Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/google/cloud/secretmanager_v1beta1/services/secret_manager_service/async_client.py: 31%

224 statements  

« prev     ^ index     » next       coverage.py v7.3.1, created at 2023-09-25 06:37 +0000

1# -*- coding: utf-8 -*- 

2# Copyright 2023 Google LLC 

3# 

4# Licensed under the Apache License, Version 2.0 (the "License"); 

5# you may not use this file except in compliance with the License. 

6# You may obtain a copy of the License at 

7# 

8# http://www.apache.org/licenses/LICENSE-2.0 

9# 

10# Unless required by applicable law or agreed to in writing, software 

11# distributed under the License is distributed on an "AS IS" BASIS, 

12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 

13# See the License for the specific language governing permissions and 

14# limitations under the License. 

15# 

16from collections import OrderedDict 

17import functools 

18import re 

19from typing import ( 

20 Dict, 

21 Mapping, 

22 MutableMapping, 

23 MutableSequence, 

24 Optional, 

25 Sequence, 

26 Tuple, 

27 Type, 

28 Union, 

29) 

30 

31from google.api_core import exceptions as core_exceptions 

32from google.api_core import gapic_v1 

33from google.api_core import retry as retries 

34from google.api_core.client_options import ClientOptions 

35from google.auth import credentials as ga_credentials # type: ignore 

36from google.oauth2 import service_account # type: ignore 

37 

38from google.cloud.secretmanager_v1beta1 import gapic_version as package_version 

39 

40try: 

41 OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault] 

42except AttributeError: # pragma: NO COVER 

43 OptionalRetry = Union[retries.Retry, object] # type: ignore 

44 

45from google.iam.v1 import iam_policy_pb2 # type: ignore 

46from google.iam.v1 import policy_pb2 # type: ignore 

47from google.protobuf import field_mask_pb2 # type: ignore 

48from google.protobuf import timestamp_pb2 # type: ignore 

49 

50from google.cloud.secretmanager_v1beta1.services.secret_manager_service import pagers 

51from google.cloud.secretmanager_v1beta1.types import resources, service 

52 

53from .client import SecretManagerServiceClient 

54from .transports.base import DEFAULT_CLIENT_INFO, SecretManagerServiceTransport 

55from .transports.grpc_asyncio import SecretManagerServiceGrpcAsyncIOTransport 

56 

57 

58class SecretManagerServiceAsyncClient: 

59 """Secret Manager Service 

60 

61 Manages secrets and operations using those secrets. Implements a 

62 REST model with the following objects: 

63 

64 - [Secret][google.cloud.secrets.v1beta1.Secret] 

65 - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

66 """ 

67 

68 _client: SecretManagerServiceClient 

69 

70 DEFAULT_ENDPOINT = SecretManagerServiceClient.DEFAULT_ENDPOINT 

71 DEFAULT_MTLS_ENDPOINT = SecretManagerServiceClient.DEFAULT_MTLS_ENDPOINT 

72 

73 secret_path = staticmethod(SecretManagerServiceClient.secret_path) 

74 parse_secret_path = staticmethod(SecretManagerServiceClient.parse_secret_path) 

75 secret_version_path = staticmethod(SecretManagerServiceClient.secret_version_path) 

76 parse_secret_version_path = staticmethod( 

77 SecretManagerServiceClient.parse_secret_version_path 

78 ) 

79 common_billing_account_path = staticmethod( 

80 SecretManagerServiceClient.common_billing_account_path 

81 ) 

82 parse_common_billing_account_path = staticmethod( 

83 SecretManagerServiceClient.parse_common_billing_account_path 

84 ) 

85 common_folder_path = staticmethod(SecretManagerServiceClient.common_folder_path) 

86 parse_common_folder_path = staticmethod( 

87 SecretManagerServiceClient.parse_common_folder_path 

88 ) 

89 common_organization_path = staticmethod( 

90 SecretManagerServiceClient.common_organization_path 

91 ) 

92 parse_common_organization_path = staticmethod( 

93 SecretManagerServiceClient.parse_common_organization_path 

94 ) 

95 common_project_path = staticmethod(SecretManagerServiceClient.common_project_path) 

96 parse_common_project_path = staticmethod( 

97 SecretManagerServiceClient.parse_common_project_path 

98 ) 

99 common_location_path = staticmethod(SecretManagerServiceClient.common_location_path) 

100 parse_common_location_path = staticmethod( 

101 SecretManagerServiceClient.parse_common_location_path 

102 ) 

103 

104 @classmethod 

105 def from_service_account_info(cls, info: dict, *args, **kwargs): 

106 """Creates an instance of this client using the provided credentials 

107 info. 

108 

109 Args: 

110 info (dict): The service account private key info. 

111 args: Additional arguments to pass to the constructor. 

112 kwargs: Additional arguments to pass to the constructor. 

113 

114 Returns: 

115 SecretManagerServiceAsyncClient: The constructed client. 

116 """ 

117 return SecretManagerServiceClient.from_service_account_info.__func__(SecretManagerServiceAsyncClient, info, *args, **kwargs) # type: ignore 

118 

119 @classmethod 

120 def from_service_account_file(cls, filename: str, *args, **kwargs): 

121 """Creates an instance of this client using the provided credentials 

122 file. 

123 

124 Args: 

125 filename (str): The path to the service account private key json 

126 file. 

127 args: Additional arguments to pass to the constructor. 

128 kwargs: Additional arguments to pass to the constructor. 

129 

130 Returns: 

131 SecretManagerServiceAsyncClient: The constructed client. 

132 """ 

133 return SecretManagerServiceClient.from_service_account_file.__func__(SecretManagerServiceAsyncClient, filename, *args, **kwargs) # type: ignore 

134 

135 from_service_account_json = from_service_account_file 

136 

137 @classmethod 

138 def get_mtls_endpoint_and_cert_source( 

139 cls, client_options: Optional[ClientOptions] = None 

140 ): 

141 """Return the API endpoint and client cert source for mutual TLS. 

142 

143 The client cert source is determined in the following order: 

144 (1) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is not "true", the 

145 client cert source is None. 

146 (2) if `client_options.client_cert_source` is provided, use the provided one; if the 

147 default client cert source exists, use the default one; otherwise the client cert 

148 source is None. 

149 

150 The API endpoint is determined in the following order: 

151 (1) if `client_options.api_endpoint` if provided, use the provided one. 

152 (2) if `GOOGLE_API_USE_CLIENT_CERTIFICATE` environment variable is "always", use the 

153 default mTLS endpoint; if the environment variable is "never", use the default API 

154 endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise 

155 use the default API endpoint. 

156 

157 More details can be found at https://google.aip.dev/auth/4114. 

158 

159 Args: 

160 client_options (google.api_core.client_options.ClientOptions): Custom options for the 

161 client. Only the `api_endpoint` and `client_cert_source` properties may be used 

162 in this method. 

163 

164 Returns: 

165 Tuple[str, Callable[[], Tuple[bytes, bytes]]]: returns the API endpoint and the 

166 client cert source to use. 

167 

168 Raises: 

169 google.auth.exceptions.MutualTLSChannelError: If any errors happen. 

170 """ 

171 return SecretManagerServiceClient.get_mtls_endpoint_and_cert_source(client_options) # type: ignore 

172 

173 @property 

174 def transport(self) -> SecretManagerServiceTransport: 

175 """Returns the transport used by the client instance. 

176 

177 Returns: 

178 SecretManagerServiceTransport: The transport used by the client instance. 

179 """ 

180 return self._client.transport 

181 

182 get_transport_class = functools.partial( 

183 type(SecretManagerServiceClient).get_transport_class, 

184 type(SecretManagerServiceClient), 

185 ) 

186 

187 def __init__( 

188 self, 

189 *, 

190 credentials: Optional[ga_credentials.Credentials] = None, 

191 transport: Union[str, SecretManagerServiceTransport] = "grpc_asyncio", 

192 client_options: Optional[ClientOptions] = None, 

193 client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, 

194 ) -> None: 

195 """Instantiates the secret manager service client. 

196 

197 Args: 

198 credentials (Optional[google.auth.credentials.Credentials]): The 

199 authorization credentials to attach to requests. These 

200 credentials identify the application to the service; if none 

201 are specified, the client will attempt to ascertain the 

202 credentials from the environment. 

203 transport (Union[str, ~.SecretManagerServiceTransport]): The 

204 transport to use. If set to None, a transport is chosen 

205 automatically. 

206 client_options (ClientOptions): Custom options for the client. It 

207 won't take effect if a ``transport`` instance is provided. 

208 (1) The ``api_endpoint`` property can be used to override the 

209 default endpoint provided by the client. GOOGLE_API_USE_MTLS_ENDPOINT 

210 environment variable can also be used to override the endpoint: 

211 "always" (always use the default mTLS endpoint), "never" (always 

212 use the default regular endpoint) and "auto" (auto switch to the 

213 default mTLS endpoint if client certificate is present, this is 

214 the default value). However, the ``api_endpoint`` property takes 

215 precedence if provided. 

216 (2) If GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable 

217 is "true", then the ``client_cert_source`` property can be used 

218 to provide client certificate for mutual TLS transport. If 

219 not provided, the default SSL client certificate will be used if 

220 present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not 

221 set, no client certificate will be used. 

222 

223 Raises: 

224 google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport 

225 creation failed for any reason. 

226 """ 

227 self._client = SecretManagerServiceClient( 

228 credentials=credentials, 

229 transport=transport, 

230 client_options=client_options, 

231 client_info=client_info, 

232 ) 

233 

234 async def list_secrets( 

235 self, 

236 request: Optional[Union[service.ListSecretsRequest, dict]] = None, 

237 *, 

238 parent: Optional[str] = None, 

239 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

240 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

241 metadata: Sequence[Tuple[str, str]] = (), 

242 ) -> pagers.ListSecretsAsyncPager: 

243 r"""Lists [Secrets][google.cloud.secrets.v1beta1.Secret]. 

244 

245 .. code-block:: python 

246 

247 # This snippet has been automatically generated and should be regarded as a 

248 # code template only. 

249 # It will require modifications to work: 

250 # - It may require correct/in-range values for request initialization. 

251 # - It may require specifying regional endpoints when creating the service 

252 # client as shown in: 

253 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

254 from google.cloud import secretmanager_v1beta1 

255 

256 async def sample_list_secrets(): 

257 # Create a client 

258 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

259 

260 # Initialize request argument(s) 

261 request = secretmanager_v1beta1.ListSecretsRequest( 

262 parent="parent_value", 

263 ) 

264 

265 # Make the request 

266 page_result = client.list_secrets(request=request) 

267 

268 # Handle the response 

269 async for response in page_result: 

270 print(response) 

271 

272 Args: 

273 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.ListSecretsRequest, dict]]): 

274 The request object. Request message for 

275 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. 

276 parent (:class:`str`): 

277 Required. The resource name of the project associated 

278 with the [Secrets][google.cloud.secrets.v1beta1.Secret], 

279 in the format ``projects/*``. 

280 

281 This corresponds to the ``parent`` field 

282 on the ``request`` instance; if ``request`` is provided, this 

283 should not be set. 

284 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

285 should be retried. 

286 timeout (float): The timeout for this request. 

287 metadata (Sequence[Tuple[str, str]]): Strings which should be 

288 sent along with the request as metadata. 

289 

290 Returns: 

291 google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretsAsyncPager: 

292 Response message for 

293 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets]. 

294 

295 Iterating over this object will yield results and 

296 resolve additional pages automatically. 

297 

298 """ 

299 # Create or coerce a protobuf request object. 

300 # Quick check: If we got a request object, we should *not* have 

301 # gotten any keyword arguments that map to the request. 

302 has_flattened_params = any([parent]) 

303 if request is not None and has_flattened_params: 

304 raise ValueError( 

305 "If the `request` argument is set, then none of " 

306 "the individual field arguments should be set." 

307 ) 

308 

309 request = service.ListSecretsRequest(request) 

310 

311 # If we have keyword arguments corresponding to fields on the 

312 # request, apply these. 

313 if parent is not None: 

314 request.parent = parent 

315 

316 # Wrap the RPC method; this adds retry and timeout information, 

317 # and friendly error handling. 

318 rpc = gapic_v1.method_async.wrap_method( 

319 self._client._transport.list_secrets, 

320 default_timeout=60.0, 

321 client_info=DEFAULT_CLIENT_INFO, 

322 ) 

323 

324 # Certain fields should be provided within the metadata header; 

325 # add these here. 

326 metadata = tuple(metadata) + ( 

327 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)), 

328 ) 

329 

330 # Send the request. 

331 response = await rpc( 

332 request, 

333 retry=retry, 

334 timeout=timeout, 

335 metadata=metadata, 

336 ) 

337 

338 # This method is paged; wrap the response in a pager, which provides 

339 # an `__aiter__` convenience method. 

340 response = pagers.ListSecretsAsyncPager( 

341 method=rpc, 

342 request=request, 

343 response=response, 

344 metadata=metadata, 

345 ) 

346 

347 # Done; return the response. 

348 return response 

349 

350 async def create_secret( 

351 self, 

352 request: Optional[Union[service.CreateSecretRequest, dict]] = None, 

353 *, 

354 parent: Optional[str] = None, 

355 secret_id: Optional[str] = None, 

356 secret: Optional[resources.Secret] = None, 

357 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

358 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

359 metadata: Sequence[Tuple[str, str]] = (), 

360 ) -> resources.Secret: 

361 r"""Creates a new [Secret][google.cloud.secrets.v1beta1.Secret] 

362 containing no 

363 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. 

364 

365 .. code-block:: python 

366 

367 # This snippet has been automatically generated and should be regarded as a 

368 # code template only. 

369 # It will require modifications to work: 

370 # - It may require correct/in-range values for request initialization. 

371 # - It may require specifying regional endpoints when creating the service 

372 # client as shown in: 

373 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

374 from google.cloud import secretmanager_v1beta1 

375 

376 async def sample_create_secret(): 

377 # Create a client 

378 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

379 

380 # Initialize request argument(s) 

381 request = secretmanager_v1beta1.CreateSecretRequest( 

382 parent="parent_value", 

383 secret_id="secret_id_value", 

384 ) 

385 

386 # Make the request 

387 response = await client.create_secret(request=request) 

388 

389 # Handle the response 

390 print(response) 

391 

392 Args: 

393 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.CreateSecretRequest, dict]]): 

394 The request object. Request message for 

395 [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret]. 

396 parent (:class:`str`): 

397 Required. The resource name of the project to associate 

398 with the [Secret][google.cloud.secrets.v1beta1.Secret], 

399 in the format ``projects/*``. 

400 

401 This corresponds to the ``parent`` field 

402 on the ``request`` instance; if ``request`` is provided, this 

403 should not be set. 

404 secret_id (:class:`str`): 

405 Required. This must be unique within the project. 

406 

407 A secret ID is a string with a maximum length of 255 

408 characters and can contain uppercase and lowercase 

409 letters, numerals, and the hyphen (``-``) and underscore 

410 (``_``) characters. 

411 

412 This corresponds to the ``secret_id`` field 

413 on the ``request`` instance; if ``request`` is provided, this 

414 should not be set. 

415 secret (:class:`google.cloud.secretmanager_v1beta1.types.Secret`): 

416 Required. A 

417 [Secret][google.cloud.secrets.v1beta1.Secret] with 

418 initial field values. 

419 

420 This corresponds to the ``secret`` field 

421 on the ``request`` instance; if ``request`` is provided, this 

422 should not be set. 

423 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

424 should be retried. 

425 timeout (float): The timeout for this request. 

426 metadata (Sequence[Tuple[str, str]]): Strings which should be 

427 sent along with the request as metadata. 

428 

429 Returns: 

430 google.cloud.secretmanager_v1beta1.types.Secret: 

431 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can 

432 be accessed. 

433 

434 A [Secret][google.cloud.secrets.v1beta1.Secret] is 

435 made up of zero or more 

436 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] 

437 that represent the secret data. 

438 

439 """ 

440 # Create or coerce a protobuf request object. 

441 # Quick check: If we got a request object, we should *not* have 

442 # gotten any keyword arguments that map to the request. 

443 has_flattened_params = any([parent, secret_id, secret]) 

444 if request is not None and has_flattened_params: 

445 raise ValueError( 

446 "If the `request` argument is set, then none of " 

447 "the individual field arguments should be set." 

448 ) 

449 

450 request = service.CreateSecretRequest(request) 

451 

452 # If we have keyword arguments corresponding to fields on the 

453 # request, apply these. 

454 if parent is not None: 

455 request.parent = parent 

456 if secret_id is not None: 

457 request.secret_id = secret_id 

458 if secret is not None: 

459 request.secret = secret 

460 

461 # Wrap the RPC method; this adds retry and timeout information, 

462 # and friendly error handling. 

463 rpc = gapic_v1.method_async.wrap_method( 

464 self._client._transport.create_secret, 

465 default_timeout=60.0, 

466 client_info=DEFAULT_CLIENT_INFO, 

467 ) 

468 

469 # Certain fields should be provided within the metadata header; 

470 # add these here. 

471 metadata = tuple(metadata) + ( 

472 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)), 

473 ) 

474 

475 # Send the request. 

476 response = await rpc( 

477 request, 

478 retry=retry, 

479 timeout=timeout, 

480 metadata=metadata, 

481 ) 

482 

483 # Done; return the response. 

484 return response 

485 

486 async def add_secret_version( 

487 self, 

488 request: Optional[Union[service.AddSecretVersionRequest, dict]] = None, 

489 *, 

490 parent: Optional[str] = None, 

491 payload: Optional[resources.SecretPayload] = None, 

492 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

493 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

494 metadata: Sequence[Tuple[str, str]] = (), 

495 ) -> resources.SecretVersion: 

496 r"""Creates a new 

497 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

498 containing secret data and attaches it to an existing 

499 [Secret][google.cloud.secrets.v1beta1.Secret]. 

500 

501 .. code-block:: python 

502 

503 # This snippet has been automatically generated and should be regarded as a 

504 # code template only. 

505 # It will require modifications to work: 

506 # - It may require correct/in-range values for request initialization. 

507 # - It may require specifying regional endpoints when creating the service 

508 # client as shown in: 

509 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

510 from google.cloud import secretmanager_v1beta1 

511 

512 async def sample_add_secret_version(): 

513 # Create a client 

514 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

515 

516 # Initialize request argument(s) 

517 request = secretmanager_v1beta1.AddSecretVersionRequest( 

518 parent="parent_value", 

519 ) 

520 

521 # Make the request 

522 response = await client.add_secret_version(request=request) 

523 

524 # Handle the response 

525 print(response) 

526 

527 Args: 

528 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.AddSecretVersionRequest, dict]]): 

529 The request object. Request message for 

530 [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion]. 

531 parent (:class:`str`): 

532 Required. The resource name of the 

533 [Secret][google.cloud.secrets.v1beta1.Secret] to 

534 associate with the 

535 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

536 in the format ``projects/*/secrets/*``. 

537 

538 This corresponds to the ``parent`` field 

539 on the ``request`` instance; if ``request`` is provided, this 

540 should not be set. 

541 payload (:class:`google.cloud.secretmanager_v1beta1.types.SecretPayload`): 

542 Required. The secret payload of the 

543 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

544 

545 This corresponds to the ``payload`` field 

546 on the ``request`` instance; if ``request`` is provided, this 

547 should not be set. 

548 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

549 should be retried. 

550 timeout (float): The timeout for this request. 

551 metadata (Sequence[Tuple[str, str]]): Strings which should be 

552 sent along with the request as metadata. 

553 

554 Returns: 

555 google.cloud.secretmanager_v1beta1.types.SecretVersion: 

556 A secret version resource in the 

557 Secret Manager API. 

558 

559 """ 

560 # Create or coerce a protobuf request object. 

561 # Quick check: If we got a request object, we should *not* have 

562 # gotten any keyword arguments that map to the request. 

563 has_flattened_params = any([parent, payload]) 

564 if request is not None and has_flattened_params: 

565 raise ValueError( 

566 "If the `request` argument is set, then none of " 

567 "the individual field arguments should be set." 

568 ) 

569 

570 request = service.AddSecretVersionRequest(request) 

571 

572 # If we have keyword arguments corresponding to fields on the 

573 # request, apply these. 

574 if parent is not None: 

575 request.parent = parent 

576 if payload is not None: 

577 request.payload = payload 

578 

579 # Wrap the RPC method; this adds retry and timeout information, 

580 # and friendly error handling. 

581 rpc = gapic_v1.method_async.wrap_method( 

582 self._client._transport.add_secret_version, 

583 default_timeout=60.0, 

584 client_info=DEFAULT_CLIENT_INFO, 

585 ) 

586 

587 # Certain fields should be provided within the metadata header; 

588 # add these here. 

589 metadata = tuple(metadata) + ( 

590 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)), 

591 ) 

592 

593 # Send the request. 

594 response = await rpc( 

595 request, 

596 retry=retry, 

597 timeout=timeout, 

598 metadata=metadata, 

599 ) 

600 

601 # Done; return the response. 

602 return response 

603 

604 async def get_secret( 

605 self, 

606 request: Optional[Union[service.GetSecretRequest, dict]] = None, 

607 *, 

608 name: Optional[str] = None, 

609 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

610 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

611 metadata: Sequence[Tuple[str, str]] = (), 

612 ) -> resources.Secret: 

613 r"""Gets metadata for a given 

614 [Secret][google.cloud.secrets.v1beta1.Secret]. 

615 

616 .. code-block:: python 

617 

618 # This snippet has been automatically generated and should be regarded as a 

619 # code template only. 

620 # It will require modifications to work: 

621 # - It may require correct/in-range values for request initialization. 

622 # - It may require specifying regional endpoints when creating the service 

623 # client as shown in: 

624 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

625 from google.cloud import secretmanager_v1beta1 

626 

627 async def sample_get_secret(): 

628 # Create a client 

629 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

630 

631 # Initialize request argument(s) 

632 request = secretmanager_v1beta1.GetSecretRequest( 

633 name="name_value", 

634 ) 

635 

636 # Make the request 

637 response = await client.get_secret(request=request) 

638 

639 # Handle the response 

640 print(response) 

641 

642 Args: 

643 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.GetSecretRequest, dict]]): 

644 The request object. Request message for 

645 [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret]. 

646 name (:class:`str`): 

647 Required. The resource name of the 

648 [Secret][google.cloud.secrets.v1beta1.Secret], in the 

649 format ``projects/*/secrets/*``. 

650 

651 This corresponds to the ``name`` field 

652 on the ``request`` instance; if ``request`` is provided, this 

653 should not be set. 

654 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

655 should be retried. 

656 timeout (float): The timeout for this request. 

657 metadata (Sequence[Tuple[str, str]]): Strings which should be 

658 sent along with the request as metadata. 

659 

660 Returns: 

661 google.cloud.secretmanager_v1beta1.types.Secret: 

662 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can 

663 be accessed. 

664 

665 A [Secret][google.cloud.secrets.v1beta1.Secret] is 

666 made up of zero or more 

667 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] 

668 that represent the secret data. 

669 

670 """ 

671 # Create or coerce a protobuf request object. 

672 # Quick check: If we got a request object, we should *not* have 

673 # gotten any keyword arguments that map to the request. 

674 has_flattened_params = any([name]) 

675 if request is not None and has_flattened_params: 

676 raise ValueError( 

677 "If the `request` argument is set, then none of " 

678 "the individual field arguments should be set." 

679 ) 

680 

681 request = service.GetSecretRequest(request) 

682 

683 # If we have keyword arguments corresponding to fields on the 

684 # request, apply these. 

685 if name is not None: 

686 request.name = name 

687 

688 # Wrap the RPC method; this adds retry and timeout information, 

689 # and friendly error handling. 

690 rpc = gapic_v1.method_async.wrap_method( 

691 self._client._transport.get_secret, 

692 default_timeout=60.0, 

693 client_info=DEFAULT_CLIENT_INFO, 

694 ) 

695 

696 # Certain fields should be provided within the metadata header; 

697 # add these here. 

698 metadata = tuple(metadata) + ( 

699 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)), 

700 ) 

701 

702 # Send the request. 

703 response = await rpc( 

704 request, 

705 retry=retry, 

706 timeout=timeout, 

707 metadata=metadata, 

708 ) 

709 

710 # Done; return the response. 

711 return response 

712 

713 async def update_secret( 

714 self, 

715 request: Optional[Union[service.UpdateSecretRequest, dict]] = None, 

716 *, 

717 secret: Optional[resources.Secret] = None, 

718 update_mask: Optional[field_mask_pb2.FieldMask] = None, 

719 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

720 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

721 metadata: Sequence[Tuple[str, str]] = (), 

722 ) -> resources.Secret: 

723 r"""Updates metadata of an existing 

724 [Secret][google.cloud.secrets.v1beta1.Secret]. 

725 

726 .. code-block:: python 

727 

728 # This snippet has been automatically generated and should be regarded as a 

729 # code template only. 

730 # It will require modifications to work: 

731 # - It may require correct/in-range values for request initialization. 

732 # - It may require specifying regional endpoints when creating the service 

733 # client as shown in: 

734 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

735 from google.cloud import secretmanager_v1beta1 

736 

737 async def sample_update_secret(): 

738 # Create a client 

739 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

740 

741 # Initialize request argument(s) 

742 request = secretmanager_v1beta1.UpdateSecretRequest( 

743 ) 

744 

745 # Make the request 

746 response = await client.update_secret(request=request) 

747 

748 # Handle the response 

749 print(response) 

750 

751 Args: 

752 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.UpdateSecretRequest, dict]]): 

753 The request object. Request message for 

754 [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret]. 

755 secret (:class:`google.cloud.secretmanager_v1beta1.types.Secret`): 

756 Required. [Secret][google.cloud.secrets.v1beta1.Secret] 

757 with updated field values. 

758 

759 This corresponds to the ``secret`` field 

760 on the ``request`` instance; if ``request`` is provided, this 

761 should not be set. 

762 update_mask (:class:`google.protobuf.field_mask_pb2.FieldMask`): 

763 Required. Specifies the fields to be 

764 updated. 

765 

766 This corresponds to the ``update_mask`` field 

767 on the ``request`` instance; if ``request`` is provided, this 

768 should not be set. 

769 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

770 should be retried. 

771 timeout (float): The timeout for this request. 

772 metadata (Sequence[Tuple[str, str]]): Strings which should be 

773 sent along with the request as metadata. 

774 

775 Returns: 

776 google.cloud.secretmanager_v1beta1.types.Secret: 

777 A [Secret][google.cloud.secrets.v1beta1.Secret] is a logical secret whose value and versions can 

778 be accessed. 

779 

780 A [Secret][google.cloud.secrets.v1beta1.Secret] is 

781 made up of zero or more 

782 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] 

783 that represent the secret data. 

784 

785 """ 

786 # Create or coerce a protobuf request object. 

787 # Quick check: If we got a request object, we should *not* have 

788 # gotten any keyword arguments that map to the request. 

789 has_flattened_params = any([secret, update_mask]) 

790 if request is not None and has_flattened_params: 

791 raise ValueError( 

792 "If the `request` argument is set, then none of " 

793 "the individual field arguments should be set." 

794 ) 

795 

796 request = service.UpdateSecretRequest(request) 

797 

798 # If we have keyword arguments corresponding to fields on the 

799 # request, apply these. 

800 if secret is not None: 

801 request.secret = secret 

802 if update_mask is not None: 

803 request.update_mask = update_mask 

804 

805 # Wrap the RPC method; this adds retry and timeout information, 

806 # and friendly error handling. 

807 rpc = gapic_v1.method_async.wrap_method( 

808 self._client._transport.update_secret, 

809 default_timeout=60.0, 

810 client_info=DEFAULT_CLIENT_INFO, 

811 ) 

812 

813 # Certain fields should be provided within the metadata header; 

814 # add these here. 

815 metadata = tuple(metadata) + ( 

816 gapic_v1.routing_header.to_grpc_metadata( 

817 (("secret.name", request.secret.name),) 

818 ), 

819 ) 

820 

821 # Send the request. 

822 response = await rpc( 

823 request, 

824 retry=retry, 

825 timeout=timeout, 

826 metadata=metadata, 

827 ) 

828 

829 # Done; return the response. 

830 return response 

831 

832 async def delete_secret( 

833 self, 

834 request: Optional[Union[service.DeleteSecretRequest, dict]] = None, 

835 *, 

836 name: Optional[str] = None, 

837 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

838 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

839 metadata: Sequence[Tuple[str, str]] = (), 

840 ) -> None: 

841 r"""Deletes a [Secret][google.cloud.secrets.v1beta1.Secret]. 

842 

843 .. code-block:: python 

844 

845 # This snippet has been automatically generated and should be regarded as a 

846 # code template only. 

847 # It will require modifications to work: 

848 # - It may require correct/in-range values for request initialization. 

849 # - It may require specifying regional endpoints when creating the service 

850 # client as shown in: 

851 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

852 from google.cloud import secretmanager_v1beta1 

853 

854 async def sample_delete_secret(): 

855 # Create a client 

856 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

857 

858 # Initialize request argument(s) 

859 request = secretmanager_v1beta1.DeleteSecretRequest( 

860 name="name_value", 

861 ) 

862 

863 # Make the request 

864 await client.delete_secret(request=request) 

865 

866 Args: 

867 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DeleteSecretRequest, dict]]): 

868 The request object. Request message for 

869 [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret]. 

870 name (:class:`str`): 

871 Required. The resource name of the 

872 [Secret][google.cloud.secrets.v1beta1.Secret] to delete 

873 in the format ``projects/*/secrets/*``. 

874 

875 This corresponds to the ``name`` field 

876 on the ``request`` instance; if ``request`` is provided, this 

877 should not be set. 

878 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

879 should be retried. 

880 timeout (float): The timeout for this request. 

881 metadata (Sequence[Tuple[str, str]]): Strings which should be 

882 sent along with the request as metadata. 

883 """ 

884 # Create or coerce a protobuf request object. 

885 # Quick check: If we got a request object, we should *not* have 

886 # gotten any keyword arguments that map to the request. 

887 has_flattened_params = any([name]) 

888 if request is not None and has_flattened_params: 

889 raise ValueError( 

890 "If the `request` argument is set, then none of " 

891 "the individual field arguments should be set." 

892 ) 

893 

894 request = service.DeleteSecretRequest(request) 

895 

896 # If we have keyword arguments corresponding to fields on the 

897 # request, apply these. 

898 if name is not None: 

899 request.name = name 

900 

901 # Wrap the RPC method; this adds retry and timeout information, 

902 # and friendly error handling. 

903 rpc = gapic_v1.method_async.wrap_method( 

904 self._client._transport.delete_secret, 

905 default_timeout=60.0, 

906 client_info=DEFAULT_CLIENT_INFO, 

907 ) 

908 

909 # Certain fields should be provided within the metadata header; 

910 # add these here. 

911 metadata = tuple(metadata) + ( 

912 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)), 

913 ) 

914 

915 # Send the request. 

916 await rpc( 

917 request, 

918 retry=retry, 

919 timeout=timeout, 

920 metadata=metadata, 

921 ) 

922 

923 async def list_secret_versions( 

924 self, 

925 request: Optional[Union[service.ListSecretVersionsRequest, dict]] = None, 

926 *, 

927 parent: Optional[str] = None, 

928 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

929 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

930 metadata: Sequence[Tuple[str, str]] = (), 

931 ) -> pagers.ListSecretVersionsAsyncPager: 

932 r"""Lists 

933 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. 

934 This call does not return secret data. 

935 

936 .. code-block:: python 

937 

938 # This snippet has been automatically generated and should be regarded as a 

939 # code template only. 

940 # It will require modifications to work: 

941 # - It may require correct/in-range values for request initialization. 

942 # - It may require specifying regional endpoints when creating the service 

943 # client as shown in: 

944 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

945 from google.cloud import secretmanager_v1beta1 

946 

947 async def sample_list_secret_versions(): 

948 # Create a client 

949 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

950 

951 # Initialize request argument(s) 

952 request = secretmanager_v1beta1.ListSecretVersionsRequest( 

953 parent="parent_value", 

954 ) 

955 

956 # Make the request 

957 page_result = client.list_secret_versions(request=request) 

958 

959 # Handle the response 

960 async for response in page_result: 

961 print(response) 

962 

963 Args: 

964 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.ListSecretVersionsRequest, dict]]): 

965 The request object. Request message for 

966 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. 

967 parent (:class:`str`): 

968 Required. The resource name of the 

969 [Secret][google.cloud.secrets.v1beta1.Secret] associated 

970 with the 

971 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] 

972 to list, in the format ``projects/*/secrets/*``. 

973 

974 This corresponds to the ``parent`` field 

975 on the ``request`` instance; if ``request`` is provided, this 

976 should not be set. 

977 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

978 should be retried. 

979 timeout (float): The timeout for this request. 

980 metadata (Sequence[Tuple[str, str]]): Strings which should be 

981 sent along with the request as metadata. 

982 

983 Returns: 

984 google.cloud.secretmanager_v1beta1.services.secret_manager_service.pagers.ListSecretVersionsAsyncPager: 

985 Response message for 

986 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions]. 

987 

988 Iterating over this object will yield results and 

989 resolve additional pages automatically. 

990 

991 """ 

992 # Create or coerce a protobuf request object. 

993 # Quick check: If we got a request object, we should *not* have 

994 # gotten any keyword arguments that map to the request. 

995 has_flattened_params = any([parent]) 

996 if request is not None and has_flattened_params: 

997 raise ValueError( 

998 "If the `request` argument is set, then none of " 

999 "the individual field arguments should be set." 

1000 ) 

1001 

1002 request = service.ListSecretVersionsRequest(request) 

1003 

1004 # If we have keyword arguments corresponding to fields on the 

1005 # request, apply these. 

1006 if parent is not None: 

1007 request.parent = parent 

1008 

1009 # Wrap the RPC method; this adds retry and timeout information, 

1010 # and friendly error handling. 

1011 rpc = gapic_v1.method_async.wrap_method( 

1012 self._client._transport.list_secret_versions, 

1013 default_timeout=60.0, 

1014 client_info=DEFAULT_CLIENT_INFO, 

1015 ) 

1016 

1017 # Certain fields should be provided within the metadata header; 

1018 # add these here. 

1019 metadata = tuple(metadata) + ( 

1020 gapic_v1.routing_header.to_grpc_metadata((("parent", request.parent),)), 

1021 ) 

1022 

1023 # Send the request. 

1024 response = await rpc( 

1025 request, 

1026 retry=retry, 

1027 timeout=timeout, 

1028 metadata=metadata, 

1029 ) 

1030 

1031 # This method is paged; wrap the response in a pager, which provides 

1032 # an `__aiter__` convenience method. 

1033 response = pagers.ListSecretVersionsAsyncPager( 

1034 method=rpc, 

1035 request=request, 

1036 response=response, 

1037 metadata=metadata, 

1038 ) 

1039 

1040 # Done; return the response. 

1041 return response 

1042 

1043 async def get_secret_version( 

1044 self, 

1045 request: Optional[Union[service.GetSecretVersionRequest, dict]] = None, 

1046 *, 

1047 name: Optional[str] = None, 

1048 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

1049 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

1050 metadata: Sequence[Tuple[str, str]] = (), 

1051 ) -> resources.SecretVersion: 

1052 r"""Gets metadata for a 

1053 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

1054 

1055 ``projects/*/secrets/*/versions/latest`` is an alias to the 

1056 ``latest`` 

1057 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

1058 

1059 .. code-block:: python 

1060 

1061 # This snippet has been automatically generated and should be regarded as a 

1062 # code template only. 

1063 # It will require modifications to work: 

1064 # - It may require correct/in-range values for request initialization. 

1065 # - It may require specifying regional endpoints when creating the service 

1066 # client as shown in: 

1067 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

1068 from google.cloud import secretmanager_v1beta1 

1069 

1070 async def sample_get_secret_version(): 

1071 # Create a client 

1072 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

1073 

1074 # Initialize request argument(s) 

1075 request = secretmanager_v1beta1.GetSecretVersionRequest( 

1076 name="name_value", 

1077 ) 

1078 

1079 # Make the request 

1080 response = await client.get_secret_version(request=request) 

1081 

1082 # Handle the response 

1083 print(response) 

1084 

1085 Args: 

1086 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.GetSecretVersionRequest, dict]]): 

1087 The request object. Request message for 

1088 [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion]. 

1089 name (:class:`str`): 

1090 Required. The resource name of the 

1091 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

1092 in the format ``projects/*/secrets/*/versions/*``. 

1093 ``projects/*/secrets/*/versions/latest`` is an alias to 

1094 the ``latest`` 

1095 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

1096 

1097 This corresponds to the ``name`` field 

1098 on the ``request`` instance; if ``request`` is provided, this 

1099 should not be set. 

1100 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

1101 should be retried. 

1102 timeout (float): The timeout for this request. 

1103 metadata (Sequence[Tuple[str, str]]): Strings which should be 

1104 sent along with the request as metadata. 

1105 

1106 Returns: 

1107 google.cloud.secretmanager_v1beta1.types.SecretVersion: 

1108 A secret version resource in the 

1109 Secret Manager API. 

1110 

1111 """ 

1112 # Create or coerce a protobuf request object. 

1113 # Quick check: If we got a request object, we should *not* have 

1114 # gotten any keyword arguments that map to the request. 

1115 has_flattened_params = any([name]) 

1116 if request is not None and has_flattened_params: 

1117 raise ValueError( 

1118 "If the `request` argument is set, then none of " 

1119 "the individual field arguments should be set." 

1120 ) 

1121 

1122 request = service.GetSecretVersionRequest(request) 

1123 

1124 # If we have keyword arguments corresponding to fields on the 

1125 # request, apply these. 

1126 if name is not None: 

1127 request.name = name 

1128 

1129 # Wrap the RPC method; this adds retry and timeout information, 

1130 # and friendly error handling. 

1131 rpc = gapic_v1.method_async.wrap_method( 

1132 self._client._transport.get_secret_version, 

1133 default_timeout=60.0, 

1134 client_info=DEFAULT_CLIENT_INFO, 

1135 ) 

1136 

1137 # Certain fields should be provided within the metadata header; 

1138 # add these here. 

1139 metadata = tuple(metadata) + ( 

1140 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)), 

1141 ) 

1142 

1143 # Send the request. 

1144 response = await rpc( 

1145 request, 

1146 retry=retry, 

1147 timeout=timeout, 

1148 metadata=metadata, 

1149 ) 

1150 

1151 # Done; return the response. 

1152 return response 

1153 

1154 async def access_secret_version( 

1155 self, 

1156 request: Optional[Union[service.AccessSecretVersionRequest, dict]] = None, 

1157 *, 

1158 name: Optional[str] = None, 

1159 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

1160 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

1161 metadata: Sequence[Tuple[str, str]] = (), 

1162 ) -> service.AccessSecretVersionResponse: 

1163 r"""Accesses a 

1164 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

1165 This call returns the secret data. 

1166 

1167 ``projects/*/secrets/*/versions/latest`` is an alias to the 

1168 ``latest`` 

1169 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

1170 

1171 .. code-block:: python 

1172 

1173 # This snippet has been automatically generated and should be regarded as a 

1174 # code template only. 

1175 # It will require modifications to work: 

1176 # - It may require correct/in-range values for request initialization. 

1177 # - It may require specifying regional endpoints when creating the service 

1178 # client as shown in: 

1179 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

1180 from google.cloud import secretmanager_v1beta1 

1181 

1182 async def sample_access_secret_version(): 

1183 # Create a client 

1184 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

1185 

1186 # Initialize request argument(s) 

1187 request = secretmanager_v1beta1.AccessSecretVersionRequest( 

1188 name="name_value", 

1189 ) 

1190 

1191 # Make the request 

1192 response = await client.access_secret_version(request=request) 

1193 

1194 # Handle the response 

1195 print(response) 

1196 

1197 Args: 

1198 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.AccessSecretVersionRequest, dict]]): 

1199 The request object. Request message for 

1200 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. 

1201 name (:class:`str`): 

1202 Required. The resource name of the 

1203 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

1204 in the format ``projects/*/secrets/*/versions/*``. 

1205 

1206 This corresponds to the ``name`` field 

1207 on the ``request`` instance; if ``request`` is provided, this 

1208 should not be set. 

1209 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

1210 should be retried. 

1211 timeout (float): The timeout for this request. 

1212 metadata (Sequence[Tuple[str, str]]): Strings which should be 

1213 sent along with the request as metadata. 

1214 

1215 Returns: 

1216 google.cloud.secretmanager_v1beta1.types.AccessSecretVersionResponse: 

1217 Response message for 

1218 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion]. 

1219 

1220 """ 

1221 # Create or coerce a protobuf request object. 

1222 # Quick check: If we got a request object, we should *not* have 

1223 # gotten any keyword arguments that map to the request. 

1224 has_flattened_params = any([name]) 

1225 if request is not None and has_flattened_params: 

1226 raise ValueError( 

1227 "If the `request` argument is set, then none of " 

1228 "the individual field arguments should be set." 

1229 ) 

1230 

1231 request = service.AccessSecretVersionRequest(request) 

1232 

1233 # If we have keyword arguments corresponding to fields on the 

1234 # request, apply these. 

1235 if name is not None: 

1236 request.name = name 

1237 

1238 # Wrap the RPC method; this adds retry and timeout information, 

1239 # and friendly error handling. 

1240 rpc = gapic_v1.method_async.wrap_method( 

1241 self._client._transport.access_secret_version, 

1242 default_retry=retries.Retry( 

1243 initial=1.0, 

1244 maximum=60.0, 

1245 multiplier=1.3, 

1246 predicate=retries.if_exception_type( 

1247 core_exceptions.ServiceUnavailable, 

1248 core_exceptions.Unknown, 

1249 ), 

1250 deadline=60.0, 

1251 ), 

1252 default_timeout=60.0, 

1253 client_info=DEFAULT_CLIENT_INFO, 

1254 ) 

1255 

1256 # Certain fields should be provided within the metadata header; 

1257 # add these here. 

1258 metadata = tuple(metadata) + ( 

1259 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)), 

1260 ) 

1261 

1262 # Send the request. 

1263 response = await rpc( 

1264 request, 

1265 retry=retry, 

1266 timeout=timeout, 

1267 metadata=metadata, 

1268 ) 

1269 

1270 # Done; return the response. 

1271 return response 

1272 

1273 async def disable_secret_version( 

1274 self, 

1275 request: Optional[Union[service.DisableSecretVersionRequest, dict]] = None, 

1276 *, 

1277 name: Optional[str] = None, 

1278 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

1279 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

1280 metadata: Sequence[Tuple[str, str]] = (), 

1281 ) -> resources.SecretVersion: 

1282 r"""Disables a 

1283 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

1284 

1285 Sets the 

1286 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the 

1287 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to 

1288 [DISABLED][google.cloud.secrets.v1beta1.SecretVersion.State.DISABLED]. 

1289 

1290 .. code-block:: python 

1291 

1292 # This snippet has been automatically generated and should be regarded as a 

1293 # code template only. 

1294 # It will require modifications to work: 

1295 # - It may require correct/in-range values for request initialization. 

1296 # - It may require specifying regional endpoints when creating the service 

1297 # client as shown in: 

1298 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

1299 from google.cloud import secretmanager_v1beta1 

1300 

1301 async def sample_disable_secret_version(): 

1302 # Create a client 

1303 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

1304 

1305 # Initialize request argument(s) 

1306 request = secretmanager_v1beta1.DisableSecretVersionRequest( 

1307 name="name_value", 

1308 ) 

1309 

1310 # Make the request 

1311 response = await client.disable_secret_version(request=request) 

1312 

1313 # Handle the response 

1314 print(response) 

1315 

1316 Args: 

1317 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DisableSecretVersionRequest, dict]]): 

1318 The request object. Request message for 

1319 [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion]. 

1320 name (:class:`str`): 

1321 Required. The resource name of the 

1322 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

1323 to disable in the format 

1324 ``projects/*/secrets/*/versions/*``. 

1325 

1326 This corresponds to the ``name`` field 

1327 on the ``request`` instance; if ``request`` is provided, this 

1328 should not be set. 

1329 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

1330 should be retried. 

1331 timeout (float): The timeout for this request. 

1332 metadata (Sequence[Tuple[str, str]]): Strings which should be 

1333 sent along with the request as metadata. 

1334 

1335 Returns: 

1336 google.cloud.secretmanager_v1beta1.types.SecretVersion: 

1337 A secret version resource in the 

1338 Secret Manager API. 

1339 

1340 """ 

1341 # Create or coerce a protobuf request object. 

1342 # Quick check: If we got a request object, we should *not* have 

1343 # gotten any keyword arguments that map to the request. 

1344 has_flattened_params = any([name]) 

1345 if request is not None and has_flattened_params: 

1346 raise ValueError( 

1347 "If the `request` argument is set, then none of " 

1348 "the individual field arguments should be set." 

1349 ) 

1350 

1351 request = service.DisableSecretVersionRequest(request) 

1352 

1353 # If we have keyword arguments corresponding to fields on the 

1354 # request, apply these. 

1355 if name is not None: 

1356 request.name = name 

1357 

1358 # Wrap the RPC method; this adds retry and timeout information, 

1359 # and friendly error handling. 

1360 rpc = gapic_v1.method_async.wrap_method( 

1361 self._client._transport.disable_secret_version, 

1362 default_timeout=60.0, 

1363 client_info=DEFAULT_CLIENT_INFO, 

1364 ) 

1365 

1366 # Certain fields should be provided within the metadata header; 

1367 # add these here. 

1368 metadata = tuple(metadata) + ( 

1369 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)), 

1370 ) 

1371 

1372 # Send the request. 

1373 response = await rpc( 

1374 request, 

1375 retry=retry, 

1376 timeout=timeout, 

1377 metadata=metadata, 

1378 ) 

1379 

1380 # Done; return the response. 

1381 return response 

1382 

1383 async def enable_secret_version( 

1384 self, 

1385 request: Optional[Union[service.EnableSecretVersionRequest, dict]] = None, 

1386 *, 

1387 name: Optional[str] = None, 

1388 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

1389 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

1390 metadata: Sequence[Tuple[str, str]] = (), 

1391 ) -> resources.SecretVersion: 

1392 r"""Enables a 

1393 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

1394 

1395 Sets the 

1396 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the 

1397 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to 

1398 [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED]. 

1399 

1400 .. code-block:: python 

1401 

1402 # This snippet has been automatically generated and should be regarded as a 

1403 # code template only. 

1404 # It will require modifications to work: 

1405 # - It may require correct/in-range values for request initialization. 

1406 # - It may require specifying regional endpoints when creating the service 

1407 # client as shown in: 

1408 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

1409 from google.cloud import secretmanager_v1beta1 

1410 

1411 async def sample_enable_secret_version(): 

1412 # Create a client 

1413 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

1414 

1415 # Initialize request argument(s) 

1416 request = secretmanager_v1beta1.EnableSecretVersionRequest( 

1417 name="name_value", 

1418 ) 

1419 

1420 # Make the request 

1421 response = await client.enable_secret_version(request=request) 

1422 

1423 # Handle the response 

1424 print(response) 

1425 

1426 Args: 

1427 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.EnableSecretVersionRequest, dict]]): 

1428 The request object. Request message for 

1429 [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion]. 

1430 name (:class:`str`): 

1431 Required. The resource name of the 

1432 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

1433 to enable in the format 

1434 ``projects/*/secrets/*/versions/*``. 

1435 

1436 This corresponds to the ``name`` field 

1437 on the ``request`` instance; if ``request`` is provided, this 

1438 should not be set. 

1439 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

1440 should be retried. 

1441 timeout (float): The timeout for this request. 

1442 metadata (Sequence[Tuple[str, str]]): Strings which should be 

1443 sent along with the request as metadata. 

1444 

1445 Returns: 

1446 google.cloud.secretmanager_v1beta1.types.SecretVersion: 

1447 A secret version resource in the 

1448 Secret Manager API. 

1449 

1450 """ 

1451 # Create or coerce a protobuf request object. 

1452 # Quick check: If we got a request object, we should *not* have 

1453 # gotten any keyword arguments that map to the request. 

1454 has_flattened_params = any([name]) 

1455 if request is not None and has_flattened_params: 

1456 raise ValueError( 

1457 "If the `request` argument is set, then none of " 

1458 "the individual field arguments should be set." 

1459 ) 

1460 

1461 request = service.EnableSecretVersionRequest(request) 

1462 

1463 # If we have keyword arguments corresponding to fields on the 

1464 # request, apply these. 

1465 if name is not None: 

1466 request.name = name 

1467 

1468 # Wrap the RPC method; this adds retry and timeout information, 

1469 # and friendly error handling. 

1470 rpc = gapic_v1.method_async.wrap_method( 

1471 self._client._transport.enable_secret_version, 

1472 default_timeout=60.0, 

1473 client_info=DEFAULT_CLIENT_INFO, 

1474 ) 

1475 

1476 # Certain fields should be provided within the metadata header; 

1477 # add these here. 

1478 metadata = tuple(metadata) + ( 

1479 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)), 

1480 ) 

1481 

1482 # Send the request. 

1483 response = await rpc( 

1484 request, 

1485 retry=retry, 

1486 timeout=timeout, 

1487 metadata=metadata, 

1488 ) 

1489 

1490 # Done; return the response. 

1491 return response 

1492 

1493 async def destroy_secret_version( 

1494 self, 

1495 request: Optional[Union[service.DestroySecretVersionRequest, dict]] = None, 

1496 *, 

1497 name: Optional[str] = None, 

1498 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

1499 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

1500 metadata: Sequence[Tuple[str, str]] = (), 

1501 ) -> resources.SecretVersion: 

1502 r"""Destroys a 

1503 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

1504 

1505 Sets the 

1506 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the 

1507 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to 

1508 [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED] 

1509 and irrevocably destroys the secret data. 

1510 

1511 .. code-block:: python 

1512 

1513 # This snippet has been automatically generated and should be regarded as a 

1514 # code template only. 

1515 # It will require modifications to work: 

1516 # - It may require correct/in-range values for request initialization. 

1517 # - It may require specifying regional endpoints when creating the service 

1518 # client as shown in: 

1519 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

1520 from google.cloud import secretmanager_v1beta1 

1521 

1522 async def sample_destroy_secret_version(): 

1523 # Create a client 

1524 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

1525 

1526 # Initialize request argument(s) 

1527 request = secretmanager_v1beta1.DestroySecretVersionRequest( 

1528 name="name_value", 

1529 ) 

1530 

1531 # Make the request 

1532 response = await client.destroy_secret_version(request=request) 

1533 

1534 # Handle the response 

1535 print(response) 

1536 

1537 Args: 

1538 request (Optional[Union[google.cloud.secretmanager_v1beta1.types.DestroySecretVersionRequest, dict]]): 

1539 The request object. Request message for 

1540 [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion]. 

1541 name (:class:`str`): 

1542 Required. The resource name of the 

1543 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

1544 to destroy in the format 

1545 ``projects/*/secrets/*/versions/*``. 

1546 

1547 This corresponds to the ``name`` field 

1548 on the ``request`` instance; if ``request`` is provided, this 

1549 should not be set. 

1550 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

1551 should be retried. 

1552 timeout (float): The timeout for this request. 

1553 metadata (Sequence[Tuple[str, str]]): Strings which should be 

1554 sent along with the request as metadata. 

1555 

1556 Returns: 

1557 google.cloud.secretmanager_v1beta1.types.SecretVersion: 

1558 A secret version resource in the 

1559 Secret Manager API. 

1560 

1561 """ 

1562 # Create or coerce a protobuf request object. 

1563 # Quick check: If we got a request object, we should *not* have 

1564 # gotten any keyword arguments that map to the request. 

1565 has_flattened_params = any([name]) 

1566 if request is not None and has_flattened_params: 

1567 raise ValueError( 

1568 "If the `request` argument is set, then none of " 

1569 "the individual field arguments should be set." 

1570 ) 

1571 

1572 request = service.DestroySecretVersionRequest(request) 

1573 

1574 # If we have keyword arguments corresponding to fields on the 

1575 # request, apply these. 

1576 if name is not None: 

1577 request.name = name 

1578 

1579 # Wrap the RPC method; this adds retry and timeout information, 

1580 # and friendly error handling. 

1581 rpc = gapic_v1.method_async.wrap_method( 

1582 self._client._transport.destroy_secret_version, 

1583 default_timeout=60.0, 

1584 client_info=DEFAULT_CLIENT_INFO, 

1585 ) 

1586 

1587 # Certain fields should be provided within the metadata header; 

1588 # add these here. 

1589 metadata = tuple(metadata) + ( 

1590 gapic_v1.routing_header.to_grpc_metadata((("name", request.name),)), 

1591 ) 

1592 

1593 # Send the request. 

1594 response = await rpc( 

1595 request, 

1596 retry=retry, 

1597 timeout=timeout, 

1598 metadata=metadata, 

1599 ) 

1600 

1601 # Done; return the response. 

1602 return response 

1603 

1604 async def set_iam_policy( 

1605 self, 

1606 request: Optional[Union[iam_policy_pb2.SetIamPolicyRequest, dict]] = None, 

1607 *, 

1608 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

1609 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

1610 metadata: Sequence[Tuple[str, str]] = (), 

1611 ) -> policy_pb2.Policy: 

1612 r"""Sets the access control policy on the specified secret. Replaces 

1613 any existing policy. 

1614 

1615 Permissions on 

1616 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] are 

1617 enforced according to the policy set on the associated 

1618 [Secret][google.cloud.secrets.v1beta1.Secret]. 

1619 

1620 .. code-block:: python 

1621 

1622 # This snippet has been automatically generated and should be regarded as a 

1623 # code template only. 

1624 # It will require modifications to work: 

1625 # - It may require correct/in-range values for request initialization. 

1626 # - It may require specifying regional endpoints when creating the service 

1627 # client as shown in: 

1628 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

1629 from google.cloud import secretmanager_v1beta1 

1630 from google.iam.v1 import iam_policy_pb2 # type: ignore 

1631 

1632 async def sample_set_iam_policy(): 

1633 # Create a client 

1634 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

1635 

1636 # Initialize request argument(s) 

1637 request = iam_policy_pb2.SetIamPolicyRequest( 

1638 resource="resource_value", 

1639 ) 

1640 

1641 # Make the request 

1642 response = await client.set_iam_policy(request=request) 

1643 

1644 # Handle the response 

1645 print(response) 

1646 

1647 Args: 

1648 request (Optional[Union[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest, dict]]): 

1649 The request object. Request message for ``SetIamPolicy`` method. 

1650 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

1651 should be retried. 

1652 timeout (float): The timeout for this request. 

1653 metadata (Sequence[Tuple[str, str]]): Strings which should be 

1654 sent along with the request as metadata. 

1655 

1656 Returns: 

1657 google.iam.v1.policy_pb2.Policy: 

1658 An Identity and Access Management (IAM) policy, which specifies access 

1659 controls for Google Cloud resources. 

1660 

1661 A Policy is a collection of bindings. A binding binds 

1662 one or more members, or principals, to a single role. 

1663 Principals can be user accounts, service accounts, 

1664 Google groups, and domains (such as G Suite). A role 

1665 is a named list of permissions; each role can be an 

1666 IAM predefined role or a user-created custom role. 

1667 

1668 For some types of Google Cloud resources, a binding 

1669 can also specify a condition, which is a logical 

1670 expression that allows access to a resource only if 

1671 the expression evaluates to true. A condition can add 

1672 constraints based on attributes of the request, the 

1673 resource, or both. To learn which resources support 

1674 conditions in their IAM policies, see the [IAM 

1675 documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). 

1676 

1677 **JSON example:** 

1678 

1679 :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` 

1680 

1681 **YAML example:** 

1682 

1683 :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` 

1684 

1685 For a description of IAM and its features, see the 

1686 [IAM 

1687 documentation](\ https://cloud.google.com/iam/docs/). 

1688 

1689 """ 

1690 # Create or coerce a protobuf request object. 

1691 # The request isn't a proto-plus wrapped type, 

1692 # so it must be constructed via keyword expansion. 

1693 if isinstance(request, dict): 

1694 request = iam_policy_pb2.SetIamPolicyRequest(**request) 

1695 

1696 # Wrap the RPC method; this adds retry and timeout information, 

1697 # and friendly error handling. 

1698 rpc = gapic_v1.method_async.wrap_method( 

1699 self._client._transport.set_iam_policy, 

1700 default_timeout=60.0, 

1701 client_info=DEFAULT_CLIENT_INFO, 

1702 ) 

1703 

1704 # Certain fields should be provided within the metadata header; 

1705 # add these here. 

1706 metadata = tuple(metadata) + ( 

1707 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)), 

1708 ) 

1709 

1710 # Send the request. 

1711 response = await rpc( 

1712 request, 

1713 retry=retry, 

1714 timeout=timeout, 

1715 metadata=metadata, 

1716 ) 

1717 

1718 # Done; return the response. 

1719 return response 

1720 

1721 async def get_iam_policy( 

1722 self, 

1723 request: Optional[Union[iam_policy_pb2.GetIamPolicyRequest, dict]] = None, 

1724 *, 

1725 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

1726 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

1727 metadata: Sequence[Tuple[str, str]] = (), 

1728 ) -> policy_pb2.Policy: 

1729 r"""Gets the access control policy for a secret. 

1730 Returns empty policy if the secret exists and does not 

1731 have a policy set. 

1732 

1733 .. code-block:: python 

1734 

1735 # This snippet has been automatically generated and should be regarded as a 

1736 # code template only. 

1737 # It will require modifications to work: 

1738 # - It may require correct/in-range values for request initialization. 

1739 # - It may require specifying regional endpoints when creating the service 

1740 # client as shown in: 

1741 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

1742 from google.cloud import secretmanager_v1beta1 

1743 from google.iam.v1 import iam_policy_pb2 # type: ignore 

1744 

1745 async def sample_get_iam_policy(): 

1746 # Create a client 

1747 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

1748 

1749 # Initialize request argument(s) 

1750 request = iam_policy_pb2.GetIamPolicyRequest( 

1751 resource="resource_value", 

1752 ) 

1753 

1754 # Make the request 

1755 response = await client.get_iam_policy(request=request) 

1756 

1757 # Handle the response 

1758 print(response) 

1759 

1760 Args: 

1761 request (Optional[Union[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest, dict]]): 

1762 The request object. Request message for ``GetIamPolicy`` method. 

1763 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

1764 should be retried. 

1765 timeout (float): The timeout for this request. 

1766 metadata (Sequence[Tuple[str, str]]): Strings which should be 

1767 sent along with the request as metadata. 

1768 

1769 Returns: 

1770 google.iam.v1.policy_pb2.Policy: 

1771 An Identity and Access Management (IAM) policy, which specifies access 

1772 controls for Google Cloud resources. 

1773 

1774 A Policy is a collection of bindings. A binding binds 

1775 one or more members, or principals, to a single role. 

1776 Principals can be user accounts, service accounts, 

1777 Google groups, and domains (such as G Suite). A role 

1778 is a named list of permissions; each role can be an 

1779 IAM predefined role or a user-created custom role. 

1780 

1781 For some types of Google Cloud resources, a binding 

1782 can also specify a condition, which is a logical 

1783 expression that allows access to a resource only if 

1784 the expression evaluates to true. A condition can add 

1785 constraints based on attributes of the request, the 

1786 resource, or both. To learn which resources support 

1787 conditions in their IAM policies, see the [IAM 

1788 documentation](\ https://cloud.google.com/iam/help/conditions/resource-policies). 

1789 

1790 **JSON example:** 

1791 

1792 :literal:`\` { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 }`\ \` 

1793 

1794 **YAML example:** 

1795 

1796 :literal:`\` bindings: - members: - user:mike@example.com - group:admins@example.com - domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.com role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3`\ \` 

1797 

1798 For a description of IAM and its features, see the 

1799 [IAM 

1800 documentation](\ https://cloud.google.com/iam/docs/). 

1801 

1802 """ 

1803 # Create or coerce a protobuf request object. 

1804 # The request isn't a proto-plus wrapped type, 

1805 # so it must be constructed via keyword expansion. 

1806 if isinstance(request, dict): 

1807 request = iam_policy_pb2.GetIamPolicyRequest(**request) 

1808 

1809 # Wrap the RPC method; this adds retry and timeout information, 

1810 # and friendly error handling. 

1811 rpc = gapic_v1.method_async.wrap_method( 

1812 self._client._transport.get_iam_policy, 

1813 default_timeout=60.0, 

1814 client_info=DEFAULT_CLIENT_INFO, 

1815 ) 

1816 

1817 # Certain fields should be provided within the metadata header; 

1818 # add these here. 

1819 metadata = tuple(metadata) + ( 

1820 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)), 

1821 ) 

1822 

1823 # Send the request. 

1824 response = await rpc( 

1825 request, 

1826 retry=retry, 

1827 timeout=timeout, 

1828 metadata=metadata, 

1829 ) 

1830 

1831 # Done; return the response. 

1832 return response 

1833 

1834 async def test_iam_permissions( 

1835 self, 

1836 request: Optional[Union[iam_policy_pb2.TestIamPermissionsRequest, dict]] = None, 

1837 *, 

1838 retry: OptionalRetry = gapic_v1.method.DEFAULT, 

1839 timeout: Union[float, object] = gapic_v1.method.DEFAULT, 

1840 metadata: Sequence[Tuple[str, str]] = (), 

1841 ) -> iam_policy_pb2.TestIamPermissionsResponse: 

1842 r"""Returns permissions that a caller has for the specified secret. 

1843 If the secret does not exist, this call returns an empty set of 

1844 permissions, not a NOT_FOUND error. 

1845 

1846 Note: This operation is designed to be used for building 

1847 permission-aware UIs and command-line tools, not for 

1848 authorization checking. This operation may "fail open" without 

1849 warning. 

1850 

1851 .. code-block:: python 

1852 

1853 # This snippet has been automatically generated and should be regarded as a 

1854 # code template only. 

1855 # It will require modifications to work: 

1856 # - It may require correct/in-range values for request initialization. 

1857 # - It may require specifying regional endpoints when creating the service 

1858 # client as shown in: 

1859 # https://googleapis.dev/python/google-api-core/latest/client_options.html 

1860 from google.cloud import secretmanager_v1beta1 

1861 from google.iam.v1 import iam_policy_pb2 # type: ignore 

1862 

1863 async def sample_test_iam_permissions(): 

1864 # Create a client 

1865 client = secretmanager_v1beta1.SecretManagerServiceAsyncClient() 

1866 

1867 # Initialize request argument(s) 

1868 request = iam_policy_pb2.TestIamPermissionsRequest( 

1869 resource="resource_value", 

1870 permissions=['permissions_value1', 'permissions_value2'], 

1871 ) 

1872 

1873 # Make the request 

1874 response = await client.test_iam_permissions(request=request) 

1875 

1876 # Handle the response 

1877 print(response) 

1878 

1879 Args: 

1880 request (Optional[Union[google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest, dict]]): 

1881 The request object. Request message for ``TestIamPermissions`` method. 

1882 retry (google.api_core.retry.Retry): Designation of what errors, if any, 

1883 should be retried. 

1884 timeout (float): The timeout for this request. 

1885 metadata (Sequence[Tuple[str, str]]): Strings which should be 

1886 sent along with the request as metadata. 

1887 

1888 Returns: 

1889 google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse: 

1890 Response message for TestIamPermissions method. 

1891 """ 

1892 # Create or coerce a protobuf request object. 

1893 # The request isn't a proto-plus wrapped type, 

1894 # so it must be constructed via keyword expansion. 

1895 if isinstance(request, dict): 

1896 request = iam_policy_pb2.TestIamPermissionsRequest(**request) 

1897 

1898 # Wrap the RPC method; this adds retry and timeout information, 

1899 # and friendly error handling. 

1900 rpc = gapic_v1.method_async.wrap_method( 

1901 self._client._transport.test_iam_permissions, 

1902 default_timeout=60.0, 

1903 client_info=DEFAULT_CLIENT_INFO, 

1904 ) 

1905 

1906 # Certain fields should be provided within the metadata header; 

1907 # add these here. 

1908 metadata = tuple(metadata) + ( 

1909 gapic_v1.routing_header.to_grpc_metadata((("resource", request.resource),)), 

1910 ) 

1911 

1912 # Send the request. 

1913 response = await rpc( 

1914 request, 

1915 retry=retry, 

1916 timeout=timeout, 

1917 metadata=metadata, 

1918 ) 

1919 

1920 # Done; return the response. 

1921 return response 

1922 

1923 async def __aenter__(self) -> "SecretManagerServiceAsyncClient": 

1924 return self 

1925 

1926 async def __aexit__(self, exc_type, exc, tb): 

1927 await self.transport.close() 

1928 

1929 

1930DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo( 

1931 gapic_version=package_version.__version__ 

1932) 

1933 

1934 

1935__all__ = ("SecretManagerServiceAsyncClient",)