Shortcuts on this page
r m x toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# -*- coding: utf-8 -*-
2# Copyright 2024 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15#
17import dataclasses
18import json # type: ignore
19import re
20from typing import Any, Callable, Dict, List, Optional, Sequence, Tuple, Union
21import warnings
23from google.api_core import gapic_v1, path_template, rest_helpers, rest_streaming
24from google.api_core import exceptions as core_exceptions
25from google.api_core import retry as retries
26from google.auth import credentials as ga_credentials # type: ignore
27from google.auth.transport.grpc import SslCredentials # type: ignore
28from google.auth.transport.requests import AuthorizedSession # type: ignore
29from google.protobuf import json_format
30import grpc # type: ignore
31from requests import __version__ as requests_version
33try:
34 OptionalRetry = Union[retries.Retry, gapic_v1.method._MethodDefault, None]
35except AttributeError: # pragma: NO COVER
36 OptionalRetry = Union[retries.Retry, object, None] # type: ignore
39from google.iam.v1 import iam_policy_pb2 # type: ignore
40from google.iam.v1 import policy_pb2 # type: ignore
41from google.protobuf import empty_pb2 # type: ignore
43from google.cloud.secretmanager_v1beta1.types import resources, service
45from .base import DEFAULT_CLIENT_INFO as BASE_DEFAULT_CLIENT_INFO
46from .base import SecretManagerServiceTransport
48DEFAULT_CLIENT_INFO = gapic_v1.client_info.ClientInfo(
49 gapic_version=BASE_DEFAULT_CLIENT_INFO.gapic_version,
50 grpc_version=None,
51 rest_version=requests_version,
52)
55class SecretManagerServiceRestInterceptor:
56 """Interceptor for SecretManagerService.
58 Interceptors are used to manipulate requests, request metadata, and responses
59 in arbitrary ways.
60 Example use cases include:
61 * Logging
62 * Verifying requests according to service or custom semantics
63 * Stripping extraneous information from responses
65 These use cases and more can be enabled by injecting an
66 instance of a custom subclass when constructing the SecretManagerServiceRestTransport.
68 .. code-block:: python
69 class MyCustomSecretManagerServiceInterceptor(SecretManagerServiceRestInterceptor):
70 def pre_access_secret_version(self, request, metadata):
71 logging.log(f"Received request: {request}")
72 return request, metadata
74 def post_access_secret_version(self, response):
75 logging.log(f"Received response: {response}")
76 return response
78 def pre_add_secret_version(self, request, metadata):
79 logging.log(f"Received request: {request}")
80 return request, metadata
82 def post_add_secret_version(self, response):
83 logging.log(f"Received response: {response}")
84 return response
86 def pre_create_secret(self, request, metadata):
87 logging.log(f"Received request: {request}")
88 return request, metadata
90 def post_create_secret(self, response):
91 logging.log(f"Received response: {response}")
92 return response
94 def pre_delete_secret(self, request, metadata):
95 logging.log(f"Received request: {request}")
96 return request, metadata
98 def pre_destroy_secret_version(self, request, metadata):
99 logging.log(f"Received request: {request}")
100 return request, metadata
102 def post_destroy_secret_version(self, response):
103 logging.log(f"Received response: {response}")
104 return response
106 def pre_disable_secret_version(self, request, metadata):
107 logging.log(f"Received request: {request}")
108 return request, metadata
110 def post_disable_secret_version(self, response):
111 logging.log(f"Received response: {response}")
112 return response
114 def pre_enable_secret_version(self, request, metadata):
115 logging.log(f"Received request: {request}")
116 return request, metadata
118 def post_enable_secret_version(self, response):
119 logging.log(f"Received response: {response}")
120 return response
122 def pre_get_iam_policy(self, request, metadata):
123 logging.log(f"Received request: {request}")
124 return request, metadata
126 def post_get_iam_policy(self, response):
127 logging.log(f"Received response: {response}")
128 return response
130 def pre_get_secret(self, request, metadata):
131 logging.log(f"Received request: {request}")
132 return request, metadata
134 def post_get_secret(self, response):
135 logging.log(f"Received response: {response}")
136 return response
138 def pre_get_secret_version(self, request, metadata):
139 logging.log(f"Received request: {request}")
140 return request, metadata
142 def post_get_secret_version(self, response):
143 logging.log(f"Received response: {response}")
144 return response
146 def pre_list_secrets(self, request, metadata):
147 logging.log(f"Received request: {request}")
148 return request, metadata
150 def post_list_secrets(self, response):
151 logging.log(f"Received response: {response}")
152 return response
154 def pre_list_secret_versions(self, request, metadata):
155 logging.log(f"Received request: {request}")
156 return request, metadata
158 def post_list_secret_versions(self, response):
159 logging.log(f"Received response: {response}")
160 return response
162 def pre_set_iam_policy(self, request, metadata):
163 logging.log(f"Received request: {request}")
164 return request, metadata
166 def post_set_iam_policy(self, response):
167 logging.log(f"Received response: {response}")
168 return response
170 def pre_test_iam_permissions(self, request, metadata):
171 logging.log(f"Received request: {request}")
172 return request, metadata
174 def post_test_iam_permissions(self, response):
175 logging.log(f"Received response: {response}")
176 return response
178 def pre_update_secret(self, request, metadata):
179 logging.log(f"Received request: {request}")
180 return request, metadata
182 def post_update_secret(self, response):
183 logging.log(f"Received response: {response}")
184 return response
186 transport = SecretManagerServiceRestTransport(interceptor=MyCustomSecretManagerServiceInterceptor())
187 client = SecretManagerServiceClient(transport=transport)
190 """
192 def pre_access_secret_version(
193 self,
194 request: service.AccessSecretVersionRequest,
195 metadata: Sequence[Tuple[str, str]],
196 ) -> Tuple[service.AccessSecretVersionRequest, Sequence[Tuple[str, str]]]:
197 """Pre-rpc interceptor for access_secret_version
199 Override in a subclass to manipulate the request or metadata
200 before they are sent to the SecretManagerService server.
201 """
202 return request, metadata
204 def post_access_secret_version(
205 self, response: service.AccessSecretVersionResponse
206 ) -> service.AccessSecretVersionResponse:
207 """Post-rpc interceptor for access_secret_version
209 Override in a subclass to manipulate the response
210 after it is returned by the SecretManagerService server but before
211 it is returned to user code.
212 """
213 return response
215 def pre_add_secret_version(
216 self,
217 request: service.AddSecretVersionRequest,
218 metadata: Sequence[Tuple[str, str]],
219 ) -> Tuple[service.AddSecretVersionRequest, Sequence[Tuple[str, str]]]:
220 """Pre-rpc interceptor for add_secret_version
222 Override in a subclass to manipulate the request or metadata
223 before they are sent to the SecretManagerService server.
224 """
225 return request, metadata
227 def post_add_secret_version(
228 self, response: resources.SecretVersion
229 ) -> resources.SecretVersion:
230 """Post-rpc interceptor for add_secret_version
232 Override in a subclass to manipulate the response
233 after it is returned by the SecretManagerService server but before
234 it is returned to user code.
235 """
236 return response
238 def pre_create_secret(
239 self, request: service.CreateSecretRequest, metadata: Sequence[Tuple[str, str]]
240 ) -> Tuple[service.CreateSecretRequest, Sequence[Tuple[str, str]]]:
241 """Pre-rpc interceptor for create_secret
243 Override in a subclass to manipulate the request or metadata
244 before they are sent to the SecretManagerService server.
245 """
246 return request, metadata
248 def post_create_secret(self, response: resources.Secret) -> resources.Secret:
249 """Post-rpc interceptor for create_secret
251 Override in a subclass to manipulate the response
252 after it is returned by the SecretManagerService server but before
253 it is returned to user code.
254 """
255 return response
257 def pre_delete_secret(
258 self, request: service.DeleteSecretRequest, metadata: Sequence[Tuple[str, str]]
259 ) -> Tuple[service.DeleteSecretRequest, Sequence[Tuple[str, str]]]:
260 """Pre-rpc interceptor for delete_secret
262 Override in a subclass to manipulate the request or metadata
263 before they are sent to the SecretManagerService server.
264 """
265 return request, metadata
267 def pre_destroy_secret_version(
268 self,
269 request: service.DestroySecretVersionRequest,
270 metadata: Sequence[Tuple[str, str]],
271 ) -> Tuple[service.DestroySecretVersionRequest, Sequence[Tuple[str, str]]]:
272 """Pre-rpc interceptor for destroy_secret_version
274 Override in a subclass to manipulate the request or metadata
275 before they are sent to the SecretManagerService server.
276 """
277 return request, metadata
279 def post_destroy_secret_version(
280 self, response: resources.SecretVersion
281 ) -> resources.SecretVersion:
282 """Post-rpc interceptor for destroy_secret_version
284 Override in a subclass to manipulate the response
285 after it is returned by the SecretManagerService server but before
286 it is returned to user code.
287 """
288 return response
290 def pre_disable_secret_version(
291 self,
292 request: service.DisableSecretVersionRequest,
293 metadata: Sequence[Tuple[str, str]],
294 ) -> Tuple[service.DisableSecretVersionRequest, Sequence[Tuple[str, str]]]:
295 """Pre-rpc interceptor for disable_secret_version
297 Override in a subclass to manipulate the request or metadata
298 before they are sent to the SecretManagerService server.
299 """
300 return request, metadata
302 def post_disable_secret_version(
303 self, response: resources.SecretVersion
304 ) -> resources.SecretVersion:
305 """Post-rpc interceptor for disable_secret_version
307 Override in a subclass to manipulate the response
308 after it is returned by the SecretManagerService server but before
309 it is returned to user code.
310 """
311 return response
313 def pre_enable_secret_version(
314 self,
315 request: service.EnableSecretVersionRequest,
316 metadata: Sequence[Tuple[str, str]],
317 ) -> Tuple[service.EnableSecretVersionRequest, Sequence[Tuple[str, str]]]:
318 """Pre-rpc interceptor for enable_secret_version
320 Override in a subclass to manipulate the request or metadata
321 before they are sent to the SecretManagerService server.
322 """
323 return request, metadata
325 def post_enable_secret_version(
326 self, response: resources.SecretVersion
327 ) -> resources.SecretVersion:
328 """Post-rpc interceptor for enable_secret_version
330 Override in a subclass to manipulate the response
331 after it is returned by the SecretManagerService server but before
332 it is returned to user code.
333 """
334 return response
336 def pre_get_iam_policy(
337 self,
338 request: iam_policy_pb2.GetIamPolicyRequest,
339 metadata: Sequence[Tuple[str, str]],
340 ) -> Tuple[iam_policy_pb2.GetIamPolicyRequest, Sequence[Tuple[str, str]]]:
341 """Pre-rpc interceptor for get_iam_policy
343 Override in a subclass to manipulate the request or metadata
344 before they are sent to the SecretManagerService server.
345 """
346 return request, metadata
348 def post_get_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy:
349 """Post-rpc interceptor for get_iam_policy
351 Override in a subclass to manipulate the response
352 after it is returned by the SecretManagerService server but before
353 it is returned to user code.
354 """
355 return response
357 def pre_get_secret(
358 self, request: service.GetSecretRequest, metadata: Sequence[Tuple[str, str]]
359 ) -> Tuple[service.GetSecretRequest, Sequence[Tuple[str, str]]]:
360 """Pre-rpc interceptor for get_secret
362 Override in a subclass to manipulate the request or metadata
363 before they are sent to the SecretManagerService server.
364 """
365 return request, metadata
367 def post_get_secret(self, response: resources.Secret) -> resources.Secret:
368 """Post-rpc interceptor for get_secret
370 Override in a subclass to manipulate the response
371 after it is returned by the SecretManagerService server but before
372 it is returned to user code.
373 """
374 return response
376 def pre_get_secret_version(
377 self,
378 request: service.GetSecretVersionRequest,
379 metadata: Sequence[Tuple[str, str]],
380 ) -> Tuple[service.GetSecretVersionRequest, Sequence[Tuple[str, str]]]:
381 """Pre-rpc interceptor for get_secret_version
383 Override in a subclass to manipulate the request or metadata
384 before they are sent to the SecretManagerService server.
385 """
386 return request, metadata
388 def post_get_secret_version(
389 self, response: resources.SecretVersion
390 ) -> resources.SecretVersion:
391 """Post-rpc interceptor for get_secret_version
393 Override in a subclass to manipulate the response
394 after it is returned by the SecretManagerService server but before
395 it is returned to user code.
396 """
397 return response
399 def pre_list_secrets(
400 self, request: service.ListSecretsRequest, metadata: Sequence[Tuple[str, str]]
401 ) -> Tuple[service.ListSecretsRequest, Sequence[Tuple[str, str]]]:
402 """Pre-rpc interceptor for list_secrets
404 Override in a subclass to manipulate the request or metadata
405 before they are sent to the SecretManagerService server.
406 """
407 return request, metadata
409 def post_list_secrets(
410 self, response: service.ListSecretsResponse
411 ) -> service.ListSecretsResponse:
412 """Post-rpc interceptor for list_secrets
414 Override in a subclass to manipulate the response
415 after it is returned by the SecretManagerService server but before
416 it is returned to user code.
417 """
418 return response
420 def pre_list_secret_versions(
421 self,
422 request: service.ListSecretVersionsRequest,
423 metadata: Sequence[Tuple[str, str]],
424 ) -> Tuple[service.ListSecretVersionsRequest, Sequence[Tuple[str, str]]]:
425 """Pre-rpc interceptor for list_secret_versions
427 Override in a subclass to manipulate the request or metadata
428 before they are sent to the SecretManagerService server.
429 """
430 return request, metadata
432 def post_list_secret_versions(
433 self, response: service.ListSecretVersionsResponse
434 ) -> service.ListSecretVersionsResponse:
435 """Post-rpc interceptor for list_secret_versions
437 Override in a subclass to manipulate the response
438 after it is returned by the SecretManagerService server but before
439 it is returned to user code.
440 """
441 return response
443 def pre_set_iam_policy(
444 self,
445 request: iam_policy_pb2.SetIamPolicyRequest,
446 metadata: Sequence[Tuple[str, str]],
447 ) -> Tuple[iam_policy_pb2.SetIamPolicyRequest, Sequence[Tuple[str, str]]]:
448 """Pre-rpc interceptor for set_iam_policy
450 Override in a subclass to manipulate the request or metadata
451 before they are sent to the SecretManagerService server.
452 """
453 return request, metadata
455 def post_set_iam_policy(self, response: policy_pb2.Policy) -> policy_pb2.Policy:
456 """Post-rpc interceptor for set_iam_policy
458 Override in a subclass to manipulate the response
459 after it is returned by the SecretManagerService server but before
460 it is returned to user code.
461 """
462 return response
464 def pre_test_iam_permissions(
465 self,
466 request: iam_policy_pb2.TestIamPermissionsRequest,
467 metadata: Sequence[Tuple[str, str]],
468 ) -> Tuple[iam_policy_pb2.TestIamPermissionsRequest, Sequence[Tuple[str, str]]]:
469 """Pre-rpc interceptor for test_iam_permissions
471 Override in a subclass to manipulate the request or metadata
472 before they are sent to the SecretManagerService server.
473 """
474 return request, metadata
476 def post_test_iam_permissions(
477 self, response: iam_policy_pb2.TestIamPermissionsResponse
478 ) -> iam_policy_pb2.TestIamPermissionsResponse:
479 """Post-rpc interceptor for test_iam_permissions
481 Override in a subclass to manipulate the response
482 after it is returned by the SecretManagerService server but before
483 it is returned to user code.
484 """
485 return response
487 def pre_update_secret(
488 self, request: service.UpdateSecretRequest, metadata: Sequence[Tuple[str, str]]
489 ) -> Tuple[service.UpdateSecretRequest, Sequence[Tuple[str, str]]]:
490 """Pre-rpc interceptor for update_secret
492 Override in a subclass to manipulate the request or metadata
493 before they are sent to the SecretManagerService server.
494 """
495 return request, metadata
497 def post_update_secret(self, response: resources.Secret) -> resources.Secret:
498 """Post-rpc interceptor for update_secret
500 Override in a subclass to manipulate the response
501 after it is returned by the SecretManagerService server but before
502 it is returned to user code.
503 """
504 return response
507@dataclasses.dataclass
508class SecretManagerServiceRestStub:
509 _session: AuthorizedSession
510 _host: str
511 _interceptor: SecretManagerServiceRestInterceptor
514class SecretManagerServiceRestTransport(SecretManagerServiceTransport):
515 """REST backend transport for SecretManagerService.
517 Secret Manager Service
519 Manages secrets and operations using those secrets. Implements a
520 REST model with the following objects:
522 - [Secret][google.cloud.secrets.v1beta1.Secret]
523 - [SecretVersion][google.cloud.secrets.v1beta1.SecretVersion]
525 This class defines the same methods as the primary client, so the
526 primary client can load the underlying transport implementation
527 and call it.
529 It sends JSON representations of protocol buffers over HTTP/1.1
531 """
533 def __init__(
534 self,
535 *,
536 host: str = "secretmanager.googleapis.com",
537 credentials: Optional[ga_credentials.Credentials] = None,
538 credentials_file: Optional[str] = None,
539 scopes: Optional[Sequence[str]] = None,
540 client_cert_source_for_mtls: Optional[Callable[[], Tuple[bytes, bytes]]] = None,
541 quota_project_id: Optional[str] = None,
542 client_info: gapic_v1.client_info.ClientInfo = DEFAULT_CLIENT_INFO,
543 always_use_jwt_access: Optional[bool] = False,
544 url_scheme: str = "https",
545 interceptor: Optional[SecretManagerServiceRestInterceptor] = None,
546 api_audience: Optional[str] = None,
547 ) -> None:
548 """Instantiate the transport.
550 Args:
551 host (Optional[str]):
552 The hostname to connect to (default: 'secretmanager.googleapis.com').
553 credentials (Optional[google.auth.credentials.Credentials]): The
554 authorization credentials to attach to requests. These
555 credentials identify the application to the service; if none
556 are specified, the client will attempt to ascertain the
557 credentials from the environment.
559 credentials_file (Optional[str]): A file with credentials that can
560 be loaded with :func:`google.auth.load_credentials_from_file`.
561 This argument is ignored if ``channel`` is provided.
562 scopes (Optional(Sequence[str])): A list of scopes. This argument is
563 ignored if ``channel`` is provided.
564 client_cert_source_for_mtls (Callable[[], Tuple[bytes, bytes]]): Client
565 certificate to configure mutual TLS HTTP channel. It is ignored
566 if ``channel`` is provided.
567 quota_project_id (Optional[str]): An optional project to use for billing
568 and quota.
569 client_info (google.api_core.gapic_v1.client_info.ClientInfo):
570 The client info used to send a user-agent string along with
571 API requests. If ``None``, then default info will be used.
572 Generally, you only need to set this if you are developing
573 your own client library.
574 always_use_jwt_access (Optional[bool]): Whether self signed JWT should
575 be used for service account credentials.
576 url_scheme: the protocol scheme for the API endpoint. Normally
577 "https", but for testing or local servers,
578 "http" can be specified.
579 """
580 # Run the base constructor
581 # TODO(yon-mg): resolve other ctor params i.e. scopes, quota, etc.
582 # TODO: When custom host (api_endpoint) is set, `scopes` must *also* be set on the
583 # credentials object
584 maybe_url_match = re.match("^(?P<scheme>http(?:s)?://)?(?P<host>.*)$", host)
585 if maybe_url_match is None:
586 raise ValueError(
587 f"Unexpected hostname structure: {host}"
588 ) # pragma: NO COVER
590 url_match_items = maybe_url_match.groupdict()
592 host = f"{url_scheme}://{host}" if not url_match_items["scheme"] else host
594 super().__init__(
595 host=host,
596 credentials=credentials,
597 client_info=client_info,
598 always_use_jwt_access=always_use_jwt_access,
599 api_audience=api_audience,
600 )
601 self._session = AuthorizedSession(
602 self._credentials, default_host=self.DEFAULT_HOST
603 )
604 if client_cert_source_for_mtls:
605 self._session.configure_mtls_channel(client_cert_source_for_mtls)
606 self._interceptor = interceptor or SecretManagerServiceRestInterceptor()
607 self._prep_wrapped_messages(client_info)
609 class _AccessSecretVersion(SecretManagerServiceRestStub):
610 def __hash__(self):
611 return hash("AccessSecretVersion")
613 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
615 @classmethod
616 def _get_unset_required_fields(cls, message_dict):
617 return {
618 k: v
619 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
620 if k not in message_dict
621 }
623 def __call__(
624 self,
625 request: service.AccessSecretVersionRequest,
626 *,
627 retry: OptionalRetry = gapic_v1.method.DEFAULT,
628 timeout: Optional[float] = None,
629 metadata: Sequence[Tuple[str, str]] = (),
630 ) -> service.AccessSecretVersionResponse:
631 r"""Call the access secret version method over HTTP.
633 Args:
634 request (~.service.AccessSecretVersionRequest):
635 The request object. Request message for
636 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion].
637 retry (google.api_core.retry.Retry): Designation of what errors, if any,
638 should be retried.
639 timeout (float): The timeout for this request.
640 metadata (Sequence[Tuple[str, str]]): Strings which should be
641 sent along with the request as metadata.
643 Returns:
644 ~.service.AccessSecretVersionResponse:
645 Response message for
646 [SecretManagerService.AccessSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AccessSecretVersion].
648 """
650 http_options: List[Dict[str, str]] = [
651 {
652 "method": "get",
653 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}:access",
654 },
655 ]
656 request, metadata = self._interceptor.pre_access_secret_version(
657 request, metadata
658 )
659 pb_request = service.AccessSecretVersionRequest.pb(request)
660 transcoded_request = path_template.transcode(http_options, pb_request)
662 uri = transcoded_request["uri"]
663 method = transcoded_request["method"]
665 # Jsonify the query params
666 query_params = json.loads(
667 json_format.MessageToJson(
668 transcoded_request["query_params"],
669 use_integers_for_enums=True,
670 )
671 )
672 query_params.update(self._get_unset_required_fields(query_params))
674 query_params["$alt"] = "json;enum-encoding=int"
676 # Send the request
677 headers = dict(metadata)
678 headers["Content-Type"] = "application/json"
679 response = getattr(self._session, method)(
680 "{host}{uri}".format(host=self._host, uri=uri),
681 timeout=timeout,
682 headers=headers,
683 params=rest_helpers.flatten_query_params(query_params, strict=True),
684 )
686 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
687 # subclass.
688 if response.status_code >= 400:
689 raise core_exceptions.from_http_response(response)
691 # Return the response
692 resp = service.AccessSecretVersionResponse()
693 pb_resp = service.AccessSecretVersionResponse.pb(resp)
695 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
696 resp = self._interceptor.post_access_secret_version(resp)
697 return resp
699 class _AddSecretVersion(SecretManagerServiceRestStub):
700 def __hash__(self):
701 return hash("AddSecretVersion")
703 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
705 @classmethod
706 def _get_unset_required_fields(cls, message_dict):
707 return {
708 k: v
709 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
710 if k not in message_dict
711 }
713 def __call__(
714 self,
715 request: service.AddSecretVersionRequest,
716 *,
717 retry: OptionalRetry = gapic_v1.method.DEFAULT,
718 timeout: Optional[float] = None,
719 metadata: Sequence[Tuple[str, str]] = (),
720 ) -> resources.SecretVersion:
721 r"""Call the add secret version method over HTTP.
723 Args:
724 request (~.service.AddSecretVersionRequest):
725 The request object. Request message for
726 [SecretManagerService.AddSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.AddSecretVersion].
727 retry (google.api_core.retry.Retry): Designation of what errors, if any,
728 should be retried.
729 timeout (float): The timeout for this request.
730 metadata (Sequence[Tuple[str, str]]): Strings which should be
731 sent along with the request as metadata.
733 Returns:
734 ~.resources.SecretVersion:
735 A secret version resource in the
736 Secret Manager API.
738 """
740 http_options: List[Dict[str, str]] = [
741 {
742 "method": "post",
743 "uri": "/v1beta1/{parent=projects/*/secrets/*}:addVersion",
744 "body": "*",
745 },
746 ]
747 request, metadata = self._interceptor.pre_add_secret_version(
748 request, metadata
749 )
750 pb_request = service.AddSecretVersionRequest.pb(request)
751 transcoded_request = path_template.transcode(http_options, pb_request)
753 # Jsonify the request body
755 body = json_format.MessageToJson(
756 transcoded_request["body"], use_integers_for_enums=True
757 )
758 uri = transcoded_request["uri"]
759 method = transcoded_request["method"]
761 # Jsonify the query params
762 query_params = json.loads(
763 json_format.MessageToJson(
764 transcoded_request["query_params"],
765 use_integers_for_enums=True,
766 )
767 )
768 query_params.update(self._get_unset_required_fields(query_params))
770 query_params["$alt"] = "json;enum-encoding=int"
772 # Send the request
773 headers = dict(metadata)
774 headers["Content-Type"] = "application/json"
775 response = getattr(self._session, method)(
776 "{host}{uri}".format(host=self._host, uri=uri),
777 timeout=timeout,
778 headers=headers,
779 params=rest_helpers.flatten_query_params(query_params, strict=True),
780 data=body,
781 )
783 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
784 # subclass.
785 if response.status_code >= 400:
786 raise core_exceptions.from_http_response(response)
788 # Return the response
789 resp = resources.SecretVersion()
790 pb_resp = resources.SecretVersion.pb(resp)
792 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
793 resp = self._interceptor.post_add_secret_version(resp)
794 return resp
796 class _CreateSecret(SecretManagerServiceRestStub):
797 def __hash__(self):
798 return hash("CreateSecret")
800 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {
801 "secretId": "",
802 }
804 @classmethod
805 def _get_unset_required_fields(cls, message_dict):
806 return {
807 k: v
808 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
809 if k not in message_dict
810 }
812 def __call__(
813 self,
814 request: service.CreateSecretRequest,
815 *,
816 retry: OptionalRetry = gapic_v1.method.DEFAULT,
817 timeout: Optional[float] = None,
818 metadata: Sequence[Tuple[str, str]] = (),
819 ) -> resources.Secret:
820 r"""Call the create secret method over HTTP.
822 Args:
823 request (~.service.CreateSecretRequest):
824 The request object. Request message for
825 [SecretManagerService.CreateSecret][google.cloud.secrets.v1beta1.SecretManagerService.CreateSecret].
826 retry (google.api_core.retry.Retry): Designation of what errors, if any,
827 should be retried.
828 timeout (float): The timeout for this request.
829 metadata (Sequence[Tuple[str, str]]): Strings which should be
830 sent along with the request as metadata.
832 Returns:
833 ~.resources.Secret:
834 A [Secret][google.cloud.secrets.v1beta1.Secret] is a
835 logical secret whose value and versions can be accessed.
837 A [Secret][google.cloud.secrets.v1beta1.Secret] is made
838 up of zero or more
839 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
840 that represent the secret data.
842 """
844 http_options: List[Dict[str, str]] = [
845 {
846 "method": "post",
847 "uri": "/v1beta1/{parent=projects/*}/secrets",
848 "body": "secret",
849 },
850 ]
851 request, metadata = self._interceptor.pre_create_secret(request, metadata)
852 pb_request = service.CreateSecretRequest.pb(request)
853 transcoded_request = path_template.transcode(http_options, pb_request)
855 # Jsonify the request body
857 body = json_format.MessageToJson(
858 transcoded_request["body"], use_integers_for_enums=True
859 )
860 uri = transcoded_request["uri"]
861 method = transcoded_request["method"]
863 # Jsonify the query params
864 query_params = json.loads(
865 json_format.MessageToJson(
866 transcoded_request["query_params"],
867 use_integers_for_enums=True,
868 )
869 )
870 query_params.update(self._get_unset_required_fields(query_params))
872 query_params["$alt"] = "json;enum-encoding=int"
874 # Send the request
875 headers = dict(metadata)
876 headers["Content-Type"] = "application/json"
877 response = getattr(self._session, method)(
878 "{host}{uri}".format(host=self._host, uri=uri),
879 timeout=timeout,
880 headers=headers,
881 params=rest_helpers.flatten_query_params(query_params, strict=True),
882 data=body,
883 )
885 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
886 # subclass.
887 if response.status_code >= 400:
888 raise core_exceptions.from_http_response(response)
890 # Return the response
891 resp = resources.Secret()
892 pb_resp = resources.Secret.pb(resp)
894 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
895 resp = self._interceptor.post_create_secret(resp)
896 return resp
898 class _DeleteSecret(SecretManagerServiceRestStub):
899 def __hash__(self):
900 return hash("DeleteSecret")
902 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
904 @classmethod
905 def _get_unset_required_fields(cls, message_dict):
906 return {
907 k: v
908 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
909 if k not in message_dict
910 }
912 def __call__(
913 self,
914 request: service.DeleteSecretRequest,
915 *,
916 retry: OptionalRetry = gapic_v1.method.DEFAULT,
917 timeout: Optional[float] = None,
918 metadata: Sequence[Tuple[str, str]] = (),
919 ):
920 r"""Call the delete secret method over HTTP.
922 Args:
923 request (~.service.DeleteSecretRequest):
924 The request object. Request message for
925 [SecretManagerService.DeleteSecret][google.cloud.secrets.v1beta1.SecretManagerService.DeleteSecret].
926 retry (google.api_core.retry.Retry): Designation of what errors, if any,
927 should be retried.
928 timeout (float): The timeout for this request.
929 metadata (Sequence[Tuple[str, str]]): Strings which should be
930 sent along with the request as metadata.
931 """
933 http_options: List[Dict[str, str]] = [
934 {
935 "method": "delete",
936 "uri": "/v1beta1/{name=projects/*/secrets/*}",
937 },
938 ]
939 request, metadata = self._interceptor.pre_delete_secret(request, metadata)
940 pb_request = service.DeleteSecretRequest.pb(request)
941 transcoded_request = path_template.transcode(http_options, pb_request)
943 uri = transcoded_request["uri"]
944 method = transcoded_request["method"]
946 # Jsonify the query params
947 query_params = json.loads(
948 json_format.MessageToJson(
949 transcoded_request["query_params"],
950 use_integers_for_enums=True,
951 )
952 )
953 query_params.update(self._get_unset_required_fields(query_params))
955 query_params["$alt"] = "json;enum-encoding=int"
957 # Send the request
958 headers = dict(metadata)
959 headers["Content-Type"] = "application/json"
960 response = getattr(self._session, method)(
961 "{host}{uri}".format(host=self._host, uri=uri),
962 timeout=timeout,
963 headers=headers,
964 params=rest_helpers.flatten_query_params(query_params, strict=True),
965 )
967 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
968 # subclass.
969 if response.status_code >= 400:
970 raise core_exceptions.from_http_response(response)
972 class _DestroySecretVersion(SecretManagerServiceRestStub):
973 def __hash__(self):
974 return hash("DestroySecretVersion")
976 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
978 @classmethod
979 def _get_unset_required_fields(cls, message_dict):
980 return {
981 k: v
982 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
983 if k not in message_dict
984 }
986 def __call__(
987 self,
988 request: service.DestroySecretVersionRequest,
989 *,
990 retry: OptionalRetry = gapic_v1.method.DEFAULT,
991 timeout: Optional[float] = None,
992 metadata: Sequence[Tuple[str, str]] = (),
993 ) -> resources.SecretVersion:
994 r"""Call the destroy secret version method over HTTP.
996 Args:
997 request (~.service.DestroySecretVersionRequest):
998 The request object. Request message for
999 [SecretManagerService.DestroySecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DestroySecretVersion].
1000 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1001 should be retried.
1002 timeout (float): The timeout for this request.
1003 metadata (Sequence[Tuple[str, str]]): Strings which should be
1004 sent along with the request as metadata.
1006 Returns:
1007 ~.resources.SecretVersion:
1008 A secret version resource in the
1009 Secret Manager API.
1011 """
1013 http_options: List[Dict[str, str]] = [
1014 {
1015 "method": "post",
1016 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}:destroy",
1017 "body": "*",
1018 },
1019 ]
1020 request, metadata = self._interceptor.pre_destroy_secret_version(
1021 request, metadata
1022 )
1023 pb_request = service.DestroySecretVersionRequest.pb(request)
1024 transcoded_request = path_template.transcode(http_options, pb_request)
1026 # Jsonify the request body
1028 body = json_format.MessageToJson(
1029 transcoded_request["body"], use_integers_for_enums=True
1030 )
1031 uri = transcoded_request["uri"]
1032 method = transcoded_request["method"]
1034 # Jsonify the query params
1035 query_params = json.loads(
1036 json_format.MessageToJson(
1037 transcoded_request["query_params"],
1038 use_integers_for_enums=True,
1039 )
1040 )
1041 query_params.update(self._get_unset_required_fields(query_params))
1043 query_params["$alt"] = "json;enum-encoding=int"
1045 # Send the request
1046 headers = dict(metadata)
1047 headers["Content-Type"] = "application/json"
1048 response = getattr(self._session, method)(
1049 "{host}{uri}".format(host=self._host, uri=uri),
1050 timeout=timeout,
1051 headers=headers,
1052 params=rest_helpers.flatten_query_params(query_params, strict=True),
1053 data=body,
1054 )
1056 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1057 # subclass.
1058 if response.status_code >= 400:
1059 raise core_exceptions.from_http_response(response)
1061 # Return the response
1062 resp = resources.SecretVersion()
1063 pb_resp = resources.SecretVersion.pb(resp)
1065 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1066 resp = self._interceptor.post_destroy_secret_version(resp)
1067 return resp
1069 class _DisableSecretVersion(SecretManagerServiceRestStub):
1070 def __hash__(self):
1071 return hash("DisableSecretVersion")
1073 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1075 @classmethod
1076 def _get_unset_required_fields(cls, message_dict):
1077 return {
1078 k: v
1079 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1080 if k not in message_dict
1081 }
1083 def __call__(
1084 self,
1085 request: service.DisableSecretVersionRequest,
1086 *,
1087 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1088 timeout: Optional[float] = None,
1089 metadata: Sequence[Tuple[str, str]] = (),
1090 ) -> resources.SecretVersion:
1091 r"""Call the disable secret version method over HTTP.
1093 Args:
1094 request (~.service.DisableSecretVersionRequest):
1095 The request object. Request message for
1096 [SecretManagerService.DisableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.DisableSecretVersion].
1097 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1098 should be retried.
1099 timeout (float): The timeout for this request.
1100 metadata (Sequence[Tuple[str, str]]): Strings which should be
1101 sent along with the request as metadata.
1103 Returns:
1104 ~.resources.SecretVersion:
1105 A secret version resource in the
1106 Secret Manager API.
1108 """
1110 http_options: List[Dict[str, str]] = [
1111 {
1112 "method": "post",
1113 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}:disable",
1114 "body": "*",
1115 },
1116 ]
1117 request, metadata = self._interceptor.pre_disable_secret_version(
1118 request, metadata
1119 )
1120 pb_request = service.DisableSecretVersionRequest.pb(request)
1121 transcoded_request = path_template.transcode(http_options, pb_request)
1123 # Jsonify the request body
1125 body = json_format.MessageToJson(
1126 transcoded_request["body"], use_integers_for_enums=True
1127 )
1128 uri = transcoded_request["uri"]
1129 method = transcoded_request["method"]
1131 # Jsonify the query params
1132 query_params = json.loads(
1133 json_format.MessageToJson(
1134 transcoded_request["query_params"],
1135 use_integers_for_enums=True,
1136 )
1137 )
1138 query_params.update(self._get_unset_required_fields(query_params))
1140 query_params["$alt"] = "json;enum-encoding=int"
1142 # Send the request
1143 headers = dict(metadata)
1144 headers["Content-Type"] = "application/json"
1145 response = getattr(self._session, method)(
1146 "{host}{uri}".format(host=self._host, uri=uri),
1147 timeout=timeout,
1148 headers=headers,
1149 params=rest_helpers.flatten_query_params(query_params, strict=True),
1150 data=body,
1151 )
1153 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1154 # subclass.
1155 if response.status_code >= 400:
1156 raise core_exceptions.from_http_response(response)
1158 # Return the response
1159 resp = resources.SecretVersion()
1160 pb_resp = resources.SecretVersion.pb(resp)
1162 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1163 resp = self._interceptor.post_disable_secret_version(resp)
1164 return resp
1166 class _EnableSecretVersion(SecretManagerServiceRestStub):
1167 def __hash__(self):
1168 return hash("EnableSecretVersion")
1170 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1172 @classmethod
1173 def _get_unset_required_fields(cls, message_dict):
1174 return {
1175 k: v
1176 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1177 if k not in message_dict
1178 }
1180 def __call__(
1181 self,
1182 request: service.EnableSecretVersionRequest,
1183 *,
1184 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1185 timeout: Optional[float] = None,
1186 metadata: Sequence[Tuple[str, str]] = (),
1187 ) -> resources.SecretVersion:
1188 r"""Call the enable secret version method over HTTP.
1190 Args:
1191 request (~.service.EnableSecretVersionRequest):
1192 The request object. Request message for
1193 [SecretManagerService.EnableSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.EnableSecretVersion].
1194 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1195 should be retried.
1196 timeout (float): The timeout for this request.
1197 metadata (Sequence[Tuple[str, str]]): Strings which should be
1198 sent along with the request as metadata.
1200 Returns:
1201 ~.resources.SecretVersion:
1202 A secret version resource in the
1203 Secret Manager API.
1205 """
1207 http_options: List[Dict[str, str]] = [
1208 {
1209 "method": "post",
1210 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}:enable",
1211 "body": "*",
1212 },
1213 ]
1214 request, metadata = self._interceptor.pre_enable_secret_version(
1215 request, metadata
1216 )
1217 pb_request = service.EnableSecretVersionRequest.pb(request)
1218 transcoded_request = path_template.transcode(http_options, pb_request)
1220 # Jsonify the request body
1222 body = json_format.MessageToJson(
1223 transcoded_request["body"], use_integers_for_enums=True
1224 )
1225 uri = transcoded_request["uri"]
1226 method = transcoded_request["method"]
1228 # Jsonify the query params
1229 query_params = json.loads(
1230 json_format.MessageToJson(
1231 transcoded_request["query_params"],
1232 use_integers_for_enums=True,
1233 )
1234 )
1235 query_params.update(self._get_unset_required_fields(query_params))
1237 query_params["$alt"] = "json;enum-encoding=int"
1239 # Send the request
1240 headers = dict(metadata)
1241 headers["Content-Type"] = "application/json"
1242 response = getattr(self._session, method)(
1243 "{host}{uri}".format(host=self._host, uri=uri),
1244 timeout=timeout,
1245 headers=headers,
1246 params=rest_helpers.flatten_query_params(query_params, strict=True),
1247 data=body,
1248 )
1250 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1251 # subclass.
1252 if response.status_code >= 400:
1253 raise core_exceptions.from_http_response(response)
1255 # Return the response
1256 resp = resources.SecretVersion()
1257 pb_resp = resources.SecretVersion.pb(resp)
1259 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1260 resp = self._interceptor.post_enable_secret_version(resp)
1261 return resp
1263 class _GetIamPolicy(SecretManagerServiceRestStub):
1264 def __hash__(self):
1265 return hash("GetIamPolicy")
1267 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1269 @classmethod
1270 def _get_unset_required_fields(cls, message_dict):
1271 return {
1272 k: v
1273 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1274 if k not in message_dict
1275 }
1277 def __call__(
1278 self,
1279 request: iam_policy_pb2.GetIamPolicyRequest,
1280 *,
1281 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1282 timeout: Optional[float] = None,
1283 metadata: Sequence[Tuple[str, str]] = (),
1284 ) -> policy_pb2.Policy:
1285 r"""Call the get iam policy method over HTTP.
1287 Args:
1288 request (~.iam_policy_pb2.GetIamPolicyRequest):
1289 The request object. Request message for ``GetIamPolicy`` method.
1290 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1291 should be retried.
1292 timeout (float): The timeout for this request.
1293 metadata (Sequence[Tuple[str, str]]): Strings which should be
1294 sent along with the request as metadata.
1296 Returns:
1297 ~.policy_pb2.Policy:
1298 An Identity and Access Management (IAM) policy, which
1299 specifies access controls for Google Cloud resources.
1301 A ``Policy`` is a collection of ``bindings``. A
1302 ``binding`` binds one or more ``members``, or
1303 principals, to a single ``role``. Principals can be user
1304 accounts, service accounts, Google groups, and domains
1305 (such as G Suite). A ``role`` is a named list of
1306 permissions; each ``role`` can be an IAM predefined role
1307 or a user-created custom role.
1309 For some types of Google Cloud resources, a ``binding``
1310 can also specify a ``condition``, which is a logical
1311 expression that allows access to a resource only if the
1312 expression evaluates to ``true``. A condition can add
1313 constraints based on attributes of the request, the
1314 resource, or both. To learn which resources support
1315 conditions in their IAM policies, see the `IAM
1316 documentation <https://cloud.google.com/iam/help/conditions/resource-policies>`__.
1318 **JSON example:**
1320 ::
1322 {
1323 "bindings": [
1324 {
1325 "role": "roles/resourcemanager.organizationAdmin",
1326 "members": [
1327 "user:mike@example.com",
1328 "group:admins@example.com",
1329 "domain:google.com",
1330 "serviceAccount:my-project-id@appspot.gserviceaccount.com"
1331 ]
1332 },
1333 {
1334 "role": "roles/resourcemanager.organizationViewer",
1335 "members": [
1336 "user:eve@example.com"
1337 ],
1338 "condition": {
1339 "title": "expirable access",
1340 "description": "Does not grant access after Sep 2020",
1341 "expression": "request.time <
1342 timestamp('2020-10-01T00:00:00.000Z')",
1343 }
1344 }
1345 ],
1346 "etag": "BwWWja0YfJA=",
1347 "version": 3
1348 }
1350 **YAML example:**
1352 ::
1354 bindings:
1355 - members:
1356 - user:mike@example.com
1357 - group:admins@example.com
1358 - domain:google.com
1359 - serviceAccount:my-project-id@appspot.gserviceaccount.com
1360 role: roles/resourcemanager.organizationAdmin
1361 - members:
1362 - user:eve@example.com
1363 role: roles/resourcemanager.organizationViewer
1364 condition:
1365 title: expirable access
1366 description: Does not grant access after Sep 2020
1367 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
1368 etag: BwWWja0YfJA=
1369 version: 3
1371 For a description of IAM and its features, see the `IAM
1372 documentation <https://cloud.google.com/iam/docs/>`__.
1374 """
1376 http_options: List[Dict[str, str]] = [
1377 {
1378 "method": "get",
1379 "uri": "/v1beta1/{resource=projects/*/secrets/*}:getIamPolicy",
1380 },
1381 ]
1382 request, metadata = self._interceptor.pre_get_iam_policy(request, metadata)
1383 pb_request = request
1384 transcoded_request = path_template.transcode(http_options, pb_request)
1386 uri = transcoded_request["uri"]
1387 method = transcoded_request["method"]
1389 # Jsonify the query params
1390 query_params = json.loads(
1391 json_format.MessageToJson(
1392 transcoded_request["query_params"],
1393 use_integers_for_enums=True,
1394 )
1395 )
1396 query_params.update(self._get_unset_required_fields(query_params))
1398 query_params["$alt"] = "json;enum-encoding=int"
1400 # Send the request
1401 headers = dict(metadata)
1402 headers["Content-Type"] = "application/json"
1403 response = getattr(self._session, method)(
1404 "{host}{uri}".format(host=self._host, uri=uri),
1405 timeout=timeout,
1406 headers=headers,
1407 params=rest_helpers.flatten_query_params(query_params, strict=True),
1408 )
1410 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1411 # subclass.
1412 if response.status_code >= 400:
1413 raise core_exceptions.from_http_response(response)
1415 # Return the response
1416 resp = policy_pb2.Policy()
1417 pb_resp = resp
1419 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1420 resp = self._interceptor.post_get_iam_policy(resp)
1421 return resp
1423 class _GetSecret(SecretManagerServiceRestStub):
1424 def __hash__(self):
1425 return hash("GetSecret")
1427 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1429 @classmethod
1430 def _get_unset_required_fields(cls, message_dict):
1431 return {
1432 k: v
1433 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1434 if k not in message_dict
1435 }
1437 def __call__(
1438 self,
1439 request: service.GetSecretRequest,
1440 *,
1441 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1442 timeout: Optional[float] = None,
1443 metadata: Sequence[Tuple[str, str]] = (),
1444 ) -> resources.Secret:
1445 r"""Call the get secret method over HTTP.
1447 Args:
1448 request (~.service.GetSecretRequest):
1449 The request object. Request message for
1450 [SecretManagerService.GetSecret][google.cloud.secrets.v1beta1.SecretManagerService.GetSecret].
1451 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1452 should be retried.
1453 timeout (float): The timeout for this request.
1454 metadata (Sequence[Tuple[str, str]]): Strings which should be
1455 sent along with the request as metadata.
1457 Returns:
1458 ~.resources.Secret:
1459 A [Secret][google.cloud.secrets.v1beta1.Secret] is a
1460 logical secret whose value and versions can be accessed.
1462 A [Secret][google.cloud.secrets.v1beta1.Secret] is made
1463 up of zero or more
1464 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
1465 that represent the secret data.
1467 """
1469 http_options: List[Dict[str, str]] = [
1470 {
1471 "method": "get",
1472 "uri": "/v1beta1/{name=projects/*/secrets/*}",
1473 },
1474 ]
1475 request, metadata = self._interceptor.pre_get_secret(request, metadata)
1476 pb_request = service.GetSecretRequest.pb(request)
1477 transcoded_request = path_template.transcode(http_options, pb_request)
1479 uri = transcoded_request["uri"]
1480 method = transcoded_request["method"]
1482 # Jsonify the query params
1483 query_params = json.loads(
1484 json_format.MessageToJson(
1485 transcoded_request["query_params"],
1486 use_integers_for_enums=True,
1487 )
1488 )
1489 query_params.update(self._get_unset_required_fields(query_params))
1491 query_params["$alt"] = "json;enum-encoding=int"
1493 # Send the request
1494 headers = dict(metadata)
1495 headers["Content-Type"] = "application/json"
1496 response = getattr(self._session, method)(
1497 "{host}{uri}".format(host=self._host, uri=uri),
1498 timeout=timeout,
1499 headers=headers,
1500 params=rest_helpers.flatten_query_params(query_params, strict=True),
1501 )
1503 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1504 # subclass.
1505 if response.status_code >= 400:
1506 raise core_exceptions.from_http_response(response)
1508 # Return the response
1509 resp = resources.Secret()
1510 pb_resp = resources.Secret.pb(resp)
1512 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1513 resp = self._interceptor.post_get_secret(resp)
1514 return resp
1516 class _GetSecretVersion(SecretManagerServiceRestStub):
1517 def __hash__(self):
1518 return hash("GetSecretVersion")
1520 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1522 @classmethod
1523 def _get_unset_required_fields(cls, message_dict):
1524 return {
1525 k: v
1526 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1527 if k not in message_dict
1528 }
1530 def __call__(
1531 self,
1532 request: service.GetSecretVersionRequest,
1533 *,
1534 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1535 timeout: Optional[float] = None,
1536 metadata: Sequence[Tuple[str, str]] = (),
1537 ) -> resources.SecretVersion:
1538 r"""Call the get secret version method over HTTP.
1540 Args:
1541 request (~.service.GetSecretVersionRequest):
1542 The request object. Request message for
1543 [SecretManagerService.GetSecretVersion][google.cloud.secrets.v1beta1.SecretManagerService.GetSecretVersion].
1544 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1545 should be retried.
1546 timeout (float): The timeout for this request.
1547 metadata (Sequence[Tuple[str, str]]): Strings which should be
1548 sent along with the request as metadata.
1550 Returns:
1551 ~.resources.SecretVersion:
1552 A secret version resource in the
1553 Secret Manager API.
1555 """
1557 http_options: List[Dict[str, str]] = [
1558 {
1559 "method": "get",
1560 "uri": "/v1beta1/{name=projects/*/secrets/*/versions/*}",
1561 },
1562 ]
1563 request, metadata = self._interceptor.pre_get_secret_version(
1564 request, metadata
1565 )
1566 pb_request = service.GetSecretVersionRequest.pb(request)
1567 transcoded_request = path_template.transcode(http_options, pb_request)
1569 uri = transcoded_request["uri"]
1570 method = transcoded_request["method"]
1572 # Jsonify the query params
1573 query_params = json.loads(
1574 json_format.MessageToJson(
1575 transcoded_request["query_params"],
1576 use_integers_for_enums=True,
1577 )
1578 )
1579 query_params.update(self._get_unset_required_fields(query_params))
1581 query_params["$alt"] = "json;enum-encoding=int"
1583 # Send the request
1584 headers = dict(metadata)
1585 headers["Content-Type"] = "application/json"
1586 response = getattr(self._session, method)(
1587 "{host}{uri}".format(host=self._host, uri=uri),
1588 timeout=timeout,
1589 headers=headers,
1590 params=rest_helpers.flatten_query_params(query_params, strict=True),
1591 )
1593 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1594 # subclass.
1595 if response.status_code >= 400:
1596 raise core_exceptions.from_http_response(response)
1598 # Return the response
1599 resp = resources.SecretVersion()
1600 pb_resp = resources.SecretVersion.pb(resp)
1602 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1603 resp = self._interceptor.post_get_secret_version(resp)
1604 return resp
1606 class _ListSecrets(SecretManagerServiceRestStub):
1607 def __hash__(self):
1608 return hash("ListSecrets")
1610 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1612 @classmethod
1613 def _get_unset_required_fields(cls, message_dict):
1614 return {
1615 k: v
1616 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1617 if k not in message_dict
1618 }
1620 def __call__(
1621 self,
1622 request: service.ListSecretsRequest,
1623 *,
1624 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1625 timeout: Optional[float] = None,
1626 metadata: Sequence[Tuple[str, str]] = (),
1627 ) -> service.ListSecretsResponse:
1628 r"""Call the list secrets method over HTTP.
1630 Args:
1631 request (~.service.ListSecretsRequest):
1632 The request object. Request message for
1633 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets].
1634 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1635 should be retried.
1636 timeout (float): The timeout for this request.
1637 metadata (Sequence[Tuple[str, str]]): Strings which should be
1638 sent along with the request as metadata.
1640 Returns:
1641 ~.service.ListSecretsResponse:
1642 Response message for
1643 [SecretManagerService.ListSecrets][google.cloud.secrets.v1beta1.SecretManagerService.ListSecrets].
1645 """
1647 http_options: List[Dict[str, str]] = [
1648 {
1649 "method": "get",
1650 "uri": "/v1beta1/{parent=projects/*}/secrets",
1651 },
1652 ]
1653 request, metadata = self._interceptor.pre_list_secrets(request, metadata)
1654 pb_request = service.ListSecretsRequest.pb(request)
1655 transcoded_request = path_template.transcode(http_options, pb_request)
1657 uri = transcoded_request["uri"]
1658 method = transcoded_request["method"]
1660 # Jsonify the query params
1661 query_params = json.loads(
1662 json_format.MessageToJson(
1663 transcoded_request["query_params"],
1664 use_integers_for_enums=True,
1665 )
1666 )
1667 query_params.update(self._get_unset_required_fields(query_params))
1669 query_params["$alt"] = "json;enum-encoding=int"
1671 # Send the request
1672 headers = dict(metadata)
1673 headers["Content-Type"] = "application/json"
1674 response = getattr(self._session, method)(
1675 "{host}{uri}".format(host=self._host, uri=uri),
1676 timeout=timeout,
1677 headers=headers,
1678 params=rest_helpers.flatten_query_params(query_params, strict=True),
1679 )
1681 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1682 # subclass.
1683 if response.status_code >= 400:
1684 raise core_exceptions.from_http_response(response)
1686 # Return the response
1687 resp = service.ListSecretsResponse()
1688 pb_resp = service.ListSecretsResponse.pb(resp)
1690 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1691 resp = self._interceptor.post_list_secrets(resp)
1692 return resp
1694 class _ListSecretVersions(SecretManagerServiceRestStub):
1695 def __hash__(self):
1696 return hash("ListSecretVersions")
1698 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1700 @classmethod
1701 def _get_unset_required_fields(cls, message_dict):
1702 return {
1703 k: v
1704 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1705 if k not in message_dict
1706 }
1708 def __call__(
1709 self,
1710 request: service.ListSecretVersionsRequest,
1711 *,
1712 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1713 timeout: Optional[float] = None,
1714 metadata: Sequence[Tuple[str, str]] = (),
1715 ) -> service.ListSecretVersionsResponse:
1716 r"""Call the list secret versions method over HTTP.
1718 Args:
1719 request (~.service.ListSecretVersionsRequest):
1720 The request object. Request message for
1721 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions].
1722 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1723 should be retried.
1724 timeout (float): The timeout for this request.
1725 metadata (Sequence[Tuple[str, str]]): Strings which should be
1726 sent along with the request as metadata.
1728 Returns:
1729 ~.service.ListSecretVersionsResponse:
1730 Response message for
1731 [SecretManagerService.ListSecretVersions][google.cloud.secrets.v1beta1.SecretManagerService.ListSecretVersions].
1733 """
1735 http_options: List[Dict[str, str]] = [
1736 {
1737 "method": "get",
1738 "uri": "/v1beta1/{parent=projects/*/secrets/*}/versions",
1739 },
1740 ]
1741 request, metadata = self._interceptor.pre_list_secret_versions(
1742 request, metadata
1743 )
1744 pb_request = service.ListSecretVersionsRequest.pb(request)
1745 transcoded_request = path_template.transcode(http_options, pb_request)
1747 uri = transcoded_request["uri"]
1748 method = transcoded_request["method"]
1750 # Jsonify the query params
1751 query_params = json.loads(
1752 json_format.MessageToJson(
1753 transcoded_request["query_params"],
1754 use_integers_for_enums=True,
1755 )
1756 )
1757 query_params.update(self._get_unset_required_fields(query_params))
1759 query_params["$alt"] = "json;enum-encoding=int"
1761 # Send the request
1762 headers = dict(metadata)
1763 headers["Content-Type"] = "application/json"
1764 response = getattr(self._session, method)(
1765 "{host}{uri}".format(host=self._host, uri=uri),
1766 timeout=timeout,
1767 headers=headers,
1768 params=rest_helpers.flatten_query_params(query_params, strict=True),
1769 )
1771 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1772 # subclass.
1773 if response.status_code >= 400:
1774 raise core_exceptions.from_http_response(response)
1776 # Return the response
1777 resp = service.ListSecretVersionsResponse()
1778 pb_resp = service.ListSecretVersionsResponse.pb(resp)
1780 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1781 resp = self._interceptor.post_list_secret_versions(resp)
1782 return resp
1784 class _SetIamPolicy(SecretManagerServiceRestStub):
1785 def __hash__(self):
1786 return hash("SetIamPolicy")
1788 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1790 @classmethod
1791 def _get_unset_required_fields(cls, message_dict):
1792 return {
1793 k: v
1794 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1795 if k not in message_dict
1796 }
1798 def __call__(
1799 self,
1800 request: iam_policy_pb2.SetIamPolicyRequest,
1801 *,
1802 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1803 timeout: Optional[float] = None,
1804 metadata: Sequence[Tuple[str, str]] = (),
1805 ) -> policy_pb2.Policy:
1806 r"""Call the set iam policy method over HTTP.
1808 Args:
1809 request (~.iam_policy_pb2.SetIamPolicyRequest):
1810 The request object. Request message for ``SetIamPolicy`` method.
1811 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1812 should be retried.
1813 timeout (float): The timeout for this request.
1814 metadata (Sequence[Tuple[str, str]]): Strings which should be
1815 sent along with the request as metadata.
1817 Returns:
1818 ~.policy_pb2.Policy:
1819 An Identity and Access Management (IAM) policy, which
1820 specifies access controls for Google Cloud resources.
1822 A ``Policy`` is a collection of ``bindings``. A
1823 ``binding`` binds one or more ``members``, or
1824 principals, to a single ``role``. Principals can be user
1825 accounts, service accounts, Google groups, and domains
1826 (such as G Suite). A ``role`` is a named list of
1827 permissions; each ``role`` can be an IAM predefined role
1828 or a user-created custom role.
1830 For some types of Google Cloud resources, a ``binding``
1831 can also specify a ``condition``, which is a logical
1832 expression that allows access to a resource only if the
1833 expression evaluates to ``true``. A condition can add
1834 constraints based on attributes of the request, the
1835 resource, or both. To learn which resources support
1836 conditions in their IAM policies, see the `IAM
1837 documentation <https://cloud.google.com/iam/help/conditions/resource-policies>`__.
1839 **JSON example:**
1841 ::
1843 {
1844 "bindings": [
1845 {
1846 "role": "roles/resourcemanager.organizationAdmin",
1847 "members": [
1848 "user:mike@example.com",
1849 "group:admins@example.com",
1850 "domain:google.com",
1851 "serviceAccount:my-project-id@appspot.gserviceaccount.com"
1852 ]
1853 },
1854 {
1855 "role": "roles/resourcemanager.organizationViewer",
1856 "members": [
1857 "user:eve@example.com"
1858 ],
1859 "condition": {
1860 "title": "expirable access",
1861 "description": "Does not grant access after Sep 2020",
1862 "expression": "request.time <
1863 timestamp('2020-10-01T00:00:00.000Z')",
1864 }
1865 }
1866 ],
1867 "etag": "BwWWja0YfJA=",
1868 "version": 3
1869 }
1871 **YAML example:**
1873 ::
1875 bindings:
1876 - members:
1877 - user:mike@example.com
1878 - group:admins@example.com
1879 - domain:google.com
1880 - serviceAccount:my-project-id@appspot.gserviceaccount.com
1881 role: roles/resourcemanager.organizationAdmin
1882 - members:
1883 - user:eve@example.com
1884 role: roles/resourcemanager.organizationViewer
1885 condition:
1886 title: expirable access
1887 description: Does not grant access after Sep 2020
1888 expression: request.time < timestamp('2020-10-01T00:00:00.000Z')
1889 etag: BwWWja0YfJA=
1890 version: 3
1892 For a description of IAM and its features, see the `IAM
1893 documentation <https://cloud.google.com/iam/docs/>`__.
1895 """
1897 http_options: List[Dict[str, str]] = [
1898 {
1899 "method": "post",
1900 "uri": "/v1beta1/{resource=projects/*/secrets/*}:setIamPolicy",
1901 "body": "*",
1902 },
1903 ]
1904 request, metadata = self._interceptor.pre_set_iam_policy(request, metadata)
1905 pb_request = request
1906 transcoded_request = path_template.transcode(http_options, pb_request)
1908 # Jsonify the request body
1910 body = json_format.MessageToJson(
1911 transcoded_request["body"], use_integers_for_enums=True
1912 )
1913 uri = transcoded_request["uri"]
1914 method = transcoded_request["method"]
1916 # Jsonify the query params
1917 query_params = json.loads(
1918 json_format.MessageToJson(
1919 transcoded_request["query_params"],
1920 use_integers_for_enums=True,
1921 )
1922 )
1923 query_params.update(self._get_unset_required_fields(query_params))
1925 query_params["$alt"] = "json;enum-encoding=int"
1927 # Send the request
1928 headers = dict(metadata)
1929 headers["Content-Type"] = "application/json"
1930 response = getattr(self._session, method)(
1931 "{host}{uri}".format(host=self._host, uri=uri),
1932 timeout=timeout,
1933 headers=headers,
1934 params=rest_helpers.flatten_query_params(query_params, strict=True),
1935 data=body,
1936 )
1938 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
1939 # subclass.
1940 if response.status_code >= 400:
1941 raise core_exceptions.from_http_response(response)
1943 # Return the response
1944 resp = policy_pb2.Policy()
1945 pb_resp = resp
1947 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
1948 resp = self._interceptor.post_set_iam_policy(resp)
1949 return resp
1951 class _TestIamPermissions(SecretManagerServiceRestStub):
1952 def __hash__(self):
1953 return hash("TestIamPermissions")
1955 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {}
1957 @classmethod
1958 def _get_unset_required_fields(cls, message_dict):
1959 return {
1960 k: v
1961 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
1962 if k not in message_dict
1963 }
1965 def __call__(
1966 self,
1967 request: iam_policy_pb2.TestIamPermissionsRequest,
1968 *,
1969 retry: OptionalRetry = gapic_v1.method.DEFAULT,
1970 timeout: Optional[float] = None,
1971 metadata: Sequence[Tuple[str, str]] = (),
1972 ) -> iam_policy_pb2.TestIamPermissionsResponse:
1973 r"""Call the test iam permissions method over HTTP.
1975 Args:
1976 request (~.iam_policy_pb2.TestIamPermissionsRequest):
1977 The request object. Request message for ``TestIamPermissions`` method.
1978 retry (google.api_core.retry.Retry): Designation of what errors, if any,
1979 should be retried.
1980 timeout (float): The timeout for this request.
1981 metadata (Sequence[Tuple[str, str]]): Strings which should be
1982 sent along with the request as metadata.
1984 Returns:
1985 ~.iam_policy_pb2.TestIamPermissionsResponse:
1986 Response message for ``TestIamPermissions`` method.
1987 """
1989 http_options: List[Dict[str, str]] = [
1990 {
1991 "method": "post",
1992 "uri": "/v1beta1/{resource=projects/*/secrets/*}:testIamPermissions",
1993 "body": "*",
1994 },
1995 ]
1996 request, metadata = self._interceptor.pre_test_iam_permissions(
1997 request, metadata
1998 )
1999 pb_request = request
2000 transcoded_request = path_template.transcode(http_options, pb_request)
2002 # Jsonify the request body
2004 body = json_format.MessageToJson(
2005 transcoded_request["body"], use_integers_for_enums=True
2006 )
2007 uri = transcoded_request["uri"]
2008 method = transcoded_request["method"]
2010 # Jsonify the query params
2011 query_params = json.loads(
2012 json_format.MessageToJson(
2013 transcoded_request["query_params"],
2014 use_integers_for_enums=True,
2015 )
2016 )
2017 query_params.update(self._get_unset_required_fields(query_params))
2019 query_params["$alt"] = "json;enum-encoding=int"
2021 # Send the request
2022 headers = dict(metadata)
2023 headers["Content-Type"] = "application/json"
2024 response = getattr(self._session, method)(
2025 "{host}{uri}".format(host=self._host, uri=uri),
2026 timeout=timeout,
2027 headers=headers,
2028 params=rest_helpers.flatten_query_params(query_params, strict=True),
2029 data=body,
2030 )
2032 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
2033 # subclass.
2034 if response.status_code >= 400:
2035 raise core_exceptions.from_http_response(response)
2037 # Return the response
2038 resp = iam_policy_pb2.TestIamPermissionsResponse()
2039 pb_resp = resp
2041 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
2042 resp = self._interceptor.post_test_iam_permissions(resp)
2043 return resp
2045 class _UpdateSecret(SecretManagerServiceRestStub):
2046 def __hash__(self):
2047 return hash("UpdateSecret")
2049 __REQUIRED_FIELDS_DEFAULT_VALUES: Dict[str, Any] = {
2050 "updateMask": {},
2051 }
2053 @classmethod
2054 def _get_unset_required_fields(cls, message_dict):
2055 return {
2056 k: v
2057 for k, v in cls.__REQUIRED_FIELDS_DEFAULT_VALUES.items()
2058 if k not in message_dict
2059 }
2061 def __call__(
2062 self,
2063 request: service.UpdateSecretRequest,
2064 *,
2065 retry: OptionalRetry = gapic_v1.method.DEFAULT,
2066 timeout: Optional[float] = None,
2067 metadata: Sequence[Tuple[str, str]] = (),
2068 ) -> resources.Secret:
2069 r"""Call the update secret method over HTTP.
2071 Args:
2072 request (~.service.UpdateSecretRequest):
2073 The request object. Request message for
2074 [SecretManagerService.UpdateSecret][google.cloud.secrets.v1beta1.SecretManagerService.UpdateSecret].
2075 retry (google.api_core.retry.Retry): Designation of what errors, if any,
2076 should be retried.
2077 timeout (float): The timeout for this request.
2078 metadata (Sequence[Tuple[str, str]]): Strings which should be
2079 sent along with the request as metadata.
2081 Returns:
2082 ~.resources.Secret:
2083 A [Secret][google.cloud.secrets.v1beta1.Secret] is a
2084 logical secret whose value and versions can be accessed.
2086 A [Secret][google.cloud.secrets.v1beta1.Secret] is made
2087 up of zero or more
2088 [SecretVersions][google.cloud.secrets.v1beta1.SecretVersion]
2089 that represent the secret data.
2091 """
2093 http_options: List[Dict[str, str]] = [
2094 {
2095 "method": "patch",
2096 "uri": "/v1beta1/{secret.name=projects/*/secrets/*}",
2097 "body": "secret",
2098 },
2099 ]
2100 request, metadata = self._interceptor.pre_update_secret(request, metadata)
2101 pb_request = service.UpdateSecretRequest.pb(request)
2102 transcoded_request = path_template.transcode(http_options, pb_request)
2104 # Jsonify the request body
2106 body = json_format.MessageToJson(
2107 transcoded_request["body"], use_integers_for_enums=True
2108 )
2109 uri = transcoded_request["uri"]
2110 method = transcoded_request["method"]
2112 # Jsonify the query params
2113 query_params = json.loads(
2114 json_format.MessageToJson(
2115 transcoded_request["query_params"],
2116 use_integers_for_enums=True,
2117 )
2118 )
2119 query_params.update(self._get_unset_required_fields(query_params))
2121 query_params["$alt"] = "json;enum-encoding=int"
2123 # Send the request
2124 headers = dict(metadata)
2125 headers["Content-Type"] = "application/json"
2126 response = getattr(self._session, method)(
2127 "{host}{uri}".format(host=self._host, uri=uri),
2128 timeout=timeout,
2129 headers=headers,
2130 params=rest_helpers.flatten_query_params(query_params, strict=True),
2131 data=body,
2132 )
2134 # In case of error, raise the appropriate core_exceptions.GoogleAPICallError exception
2135 # subclass.
2136 if response.status_code >= 400:
2137 raise core_exceptions.from_http_response(response)
2139 # Return the response
2140 resp = resources.Secret()
2141 pb_resp = resources.Secret.pb(resp)
2143 json_format.Parse(response.content, pb_resp, ignore_unknown_fields=True)
2144 resp = self._interceptor.post_update_secret(resp)
2145 return resp
2147 @property
2148 def access_secret_version(
2149 self,
2150 ) -> Callable[
2151 [service.AccessSecretVersionRequest], service.AccessSecretVersionResponse
2152 ]:
2153 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2154 # In C++ this would require a dynamic_cast
2155 return self._AccessSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2157 @property
2158 def add_secret_version(
2159 self,
2160 ) -> Callable[[service.AddSecretVersionRequest], resources.SecretVersion]:
2161 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2162 # In C++ this would require a dynamic_cast
2163 return self._AddSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2165 @property
2166 def create_secret(
2167 self,
2168 ) -> Callable[[service.CreateSecretRequest], resources.Secret]:
2169 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2170 # In C++ this would require a dynamic_cast
2171 return self._CreateSecret(self._session, self._host, self._interceptor) # type: ignore
2173 @property
2174 def delete_secret(self) -> Callable[[service.DeleteSecretRequest], empty_pb2.Empty]:
2175 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2176 # In C++ this would require a dynamic_cast
2177 return self._DeleteSecret(self._session, self._host, self._interceptor) # type: ignore
2179 @property
2180 def destroy_secret_version(
2181 self,
2182 ) -> Callable[[service.DestroySecretVersionRequest], resources.SecretVersion]:
2183 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2184 # In C++ this would require a dynamic_cast
2185 return self._DestroySecretVersion(self._session, self._host, self._interceptor) # type: ignore
2187 @property
2188 def disable_secret_version(
2189 self,
2190 ) -> Callable[[service.DisableSecretVersionRequest], resources.SecretVersion]:
2191 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2192 # In C++ this would require a dynamic_cast
2193 return self._DisableSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2195 @property
2196 def enable_secret_version(
2197 self,
2198 ) -> Callable[[service.EnableSecretVersionRequest], resources.SecretVersion]:
2199 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2200 # In C++ this would require a dynamic_cast
2201 return self._EnableSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2203 @property
2204 def get_iam_policy(
2205 self,
2206 ) -> Callable[[iam_policy_pb2.GetIamPolicyRequest], policy_pb2.Policy]:
2207 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2208 # In C++ this would require a dynamic_cast
2209 return self._GetIamPolicy(self._session, self._host, self._interceptor) # type: ignore
2211 @property
2212 def get_secret(self) -> Callable[[service.GetSecretRequest], resources.Secret]:
2213 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2214 # In C++ this would require a dynamic_cast
2215 return self._GetSecret(self._session, self._host, self._interceptor) # type: ignore
2217 @property
2218 def get_secret_version(
2219 self,
2220 ) -> Callable[[service.GetSecretVersionRequest], resources.SecretVersion]:
2221 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2222 # In C++ this would require a dynamic_cast
2223 return self._GetSecretVersion(self._session, self._host, self._interceptor) # type: ignore
2225 @property
2226 def list_secrets(
2227 self,
2228 ) -> Callable[[service.ListSecretsRequest], service.ListSecretsResponse]:
2229 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2230 # In C++ this would require a dynamic_cast
2231 return self._ListSecrets(self._session, self._host, self._interceptor) # type: ignore
2233 @property
2234 def list_secret_versions(
2235 self,
2236 ) -> Callable[
2237 [service.ListSecretVersionsRequest], service.ListSecretVersionsResponse
2238 ]:
2239 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2240 # In C++ this would require a dynamic_cast
2241 return self._ListSecretVersions(self._session, self._host, self._interceptor) # type: ignore
2243 @property
2244 def set_iam_policy(
2245 self,
2246 ) -> Callable[[iam_policy_pb2.SetIamPolicyRequest], policy_pb2.Policy]:
2247 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2248 # In C++ this would require a dynamic_cast
2249 return self._SetIamPolicy(self._session, self._host, self._interceptor) # type: ignore
2251 @property
2252 def test_iam_permissions(
2253 self,
2254 ) -> Callable[
2255 [iam_policy_pb2.TestIamPermissionsRequest],
2256 iam_policy_pb2.TestIamPermissionsResponse,
2257 ]:
2258 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2259 # In C++ this would require a dynamic_cast
2260 return self._TestIamPermissions(self._session, self._host, self._interceptor) # type: ignore
2262 @property
2263 def update_secret(
2264 self,
2265 ) -> Callable[[service.UpdateSecretRequest], resources.Secret]:
2266 # The return type is fine, but mypy isn't sophisticated enough to determine what's going on here.
2267 # In C++ this would require a dynamic_cast
2268 return self._UpdateSecret(self._session, self._host, self._interceptor) # type: ignore
2270 @property
2271 def kind(self) -> str:
2272 return "rest"
2274 def close(self):
2275 self._session.close()
2278__all__ = ("SecretManagerServiceRestTransport",)