Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/google/cloud/secretmanager_v1beta1/services/secret_manager_service/transports/grpc_asyncio.py: 42%

125 statements  

« prev     ^ index     » next       coverage.py v7.3.1, created at 2023-09-25 06:37 +0000

1# -*- coding: utf-8 -*- 

2# Copyright 2023 Google LLC 

3# 

4# Licensed under the Apache License, Version 2.0 (the "License"); 

5# you may not use this file except in compliance with the License. 

6# You may obtain a copy of the License at 

7# 

8# http://www.apache.org/licenses/LICENSE-2.0 

9# 

10# Unless required by applicable law or agreed to in writing, software 

11# distributed under the License is distributed on an "AS IS" BASIS, 

12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 

13# See the License for the specific language governing permissions and 

14# limitations under the License. 

15# 

16from typing import Awaitable, Callable, Dict, Optional, Sequence, Tuple, Union 

17import warnings 

18 

19from google.api_core import gapic_v1, grpc_helpers_async 

20from google.auth import credentials as ga_credentials # type: ignore 

21from google.auth.transport.grpc import SslCredentials # type: ignore 

22from google.iam.v1 import iam_policy_pb2 # type: ignore 

23from google.iam.v1 import policy_pb2 # type: ignore 

24from google.protobuf import empty_pb2 # type: ignore 

25import grpc # type: ignore 

26from grpc.experimental import aio # type: ignore 

27 

28from google.cloud.secretmanager_v1beta1.types import resources, service 

29 

30from .base import DEFAULT_CLIENT_INFO, SecretManagerServiceTransport 

31from .grpc import SecretManagerServiceGrpcTransport 

32 

33 

34class SecretManagerServiceGrpcAsyncIOTransport(SecretManagerServiceTransport): 

35 """gRPC AsyncIO backend transport for SecretManagerService. 

36 

37 Secret Manager Service 

38 

39 Manages secrets and operations using those secrets. Implements a 

40 REST model with the following objects: 

41 

42 - [Secret][google.cloud.secrets.v1beta1.Secret] 

43 - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

44 

45 This class defines the same methods as the primary client, so the 

46 primary client can load the underlying transport implementation 

47 and call it. 

48 

49 It sends protocol buffers over the wire using gRPC (which is built on 

50 top of HTTP/2); the ``grpcio`` package must be installed. 

51 """ 

52 

53 _grpc_channel: aio.Channel 

54 _stubs: Dict[str, Callable] = {} 

55 

56 @classmethod 

57 def create_channel( 

58 cls, 

59 host: str = "secretmanager.googleapis.com", 

60 credentials: Optional[ga_credentials.Credentials] = None, 

61 credentials_file: Optional[str] = None, 

62 scopes: Optional[Sequence[str]] = None, 

63 quota_project_id: Optional[str] = None, 

64 **kwargs, 

65 ) -> aio.Channel: 

66 """Create and return a gRPC AsyncIO channel object. 

67 Args: 

68 host (Optional[str]): The host for the channel to use. 

69 credentials (Optional[~.Credentials]): The 

70 authorization credentials to attach to requests. These 

71 credentials identify this application to the service. If 

72 none are specified, the client will attempt to ascertain 

73 the credentials from the environment. 

74 credentials_file (Optional[str]): A file with credentials that can 

75 be loaded with :func:`google.auth.load_credentials_from_file`. 

76 This argument is ignored if ``channel`` is provided. 

77 scopes (Optional[Sequence[str]]): A optional list of scopes needed for this 

78 service. These are only used when credentials are not specified and 

79 are passed to :func:`google.auth.default`. 

80 quota_project_id (Optional[str]): An optional project to use for billing 

81 and quota. 

82 kwargs (Optional[dict]): Keyword arguments, which are passed to the 

83 channel creation. 

84 Returns: 

85 aio.Channel: A gRPC AsyncIO channel object. 

86 """ 

87 

88 return grpc_helpers_async.create_channel( 

89 host, 

90 credentials=credentials, 

91 credentials_file=credentials_file, 

92 quota_project_id=quota_project_id, 

93 default_scopes=cls.AUTH_SCOPES, 

94 scopes=scopes, 

95 default_host=cls.DEFAULT_HOST, 

96 **kwargs, 

97 ) 

98 

99 def __init__( 

100 self, 

101 *, 

102 host: str = "secretmanager.googleapis.com", 

103 credentials: Optional[ga_credentials.Credentials] = None, 

104 credentials_file: Optional[str] = None, 

105 scopes: Optional[Sequence[str]] = None, 

106 channel: Optional[aio.Channel] = None, 

107 api_mtls_endpoint: Optional[str] = None, 

108 client_cert_source: Optional[Callable[[], Tuple[bytes, bytes]]] = None, 

109 ssl_channel_credentials: Optional[grpc.ChannelCredentials] = None, 

110 client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None, 

111 quota_project_id: Optional[str] = None, 

112 client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO, 

113 always_use_jwt_access: Optional[bool] = False, 

114 api_audience: Optional[str] = None, 

115 ) -> None: 

116 """Instantiate the transport. 

117 

118 Args: 

119 host (Optional[str]): 

120 The hostname to connect to. 

121 credentials (Optional[google.auth.credentials.Credentials]): The 

122 authorization credentials to attach to requests. These 

123 credentials identify the application to the service; if none 

124 are specified, the client will attempt to ascertain the 

125 credentials from the environment. 

126 This argument is ignored if ``channel`` is provided. 

127 credentials_file (Optional[str]): A file with credentials that can 

128 be loaded with :func:`google.auth.load_credentials_from_file`. 

129 This argument is ignored if ``channel`` is provided. 

130 scopes (Optional[Sequence[str]]): A optional list of scopes needed for this 

131 service. These are only used when credentials are not specified and 

132 are passed to :func:`google.auth.default`. 

133 channel (Optional[aio.Channel]): A ``Channel`` instance through 

134 which to make calls. 

135 api_mtls_endpoint (Optional[str]): Deprecated. The mutual TLS endpoint. 

136 If provided, it overrides the ``host`` argument and tries to create 

137 a mutual TLS channel with client SSL credentials from 

138 ``client_cert_source`` or application default SSL credentials. 

139 client_cert_source (Optional[Callable[[], Tuple[bytes, bytes]]]): 

140 Deprecated. A callback to provide client SSL certificate bytes and 

141 private key bytes, both in PEM format. It is ignored if 

142 ``api_mtls_endpoint`` is None. 

143 ssl_channel_credentials (grpc.ChannelCredentials): SSL credentials 

144 for the grpc channel. It is ignored if ``channel`` is provided. 

145 client_cert_source_for_mtls (Optional[Callable[[], Tuple[bytes, bytes]]]): 

146 A callback to provide client certificate bytes and private key bytes, 

147 both in PEM format. It is used to configure a mutual TLS channel. It is 

148 ignored if ``channel`` or ``ssl_channel_credentials`` is provided. 

149 quota_project_id (Optional[str]): An optional project to use for billing 

150 and quota. 

151 client_info (google.api_core.gapic_v1.client_info.ClientInfo): 

152 The client info used to send a user-agent string along with 

153 API requests. If ``None``, then default info will be used. 

154 Generally, you only need to set this if you're developing 

155 your own client library. 

156 always_use_jwt_access (Optional[bool]): Whether self signed JWT should 

157 be used for service account credentials. 

158 

159 Raises: 

160 google.auth.exceptions.MutualTlsChannelError: If mutual TLS transport 

161 creation failed for any reason. 

162 google.api_core.exceptions.DuplicateCredentialArgs: If both ``credentials`` 

163 and ``credentials_file`` are passed. 

164 """ 

165 self._grpc_channel = None 

166 self._ssl_channel_credentials = ssl_channel_credentials 

167 self._stubs: Dict[str, Callable] = {} 

168 

169 if api_mtls_endpoint: 

170 warnings.warn("api_mtls_endpoint is deprecated", DeprecationWarning) 

171 if client_cert_source: 

172 warnings.warn("client_cert_source is deprecated", DeprecationWarning) 

173 

174 if channel: 

175 # Ignore credentials if a channel was passed. 

176 credentials = False 

177 # If a channel was explicitly provided, set it. 

178 self._grpc_channel = channel 

179 self._ssl_channel_credentials = None 

180 else: 

181 if api_mtls_endpoint: 

182 host = api_mtls_endpoint 

183 

184 # Create SSL credentials with client_cert_source or application 

185 # default SSL credentials. 

186 if client_cert_source: 

187 cert, key = client_cert_source() 

188 self._ssl_channel_credentials = grpc.ssl_channel_credentials( 

189 certificate_chain=cert, private_key=key 

190 ) 

191 else: 

192 self._ssl_channel_credentials = SslCredentials().ssl_credentials 

193 

194 else: 

195 if client_cert_source_for_mtls and not ssl_channel_credentials: 

196 cert, key = client_cert_source_for_mtls() 

197 self._ssl_channel_credentials = grpc.ssl_channel_credentials( 

198 certificate_chain=cert, private_key=key 

199 ) 

200 

201 # The base transport sets the host, credentials and scopes 

202 super().__init__( 

203 host=host, 

204 credentials=credentials, 

205 credentials_file=credentials_file, 

206 scopes=scopes, 

207 quota_project_id=quota_project_id, 

208 client_info=client_info, 

209 always_use_jwt_access=always_use_jwt_access, 

210 api_audience=api_audience, 

211 ) 

212 

213 if not self._grpc_channel: 

214 self._grpc_channel = type(self).create_channel( 

215 self._host, 

216 # use the credentials which are saved 

217 credentials=self._credentials, 

218 # Set ``credentials_file`` to ``None`` here as 

219 # the credentials that we saved earlier should be used. 

220 credentials_file=None, 

221 scopes=self._scopes, 

222 ssl_credentials=self._ssl_channel_credentials, 

223 quota_project_id=quota_project_id, 

224 options=[ 

225 ("grpc.max_send_message_length", -1), 

226 ("grpc.max_receive_message_length", -1), 

227 ], 

228 ) 

229 

230 # Wrap messages. This must be done after self._grpc_channel exists 

231 self._prep_wrapped_messages(client_info) 

232 

233 @property 

234 def grpc_channel(self) -> aio.Channel: 

235 """Create the channel designed to connect to this service. 

236 

237 This property caches on the instance; repeated calls return 

238 the same channel. 

239 """ 

240 # Return the channel from cache. 

241 return self._grpc_channel 

242 

243 @property 

244 def list_secrets( 

245 self, 

246 ) -> Callable[[service.ListSecretsRequest], Awaitable[service.ListSecretsResponse]]: 

247 r"""Return a callable for the list secrets method over gRPC. 

248 

249 Lists [Secrets][google.cloud.secrets.v1beta1.Secret]. 

250 

251 Returns: 

252 Callable[[~.ListSecretsRequest], 

253 Awaitable[~.ListSecretsResponse]]: 

254 A function that, when called, will call the underlying RPC 

255 on the server. 

256 """ 

257 # Generate a "stub function" on-the-fly which will actually make 

258 # the request. 

259 # gRPC handles serialization and deserialization, so we just need 

260 # to pass in the functions for each. 

261 if "list_secrets" not in self._stubs: 

262 self._stubs["list_secrets"] = self.grpc_channel.unary_unary( 

263 "/google.cloud.secrets.v1beta1.SecretManagerService/ListSecrets", 

264 request_serializer=service.ListSecretsRequest.serialize, 

265 response_deserializer=service.ListSecretsResponse.deserialize, 

266 ) 

267 return self._stubs["list_secrets"] 

268 

269 @property 

270 def create_secret( 

271 self, 

272 ) -> Callable[[service.CreateSecretRequest], Awaitable[resources.Secret]]: 

273 r"""Return a callable for the create secret method over gRPC. 

274 

275 Creates a new [Secret][google.cloud.secrets.v1beta1.Secret] 

276 containing no 

277 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. 

278 

279 Returns: 

280 Callable[[~.CreateSecretRequest], 

281 Awaitable[~.Secret]]: 

282 A function that, when called, will call the underlying RPC 

283 on the server. 

284 """ 

285 # Generate a "stub function" on-the-fly which will actually make 

286 # the request. 

287 # gRPC handles serialization and deserialization, so we just need 

288 # to pass in the functions for each. 

289 if "create_secret" not in self._stubs: 

290 self._stubs["create_secret"] = self.grpc_channel.unary_unary( 

291 "/google.cloud.secrets.v1beta1.SecretManagerService/CreateSecret", 

292 request_serializer=service.CreateSecretRequest.serialize, 

293 response_deserializer=resources.Secret.deserialize, 

294 ) 

295 return self._stubs["create_secret"] 

296 

297 @property 

298 def add_secret_version( 

299 self, 

300 ) -> Callable[ 

301 [service.AddSecretVersionRequest], Awaitable[resources.SecretVersion] 

302 ]: 

303 r"""Return a callable for the add secret version method over gRPC. 

304 

305 Creates a new 

306 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] 

307 containing secret data and attaches it to an existing 

308 [Secret][google.cloud.secrets.v1beta1.Secret]. 

309 

310 Returns: 

311 Callable[[~.AddSecretVersionRequest], 

312 Awaitable[~.SecretVersion]]: 

313 A function that, when called, will call the underlying RPC 

314 on the server. 

315 """ 

316 # Generate a "stub function" on-the-fly which will actually make 

317 # the request. 

318 # gRPC handles serialization and deserialization, so we just need 

319 # to pass in the functions for each. 

320 if "add_secret_version" not in self._stubs: 

321 self._stubs["add_secret_version"] = self.grpc_channel.unary_unary( 

322 "/google.cloud.secrets.v1beta1.SecretManagerService/AddSecretVersion", 

323 request_serializer=service.AddSecretVersionRequest.serialize, 

324 response_deserializer=resources.SecretVersion.deserialize, 

325 ) 

326 return self._stubs["add_secret_version"] 

327 

328 @property 

329 def get_secret( 

330 self, 

331 ) -> Callable[[service.GetSecretRequest], Awaitable[resources.Secret]]: 

332 r"""Return a callable for the get secret method over gRPC. 

333 

334 Gets metadata for a given 

335 [Secret][google.cloud.secrets.v1beta1.Secret]. 

336 

337 Returns: 

338 Callable[[~.GetSecretRequest], 

339 Awaitable[~.Secret]]: 

340 A function that, when called, will call the underlying RPC 

341 on the server. 

342 """ 

343 # Generate a "stub function" on-the-fly which will actually make 

344 # the request. 

345 # gRPC handles serialization and deserialization, so we just need 

346 # to pass in the functions for each. 

347 if "get_secret" not in self._stubs: 

348 self._stubs["get_secret"] = self.grpc_channel.unary_unary( 

349 "/google.cloud.secrets.v1beta1.SecretManagerService/GetSecret", 

350 request_serializer=service.GetSecretRequest.serialize, 

351 response_deserializer=resources.Secret.deserialize, 

352 ) 

353 return self._stubs["get_secret"] 

354 

355 @property 

356 def update_secret( 

357 self, 

358 ) -> Callable[[service.UpdateSecretRequest], Awaitable[resources.Secret]]: 

359 r"""Return a callable for the update secret method over gRPC. 

360 

361 Updates metadata of an existing 

362 [Secret][google.cloud.secrets.v1beta1.Secret]. 

363 

364 Returns: 

365 Callable[[~.UpdateSecretRequest], 

366 Awaitable[~.Secret]]: 

367 A function that, when called, will call the underlying RPC 

368 on the server. 

369 """ 

370 # Generate a "stub function" on-the-fly which will actually make 

371 # the request. 

372 # gRPC handles serialization and deserialization, so we just need 

373 # to pass in the functions for each. 

374 if "update_secret" not in self._stubs: 

375 self._stubs["update_secret"] = self.grpc_channel.unary_unary( 

376 "/google.cloud.secrets.v1beta1.SecretManagerService/UpdateSecret", 

377 request_serializer=service.UpdateSecretRequest.serialize, 

378 response_deserializer=resources.Secret.deserialize, 

379 ) 

380 return self._stubs["update_secret"] 

381 

382 @property 

383 def delete_secret( 

384 self, 

385 ) -> Callable[[service.DeleteSecretRequest], Awaitable[empty_pb2.Empty]]: 

386 r"""Return a callable for the delete secret method over gRPC. 

387 

388 Deletes a [Secret][google.cloud.secrets.v1beta1.Secret]. 

389 

390 Returns: 

391 Callable[[~.DeleteSecretRequest], 

392 Awaitable[~.Empty]]: 

393 A function that, when called, will call the underlying RPC 

394 on the server. 

395 """ 

396 # Generate a "stub function" on-the-fly which will actually make 

397 # the request. 

398 # gRPC handles serialization and deserialization, so we just need 

399 # to pass in the functions for each. 

400 if "delete_secret" not in self._stubs: 

401 self._stubs["delete_secret"] = self.grpc_channel.unary_unary( 

402 "/google.cloud.secrets.v1beta1.SecretManagerService/DeleteSecret", 

403 request_serializer=service.DeleteSecretRequest.serialize, 

404 response_deserializer=empty_pb2.Empty.FromString, 

405 ) 

406 return self._stubs["delete_secret"] 

407 

408 @property 

409 def list_secret_versions( 

410 self, 

411 ) -> Callable[ 

412 [service.ListSecretVersionsRequest], 

413 Awaitable[service.ListSecretVersionsResponse], 

414 ]: 

415 r"""Return a callable for the list secret versions method over gRPC. 

416 

417 Lists 

418 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]. 

419 This call does not return secret data. 

420 

421 Returns: 

422 Callable[[~.ListSecretVersionsRequest], 

423 Awaitable[~.ListSecretVersionsResponse]]: 

424 A function that, when called, will call the underlying RPC 

425 on the server. 

426 """ 

427 # Generate a "stub function" on-the-fly which will actually make 

428 # the request. 

429 # gRPC handles serialization and deserialization, so we just need 

430 # to pass in the functions for each. 

431 if "list_secret_versions" not in self._stubs: 

432 self._stubs["list_secret_versions"] = self.grpc_channel.unary_unary( 

433 "/google.cloud.secrets.v1beta1.SecretManagerService/ListSecretVersions", 

434 request_serializer=service.ListSecretVersionsRequest.serialize, 

435 response_deserializer=service.ListSecretVersionsResponse.deserialize, 

436 ) 

437 return self._stubs["list_secret_versions"] 

438 

439 @property 

440 def get_secret_version( 

441 self, 

442 ) -> Callable[ 

443 [service.GetSecretVersionRequest], Awaitable[resources.SecretVersion] 

444 ]: 

445 r"""Return a callable for the get secret version method over gRPC. 

446 

447 Gets metadata for a 

448 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

449 

450 ``projects/*/secrets/*/versions/latest`` is an alias to the 

451 ``latest`` 

452 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

453 

454 Returns: 

455 Callable[[~.GetSecretVersionRequest], 

456 Awaitable[~.SecretVersion]]: 

457 A function that, when called, will call the underlying RPC 

458 on the server. 

459 """ 

460 # Generate a "stub function" on-the-fly which will actually make 

461 # the request. 

462 # gRPC handles serialization and deserialization, so we just need 

463 # to pass in the functions for each. 

464 if "get_secret_version" not in self._stubs: 

465 self._stubs["get_secret_version"] = self.grpc_channel.unary_unary( 

466 "/google.cloud.secrets.v1beta1.SecretManagerService/GetSecretVersion", 

467 request_serializer=service.GetSecretVersionRequest.serialize, 

468 response_deserializer=resources.SecretVersion.deserialize, 

469 ) 

470 return self._stubs["get_secret_version"] 

471 

472 @property 

473 def access_secret_version( 

474 self, 

475 ) -> Callable[ 

476 [service.AccessSecretVersionRequest], 

477 Awaitable[service.AccessSecretVersionResponse], 

478 ]: 

479 r"""Return a callable for the access secret version method over gRPC. 

480 

481 Accesses a 

482 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

483 This call returns the secret data. 

484 

485 ``projects/*/secrets/*/versions/latest`` is an alias to the 

486 ``latest`` 

487 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

488 

489 Returns: 

490 Callable[[~.AccessSecretVersionRequest], 

491 Awaitable[~.AccessSecretVersionResponse]]: 

492 A function that, when called, will call the underlying RPC 

493 on the server. 

494 """ 

495 # Generate a "stub function" on-the-fly which will actually make 

496 # the request. 

497 # gRPC handles serialization and deserialization, so we just need 

498 # to pass in the functions for each. 

499 if "access_secret_version" not in self._stubs: 

500 self._stubs["access_secret_version"] = self.grpc_channel.unary_unary( 

501 "/google.cloud.secrets.v1beta1.SecretManagerService/AccessSecretVersion", 

502 request_serializer=service.AccessSecretVersionRequest.serialize, 

503 response_deserializer=service.AccessSecretVersionResponse.deserialize, 

504 ) 

505 return self._stubs["access_secret_version"] 

506 

507 @property 

508 def disable_secret_version( 

509 self, 

510 ) -> Callable[ 

511 [service.DisableSecretVersionRequest], Awaitable[resources.SecretVersion] 

512 ]: 

513 r"""Return a callable for the disable secret version method over gRPC. 

514 

515 Disables a 

516 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

517 

518 Sets the 

519 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the 

520 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to 

521 [DISABLED][google.cloud.secrets.v1beta1.SecretVersion.State.DISABLED]. 

522 

523 Returns: 

524 Callable[[~.DisableSecretVersionRequest], 

525 Awaitable[~.SecretVersion]]: 

526 A function that, when called, will call the underlying RPC 

527 on the server. 

528 """ 

529 # Generate a "stub function" on-the-fly which will actually make 

530 # the request. 

531 # gRPC handles serialization and deserialization, so we just need 

532 # to pass in the functions for each. 

533 if "disable_secret_version" not in self._stubs: 

534 self._stubs["disable_secret_version"] = self.grpc_channel.unary_unary( 

535 "/google.cloud.secrets.v1beta1.SecretManagerService/DisableSecretVersion", 

536 request_serializer=service.DisableSecretVersionRequest.serialize, 

537 response_deserializer=resources.SecretVersion.deserialize, 

538 ) 

539 return self._stubs["disable_secret_version"] 

540 

541 @property 

542 def enable_secret_version( 

543 self, 

544 ) -> Callable[ 

545 [service.EnableSecretVersionRequest], Awaitable[resources.SecretVersion] 

546 ]: 

547 r"""Return a callable for the enable secret version method over gRPC. 

548 

549 Enables a 

550 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

551 

552 Sets the 

553 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the 

554 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to 

555 [ENABLED][google.cloud.secrets.v1beta1.SecretVersion.State.ENABLED]. 

556 

557 Returns: 

558 Callable[[~.EnableSecretVersionRequest], 

559 Awaitable[~.SecretVersion]]: 

560 A function that, when called, will call the underlying RPC 

561 on the server. 

562 """ 

563 # Generate a "stub function" on-the-fly which will actually make 

564 # the request. 

565 # gRPC handles serialization and deserialization, so we just need 

566 # to pass in the functions for each. 

567 if "enable_secret_version" not in self._stubs: 

568 self._stubs["enable_secret_version"] = self.grpc_channel.unary_unary( 

569 "/google.cloud.secrets.v1beta1.SecretManagerService/EnableSecretVersion", 

570 request_serializer=service.EnableSecretVersionRequest.serialize, 

571 response_deserializer=resources.SecretVersion.deserialize, 

572 ) 

573 return self._stubs["enable_secret_version"] 

574 

575 @property 

576 def destroy_secret_version( 

577 self, 

578 ) -> Callable[ 

579 [service.DestroySecretVersionRequest], Awaitable[resources.SecretVersion] 

580 ]: 

581 r"""Return a callable for the destroy secret version method over gRPC. 

582 

583 Destroys a 

584 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]. 

585 

586 Sets the 

587 [state][google.cloud.secrets.v1beta1.SecretVersion.state] of the 

588 [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion] to 

589 [DESTROYED][google.cloud.secrets.v1beta1.SecretVersion.State.DESTROYED] 

590 and irrevocably destroys the secret data. 

591 

592 Returns: 

593 Callable[[~.DestroySecretVersionRequest], 

594 Awaitable[~.SecretVersion]]: 

595 A function that, when called, will call the underlying RPC 

596 on the server. 

597 """ 

598 # Generate a "stub function" on-the-fly which will actually make 

599 # the request. 

600 # gRPC handles serialization and deserialization, so we just need 

601 # to pass in the functions for each. 

602 if "destroy_secret_version" not in self._stubs: 

603 self._stubs["destroy_secret_version"] = self.grpc_channel.unary_unary( 

604 "/google.cloud.secrets.v1beta1.SecretManagerService/DestroySecretVersion", 

605 request_serializer=service.DestroySecretVersionRequest.serialize, 

606 response_deserializer=resources.SecretVersion.deserialize, 

607 ) 

608 return self._stubs["destroy_secret_version"] 

609 

610 @property 

611 def set_iam_policy( 

612 self, 

613 ) -> Callable[[iam_policy_pb2.SetIamPolicyRequest], Awaitable[policy_pb2.Policy]]: 

614 r"""Return a callable for the set iam policy method over gRPC. 

615 

616 Sets the access control policy on the specified secret. Replaces 

617 any existing policy. 

618 

619 Permissions on 

620 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion] are 

621 enforced according to the policy set on the associated 

622 [Secret][google.cloud.secrets.v1beta1.Secret]. 

623 

624 Returns: 

625 Callable[[~.SetIamPolicyRequest], 

626 Awaitable[~.Policy]]: 

627 A function that, when called, will call the underlying RPC 

628 on the server. 

629 """ 

630 # Generate a "stub function" on-the-fly which will actually make 

631 # the request. 

632 # gRPC handles serialization and deserialization, so we just need 

633 # to pass in the functions for each. 

634 if "set_iam_policy" not in self._stubs: 

635 self._stubs["set_iam_policy"] = self.grpc_channel.unary_unary( 

636 "/google.cloud.secrets.v1beta1.SecretManagerService/SetIamPolicy", 

637 request_serializer=iam_policy_pb2.SetIamPolicyRequest.SerializeToString, 

638 response_deserializer=policy_pb2.Policy.FromString, 

639 ) 

640 return self._stubs["set_iam_policy"] 

641 

642 @property 

643 def get_iam_policy( 

644 self, 

645 ) -> Callable[[iam_policy_pb2.GetIamPolicyRequest], Awaitable[policy_pb2.Policy]]: 

646 r"""Return a callable for the get iam policy method over gRPC. 

647 

648 Gets the access control policy for a secret. 

649 Returns empty policy if the secret exists and does not 

650 have a policy set. 

651 

652 Returns: 

653 Callable[[~.GetIamPolicyRequest], 

654 Awaitable[~.Policy]]: 

655 A function that, when called, will call the underlying RPC 

656 on the server. 

657 """ 

658 # Generate a "stub function" on-the-fly which will actually make 

659 # the request. 

660 # gRPC handles serialization and deserialization, so we just need 

661 # to pass in the functions for each. 

662 if "get_iam_policy" not in self._stubs: 

663 self._stubs["get_iam_policy"] = self.grpc_channel.unary_unary( 

664 "/google.cloud.secrets.v1beta1.SecretManagerService/GetIamPolicy", 

665 request_serializer=iam_policy_pb2.GetIamPolicyRequest.SerializeToString, 

666 response_deserializer=policy_pb2.Policy.FromString, 

667 ) 

668 return self._stubs["get_iam_policy"] 

669 

670 @property 

671 def test_iam_permissions( 

672 self, 

673 ) -> Callable[ 

674 [iam_policy_pb2.TestIamPermissionsRequest], 

675 Awaitable[iam_policy_pb2.TestIamPermissionsResponse], 

676 ]: 

677 r"""Return a callable for the test iam permissions method over gRPC. 

678 

679 Returns permissions that a caller has for the specified secret. 

680 If the secret does not exist, this call returns an empty set of 

681 permissions, not a NOT_FOUND error. 

682 

683 Note: This operation is designed to be used for building 

684 permission-aware UIs and command-line tools, not for 

685 authorization checking. This operation may "fail open" without 

686 warning. 

687 

688 Returns: 

689 Callable[[~.TestIamPermissionsRequest], 

690 Awaitable[~.TestIamPermissionsResponse]]: 

691 A function that, when called, will call the underlying RPC 

692 on the server. 

693 """ 

694 # Generate a "stub function" on-the-fly which will actually make 

695 # the request. 

696 # gRPC handles serialization and deserialization, so we just need 

697 # to pass in the functions for each. 

698 if "test_iam_permissions" not in self._stubs: 

699 self._stubs["test_iam_permissions"] = self.grpc_channel.unary_unary( 

700 "/google.cloud.secrets.v1beta1.SecretManagerService/TestIamPermissions", 

701 request_serializer=iam_policy_pb2.TestIamPermissionsRequest.SerializeToString, 

702 response_deserializer=iam_policy_pb2.TestIamPermissionsResponse.FromString, 

703 ) 

704 return self._stubs["test_iam_permissions"] 

705 

706 def close(self): 

707 return self.grpc_channel.close() 

708 

709 

710__all__ = ("SecretManagerServiceGrpcAsyncIOTransport",)