1# -*- coding: utf-8 -*-
2# Copyright 2023 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
16
17import dataclasses
18import json # type: ignore
19import re
20from typing import Any, Callable, Dict, List, Optional, Sequence, Tuple, Union
21import warnings
22
23from google.api_core import gapic_v1, path_template, rest_helpers, rest_streaming
24from google.api_core import exceptions as core_exceptions
25from google.api_core import retry as retries
26from google.auth import credentials as ga_credentials # type: ignore
27from google.auth.transport.grpc import SslCredentials # type: ignore
28from google.auth.transport.requests import AuthorizedSession # type: ignore
29from google.protobuf import json_format
30import grpc # type: ignore
31from requests import __version__ as requests_version
32
33try:
34 OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault]
35except AttributeError: # pragma: NO COVER
36 OptionalRetry = Union[retries.Retry, object] # type: ignore
37
38
39from google.iam.v1 import iam_policy_pb2 # type: ignore
40from google.iam.v1 import policy_pb2 # type: ignore
41from google.protobuf import empty_pb2 # type: ignore
42
43from google.cloud.secretmanager_v1beta1.types import resources, service
44
45from .base import DEFAULT_CLIENT_INFO as BASE_DEFAULT_CLIENT_INFO
46from .base import SecretManagerServiceTransport
47
48DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(
49 gapic_version=BASE_DEFAULT_CLIENT_INFO.gapic_version,
50 grpc_version=None,
51 rest_version=requests_version,
52)
53
54
55class SecretManagerServiceRestInterceptor:
56 """Interceptor for SecretManagerService.
57
58 Interceptors are used to manipulate requests, request metadata, and responses
59 in arbitrary ways.
60 Example use cases include:
61 * Logging
62 * Verifying requests according to service or custom semantics
63 * Stripping extraneous information from responses
64
65 These use cases and more can be enabled by injecting an
66 instance of a custom subclass when constructing the SecretManagerServiceRestTransport.
67
68 .. code-block:: python
69 class MyCustomSecretManagerServiceInterceptor(SecretManagerServiceRestInterceptor):
70 def pre_access_secret_version(self, request, metadata):
71 logging.log(f"Received request: {request}")
72 return request, metadata
73
74 def post_access_secret_version(self, response):
75 logging.log(f"Received response: {response}")
76 return response
77
78 def pre_add_secret_version(self, request, metadata):
79 logging.log(f"Received request: {request}")
80 return request, metadata
81
82 def post_add_secret_version(self, response):
83 logging.log(f"Received response: {response}")
84 return response
85
86 def pre_create_secret(self, request, metadata):
87 logging.log(f"Received request: {request}")
88 return request, metadata
89
90 def post_create_secret(self, response):
91 logging.log(f"Received response: {response}")
92 return response
93
94 def pre_delete_secret(self, request, metadata):
95 logging.log(f"Received request: {request}")
96 return request, metadata
97
98 def pre_destroy_secret_version(self, request, metadata):
99 logging.log(f"Received request: {request}")
100 return request, metadata
101
102 def post_destroy_secret_version(self, response):
103 logging.log(f"Received response: {response}")
104 return response
105
106 def pre_disable_secret_version(self, request, metadata):
107 logging.log(f"Received request: {request}")
108 return request, metadata
109
110 def post_disable_secret_version(self, response):
111 logging.log(f"Received response: {response}")
112 return response
113
114 def pre_enable_secret_version(self, request, metadata):
115 logging.log(f"Received request: {request}")
116 return request, metadata
117
118 def post_enable_secret_version(self, response):
119 logging.log(f"Received response: {response}")
120 return response
121
122 def pre_get_iam_policy(self, request, metadata):
123 logging.log(f"Received request: {request}")
124 return request, metadata
125
126 def post_get_iam_policy(self, response):
127 logging.log(f"Received response: {response}")
128 return response
129
130 def pre_get_secret(self, request, metadata):
131 logging.log(f"Received request: {request}")
132 return request, metadata
133
134 def post_get_secret(self, response):
135 logging.log(f"Received response: {response}")
136 return response
137
138 def pre_get_secret_version(self, request, metadata):
139 logging.log(f"Received request: {request}")
140 return request, metadata
141
142 def post_get_secret_version(self, response):
143 logging.log(f"Received response: {response}")
144 return response
145
146 def pre_list_secrets(self, request, metadata):
147 logging.log(f"Received request: {request}")
148 return request, metadata
149
150 def post_list_secrets(self, response):
151 logging.log(f"Received response: {response}")
152 return response
153
154 def pre_list_secret_versions(self, request, metadata):
155 logging.log(f"Received request: {request}")
156 return request, metadata
157
158 def post_list_secret_versions(self, response):
159 logging.log(f"Received response: {response}")
160 return response
161
162 def pre_set_iam_policy(self, request, metadata):
163 logging.log(f"Received request: {request}")
164 return request, metadata
165
166 def post_set_iam_policy(self, response):
167 logging.log(f"Received response: {response}")
168 return response
169
170 def pre_test_iam_permissions(self, request, metadata):
171 logging.log(f"Received request: {request}")
172 return request, metadata
173
174 def post_test_iam_permissions(self, response):
175 logging.log(f"Received response: {response}")
176 return response
177
178 def pre_update_secret(self, request, metadata):
179 logging.log(f"Received request: {request}")
180 return request, metadata
181
182 def post_update_secret(self, response):
183 logging.log(f"Received response: {response}")
184 return response
185
186 transport = SecretManagerServiceRestTransport(interceptor=MyCustomSecretManagerServiceInterceptor())
187 client = SecretManagerServiceClient(transport=transport)
188
189
190 """
191
192 def pre_access_secret_version(
193 self,
194 request: service.AccessSecretVersionRequest,
195 metadata: Sequence[Tuple[str, str]],
196 ) -> Tuple[service.AccessSecretVersionRequest, Sequence[Tuple[str, str]]]:
197 """Pre-rpc interceptor for access_secret_version
198
199 Override in a subclass to manipulate the request or metadata
200 before they are sent to the SecretManagerService server.
201 """
202 return request, metadata
203
204 def post_access_secret_version(
205 self, response: service.AccessSecretVersionResponse
206 ) -> service.AccessSecretVersionResponse:
207 """Post-rpc interceptor for access_secret_version
208
209 Override in a subclass to manipulate the response
210 after it is returned by the SecretManagerService server but before
211 it is returned to user code.
212 """
213 return response
214
215 def pre_add_secret_version(
216 self,
217 request: service.AddSecretVersionRequest,
218 metadata: Sequence[Tuple[str, str]],
219 ) -> Tuple[service.AddSecretVersionRequest, Sequence[Tuple[str, str]]]:
220 """Pre-rpc interceptor for add_secret_version
221
222 Override in a subclass to manipulate the request or metadata
223 before they are sent to the SecretManagerService server.
224 """
225 return request, metadata
226
227 def post_add_secret_version(
228 self, response: resources.SecretVersion
229 ) -> resources.SecretVersion:
230 """Post-rpc interceptor for add_secret_version
231
232 Override in a subclass to manipulate the response
233 after it is returned by the SecretManagerService server but before
234 it is returned to user code.
235 """
236 return response
237
238 def pre_create_secret(
239 self, request: service.CreateSecretRequest, metadata: Sequence[Tuple[str, str]]
240 ) -> Tuple[service.CreateSecretRequest, Sequence[Tuple[str, str]]]:
241 """Pre-rpc interceptor for create_secret
242
243 Override in a subclass to manipulate the request or metadata
244 before they are sent to the SecretManagerService server.
245 """
246 return request, metadata
247
248 def post_create_secret(self, response: resources.Secret) -> resources.Secret:
249 """Post-rpc interceptor for create_secret
250
251 Override in a subclass to manipulate the response
252 after it is returned by the SecretManagerService server but before
253 it is returned to user code.
254 """
255 return response
256
257 def pre_delete_secret(
258 self, request: service.DeleteSecretRequest, metadata: Sequence[Tuple[str, str]]
259 ) -> Tuple[service.DeleteSecretRequest, Sequence[Tuple[str, str]]]:
260 """Pre-rpc interceptor for delete_secret
261
262 Override in a subclass to manipulate the request or metadata
263 before they are sent to the SecretManagerService server.
264 """
265 return request, metadata
266
267 def pre_destroy_secret_version(
268 self,
269 request: service.DestroySecretVersionRequest,
270 metadata: Sequence[Tuple[str, str]],
271 ) -> Tuple[service.DestroySecretVersionRequest, Sequence[Tuple[str, str]]]:
272 """Pre-rpc interceptor for destroy_secret_version
273
274 Override in a subclass to manipulate the request or metadata
275 before they are sent to the SecretManagerService server.
276 """
277 return request, metadata
278
279 def post_destroy_secret_version(
280 self, response: resources.SecretVersion
281 ) -> resources.SecretVersion:
282 """Post-rpc interceptor for destroy_secret_version
283
284 Override in a subclass to manipulate the response
285 after it is returned by the SecretManagerService server but before
286 it is returned to user code.
287 """
288 return response
289
290 def pre_disable_secret_version(
291 self,
292 request: service.DisableSecretVersionRequest,
293 metadata: Sequence[Tuple[str, str]],
294 ) -> Tuple[service.DisableSecretVersionRequest, Sequence[Tuple[str, str]]]:
295 """Pre-rpc interceptor for disable_secret_version
296
297 Override in a subclass to manipulate the request or metadata
298 before they are sent to the SecretManagerService server.
299 """
300 return request, metadata
301
302 def post_disable_secret_version(
303 self, response: resources.SecretVersion
304 ) -> resources.SecretVersion:
305 """Post-rpc interceptor for disable_secret_version
306
307 Override in a subclass to manipulate the response
308 after it is returned by the SecretManagerService server but before
309 it is returned to user code.
310 """
311 return response
312
313 def pre_enable_secret_version(
314 self,
315 request: service.EnableSecretVersionRequest,
316 metadata: Sequence[Tuple[str, str]],
317 ) -> Tuple[service.EnableSecretVersionRequest, Sequence[Tuple[str, str]]]:
318 """Pre-rpc interceptor for enable_secret_version
319
320 Override in a subclass to manipulate the request or metadata
321 before they are sent to the SecretManagerService server.
322 """
323 return request, metadata
324
325 def post_enable_secret_version(
326 self, response: resources.SecretVersion
327 ) -> resources.SecretVersion:
328 """Post-rpc interceptor for enable_secret_version
329
330 Override in a subclass to manipulate the response
331 after it is returned by the SecretManagerService server but before
332 it is returned to user code.
333 """
334 return response
335
336 def pre_get_iam_policy(
337 self,
338 request: iam_policy_pb2.GetIamPolicyRequest,
339 metadata: Sequence[Tuple[str, str]],
340 ) -> Tuple[iam_policy_pb2.GetIamPolicyRequest, Sequence[Tuple[str, str]]]:
341 """Pre-rpc interceptor for get_iam_policy
342
343 Override in a subclass to manipulate the request or metadata
344 before they are sent to the SecretManagerService server.
345 """
346 return request, metadata
347
348 def post_get_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy:
349 """Post-rpc interceptor for get_iam_policy
350
351 Override in a subclass to manipulate the response
352 after it is returned by the SecretManagerService server but before
353 it is returned to user code.
354 """
355 return response
356
357 def pre_get_secret(
358 self, request: service.GetSecretRequest, metadata: Sequence[Tuple[str, str]]
359 ) -> Tuple[service.GetSecretRequest, Sequence[Tuple[str, str]]]:
360 """Pre-rpc interceptor for get_secret
361
362 Override in a subclass to manipulate the request or metadata
363 before they are sent to the SecretManagerService server.
364 """
365 return request, metadata
366
367 def post_get_secret(self, response: resources.Secret) -> resources.Secret:
368 """Post-rpc interceptor for get_secret
369
370 Override in a subclass to manipulate the response
371 after it is returned by the SecretManagerService server but before
372 it is returned to user code.
373 """
374 return response
375
376 def pre_get_secret_version(
377 self,
378 request: service.GetSecretVersionRequest,
379 metadata: Sequence[Tuple[str, str]],
380 ) -> Tuple[service.GetSecretVersionRequest, Sequence[Tuple[str, str]]]:
381 """Pre-rpc interceptor for get_secret_version
382
383 Override in a subclass to manipulate the request or metadata
384 before they are sent to the SecretManagerService server.
385 """
386 return request, metadata
387
388 def post_get_secret_version(
389 self, response: resources.SecretVersion
390 ) -> resources.SecretVersion:
391 """Post-rpc interceptor for get_secret_version
392
393 Override in a subclass to manipulate the response
394 after it is returned by the SecretManagerService server but before
395 it is returned to user code.
396 """
397 return response
398
399 def pre_list_secrets(
400 self, request: service.ListSecretsRequest, metadata: Sequence[Tuple[str, str]]
401 ) -> Tuple[service.ListSecretsRequest, Sequence[Tuple[str, str]]]:
402 """Pre-rpc interceptor for list_secrets
403
404 Override in a subclass to manipulate the request or metadata
405 before they are sent to the SecretManagerService server.
406 """
407 return request, metadata
408
409 def post_list_secrets(
410 self, response: service.ListSecretsResponse
411 ) -> service.ListSecretsResponse:
412 """Post-rpc interceptor for list_secrets
413
414 Override in a subclass to manipulate the response
415 after it is returned by the SecretManagerService server but before
416 it is returned to user code.
417 """
418 return response
419
420 def pre_list_secret_versions(
421 self,
422 request: service.ListSecretVersionsRequest,
423 metadata: Sequence[Tuple[str, str]],
424 ) -> Tuple[service.ListSecretVersionsRequest, Sequence[Tuple[str, str]]]:
425 """Pre-rpc interceptor for list_secret_versions
426
427 Override in a subclass to manipulate the request or metadata
428 before they are sent to the SecretManagerService server.
429 """
430 return request, metadata
431
432 def post_list_secret_versions(
433 self, response: service.ListSecretVersionsResponse
434 ) -> service.ListSecretVersionsResponse:
435 """Post-rpc interceptor for list_secret_versions
436
437 Override in a subclass to manipulate the response
438 after it is returned by the SecretManagerService server but before
439 it is returned to user code.
440 """
441 return response
442
443 def pre_set_iam_policy(
444 self,
445 request: iam_policy_pb2.SetIamPolicyRequest,
446 metadata: Sequence[Tuple[str, str]],
447 ) -> Tuple[iam_policy_pb2.SetIamPolicyRequest, Sequence[Tuple[str, str]]]:
448 """Pre-rpc interceptor for set_iam_policy
449
450 Override in a subclass to manipulate the request or metadata
451 before they are sent to the SecretManagerService server.
452 """
453 return request, metadata
454
455 def post_set_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy:
456 """Post-rpc interceptor for set_iam_policy
457
458 Override in a subclass to manipulate the response
459 after it is returned by the SecretManagerService server but before
460 it is returned to user code.
461 """
462 return response
463
464 def pre_test_iam_permissions(
465 self,
466 request: iam_policy_pb2.TestIamPermissionsRequest,
467 metadata: Sequence[Tuple[str, str]],
468 ) -> Tuple[iam_policy_pb2.TestIamPermissionsRequest, Sequence[Tuple[str, str]]]:
469 """Pre-rpc interceptor for test_iam_permissions
470
471 Override in a subclass to manipulate the request or metadata
472 before they are sent to the SecretManagerService server.
473 """
474 return request, metadata
475
476 def post_test_iam_permissions(
477 self, response: iam_policy_pb2.TestIamPermissionsResponse
478 ) -> iam_policy_pb2.TestIamPermissionsResponse:
479 """Post-rpc interceptor for test_iam_permissions
480
481 Override in a subclass to manipulate the response
482 after it is returned by the SecretManagerService server but before
483 it is returned to user code.
484 """
485 return response
486
487 def pre_update_secret(
488 self, request: service.UpdateSecretRequest, metadata: Sequence[Tuple[str, str]]
489 ) -> Tuple[service.UpdateSecretRequest, Sequence[Tuple[str, str]]]:
490 """Pre-rpc interceptor for update_secret
491
492 Override in a subclass to manipulate the request or metadata
493 before they are sent to the SecretManagerService server.
494 """
495 return request, metadata
496
497 def post_update_secret(self, response: resources.Secret) -> resources.Secret:
498 """Post-rpc interceptor for update_secret
499
500 Override in a subclass to manipulate the response
501 after it is returned by the SecretManagerService server but before
502 it is returned to user code.
503 """
504 return response
505
506
507@dataclasses.dataclass
508class SecretManagerServiceRestStub:
509 _session: AuthorizedSession
510 _host: str
511 _interceptor: SecretManagerServiceRestInterceptor
512
513
514class SecretManagerServiceRestTransport(SecretManagerServiceTransport):
515 """REST backend transport for SecretManagerService.
516
517 Secret Manager Service
518
519 Manages secrets and operations using those secrets. Implements a
520 REST model with the following objects:
521
522 - [Secret][google.cloud.secrets.v1beta1.Secret]
523 - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
524
525 This class defines the same methods as the primary client, so the
526 primary client can load the underlying transport implementation
527 and call it.
528
529 It sends JSON representations of protocol buffers over HTTP/1.1
530
531 """
532
533 def __init__(
534 self,
535 *,
536 host: str = "secretmanager.googleapis.com",
537 credentials: Optional[ga_credentials.Credentials] = None,
538 credentials_file: Optional[str] = None,
539 scopes: Optional[Sequence[str]] = None,
540 client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None,
541 quota_project_id: Optional[str] = None,
542 client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
543 always_use_jwt_access: Optional[bool] = False,
544 url_scheme: str = "https",
545 interceptor: Optional[SecretManagerServiceRestInterceptor] = None,
546 api_audience: Optional[str] = None,
547 ) -> None:
548 """Instantiate the transport.
549
550 Args:
551 host (Optional[str]):
552 The hostname to connect to.
553 credentials (Optional[google.auth.credentials.Credentials]): The
554 authorization credentials to attach to requests. These
555 credentials identify the application to the service; if none
556 are specified, the client will attempt to ascertain the
557 credentials from the environment.
558
559 credentials_file (Optional[str]): A file with credentials that can
560 be loaded with :func:`google.auth.load_credentials_from_file`.
561 This argument is ignored if ``channel`` is provided.
562 scopes (Optional(Sequence[str])): A list of scopes. This argument is
563 ignored if ``channel`` is provided.
564 client_cert_source_for_mtls (Callable[[], Tuple[bytes, bytes]]): Client
565 certificate to configure mutual TLS HTTP channel. It is ignored
566 if ``channel`` is provided.
567 quota_project_id (Optional[str]): An optional project to use for billing
568 and quota.
569 client_info (google.api_core.gapic_v1.client_info.ClientInfo):
570 The client info used to send a user-agent string along with
571 API requests. If ``None``, then default info will be used.
572 Generally, you only need to set this if you are developing
573 your own client library.
574 always_use_jwt_access (Optional[bool]): Whether self signed JWT should
575 be used for service account credentials.
576 url_scheme: the protocol scheme for the API endpoint. Normally
577 "https", but for testing or local servers,
578 "http" can be specified.
579 """
580 # Run the base constructor
581 # TODO(yon-mg): resolve other ctor params i.e. scopes, quota, etc.
582 # TODO: When custom host (api_endpoint) is set, `scopes` must *also* be set on the
583 # credentials object
584 maybe_url_match = re.match("^(?P<scheme>http(?:s)?://)?(?P<host>.*)$", host)
585 if maybe_url_match is None:
586 raise ValueError(
587 f"Unexpected hostname structure: {host}"
588 ) # pragma: NO COVER
589
590 url_match_items = maybe_url_match.groupdict()
591
592 host = f"{url_scheme}://{host}" if not url_match_items["scheme"] else host
593
594 super().__init__(
595 host=host,
596 credentials=credentials,
597 client_info=client_info,
598 always_use_jwt_access=always_use_jwt_access,
599 api_audience=api_audience,
600 )
601 self._session = AuthorizedSession(
602 self._credentials, default_host=self.DEFAULT_HOST
603 )
604 if client_cert_source_for_mtls:
605 self._session.configure_mtls_channel(client_cert_source_for_mtls)
606 self._interceptor = interceptor or SecretManagerServiceRestInterceptor()
607 self._prep_wrapped_messages(client_info)
608
609 class _AccessSecretVersion(SecretManagerServiceRestStub):
610 def __hash__(self):
611 return hash("AccessSecretVersion")
612
613 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
614
615 @classmethod
616 def _get_unset_required_fields(cls, message_dict):
617 return {
618 k: v
619 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
620 if k not in message_dict
621 }
622
623 def __call__(
624 self,
625 request: service.AccessSecretVersionRequest,
626 *,
627 retry: OptionalRetry = gapic_v1.method.DEFAULT,
628 timeout: Optional[float] = None,
629 metadata: Sequence[Tuple[str, str]] = (),
630 ) -> service.AccessSecretVersionResponse:
631 r"""Call the access secret version method over HTTP.
632
633 Args:
634 request (~.service.AccessSecretVersionRequest):
635 The request object. Request message for
636 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion].
637 retry (google.api_core.retry.Retry): Designation of what errors, if any,
638 should be retried.
639 timeout (float): The timeout for this request.
640 metadata (Sequence[Tuple[str, str]]): Strings which should be
641 sent along with the request as metadata.
642
643 Returns:
644 ~.service.AccessSecretVersionResponse:
645 Response message for
646 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion].
647
648 """
649
650 http_options: List[Dict[str, str]] = [
651 {
652 "method": "get",
653 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}:access",
654 },
655 ]
656 request, metadata = self._interceptor.pre_access_secret_version(
657 request, metadata
658 )
659 pb_request = service.AccessSecretVersionRequest.pb(request)
660 transcoded_request = path_template.transcode(http_options, pb_request)
661
662 uri = transcoded_request["uri"]
663 method = transcoded_request["method"]
664
665 # Jsonify the query params
666 query_params = json.loads(
667 json_format.MessageToJson(
668 transcoded_request["query_params"],
669 including_default_value_fields=False,
670 use_integers_for_enums=True,
671 )
672 )
673 query_params.update(self._get_unset_required_fields(query_params))
674
675 query_params["$alt"] = "json;enum-encoding=int"
676
677 # Send the request
678 headers = dict(metadata)
679 headers["Content-Type"] = "application/json"
680 response = getattr(self._session, method)(
681 "{host}{uri}".format(host=self._host, uri=uri),
682 timeout=timeout,
683 headers=headers,
684 params=rest_helpers.flatten_query_params(query_params, strict=True),
685 )
686
687 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
688 # subclass.
689 if response.status_code >= 400:
690 raise core_exceptions.from_http_response(response)
691
692 # Return the response
693 resp = service.AccessSecretVersionResponse()
694 pb_resp = service.AccessSecretVersionResponse.pb(resp)
695
696 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
697 resp = self._interceptor.post_access_secret_version(resp)
698 return resp
699
700 class _AddSecretVersion(SecretManagerServiceRestStub):
701 def __hash__(self):
702 return hash("AddSecretVersion")
703
704 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
705
706 @classmethod
707 def _get_unset_required_fields(cls, message_dict):
708 return {
709 k: v
710 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
711 if k not in message_dict
712 }
713
714 def __call__(
715 self,
716 request: service.AddSecretVersionRequest,
717 *,
718 retry: OptionalRetry = gapic_v1.method.DEFAULT,
719 timeout: Optional[float] = None,
720 metadata: Sequence[Tuple[str, str]] = (),
721 ) -> resources.SecretVersion:
722 r"""Call the add secret version method over HTTP.
723
724 Args:
725 request (~.service.AddSecretVersionRequest):
726 The request object. Request message for
727 [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion].
728 retry (google.api_core.retry.Retry): Designation of what errors, if any,
729 should be retried.
730 timeout (float): The timeout for this request.
731 metadata (Sequence[Tuple[str, str]]): Strings which should be
732 sent along with the request as metadata.
733
734 Returns:
735 ~.resources.SecretVersion:
736 A secret version resource in the
737 Secret Manager API.
738
739 """
740
741 http_options: List[Dict[str, str]] = [
742 {
743 "method": "post",
744 "uri": "/v1beta1/{parent=projects/*/secrets/*}:addVersion",
745 "body": "*",
746 },
747 ]
748 request, metadata = self._interceptor.pre_add_secret_version(
749 request, metadata
750 )
751 pb_request = service.AddSecretVersionRequest.pb(request)
752 transcoded_request = path_template.transcode(http_options, pb_request)
753
754 # Jsonify the request body
755
756 body = json_format.MessageToJson(
757 transcoded_request["body"],
758 including_default_value_fields=False,
759 use_integers_for_enums=True,
760 )
761 uri = transcoded_request["uri"]
762 method = transcoded_request["method"]
763
764 # Jsonify the query params
765 query_params = json.loads(
766 json_format.MessageToJson(
767 transcoded_request["query_params"],
768 including_default_value_fields=False,
769 use_integers_for_enums=True,
770 )
771 )
772 query_params.update(self._get_unset_required_fields(query_params))
773
774 query_params["$alt"] = "json;enum-encoding=int"
775
776 # Send the request
777 headers = dict(metadata)
778 headers["Content-Type"] = "application/json"
779 response = getattr(self._session, method)(
780 "{host}{uri}".format(host=self._host, uri=uri),
781 timeout=timeout,
782 headers=headers,
783 params=rest_helpers.flatten_query_params(query_params, strict=True),
784 data=body,
785 )
786
787 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
788 # subclass.
789 if response.status_code >= 400:
790 raise core_exceptions.from_http_response(response)
791
792 # Return the response
793 resp = resources.SecretVersion()
794 pb_resp = resources.SecretVersion.pb(resp)
795
796 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
797 resp = self._interceptor.post_add_secret_version(resp)
798 return resp
799
800 class _CreateSecret(SecretManagerServiceRestStub):
801 def __hash__(self):
802 return hash("CreateSecret")
803
804 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {
805 "secretId": "",
806 }
807
808 @classmethod
809 def _get_unset_required_fields(cls, message_dict):
810 return {
811 k: v
812 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
813 if k not in message_dict
814 }
815
816 def __call__(
817 self,
818 request: service.CreateSecretRequest,
819 *,
820 retry: OptionalRetry = gapic_v1.method.DEFAULT,
821 timeout: Optional[float] = None,
822 metadata: Sequence[Tuple[str, str]] = (),
823 ) -> resources.Secret:
824 r"""Call the create secret method over HTTP.
825
826 Args:
827 request (~.service.CreateSecretRequest):
828 The request object. Request message for
829 [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret].
830 retry (google.api_core.retry.Retry): Designation of what errors, if any,
831 should be retried.
832 timeout (float): The timeout for this request.
833 metadata (Sequence[Tuple[str, str]]): Strings which should be
834 sent along with the request as metadata.
835
836 Returns:
837 ~.resources.Secret:
838 A [Secret][google.cloud.secrets.v1beta1.Secret] is a
839 logical secret whose value and versions can be accessed.
840
841 A [Secret][google.cloud.secrets.v1beta1.Secret] is made
842 up of zero or more
843 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
844 that represent the secret data.
845
846 """
847
848 http_options: List[Dict[str, str]] = [
849 {
850 "method": "post",
851 "uri": "/v1beta1/{parent=projects/*}/secrets",
852 "body": "secret",
853 },
854 ]
855 request, metadata = self._interceptor.pre_create_secret(request, metadata)
856 pb_request = service.CreateSecretRequest.pb(request)
857 transcoded_request = path_template.transcode(http_options, pb_request)
858
859 # Jsonify the request body
860
861 body = json_format.MessageToJson(
862 transcoded_request["body"],
863 including_default_value_fields=False,
864 use_integers_for_enums=True,
865 )
866 uri = transcoded_request["uri"]
867 method = transcoded_request["method"]
868
869 # Jsonify the query params
870 query_params = json.loads(
871 json_format.MessageToJson(
872 transcoded_request["query_params"],
873 including_default_value_fields=False,
874 use_integers_for_enums=True,
875 )
876 )
877 query_params.update(self._get_unset_required_fields(query_params))
878
879 query_params["$alt"] = "json;enum-encoding=int"
880
881 # Send the request
882 headers = dict(metadata)
883 headers["Content-Type"] = "application/json"
884 response = getattr(self._session, method)(
885 "{host}{uri}".format(host=self._host, uri=uri),
886 timeout=timeout,
887 headers=headers,
888 params=rest_helpers.flatten_query_params(query_params, strict=True),
889 data=body,
890 )
891
892 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
893 # subclass.
894 if response.status_code >= 400:
895 raise core_exceptions.from_http_response(response)
896
897 # Return the response
898 resp = resources.Secret()
899 pb_resp = resources.Secret.pb(resp)
900
901 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
902 resp = self._interceptor.post_create_secret(resp)
903 return resp
904
905 class _DeleteSecret(SecretManagerServiceRestStub):
906 def __hash__(self):
907 return hash("DeleteSecret")
908
909 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
910
911 @classmethod
912 def _get_unset_required_fields(cls, message_dict):
913 return {
914 k: v
915 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
916 if k not in message_dict
917 }
918
919 def __call__(
920 self,
921 request: service.DeleteSecretRequest,
922 *,
923 retry: OptionalRetry = gapic_v1.method.DEFAULT,
924 timeout: Optional[float] = None,
925 metadata: Sequence[Tuple[str, str]] = (),
926 ):
927 r"""Call the delete secret method over HTTP.
928
929 Args:
930 request (~.service.DeleteSecretRequest):
931 The request object. Request message for
932 [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret].
933 retry (google.api_core.retry.Retry): Designation of what errors, if any,
934 should be retried.
935 timeout (float): The timeout for this request.
936 metadata (Sequence[Tuple[str, str]]): Strings which should be
937 sent along with the request as metadata.
938 """
939
940 http_options: List[Dict[str, str]] = [
941 {
942 "method": "delete",
943 "uri": "/v1beta1/{name=projects/*/secrets/*}",
944 },
945 ]
946 request, metadata = self._interceptor.pre_delete_secret(request, metadata)
947 pb_request = service.DeleteSecretRequest.pb(request)
948 transcoded_request = path_template.transcode(http_options, pb_request)
949
950 uri = transcoded_request["uri"]
951 method = transcoded_request["method"]
952
953 # Jsonify the query params
954 query_params = json.loads(
955 json_format.MessageToJson(
956 transcoded_request["query_params"],
957 including_default_value_fields=False,
958 use_integers_for_enums=True,
959 )
960 )
961 query_params.update(self._get_unset_required_fields(query_params))
962
963 query_params["$alt"] = "json;enum-encoding=int"
964
965 # Send the request
966 headers = dict(metadata)
967 headers["Content-Type"] = "application/json"
968 response = getattr(self._session, method)(
969 "{host}{uri}".format(host=self._host, uri=uri),
970 timeout=timeout,
971 headers=headers,
972 params=rest_helpers.flatten_query_params(query_params, strict=True),
973 )
974
975 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
976 # subclass.
977 if response.status_code >= 400:
978 raise core_exceptions.from_http_response(response)
979
980 class _DestroySecretVersion(SecretManagerServiceRestStub):
981 def __hash__(self):
982 return hash("DestroySecretVersion")
983
984 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
985
986 @classmethod
987 def _get_unset_required_fields(cls, message_dict):
988 return {
989 k: v
990 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
991 if k not in message_dict
992 }
993
994 def __call__(
995 self,
996 request: service.DestroySecretVersionRequest,
997 *,
998 retry: OptionalRetry = gapic_v1.method.DEFAULT,
999 timeout: Optional[float] = None,
1000 metadata: Sequence[Tuple[str, str]] = (),
1001 ) -> resources.SecretVersion:
1002 r"""Call the destroy secret version method over HTTP.
1003
1004 Args:
1005 request (~.service.DestroySecretVersionRequest):
1006 The request object. Request message for
1007 [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion].
1008 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1009 should be retried.
1010 timeout (float): The timeout for this request.
1011 metadata (Sequence[Tuple[str, str]]): Strings which should be
1012 sent along with the request as metadata.
1013
1014 Returns:
1015 ~.resources.SecretVersion:
1016 A secret version resource in the
1017 Secret Manager API.
1018
1019 """
1020
1021 http_options: List[Dict[str, str]] = [
1022 {
1023 "method": "post",
1024 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}:destroy",
1025 "body": "*",
1026 },
1027 ]
1028 request, metadata = self._interceptor.pre_destroy_secret_version(
1029 request, metadata
1030 )
1031 pb_request = service.DestroySecretVersionRequest.pb(request)
1032 transcoded_request = path_template.transcode(http_options, pb_request)
1033
1034 # Jsonify the request body
1035
1036 body = json_format.MessageToJson(
1037 transcoded_request["body"],
1038 including_default_value_fields=False,
1039 use_integers_for_enums=True,
1040 )
1041 uri = transcoded_request["uri"]
1042 method = transcoded_request["method"]
1043
1044 # Jsonify the query params
1045 query_params = json.loads(
1046 json_format.MessageToJson(
1047 transcoded_request["query_params"],
1048 including_default_value_fields=False,
1049 use_integers_for_enums=True,
1050 )
1051 )
1052 query_params.update(self._get_unset_required_fields(query_params))
1053
1054 query_params["$alt"] = "json;enum-encoding=int"
1055
1056 # Send the request
1057 headers = dict(metadata)
1058 headers["Content-Type"] = "application/json"
1059 response = getattr(self._session, method)(
1060 "{host}{uri}".format(host=self._host, uri=uri),
1061 timeout=timeout,
1062 headers=headers,
1063 params=rest_helpers.flatten_query_params(query_params, strict=True),
1064 data=body,
1065 )
1066
1067 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1068 # subclass.
1069 if response.status_code >= 400:
1070 raise core_exceptions.from_http_response(response)
1071
1072 # Return the response
1073 resp = resources.SecretVersion()
1074 pb_resp = resources.SecretVersion.pb(resp)
1075
1076 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1077 resp = self._interceptor.post_destroy_secret_version(resp)
1078 return resp
1079
1080 class _DisableSecretVersion(SecretManagerServiceRestStub):
1081 def __hash__(self):
1082 return hash("DisableSecretVersion")
1083
1084 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1085
1086 @classmethod
1087 def _get_unset_required_fields(cls, message_dict):
1088 return {
1089 k: v
1090 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1091 if k not in message_dict
1092 }
1093
1094 def __call__(
1095 self,
1096 request: service.DisableSecretVersionRequest,
1097 *,
1098 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1099 timeout: Optional[float] = None,
1100 metadata: Sequence[Tuple[str, str]] = (),
1101 ) -> resources.SecretVersion:
1102 r"""Call the disable secret version method over HTTP.
1103
1104 Args:
1105 request (~.service.DisableSecretVersionRequest):
1106 The request object. Request message for
1107 [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion].
1108 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1109 should be retried.
1110 timeout (float): The timeout for this request.
1111 metadata (Sequence[Tuple[str, str]]): Strings which should be
1112 sent along with the request as metadata.
1113
1114 Returns:
1115 ~.resources.SecretVersion:
1116 A secret version resource in the
1117 Secret Manager API.
1118
1119 """
1120
1121 http_options: List[Dict[str, str]] = [
1122 {
1123 "method": "post",
1124 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}:disable",
1125 "body": "*",
1126 },
1127 ]
1128 request, metadata = self._interceptor.pre_disable_secret_version(
1129 request, metadata
1130 )
1131 pb_request = service.DisableSecretVersionRequest.pb(request)
1132 transcoded_request = path_template.transcode(http_options, pb_request)
1133
1134 # Jsonify the request body
1135
1136 body = json_format.MessageToJson(
1137 transcoded_request["body"],
1138 including_default_value_fields=False,
1139 use_integers_for_enums=True,
1140 )
1141 uri = transcoded_request["uri"]
1142 method = transcoded_request["method"]
1143
1144 # Jsonify the query params
1145 query_params = json.loads(
1146 json_format.MessageToJson(
1147 transcoded_request["query_params"],
1148 including_default_value_fields=False,
1149 use_integers_for_enums=True,
1150 )
1151 )
1152 query_params.update(self._get_unset_required_fields(query_params))
1153
1154 query_params["$alt"] = "json;enum-encoding=int"
1155
1156 # Send the request
1157 headers = dict(metadata)
1158 headers["Content-Type"] = "application/json"
1159 response = getattr(self._session, method)(
1160 "{host}{uri}".format(host=self._host, uri=uri),
1161 timeout=timeout,
1162 headers=headers,
1163 params=rest_helpers.flatten_query_params(query_params, strict=True),
1164 data=body,
1165 )
1166
1167 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1168 # subclass.
1169 if response.status_code >= 400:
1170 raise core_exceptions.from_http_response(response)
1171
1172 # Return the response
1173 resp = resources.SecretVersion()
1174 pb_resp = resources.SecretVersion.pb(resp)
1175
1176 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1177 resp = self._interceptor.post_disable_secret_version(resp)
1178 return resp
1179
1180 class _EnableSecretVersion(SecretManagerServiceRestStub):
1181 def __hash__(self):
1182 return hash("EnableSecretVersion")
1183
1184 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1185
1186 @classmethod
1187 def _get_unset_required_fields(cls, message_dict):
1188 return {
1189 k: v
1190 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1191 if k not in message_dict
1192 }
1193
1194 def __call__(
1195 self,
1196 request: service.EnableSecretVersionRequest,
1197 *,
1198 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1199 timeout: Optional[float] = None,
1200 metadata: Sequence[Tuple[str, str]] = (),
1201 ) -> resources.SecretVersion:
1202 r"""Call the enable secret version method over HTTP.
1203
1204 Args:
1205 request (~.service.EnableSecretVersionRequest):
1206 The request object. Request message for
1207 [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion].
1208 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1209 should be retried.
1210 timeout (float): The timeout for this request.
1211 metadata (Sequence[Tuple[str, str]]): Strings which should be
1212 sent along with the request as metadata.
1213
1214 Returns:
1215 ~.resources.SecretVersion:
1216 A secret version resource in the
1217 Secret Manager API.
1218
1219 """
1220
1221 http_options: List[Dict[str, str]] = [
1222 {
1223 "method": "post",
1224 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}:enable",
1225 "body": "*",
1226 },
1227 ]
1228 request, metadata = self._interceptor.pre_enable_secret_version(
1229 request, metadata
1230 )
1231 pb_request = service.EnableSecretVersionRequest.pb(request)
1232 transcoded_request = path_template.transcode(http_options, pb_request)
1233
1234 # Jsonify the request body
1235
1236 body = json_format.MessageToJson(
1237 transcoded_request["body"],
1238 including_default_value_fields=False,
1239 use_integers_for_enums=True,
1240 )
1241 uri = transcoded_request["uri"]
1242 method = transcoded_request["method"]
1243
1244 # Jsonify the query params
1245 query_params = json.loads(
1246 json_format.MessageToJson(
1247 transcoded_request["query_params"],
1248 including_default_value_fields=False,
1249 use_integers_for_enums=True,
1250 )
1251 )
1252 query_params.update(self._get_unset_required_fields(query_params))
1253
1254 query_params["$alt"] = "json;enum-encoding=int"
1255
1256 # Send the request
1257 headers = dict(metadata)
1258 headers["Content-Type"] = "application/json"
1259 response = getattr(self._session, method)(
1260 "{host}{uri}".format(host=self._host, uri=uri),
1261 timeout=timeout,
1262 headers=headers,
1263 params=rest_helpers.flatten_query_params(query_params, strict=True),
1264 data=body,
1265 )
1266
1267 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1268 # subclass.
1269 if response.status_code >= 400:
1270 raise core_exceptions.from_http_response(response)
1271
1272 # Return the response
1273 resp = resources.SecretVersion()
1274 pb_resp = resources.SecretVersion.pb(resp)
1275
1276 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1277 resp = self._interceptor.post_enable_secret_version(resp)
1278 return resp
1279
1280 class _GetIamPolicy(SecretManagerServiceRestStub):
1281 def __hash__(self):
1282 return hash("GetIamPolicy")
1283
1284 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1285
1286 @classmethod
1287 def _get_unset_required_fields(cls, message_dict):
1288 return {
1289 k: v
1290 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1291 if k not in message_dict
1292 }
1293
1294 def __call__(
1295 self,
1296 request: iam_policy_pb2.GetIamPolicyRequest,
1297 *,
1298 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1299 timeout: Optional[float] = None,
1300 metadata: Sequence[Tuple[str, str]] = (),
1301 ) -> policy_pb2.Policy:
1302 r"""Call the get iam policy method over HTTP.
1303
1304 Args:
1305 request (~.iam_policy_pb2.GetIamPolicyRequest):
1306 The request object. Request message for ``GetIamPolicy`` method.
1307 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1308 should be retried.
1309 timeout (float): The timeout for this request.
1310 metadata (Sequence[Tuple[str, str]]): Strings which should be
1311 sent along with the request as metadata.
1312
1313 Returns:
1314 ~.policy_pb2.Policy:
1315 An Identity and Access Management (IAM) policy, which
1316 specifies access controls for Google Cloud resources.
1317
1318 A ``Policy`` is a collection of ``bindings``. A
1319 ``binding`` binds one or more ``members``, or
1320 principals, to a single ``role``. Principals can be user
1321 accounts, service accounts, Google groups, and domains
1322 (such as G Suite). A ``role`` is a named list of
1323 permissions; each ``role`` can be an IAM predefined role
1324 or a user-created custom role.
1325
1326 For some types of Google Cloud resources, a ``binding``
1327 can also specify a ``condition``, which is a logical
1328 expression that allows access to a resource only if the
1329 expression evaluates to ``true``. A condition can add
1330 constraints based on attributes of the request, the
1331 resource, or both. To learn which resources support
1332 conditions in their IAM policies, see the `IAM
1333 documentation <https://cloud.google.com/iam/help/conditions/resource-policies>`__.
1334
1335 **JSON example:**
1336
1337 ::
1338
1339 {
1340 "bindings": [
1341 {
1342 "role": "roles/resourcemanager.organizationAdmin",
1343 "members": [
1344 "user:mike@example.com",
1345 "group:admins@example.com",
1346 "domain:google.com",
1347 "serviceAccount:my-project-id@appspot.gserviceaccount.com"
1348 ]
1349 },
1350 {
1351 "role": "roles/resourcemanager.organizationViewer",
1352 "members": [
1353 "user:eve@example.com"
1354 ],
1355 "condition": {
1356 "title": "expirable access",
1357 "description": "Does not grant access after Sep 2020",
1358 "expression": "request.time <
1359 timestamp('2020-10-01T00:00:00.000Z')",
1360 }
1361 }
1362 ],
1363 "etag": "BwWWja0YfJA=",
1364 "version": 3
1365 }
1366
1367 **YAML example:**
1368
1369 ::
1370
1371 bindings:
1372 - members:
1373 - user:mike@example.com
1374 - group:admins@example.com
1375 - domain:google.com
1376 - serviceAccount:my-project-id@appspot.gserviceaccount.com
1377 role: roles/resourcemanager.organizationAdmin
1378 - members:
1379 - user:eve@example.com
1380 role: roles/resourcemanager.organizationViewer
1381 condition:
1382 title: expirable access
1383 description: Does not grant access after Sep 2020
1384 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
1385 etag: BwWWja0YfJA=
1386 version: 3
1387
1388 For a description of IAM and its features, see the `IAM
1389 documentation <https://cloud.google.com/iam/docs/>`__.
1390
1391 """
1392
1393 http_options: List[Dict[str, str]] = [
1394 {
1395 "method": "get",
1396 "uri": "/v1beta1/{resource=projects/*/secrets/*}:getIamPolicy",
1397 },
1398 ]
1399 request, metadata = self._interceptor.pre_get_iam_policy(request, metadata)
1400 pb_request = request
1401 transcoded_request = path_template.transcode(http_options, pb_request)
1402
1403 uri = transcoded_request["uri"]
1404 method = transcoded_request["method"]
1405
1406 # Jsonify the query params
1407 query_params = json.loads(
1408 json_format.MessageToJson(
1409 transcoded_request["query_params"],
1410 including_default_value_fields=False,
1411 use_integers_for_enums=True,
1412 )
1413 )
1414 query_params.update(self._get_unset_required_fields(query_params))
1415
1416 query_params["$alt"] = "json;enum-encoding=int"
1417
1418 # Send the request
1419 headers = dict(metadata)
1420 headers["Content-Type"] = "application/json"
1421 response = getattr(self._session, method)(
1422 "{host}{uri}".format(host=self._host, uri=uri),
1423 timeout=timeout,
1424 headers=headers,
1425 params=rest_helpers.flatten_query_params(query_params, strict=True),
1426 )
1427
1428 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1429 # subclass.
1430 if response.status_code >= 400:
1431 raise core_exceptions.from_http_response(response)
1432
1433 # Return the response
1434 resp = policy_pb2.Policy()
1435 pb_resp = resp
1436
1437 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1438 resp = self._interceptor.post_get_iam_policy(resp)
1439 return resp
1440
1441 class _GetSecret(SecretManagerServiceRestStub):
1442 def __hash__(self):
1443 return hash("GetSecret")
1444
1445 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1446
1447 @classmethod
1448 def _get_unset_required_fields(cls, message_dict):
1449 return {
1450 k: v
1451 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1452 if k not in message_dict
1453 }
1454
1455 def __call__(
1456 self,
1457 request: service.GetSecretRequest,
1458 *,
1459 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1460 timeout: Optional[float] = None,
1461 metadata: Sequence[Tuple[str, str]] = (),
1462 ) -> resources.Secret:
1463 r"""Call the get secret method over HTTP.
1464
1465 Args:
1466 request (~.service.GetSecretRequest):
1467 The request object. Request message for
1468 [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret].
1469 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1470 should be retried.
1471 timeout (float): The timeout for this request.
1472 metadata (Sequence[Tuple[str, str]]): Strings which should be
1473 sent along with the request as metadata.
1474
1475 Returns:
1476 ~.resources.Secret:
1477 A [Secret][google.cloud.secrets.v1beta1.Secret] is a
1478 logical secret whose value and versions can be accessed.
1479
1480 A [Secret][google.cloud.secrets.v1beta1.Secret] is made
1481 up of zero or more
1482 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
1483 that represent the secret data.
1484
1485 """
1486
1487 http_options: List[Dict[str, str]] = [
1488 {
1489 "method": "get",
1490 "uri": "/v1beta1/{name=projects/*/secrets/*}",
1491 },
1492 ]
1493 request, metadata = self._interceptor.pre_get_secret(request, metadata)
1494 pb_request = service.GetSecretRequest.pb(request)
1495 transcoded_request = path_template.transcode(http_options, pb_request)
1496
1497 uri = transcoded_request["uri"]
1498 method = transcoded_request["method"]
1499
1500 # Jsonify the query params
1501 query_params = json.loads(
1502 json_format.MessageToJson(
1503 transcoded_request["query_params"],
1504 including_default_value_fields=False,
1505 use_integers_for_enums=True,
1506 )
1507 )
1508 query_params.update(self._get_unset_required_fields(query_params))
1509
1510 query_params["$alt"] = "json;enum-encoding=int"
1511
1512 # Send the request
1513 headers = dict(metadata)
1514 headers["Content-Type"] = "application/json"
1515 response = getattr(self._session, method)(
1516 "{host}{uri}".format(host=self._host, uri=uri),
1517 timeout=timeout,
1518 headers=headers,
1519 params=rest_helpers.flatten_query_params(query_params, strict=True),
1520 )
1521
1522 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1523 # subclass.
1524 if response.status_code >= 400:
1525 raise core_exceptions.from_http_response(response)
1526
1527 # Return the response
1528 resp = resources.Secret()
1529 pb_resp = resources.Secret.pb(resp)
1530
1531 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1532 resp = self._interceptor.post_get_secret(resp)
1533 return resp
1534
1535 class _GetSecretVersion(SecretManagerServiceRestStub):
1536 def __hash__(self):
1537 return hash("GetSecretVersion")
1538
1539 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1540
1541 @classmethod
1542 def _get_unset_required_fields(cls, message_dict):
1543 return {
1544 k: v
1545 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1546 if k not in message_dict
1547 }
1548
1549 def __call__(
1550 self,
1551 request: service.GetSecretVersionRequest,
1552 *,
1553 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1554 timeout: Optional[float] = None,
1555 metadata: Sequence[Tuple[str, str]] = (),
1556 ) -> resources.SecretVersion:
1557 r"""Call the get secret version method over HTTP.
1558
1559 Args:
1560 request (~.service.GetSecretVersionRequest):
1561 The request object. Request message for
1562 [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion].
1563 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1564 should be retried.
1565 timeout (float): The timeout for this request.
1566 metadata (Sequence[Tuple[str, str]]): Strings which should be
1567 sent along with the request as metadata.
1568
1569 Returns:
1570 ~.resources.SecretVersion:
1571 A secret version resource in the
1572 Secret Manager API.
1573
1574 """
1575
1576 http_options: List[Dict[str, str]] = [
1577 {
1578 "method": "get",
1579 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}",
1580 },
1581 ]
1582 request, metadata = self._interceptor.pre_get_secret_version(
1583 request, metadata
1584 )
1585 pb_request = service.GetSecretVersionRequest.pb(request)
1586 transcoded_request = path_template.transcode(http_options, pb_request)
1587
1588 uri = transcoded_request["uri"]
1589 method = transcoded_request["method"]
1590
1591 # Jsonify the query params
1592 query_params = json.loads(
1593 json_format.MessageToJson(
1594 transcoded_request["query_params"],
1595 including_default_value_fields=False,
1596 use_integers_for_enums=True,
1597 )
1598 )
1599 query_params.update(self._get_unset_required_fields(query_params))
1600
1601 query_params["$alt"] = "json;enum-encoding=int"
1602
1603 # Send the request
1604 headers = dict(metadata)
1605 headers["Content-Type"] = "application/json"
1606 response = getattr(self._session, method)(
1607 "{host}{uri}".format(host=self._host, uri=uri),
1608 timeout=timeout,
1609 headers=headers,
1610 params=rest_helpers.flatten_query_params(query_params, strict=True),
1611 )
1612
1613 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1614 # subclass.
1615 if response.status_code >= 400:
1616 raise core_exceptions.from_http_response(response)
1617
1618 # Return the response
1619 resp = resources.SecretVersion()
1620 pb_resp = resources.SecretVersion.pb(resp)
1621
1622 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1623 resp = self._interceptor.post_get_secret_version(resp)
1624 return resp
1625
1626 class _ListSecrets(SecretManagerServiceRestStub):
1627 def __hash__(self):
1628 return hash("ListSecrets")
1629
1630 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1631
1632 @classmethod
1633 def _get_unset_required_fields(cls, message_dict):
1634 return {
1635 k: v
1636 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1637 if k not in message_dict
1638 }
1639
1640 def __call__(
1641 self,
1642 request: service.ListSecretsRequest,
1643 *,
1644 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1645 timeout: Optional[float] = None,
1646 metadata: Sequence[Tuple[str, str]] = (),
1647 ) -> service.ListSecretsResponse:
1648 r"""Call the list secrets method over HTTP.
1649
1650 Args:
1651 request (~.service.ListSecretsRequest):
1652 The request object. Request message for
1653 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets].
1654 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1655 should be retried.
1656 timeout (float): The timeout for this request.
1657 metadata (Sequence[Tuple[str, str]]): Strings which should be
1658 sent along with the request as metadata.
1659
1660 Returns:
1661 ~.service.ListSecretsResponse:
1662 Response message for
1663 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets].
1664
1665 """
1666
1667 http_options: List[Dict[str, str]] = [
1668 {
1669 "method": "get",
1670 "uri": "/v1beta1/{parent=projects/*}/secrets",
1671 },
1672 ]
1673 request, metadata = self._interceptor.pre_list_secrets(request, metadata)
1674 pb_request = service.ListSecretsRequest.pb(request)
1675 transcoded_request = path_template.transcode(http_options, pb_request)
1676
1677 uri = transcoded_request["uri"]
1678 method = transcoded_request["method"]
1679
1680 # Jsonify the query params
1681 query_params = json.loads(
1682 json_format.MessageToJson(
1683 transcoded_request["query_params"],
1684 including_default_value_fields=False,
1685 use_integers_for_enums=True,
1686 )
1687 )
1688 query_params.update(self._get_unset_required_fields(query_params))
1689
1690 query_params["$alt"] = "json;enum-encoding=int"
1691
1692 # Send the request
1693 headers = dict(metadata)
1694 headers["Content-Type"] = "application/json"
1695 response = getattr(self._session, method)(
1696 "{host}{uri}".format(host=self._host, uri=uri),
1697 timeout=timeout,
1698 headers=headers,
1699 params=rest_helpers.flatten_query_params(query_params, strict=True),
1700 )
1701
1702 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1703 # subclass.
1704 if response.status_code >= 400:
1705 raise core_exceptions.from_http_response(response)
1706
1707 # Return the response
1708 resp = service.ListSecretsResponse()
1709 pb_resp = service.ListSecretsResponse.pb(resp)
1710
1711 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1712 resp = self._interceptor.post_list_secrets(resp)
1713 return resp
1714
1715 class _ListSecretVersions(SecretManagerServiceRestStub):
1716 def __hash__(self):
1717 return hash("ListSecretVersions")
1718
1719 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1720
1721 @classmethod
1722 def _get_unset_required_fields(cls, message_dict):
1723 return {
1724 k: v
1725 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1726 if k not in message_dict
1727 }
1728
1729 def __call__(
1730 self,
1731 request: service.ListSecretVersionsRequest,
1732 *,
1733 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1734 timeout: Optional[float] = None,
1735 metadata: Sequence[Tuple[str, str]] = (),
1736 ) -> service.ListSecretVersionsResponse:
1737 r"""Call the list secret versions method over HTTP.
1738
1739 Args:
1740 request (~.service.ListSecretVersionsRequest):
1741 The request object. Request message for
1742 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions].
1743 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1744 should be retried.
1745 timeout (float): The timeout for this request.
1746 metadata (Sequence[Tuple[str, str]]): Strings which should be
1747 sent along with the request as metadata.
1748
1749 Returns:
1750 ~.service.ListSecretVersionsResponse:
1751 Response message for
1752 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions].
1753
1754 """
1755
1756 http_options: List[Dict[str, str]] = [
1757 {
1758 "method": "get",
1759 "uri": "/v1beta1/{parent=projects/*/secrets/*}/versions",
1760 },
1761 ]
1762 request, metadata = self._interceptor.pre_list_secret_versions(
1763 request, metadata
1764 )
1765 pb_request = service.ListSecretVersionsRequest.pb(request)
1766 transcoded_request = path_template.transcode(http_options, pb_request)
1767
1768 uri = transcoded_request["uri"]
1769 method = transcoded_request["method"]
1770
1771 # Jsonify the query params
1772 query_params = json.loads(
1773 json_format.MessageToJson(
1774 transcoded_request["query_params"],
1775 including_default_value_fields=False,
1776 use_integers_for_enums=True,
1777 )
1778 )
1779 query_params.update(self._get_unset_required_fields(query_params))
1780
1781 query_params["$alt"] = "json;enum-encoding=int"
1782
1783 # Send the request
1784 headers = dict(metadata)
1785 headers["Content-Type"] = "application/json"
1786 response = getattr(self._session, method)(
1787 "{host}{uri}".format(host=self._host, uri=uri),
1788 timeout=timeout,
1789 headers=headers,
1790 params=rest_helpers.flatten_query_params(query_params, strict=True),
1791 )
1792
1793 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1794 # subclass.
1795 if response.status_code >= 400:
1796 raise core_exceptions.from_http_response(response)
1797
1798 # Return the response
1799 resp = service.ListSecretVersionsResponse()
1800 pb_resp = service.ListSecretVersionsResponse.pb(resp)
1801
1802 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1803 resp = self._interceptor.post_list_secret_versions(resp)
1804 return resp
1805
1806 class _SetIamPolicy(SecretManagerServiceRestStub):
1807 def __hash__(self):
1808 return hash("SetIamPolicy")
1809
1810 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1811
1812 @classmethod
1813 def _get_unset_required_fields(cls, message_dict):
1814 return {
1815 k: v
1816 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1817 if k not in message_dict
1818 }
1819
1820 def __call__(
1821 self,
1822 request: iam_policy_pb2.SetIamPolicyRequest,
1823 *,
1824 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1825 timeout: Optional[float] = None,
1826 metadata: Sequence[Tuple[str, str]] = (),
1827 ) -> policy_pb2.Policy:
1828 r"""Call the set iam policy method over HTTP.
1829
1830 Args:
1831 request (~.iam_policy_pb2.SetIamPolicyRequest):
1832 The request object. Request message for ``SetIamPolicy`` method.
1833 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1834 should be retried.
1835 timeout (float): The timeout for this request.
1836 metadata (Sequence[Tuple[str, str]]): Strings which should be
1837 sent along with the request as metadata.
1838
1839 Returns:
1840 ~.policy_pb2.Policy:
1841 An Identity and Access Management (IAM) policy, which
1842 specifies access controls for Google Cloud resources.
1843
1844 A ``Policy`` is a collection of ``bindings``. A
1845 ``binding`` binds one or more ``members``, or
1846 principals, to a single ``role``. Principals can be user
1847 accounts, service accounts, Google groups, and domains
1848 (such as G Suite). A ``role`` is a named list of
1849 permissions; each ``role`` can be an IAM predefined role
1850 or a user-created custom role.
1851
1852 For some types of Google Cloud resources, a ``binding``
1853 can also specify a ``condition``, which is a logical
1854 expression that allows access to a resource only if the
1855 expression evaluates to ``true``. A condition can add
1856 constraints based on attributes of the request, the
1857 resource, or both. To learn which resources support
1858 conditions in their IAM policies, see the `IAM
1859 documentation <https://cloud.google.com/iam/help/conditions/resource-policies>`__.
1860
1861 **JSON example:**
1862
1863 ::
1864
1865 {
1866 "bindings": [
1867 {
1868 "role": "roles/resourcemanager.organizationAdmin",
1869 "members": [
1870 "user:mike@example.com",
1871 "group:admins@example.com",
1872 "domain:google.com",
1873 "serviceAccount:my-project-id@appspot.gserviceaccount.com"
1874 ]
1875 },
1876 {
1877 "role": "roles/resourcemanager.organizationViewer",
1878 "members": [
1879 "user:eve@example.com"
1880 ],
1881 "condition": {
1882 "title": "expirable access",
1883 "description": "Does not grant access after Sep 2020",
1884 "expression": "request.time <
1885 timestamp('2020-10-01T00:00:00.000Z')",
1886 }
1887 }
1888 ],
1889 "etag": "BwWWja0YfJA=",
1890 "version": 3
1891 }
1892
1893 **YAML example:**
1894
1895 ::
1896
1897 bindings:
1898 - members:
1899 - user:mike@example.com
1900 - group:admins@example.com
1901 - domain:google.com
1902 - serviceAccount:my-project-id@appspot.gserviceaccount.com
1903 role: roles/resourcemanager.organizationAdmin
1904 - members:
1905 - user:eve@example.com
1906 role: roles/resourcemanager.organizationViewer
1907 condition:
1908 title: expirable access
1909 description: Does not grant access after Sep 2020
1910 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
1911 etag: BwWWja0YfJA=
1912 version: 3
1913
1914 For a description of IAM and its features, see the `IAM
1915 documentation <https://cloud.google.com/iam/docs/>`__.
1916
1917 """
1918
1919 http_options: List[Dict[str, str]] = [
1920 {
1921 "method": "post",
1922 "uri": "/v1beta1/{resource=projects/*/secrets/*}:setIamPolicy",
1923 "body": "*",
1924 },
1925 ]
1926 request, metadata = self._interceptor.pre_set_iam_policy(request, metadata)
1927 pb_request = request
1928 transcoded_request = path_template.transcode(http_options, pb_request)
1929
1930 # Jsonify the request body
1931
1932 body = json_format.MessageToJson(
1933 transcoded_request["body"],
1934 including_default_value_fields=False,
1935 use_integers_for_enums=True,
1936 )
1937 uri = transcoded_request["uri"]
1938 method = transcoded_request["method"]
1939
1940 # Jsonify the query params
1941 query_params = json.loads(
1942 json_format.MessageToJson(
1943 transcoded_request["query_params"],
1944 including_default_value_fields=False,
1945 use_integers_for_enums=True,
1946 )
1947 )
1948 query_params.update(self._get_unset_required_fields(query_params))
1949
1950 query_params["$alt"] = "json;enum-encoding=int"
1951
1952 # Send the request
1953 headers = dict(metadata)
1954 headers["Content-Type"] = "application/json"
1955 response = getattr(self._session, method)(
1956 "{host}{uri}".format(host=self._host, uri=uri),
1957 timeout=timeout,
1958 headers=headers,
1959 params=rest_helpers.flatten_query_params(query_params, strict=True),
1960 data=body,
1961 )
1962
1963 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1964 # subclass.
1965 if response.status_code >= 400:
1966 raise core_exceptions.from_http_response(response)
1967
1968 # Return the response
1969 resp = policy_pb2.Policy()
1970 pb_resp = resp
1971
1972 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1973 resp = self._interceptor.post_set_iam_policy(resp)
1974 return resp
1975
1976 class _TestIamPermissions(SecretManagerServiceRestStub):
1977 def __hash__(self):
1978 return hash("TestIamPermissions")
1979
1980 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1981
1982 @classmethod
1983 def _get_unset_required_fields(cls, message_dict):
1984 return {
1985 k: v
1986 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1987 if k not in message_dict
1988 }
1989
1990 def __call__(
1991 self,
1992 request: iam_policy_pb2.TestIamPermissionsRequest,
1993 *,
1994 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1995 timeout: Optional[float] = None,
1996 metadata: Sequence[Tuple[str, str]] = (),
1997 ) -> iam_policy_pb2.TestIamPermissionsResponse:
1998 r"""Call the test iam permissions method over HTTP.
1999
2000 Args:
2001 request (~.iam_policy_pb2.TestIamPermissionsRequest):
2002 The request object. Request message for ``TestIamPermissions`` method.
2003 retry (google.api_core.retry.Retry): Designation of what errors, if any,
2004 should be retried.
2005 timeout (float): The timeout for this request.
2006 metadata (Sequence[Tuple[str, str]]): Strings which should be
2007 sent along with the request as metadata.
2008
2009 Returns:
2010 ~.iam_policy_pb2.TestIamPermissionsResponse:
2011 Response message for ``TestIamPermissions`` method.
2012 """
2013
2014 http_options: List[Dict[str, str]] = [
2015 {
2016 "method": "post",
2017 "uri": "/v1beta1/{resource=projects/*/secrets/*}:testIamPermissions",
2018 "body": "*",
2019 },
2020 ]
2021 request, metadata = self._interceptor.pre_test_iam_permissions(
2022 request, metadata
2023 )
2024 pb_request = request
2025 transcoded_request = path_template.transcode(http_options, pb_request)
2026
2027 # Jsonify the request body
2028
2029 body = json_format.MessageToJson(
2030 transcoded_request["body"],
2031 including_default_value_fields=False,
2032 use_integers_for_enums=True,
2033 )
2034 uri = transcoded_request["uri"]
2035 method = transcoded_request["method"]
2036
2037 # Jsonify the query params
2038 query_params = json.loads(
2039 json_format.MessageToJson(
2040 transcoded_request["query_params"],
2041 including_default_value_fields=False,
2042 use_integers_for_enums=True,
2043 )
2044 )
2045 query_params.update(self._get_unset_required_fields(query_params))
2046
2047 query_params["$alt"] = "json;enum-encoding=int"
2048
2049 # Send the request
2050 headers = dict(metadata)
2051 headers["Content-Type"] = "application/json"
2052 response = getattr(self._session, method)(
2053 "{host}{uri}".format(host=self._host, uri=uri),
2054 timeout=timeout,
2055 headers=headers,
2056 params=rest_helpers.flatten_query_params(query_params, strict=True),
2057 data=body,
2058 )
2059
2060 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
2061 # subclass.
2062 if response.status_code >= 400:
2063 raise core_exceptions.from_http_response(response)
2064
2065 # Return the response
2066 resp = iam_policy_pb2.TestIamPermissionsResponse()
2067 pb_resp = resp
2068
2069 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
2070 resp = self._interceptor.post_test_iam_permissions(resp)
2071 return resp
2072
2073 class _UpdateSecret(SecretManagerServiceRestStub):
2074 def __hash__(self):
2075 return hash("UpdateSecret")
2076
2077 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {
2078 "updateMask": {},
2079 }
2080
2081 @classmethod
2082 def _get_unset_required_fields(cls, message_dict):
2083 return {
2084 k: v
2085 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
2086 if k not in message_dict
2087 }
2088
2089 def __call__(
2090 self,
2091 request: service.UpdateSecretRequest,
2092 *,
2093 retry: OptionalRetry = gapic_v1.method.DEFAULT,
2094 timeout: Optional[float] = None,
2095 metadata: Sequence[Tuple[str, str]] = (),
2096 ) -> resources.Secret:
2097 r"""Call the update secret method over HTTP.
2098
2099 Args:
2100 request (~.service.UpdateSecretRequest):
2101 The request object. Request message for
2102 [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret].
2103 retry (google.api_core.retry.Retry): Designation of what errors, if any,
2104 should be retried.
2105 timeout (float): The timeout for this request.
2106 metadata (Sequence[Tuple[str, str]]): Strings which should be
2107 sent along with the request as metadata.
2108
2109 Returns:
2110 ~.resources.Secret:
2111 A [Secret][google.cloud.secrets.v1beta1.Secret] is a
2112 logical secret whose value and versions can be accessed.
2113
2114 A [Secret][google.cloud.secrets.v1beta1.Secret] is made
2115 up of zero or more
2116 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
2117 that represent the secret data.
2118
2119 """
2120
2121 http_options: List[Dict[str, str]] = [
2122 {
2123 "method": "patch",
2124 "uri": "/v1beta1/{secret.name=projects/*/secrets/*}",
2125 "body": "secret",
2126 },
2127 ]
2128 request, metadata = self._interceptor.pre_update_secret(request, metadata)
2129 pb_request = service.UpdateSecretRequest.pb(request)
2130 transcoded_request = path_template.transcode(http_options, pb_request)
2131
2132 # Jsonify the request body
2133
2134 body = json_format.MessageToJson(
2135 transcoded_request["body"],
2136 including_default_value_fields=False,
2137 use_integers_for_enums=True,
2138 )
2139 uri = transcoded_request["uri"]
2140 method = transcoded_request["method"]
2141
2142 # Jsonify the query params
2143 query_params = json.loads(
2144 json_format.MessageToJson(
2145 transcoded_request["query_params"],
2146 including_default_value_fields=False,
2147 use_integers_for_enums=True,
2148 )
2149 )
2150 query_params.update(self._get_unset_required_fields(query_params))
2151
2152 query_params["$alt"] = "json;enum-encoding=int"
2153
2154 # Send the request
2155 headers = dict(metadata)
2156 headers["Content-Type"] = "application/json"
2157 response = getattr(self._session, method)(
2158 "{host}{uri}".format(host=self._host, uri=uri),
2159 timeout=timeout,
2160 headers=headers,
2161 params=rest_helpers.flatten_query_params(query_params, strict=True),
2162 data=body,
2163 )
2164
2165 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
2166 # subclass.
2167 if response.status_code >= 400:
2168 raise core_exceptions.from_http_response(response)
2169
2170 # Return the response
2171 resp = resources.Secret()
2172 pb_resp = resources.Secret.pb(resp)
2173
2174 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
2175 resp = self._interceptor.post_update_secret(resp)
2176 return resp
2177
2178 @property
2179 def access_secret_version(
2180 self,
2181 ) -> Callable[
2182 [service.AccessSecretVersionRequest], service.AccessSecretVersionResponse
2183 ]:
2184 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2185 # In C++ this would require a dynamic_cast
2186 return self._AccessSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2187
2188 @property
2189 def add_secret_version(
2190 self,
2191 ) -> Callable[[service.AddSecretVersionRequest], resources.SecretVersion]:
2192 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2193 # In C++ this would require a dynamic_cast
2194 return self._AddSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2195
2196 @property
2197 def create_secret(
2198 self,
2199 ) -> Callable[[service.CreateSecretRequest], resources.Secret]:
2200 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2201 # In C++ this would require a dynamic_cast
2202 return self._CreateSecret(self._session, self._host, self._interceptor) # type: ignore
2203
2204 @property
2205 def delete_secret(self) -> Callable[[service.DeleteSecretRequest], empty_pb2.Empty]:
2206 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2207 # In C++ this would require a dynamic_cast
2208 return self._DeleteSecret(self._session, self._host, self._interceptor) # type: ignore
2209
2210 @property
2211 def destroy_secret_version(
2212 self,
2213 ) -> Callable[[service.DestroySecretVersionRequest], resources.SecretVersion]:
2214 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2215 # In C++ this would require a dynamic_cast
2216 return self._DestroySecretVersion(self._session, self._host, self._interceptor) # type: ignore
2217
2218 @property
2219 def disable_secret_version(
2220 self,
2221 ) -> Callable[[service.DisableSecretVersionRequest], resources.SecretVersion]:
2222 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2223 # In C++ this would require a dynamic_cast
2224 return self._DisableSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2225
2226 @property
2227 def enable_secret_version(
2228 self,
2229 ) -> Callable[[service.EnableSecretVersionRequest], resources.SecretVersion]:
2230 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2231 # In C++ this would require a dynamic_cast
2232 return self._EnableSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2233
2234 @property
2235 def get_iam_policy(
2236 self,
2237 ) -> Callable[[iam_policy_pb2.GetIamPolicyRequest], policy_pb2.Policy]:
2238 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2239 # In C++ this would require a dynamic_cast
2240 return self._GetIamPolicy(self._session, self._host, self._interceptor) # type: ignore
2241
2242 @property
2243 def get_secret(self) -> Callable[[service.GetSecretRequest], resources.Secret]:
2244 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2245 # In C++ this would require a dynamic_cast
2246 return self._GetSecret(self._session, self._host, self._interceptor) # type: ignore
2247
2248 @property
2249 def get_secret_version(
2250 self,
2251 ) -> Callable[[service.GetSecretVersionRequest], resources.SecretVersion]:
2252 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2253 # In C++ this would require a dynamic_cast
2254 return self._GetSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2255
2256 @property
2257 def list_secrets(
2258 self,
2259 ) -> Callable[[service.ListSecretsRequest], service.ListSecretsResponse]:
2260 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2261 # In C++ this would require a dynamic_cast
2262 return self._ListSecrets(self._session, self._host, self._interceptor) # type: ignore
2263
2264 @property
2265 def list_secret_versions(
2266 self,
2267 ) -> Callable[
2268 [service.ListSecretVersionsRequest], service.ListSecretVersionsResponse
2269 ]:
2270 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2271 # In C++ this would require a dynamic_cast
2272 return self._ListSecretVersions(self._session, self._host, self._interceptor) # type: ignore
2273
2274 @property
2275 def set_iam_policy(
2276 self,
2277 ) -> Callable[[iam_policy_pb2.SetIamPolicyRequest], policy_pb2.Policy]:
2278 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2279 # In C++ this would require a dynamic_cast
2280 return self._SetIamPolicy(self._session, self._host, self._interceptor) # type: ignore
2281
2282 @property
2283 def test_iam_permissions(
2284 self,
2285 ) -> Callable[
2286 [iam_policy_pb2.TestIamPermissionsRequest],
2287 iam_policy_pb2.TestIamPermissionsResponse,
2288 ]:
2289 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2290 # In C++ this would require a dynamic_cast
2291 return self._TestIamPermissions(self._session, self._host, self._interceptor) # type: ignore
2292
2293 @property
2294 def update_secret(
2295 self,
2296 ) -> Callable[[service.UpdateSecretRequest], resources.Secret]:
2297 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2298 # In C++ this would require a dynamic_cast
2299 return self._UpdateSecret(self._session, self._host, self._interceptor) # type: ignore
2300
2301 @property
2302 def kind(self) -> str:
2303 return "rest"
2304
2305 def close(self):
2306 self._session.close()
2307
2308
2309__all__ = ("SecretManagerServiceRestTransport",)