method_async.wrap_method(
808 self._client._transport.update_secret,
809 default_timeout=60.0,
810 client_info=DEFAULT_CLIENT_INFO,
811 )
812
813 # Certain fields should be provided within the metadata header;
814 # add these here.
815 metadata = tuple(metadata) + (
816 gapic_v1.routing_header.to_grpc_metadata(
817 (("secret.name", request.secret.name),)
818 ),
819 )
820
821 # Send the request.
822 response = await rpc(
823 request,
824 retry=retry,
825 timeout=timeout,
826 metadata=metadata,
827 )
828
829 # Done; return the response.
830 return response
831
832 async def delete_secret(
833 self,
834 request: Optional[Union[service.DeleteSecretRequest, dict]] = None,
835 *,
836 name: Optional[str] = None,
837 retry: OptionalRetry = gapic_v1.method.DEFAULT,
838 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
839 metadata: Sequence[Tuple[str, str]] = (),
840 ) -> None:
841 r"""Deletes a [Secret][google.cloud.secrets.v1beta1.Secret].
842
843 .. code-block:: python
844
845 # This snippet has been automatically generated and should be regarded as a
846 # code template only.
847 # It will require modifications to work:
848 # - It may require correct/in-range values for request initialization.
849 # - It may require specifying regional endpoints when creating the service
850 # client as shown in:
851 # https://googleapis.dev/python/google-api-core/latest/client_options.html
852 from google.cloud import secretmanager_v1beta1
853
854 async def sample_delete_secret():
855 # Create a client
856 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
857
858 # Initialize request argument(s)
859 request = secretmanager_v1beta1.DeleteSecretRequest(
860 name="name_value",
861 )
862
863 # Make the request
864 await client.delete_secret(request=request)
865
866 Args:
867 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DeleteSecretRequest, dict]]):
868 The request object. Request message for
869 [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret].
870 name (:class:`str`):
871 Required. The resource name of the
872 [Secret][google.cloud.secrets.v1beta1.Secret] to delete
873 in the format ``projects/*/secrets/*``.
874
875 This corresponds to the ``name`` field
876 on the ``request`` instance; if ``request`` is provided, this
877 should not be set.
878 retry (google.api_core.retry.Retry): Designation of what errors, if any,
879 should be retried.
880 timeout (float): The timeout for this request.
881 metadata (Sequence[Tuple[str, str]]): Strings which should be
882 sent along with the request as metadata.
883 """
884 # Create or coerce a protobuf request object.
885 # Quick check: If we got a request object, we should *not* have
886 # gotten any keyword arguments that map to the request.
887 has_flattened_params = any([name])
888 if request is not None and has_flattened_params:
889 raise ValueError(
890 "If the `request` argument is set, then none of "
891 "the individual field arguments should be set."
892 )
893
894 request = service.DeleteSecretRequest(request)
895
896 # If we have keyword arguments corresponding to fields on the
897 # request, apply these.
898 if name is not None:
899 request.name = name
900
901 # Wrap the RPC method; this adds retry and timeout information,
902 # and friendly error handling.
903 rpc = gapic_v1.method_async.wrap_method(
904 self._client._transport.delete_secret,
905 default_timeout=60.0,
906 client_info=DEFAULT_CLIENT_INFO,
907 )
908
909 # Certain fields should be provided within the metadata header;
910 # add these here.
911 metadata = tuple(metadata) + (
912 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
913 )
914
915 # Send the request.
916 await rpc(
917 request,
918 retry=retry,
919 timeout=timeout,
920 metadata=metadata,
921 )
922
923 async def list_secret_versions(
924 self,
925 request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None,
926 *,
927 parent: Optional[str] = None,
928 retry: OptionalRetry = gapic_v1.method.DEFAULT,
929 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
930 metadata: Sequence[Tuple[str, str]] = (),
931 ) -> pagers.ListSecretVersionsAsyncPager:
932 r"""Lists
933 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion].
934 This call does not return secret data.
935
936 .. code-block:: python
937
938 # This snippet has been automatically generated and should be regarded as a
939 # code template only.
940 # It will require modifications to work:
941 # - It may require correct/in-range values for request initialization.
942 # - It may require specifying regional endpoints when creating the service
943 # client as shown in:
944 # https://googleapis.dev/python/google-api-core/latest/client_options.html
945 from google.cloud import secretmanager_v1beta1
946
947 async def sample_list_secret_versions():
948 # Create a client
949 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
950
951 # Initialize request argument(s)
952 request = secretmanager_v1beta1.ListSecretVersionsRequest(
953 parent="parent_value",
954 )
955
956 # Make the request
957 page_result = client.list_secret_versions(request=request)
958
959 # Handle the response
960 async for response in page_result:
961 print(response)
962
963 Args:
964 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest, dict]]):
965 The request object. Request message for
966 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions].
967 parent (:class:`str`):
968 Required. The resource name of the
969 [Secret][google.cloud.secrets.v1beta1.Secret] associated
970 with the
971 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
972 to list, in the format ``projects/*/secrets/*``.
973
974 This corresponds to the ``parent`` field
975 on the ``request`` instance; if ``request`` is provided, this
976 should not be set.
977 retry (google.api_core.retry.Retry): Designation of what errors, if any,
978 should be retried.
979 timeout (float): The timeout for this request.
980 metadata (Sequence[Tuple[str, str]]): Strings which should be
981 sent along with the request as metadata.
982
983 Returns:
984 google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager:
985 Response message for
986 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions].
987
988 Iterating over this object will yield results and
989 resolve additional pages automatically.
990
991 """
992 # Create or coerce a protobuf request object.
993 # Quick check: If we got a request object, we should *not* have
994 # gotten any keyword arguments that map to the request.
995 has_flattened_params = any([parent])
996 if request is not None and has_flattened_params:
997 raise ValueError(
998 "If the `request` argument is set, then none of "
999 "the individual field arguments should be set."
1000 )
1001
1002 request = service.ListSecretVersionsRequest(request)
1003
1004 # If we have keyword arguments corresponding to fields on the
1005 # request, apply these.
1006 if parent is not None:
1007 request.parent = parent
1008
1009 # Wrap the RPC method; this adds retry and timeout information,
1010 # and friendly error handling.
1011 rpc = gapic_v1.method_async.wrap_method(
1012 self._client._transport.list_secret_versions,
1013 default_timeout=60.0,
1014 client_info=DEFAULT_CLIENT_INFO,
1015 )
1016
1017 # Certain fields should be provided within the metadata header;
1018 # add these here.
1019 metadata = tuple(metadata) + (
1020 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)),
1021 )
1022
1023 # Send the request.
1024 response = await rpc(
1025 request,
1026 retry=retry,
1027 timeout=timeout,
1028 metadata=metadata,
1029 )
1030
1031 # This method is paged; wrap the response in a pager, which provides
1032 # an `__aiter__` convenience method.
1033 response = pagers.ListSecretVersionsAsyncPager(
1034 method=rpc,
1035 request=request,
1036 response=response,
1037 metadata=metadata,
1038 )
1039
1040 # Done; return the response.
1041 return response
1042
1043 async def get_secret_version(
1044 self,
1045 request: Optional[Union[service.GetSecretVersionRequest, dict]] = None,
1046 *,
1047 name: Optional[str] = None,
1048 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1049 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1050 metadata: Sequence[Tuple[str, str]] = (),
1051 ) -> resources.SecretVersion:
1052 r"""Gets metadata for a
1053 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1054
1055 ``projects/*/secrets/*/versions/latest`` is an alias to the
1056 ``latest``
1057 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1058
1059 .. code-block:: python
1060
1061 # This snippet has been automatically generated and should be regarded as a
1062 # code template only.
1063 # It will require modifications to work:
1064 # - It may require correct/in-range values for request initialization.
1065 # - It may require specifying regional endpoints when creating the service
1066 # client as shown in:
1067 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1068 from google.cloud import secretmanager_v1beta1
1069
1070 async def sample_get_secret_version():
1071 # Create a client
1072 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1073
1074 # Initialize request argument(s)
1075 request = secretmanager_v1beta1.GetSecretVersionRequest(
1076 name="name_value",
1077 )
1078
1079 # Make the request
1080 response = await client.get_secret_version(request=request)
1081
1082 # Handle the response
1083 print(response)
1084
1085 Args:
1086 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.GetSecretVersionRequest, dict]]):
1087 The request object. Request message for
1088 [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion].
1089 name (:class:`str`):
1090 Required. The resource name of the
1091 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1092 in the format ``projects/*/secrets/*/versions/*``.
1093 ``projects/*/secrets/*/versions/latest`` is an alias to
1094 the ``latest``
1095 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1096
1097 This corresponds to the ``name`` field
1098 on the ``request`` instance; if ``request`` is provided, this
1099 should not be set.
1100 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1101 should be retried.
1102 timeout (float): The timeout for this request.
1103 metadata (Sequence[Tuple[str, str]]): Strings which should be
1104 sent along with the request as metadata.
1105
1106 Returns:
1107 google.cloud.secretmanager_v1beta1.types.SecretVersion:
1108 A secret version resource in the
1109 Secret Manager API.
1110
1111 """
1112 # Create or coerce a protobuf request object.
1113 # Quick check: If we got a request object, we should *not* have
1114 # gotten any keyword arguments that map to the request.
1115 has_flattened_params = any([name])
1116 if request is not None and has_flattened_params:
1117 raise ValueError(
1118 "If the `request` argument is set, then none of "
1119 "the individual field arguments should be set."
1120 )
1121
1122 request = service.GetSecretVersionRequest(request)
1123
1124 # If we have keyword arguments corresponding to fields on the
1125 # request, apply these.
1126 if name is not None:
1127 request.name = name
1128
1129 # Wrap the RPC method; this adds retry and timeout information,
1130 # and friendly error handling.
1131 rpc = gapic_v1.method_async.wrap_method(
1132 self._client._transport.get_secret_version,
1133 default_timeout=60.0,
1134 client_info=DEFAULT_CLIENT_INFO,
1135 )
1136
1137 # Certain fields should be provided within the metadata header;
1138 # add these here.
1139 metadata = tuple(metadata) + (
1140 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1141 )
1142
1143 # Send the request.
1144 response = await rpc(
1145 request,
1146 retry=retry,
1147 timeout=timeout,
1148 metadata=metadata,
1149 )
1150
1151 # Done; return the response.
1152 return response
1153
1154 async def access_secret_version(
1155 self,
1156 request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None,
1157 *,
1158 name: Optional[str] = None,
1159 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1160 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1161 metadata: Sequence[Tuple[str, str]] = (),
1162 ) -> service.AccessSecretVersionResponse:
1163 r"""Accesses a
1164 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1165 This call returns the secret data.
1166
1167 ``projects/*/secrets/*/versions/latest`` is an alias to the
1168 ``latest``
1169 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1170
1171 .. code-block:: python
1172
1173 # This snippet has been automatically generated and should be regarded as a
1174 # code template only.
1175 # It will require modifications to work:
1176 # - It may require correct/in-range values for request initialization.
1177 # - It may require specifying regional endpoints when creating the service
1178 # client as shown in:
1179 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1180 from google.cloud import secretmanager_v1beta1
1181
1182 async def sample_access_secret_version():
1183 # Create a client
1184 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1185
1186 # Initialize request argument(s)
1187 request = secretmanager_v1beta1.AccessSecretVersionRequest(
1188 name="name_value",
1189 )
1190
1191 # Make the request
1192 response = await client.access_secret_version(request=request)
1193
1194 # Handle the response
1195 print(response)
1196
1197 Args:
1198 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.AccessSecretVersionRequest, dict]]):
1199 The request object. Request message for
1200 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion].
1201 name (:class:`str`):
1202 Required. The resource name of the
1203 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1204 in the format ``projects/*/secrets/*/versions/*``.
1205
1206 This corresponds to the ``name`` field
1207 on the ``request`` instance; if ``request`` is provided, this
1208 should not be set.
1209 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1210 should be retried.
1211 timeout (float): The timeout for this request.
1212 metadata (Sequence[Tuple[str, str]]): Strings which should be
1213 sent along with the request as metadata.
1214
1215 Returns:
1216 google.cloud.secretmanager_v1beta1.types.AccessSecretVersionResponse:
1217 Response message for
1218 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion].
1219
1220 """
1221 # Create or coerce a protobuf request object.
1222 # Quick check: If we got a request object, we should *not* have
1223 # gotten any keyword arguments that map to the request.
1224 has_flattened_params = any([name])
1225 if request is not None and has_flattened_params:
1226 raise ValueError(
1227 "If the `request` argument is set, then none of "
1228 "the individual field arguments should be set."
1229 )
1230
1231 request = service.AccessSecretVersionRequest(request)
1232
1233 # If we have keyword arguments corresponding to fields on the
1234 # request, apply these.
1235 if name is not None:
1236 request.name = name
1237
1238 # Wrap the RPC method; this adds retry and timeout information,
1239 # and friendly error handling.
1240 rpc = gapic_v1.method_async.wrap_method(
1241 self._client._transport.access_secret_version,
1242 default_retry=retries.Retry(
1243 initial=1.0,
1244 maximum=60.0,
1245 multiplier=1.3,
1246 predicate=retries.if_exception_type(
1247 core_exceptions.ServiceUnavailable,
1248 core_exceptions.Unknown,
1249 ),
1250 deadline=60.0,
1251 ),
1252 default_timeout=60.0,
1253 client_info=DEFAULT_CLIENT_INFO,
1254 )
1255
1256 # Certain fields should be provided within the metadata header;
1257 # add these here.
1258 metadata = tuple(metadata) + (
1259 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1260 )
1261
1262 # Send the request.
1263 response = await rpc(
1264 request,
1265 retry=retry,
1266 timeout=timeout,
1267 metadata=metadata,
1268 )
1269
1270 # Done; return the response.
1271 return response
1272
1273 async def disable_secret_version(
1274 self,
1275 request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None,
1276 *,
1277 name: Optional[str] = None,
1278 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1279 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1280 metadata: Sequence[Tuple[str, str]] = (),
1281 ) -> resources.SecretVersion:
1282 r"""Disables a
1283 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1284
1285 Sets the
1286 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the
1287 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to
1288 [DISABLED][google.cloud.secrets.v1beta1.SecretVersion.State.DISABLED].
1289
1290 .. code-block:: python
1291
1292 # This snippet has been automatically generated and should be regarded as a
1293 # code template only.
1294 # It will require modifications to work:
1295 # - It may require correct/in-range values for request initialization.
1296 # - It may require specifying regional endpoints when creating the service
1297 # client as shown in:
1298 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1299 from google.cloud import secretmanager_v1beta1
1300
1301 async def sample_disable_secret_version():
1302 # Create a client
1303 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1304
1305 # Initialize request argument(s)
1306 request = secretmanager_v1beta1.DisableSecretVersionRequest(
1307 name="name_value",
1308 )
1309
1310 # Make the request
1311 response = await client.disable_secret_version(request=request)
1312
1313 # Handle the response
1314 print(response)
1315
1316 Args:
1317 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DisableSecretVersionRequest, dict]]):
1318 The request object. Request message for
1319 [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion].
1320 name (:class:`str`):
1321 Required. The resource name of the
1322 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1323 to disable in the format
1324 ``projects/*/secrets/*/versions/*``.
1325
1326 This corresponds to the ``name`` field
1327 on the ``request`` instance; if ``request`` is provided, this
1328 should not be set.
1329 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1330 should be retried.
1331 timeout (float): The timeout for this request.
1332 metadata (Sequence[Tuple[str, str]]): Strings which should be
1333 sent along with the request as metadata.
1334
1335 Returns:
1336 google.cloud.secretmanager_v1beta1.types.SecretVersion:
1337 A secret version resource in the
1338 Secret Manager API.
1339
1340 """
1341 # Create or coerce a protobuf request object.
1342 # Quick check: If we got a request object, we should *not* have
1343 # gotten any keyword arguments that map to the request.
1344 has_flattened_params = any([name])
1345 if request is not None and has_flattened_params:
1346 raise ValueError(
1347 "If the `request` argument is set, then none of "
1348 "the individual field arguments should be set."
1349 )
1350
1351 request = service.DisableSecretVersionRequest(request)
1352
1353 # If we have keyword arguments corresponding to fields on the
1354 # request, apply these.
1355 if name is not None:
1356 request.name = name
1357
1358 # Wrap the RPC method; this adds retry and timeout information,
1359 # and friendly error handling.
1360 rpc = gapic_v1.method_async.wrap_method(
1361 self._client._transport.disable_secret_version,
1362 default_timeout=60.0,
1363 client_info=DEFAULT_CLIENT_INFO,
1364 )
1365
1366 # Certain fields should be provided within the metadata header;
1367 # add these here.
1368 metadata = tuple(metadata) + (
1369 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1370 )
1371
1372 # Send the request.
1373 response = await rpc(
1374 request,
1375 retry=retry,
1376 timeout=timeout,
1377 metadata=metadata,
1378 )
1379
1380 # Done; return the response.
1381 return response
1382
1383 async def enable_secret_version(
1384 self,
1385 request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None,
1386 *,
1387 name: Optional[str] = None,
1388 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1389 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1390 metadata: Sequence[Tuple[str, str]] = (),
1391 ) -> resources.SecretVersion:
1392 r"""Enables a
1393 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1394
1395 Sets the
1396 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the
1397 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to
1398 [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED].
1399
1400 .. code-block:: python
1401
1402 # This snippet has been automatically generated and should be regarded as a
1403 # code template only.
1404 # It will require modifications to work:
1405 # - It may require correct/in-range values for request initialization.
1406 # - It may require specifying regional endpoints when creating the service
1407 # client as shown in:
1408 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1409 from google.cloud import secretmanager_v1beta1
1410
1411 async def sample_enable_secret_version():
1412 # Create a client
1413 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1414
1415 # Initialize request argument(s)
1416 request = secretmanager_v1beta1.EnableSecretVersionRequest(
1417 name="name_value",
1418 )
1419
1420 # Make the request
1421 response = await client.enable_secret_version(request=request)
1422
1423 # Handle the response
1424 print(response)
1425
1426 Args:
1427 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.EnableSecretVersionRequest, dict]]):
1428 The request object. Request message for
1429 [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion].
1430 name (:class:`str`):
1431 Required. The resource name of the
1432 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1433 to enable in the format
1434 ``projects/*/secrets/*/versions/*``.
1435
1436 This corresponds to the ``name`` field
1437 on the ``request`` instance; if ``request`` is provided, this
1438 should not be set.
1439 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1440 should be retried.
1441 timeout (float): The timeout for this request.
1442 metadata (Sequence[Tuple[str, str]]): Strings which should be
1443 sent along with the request as metadata.
1444
1445 Returns:
1446 google.cloud.secretmanager_v1beta1.types.SecretVersion:
1447 A secret version resource in the
1448 Secret Manager API.
1449
1450 """
1451 # Create or coerce a protobuf request object.
1452 # Quick check: If we got a request object, we should *not* have
1453 # gotten any keyword arguments that map to the request.
1454 has_flattened_params = any([name])
1455 if request is not None and has_flattened_params:
1456 raise ValueError(
1457 "If the `request` argument is set, then none of "
1458 "the individual field arguments should be set."
1459 )
1460
1461 request = service.EnableSecretVersionRequest(request)
1462
1463 # If we have keyword arguments corresponding to fields on the
1464 # request, apply these.
1465 if name is not None:
1466 request.name = name
1467
1468 # Wrap the RPC method; this adds retry and timeout information,
1469 # and friendly error handling.
1470 rpc = gapic_v1.method_async.wrap_method(
1471 self._client._transport.enable_secret_version,
1472 default_timeout=60.0,
1473 client_info=DEFAULT_CLIENT_INFO,
1474 )
1475
1476 # Certain fields should be provided within the metadata header;
1477 # add these here.
1478 metadata = tuple(metadata) + (
1479 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1480 )
1481
1482 # Send the request.
1483 response = await rpc(
1484 request,
1485 retry=retry,
1486 timeout=timeout,
1487 metadata=metadata,
1488 )
1489
1490 # Done; return the response.
1491 return response
1492
1493 async def destroy_secret_version(
1494 self,
1495 request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None,
1496 *,
1497 name: Optional[str] = None,
1498 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1499 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1500 metadata: Sequence[Tuple[str, str]] = (),
1501 ) -> resources.SecretVersion:
1502 r"""Destroys a
1503 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion].
1504
1505 Sets the
1506 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the
1507 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to
1508 [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED]
1509 and irrevocably destroys the secret data.
1510
1511 .. code-block:: python
1512
1513 # This snippet has been automatically generated and should be regarded as a
1514 # code template only.
1515 # It will require modifications to work:
1516 # - It may require correct/in-range values for request initialization.
1517 # - It may require specifying regional endpoints when creating the service
1518 # client as shown in:
1519 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1520 from google.cloud import secretmanager_v1beta1
1521
1522 async def sample_destroy_secret_version():
1523 # Create a client
1524 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1525
1526 # Initialize request argument(s)
1527 request = secretmanager_v1beta1.DestroySecretVersionRequest(
1528 name="name_value",
1529 )
1530
1531 # Make the request
1532 response = await client.destroy_secret_version(request=request)
1533
1534 # Handle the response
1535 print(response)
1536
1537 Args:
1538 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DestroySecretVersionRequest, dict]]):
1539 The request object. Request message for
1540 [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion].
1541 name (:class:`str`):
1542 Required. The resource name of the
1543 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
1544 to destroy in the format
1545 ``projects/*/secrets/*/versions/*``.
1546
1547 This corresponds to the ``name`` field
1548 on the ``request`` instance; if ``request`` is provided, this
1549 should not be set.
1550 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1551 should be retried.
1552 timeout (float): The timeout for this request.
1553 metadata (Sequence[Tuple[str, str]]): Strings which should be
1554 sent along with the request as metadata.
1555
1556 Returns:
1557 google.cloud.secretmanager_v1beta1.types.SecretVersion:
1558 A secret version resource in the
1559 Secret Manager API.
1560
1561 """
1562 # Create or coerce a protobuf request object.
1563 # Quick check: If we got a request object, we should *not* have
1564 # gotten any keyword arguments that map to the request.
1565 has_flattened_params = any([name])
1566 if request is not None and has_flattened_params:
1567 raise ValueError(
1568 "If the `request` argument is set, then none of "
1569 "the individual field arguments should be set."
1570 )
1571
1572 request = service.DestroySecretVersionRequest(request)
1573
1574 # If we have keyword arguments corresponding to fields on the
1575 # request, apply these.
1576 if name is not None:
1577 request.name = name
1578
1579 # Wrap the RPC method; this adds retry and timeout information,
1580 # and friendly error handling.
1581 rpc = gapic_v1.method_async.wrap_method(
1582 self._client._transport.destroy_secret_version,
1583 default_timeout=60.0,
1584 client_info=DEFAULT_CLIENT_INFO,
1585 )
1586
1587 # Certain fields should be provided within the metadata header;
1588 # add these here.
1589 metadata = tuple(metadata) + (
1590 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)),
1591 )
1592
1593 # Send the request.
1594 response = await rpc(
1595 request,
1596 retry=retry,
1597 timeout=timeout,
1598 metadata=metadata,
1599 )
1600
1601 # Done; return the response.
1602 return response
1603
1604 async def set_iam_policy(
1605 self,
1606 request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None,
1607 *,
1608 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1609 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1610 metadata: Sequence[Tuple[str, str]] = (),
1611 ) -> policy_pb2.Policy:
1612 r"""Sets the access control policy on the specified secret. Replaces
1613 any existing policy.
1614
1615 Permissions on
1616 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] are
1617 enforced according to the policy set on the associated
1618 [Secret][google.cloud.secrets.v1beta1.Secret].
1619
1620 .. code-block:: python
1621
1622 # This snippet has been automatically generated and should be regarded as a
1623 # code template only.
1624 # It will require modifications to work:
1625 # - It may require correct/in-range values for request initialization.
1626 # - It may require specifying regional endpoints when creating the service
1627 # client as shown in:
1628 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1629 from google.cloud import secretmanager_v1beta1
1630 from google.iam.v1 import iam_policy_pb2 # type: ignore
1631
1632 async def sample_set_iam_policy():
1633 # Create a client
1634 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1635
1636 # Initialize request argument(s)
1637 request = iam_policy_pb2.SetIamPolicyRequest(
1638 resource="resource_value",
1639 )
1640
1641 # Make the request
1642 response = await client.set_iam_policy(request=request)
1643
1644 # Handle the response
1645 print(response)
1646
1647 Args:
1648 request (Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]]):
1649 The request object. Request message for ``SetIamPolicy`` method.
1650 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1651 should be retried.
1652 timeout (float): The timeout for this request.
1653 metadata (Sequence[Tuple[str, str]]): Strings which should be
1654 sent along with the request as metadata.
1655
1656 Returns:
1657 google.iam.v1.policy_pb2.Policy:
1658 An Identity and Access Management (IAM) policy, which specifies access
1659 controls for Google Cloud resources.
1660
1661 A Policy is a collection of bindings. A binding binds
1662 one or more members, or principals, to a single role.
1663 Principals can be user accounts, service accounts,
1664 Google groups, and domains (such as G Suite). A role
1665 is a named list of permissions; each role can be an
1666 IAM predefined role or a user-created custom role.
1667
1668 For some types of Google Cloud resources, a binding
1669 can also specify a condition, which is a logical
1670 expression that allows access to a resource only if
1671 the expression evaluates to true. A condition can add
1672 constraints based on attributes of the request, the
1673 resource, or both. To learn which resources support
1674 conditions in their IAM policies, see the [IAM
1675 documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies).
1676
1677 **JSON example:**
1678
1679 :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \`
1680
1681 **YAML example:**
1682
1683 :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \`
1684
1685 For a description of IAM and its features, see the
1686 [IAM
1687 documentation](\ https://cloud.google.com/iam/docs/).
1688
1689 """
1690 # Create or coerce a protobuf request object.
1691 # The request isn't a proto-plus wrapped type,
1692 # so it must be constructed via keyword expansion.
1693 if isinstance(request, dict):
1694 request = iam_policy_pb2.SetIamPolicyRequest(**request)
1695
1696 # Wrap the RPC method; this adds retry and timeout information,
1697 # and friendly error handling.
1698 rpc = gapic_v1.method_async.wrap_method(
1699 self._client._transport.set_iam_policy,
1700 default_timeout=60.0,
1701 client_info=DEFAULT_CLIENT_INFO,
1702 )
1703
1704 # Certain fields should be provided within the metadata header;
1705 # add these here.
1706 metadata = tuple(metadata) + (
1707 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)),
1708 )
1709
1710 # Send the request.
1711 response = await rpc(
1712 request,
1713 retry=retry,
1714 timeout=timeout,
1715 metadata=metadata,
1716 )
1717
1718 # Done; return the response.
1719 return response
1720
1721 async def get_iam_policy(
1722 self,
1723 request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None,
1724 *,
1725 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1726 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1727 metadata: Sequence[Tuple[str, str]] = (),
1728 ) -> policy_pb2.Policy:
1729 r"""Gets the access control policy for a secret.
1730 Returns empty policy if the secret exists and does not
1731 have a policy set.
1732
1733 .. code-block:: python
1734
1735 # This snippet has been automatically generated and should be regarded as a
1736 # code template only.
1737 # It will require modifications to work:
1738 # - It may require correct/in-range values for request initialization.
1739 # - It may require specifying regional endpoints when creating the service
1740 # client as shown in:
1741 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1742 from google.cloud import secretmanager_v1beta1
1743 from google.iam.v1 import iam_policy_pb2 # type: ignore
1744
1745 async def sample_get_iam_policy():
1746 # Create a client
1747 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1748
1749 # Initialize request argument(s)
1750 request = iam_policy_pb2.GetIamPolicyRequest(
1751 resource="resource_value",
1752 )
1753
1754 # Make the request
1755 response = await client.get_iam_policy(request=request)
1756
1757 # Handle the response
1758 print(response)
1759
1760 Args:
1761 request (Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]]):
1762 The request object. Request message for ``GetIamPolicy`` method.
1763 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1764 should be retried.
1765 timeout (float): The timeout for this request.
1766 metadata (Sequence[Tuple[str, str]]): Strings which should be
1767 sent along with the request as metadata.
1768
1769 Returns:
1770 google.iam.v1.policy_pb2.Policy:
1771 An Identity and Access Management (IAM) policy, which specifies access
1772 controls for Google Cloud resources.
1773
1774 A Policy is a collection of bindings. A binding binds
1775 one or more members, or principals, to a single role.
1776 Principals can be user accounts, service accounts,
1777 Google groups, and domains (such as G Suite). A role
1778 is a named list of permissions; each role can be an
1779 IAM predefined role or a user-created custom role.
1780
1781 For some types of Google Cloud resources, a binding
1782 can also specify a condition, which is a logical
1783 expression that allows access to a resource only if
1784 the expression evaluates to true. A condition can add
1785 constraints based on attributes of the request, the
1786 resource, or both. To learn which resources support
1787 conditions in their IAM policies, see the [IAM
1788 documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies).
1789
1790 **JSON example:**
1791
1792 :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \`
1793
1794 **YAML example:**
1795
1796 :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \`
1797
1798 For a description of IAM and its features, see the
1799 [IAM
1800 documentation](\ https://cloud.google.com/iam/docs/).
1801
1802 """
1803 # Create or coerce a protobuf request object.
1804 # The request isn't a proto-plus wrapped type,
1805 # so it must be constructed via keyword expansion.
1806 if isinstance(request, dict):
1807 request = iam_policy_pb2.GetIamPolicyRequest(**request)
1808
1809 # Wrap the RPC method; this adds retry and timeout information,
1810 # and friendly error handling.
1811 rpc = gapic_v1.method_async.wrap_method(
1812 self._client._transport.get_iam_policy,
1813 default_timeout=60.0,
1814 client_info=DEFAULT_CLIENT_INFO,
1815 )
1816
1817 # Certain fields should be provided within the metadata header;
1818 # add these here.
1819 metadata = tuple(metadata) + (
1820 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)),
1821 )
1822
1823 # Send the request.
1824 response = await rpc(
1825 request,
1826 retry=retry,
1827 timeout=timeout,
1828 metadata=metadata,
1829 )
1830
1831 # Done; return the response.
1832 return response
1833
1834 async def test_iam_permissions(
1835 self,
1836 request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None,
1837 *,
1838 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1839 timeout: Union[float, object] = gapic_v1.method.DEFAULT,
1840 metadata: Sequence[Tuple[str, str]] = (),
1841 ) -> iam_policy_pb2.TestIamPermissionsResponse:
1842 r"""Returns permissions that a caller has for the specified secret.
1843 If the secret does not exist, this call returns an empty set of
1844 permissions, not a NOT_FOUND error.
1845
1846 Note: This operation is designed to be used for building
1847 permission-aware UIs and command-line tools, not for
1848 authorization checking. This operation may "fail open" without
1849 warning.
1850
1851 .. code-block:: python
1852
1853 # This snippet has been automatically generated and should be regarded as a
1854 # code template only.
1855 # It will require modifications to work:
1856 # - It may require correct/in-range values for request initialization.
1857 # - It may require specifying regional endpoints when creating the service
1858 # client as shown in:
1859 # https://googleapis.dev/python/google-api-core/latest/client_options.html
1860 from google.cloud import secretmanager_v1beta1
1861 from google.iam.v1 import iam_policy_pb2 # type: ignore
1862
1863 async def sample_test_iam_permissions():
1864 # Create a client
1865 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient()
1866
1867 # Initialize request argument(s)
1868 request = iam_policy_pb2.TestIamPermissionsRequest(
1869 resource="resource_value",
1870 permissions=['permissions_value1', 'permissions_value2'],
1871 )
1872
1873 # Make the request
1874 response = await client.test_iam_permissions(request=request)
1875
1876 # Handle the response
1877 print(response)
1878
1879 Args:
1880 request (Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]]):
1881 The request object. Request message for ``TestIamPermissions`` method.
1882 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1883 should be retried.
1884 timeout (float): The timeout for this request.
1885 metadata (Sequence[Tuple[str, str]]): Strings which should be
1886 sent along with the request as metadata.
1887
1888 Returns:
1889 google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse:
1890 Response message for TestIamPermissions method.
1891 """
1892 # Create or coerce a protobuf request object.
1893 # The request isn't a proto-plus wrapped type,
1894 # so it must be constructed via keyword expansion.
1895 if isinstance(request, dict):
1896 request = iam_policy_pb2.TestIamPermissionsRequest(**request)
1897
1898 # Wrap the RPC method; this adds retry and timeout information,
1899 # and friendly error handling.
1900 rpc = gapic_v1.method_async.wrap_method(
1901 self._client._transport.test_iam_permissions,
1902 default_timeout=60.0,
1903 client_info=DEFAULT_CLIENT_INFO,
1904 )
1905
1906 # Certain fields should be provided within the metadata header;
1907 # add these here.
1908 metadata = tuple(metadata) + (
1909 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)),
1910 )
1911
1912 # Send the request.
1913 response = await rpc(
1914 request,
1915 retry=retry,
1916 timeout=timeout,
1917 metadata=metadata,
1918 )
1919
1920 # Done; return the response.
1921 return response
1922
1923 async def __aenter__(self) -> "SecretManagerServiceAsyncClient":
1924 return self
1925
1926 async def __aexit__(self, exc_type, exc, tb):
1927 await self.transport.close()
1928
1929
1930DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(
1931 gapic_version=package_version.__version__
1932)
1933
1934
1935__all__ = ("SecretManagerServiceAsyncClient",)