SecretManagerServiceClient

SecretManagerServiceClient

Secret Manager Service

Manages secrets and operations using those secrets. Implements a REST model with the following objects:

Constructor

new SecretManagerServiceClient(optionsopt)

Construct an instance of SecretManagerServiceClient.

Parameters:
Name Type Attributes Description
options object <optional>

The configuration object. See the subsequent parameters for more details.

Properties
Name Type Attributes Description
credentials object <optional>

Credentials object.

Properties
Name Type Attributes Description
client_email string <optional>
private_key string <optional>
email string <optional>

Account email address. Required when using a .pem or .p12 keyFilename.
keyFilename string <optional>

Full path to the a .json, .pem, or .p12 key downloaded from the Google Developers Console. If you provide a path to a JSON file, the projectId option below is not necessary. NOTE: .pem and .p12 require you to specify options.email as well.
port number <optional>

The port on which to connect to the remote host.
projectId string <optional>

The project ID from the Google Developer's Console, e.g. 'grape-spaceship-123'. We will also check the environment variable GCLOUD_PROJECT for your project ID. If your app is running in an environment which supports Application Default Credentials, your project ID will be detected automatically.
apiEndpoint string <optional>

The domain name of the API remote host.

Members

(static) apiEndpoint

The DNS address for this API service - same as servicePath(), exists for compatibility reasons.

(static) port

The port for this API service.

(static) scopes

The scopes needed to make gRPC calls for every method defined in this service.

(static) servicePath

The DNS address for this API service.

Methods

accessSecretVersion(request, optionsopt) → {Promise}

Accesses a SecretVersion. This call returns the secret data.

projects/* /secrets/* /versions/latest is an alias to the latest SecretVersion.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Required. The resource name of the SecretVersion in the format projects/* /secrets/* /versions/*.
options object <optional>

Call options. See CallOptions for more details.

addSecretVersion(request, optionsopt) → {Promise}

Creates a new SecretVersion containing secret data and attaches it to an existing Secret.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
parent string

Required. The resource name of the Secret to associate with the SecretVersion in the format projects/* /secrets/*.
payload google.cloud.secrets.v1beta1.SecretPayload

Required. The secret payload of the SecretVersion.
options object <optional>

Call options. See CallOptions for more details.

close()

Terminate the GRPC channel and close the client.

The client will no longer be usable and all future behavior is undefined.

createSecret(request, optionsopt) → {Promise}

Creates a new Secret containing no SecretVersions.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
parent string

Required. The resource name of the project to associate with the Secret, in the format projects/*.
secretId string

Required. This must be unique within the project.
secret google.cloud.secrets.v1beta1.Secret

A Secret with initial field values.
options object <optional>

Call options. See CallOptions for more details.

deleteSecret(request, optionsopt) → {Promise}

Deletes a Secret.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Required. The resource name of the Secret to delete in the format projects/* /secrets/*.
options object <optional>

Call options. See CallOptions for more details.

destroySecretVersion(request, optionsopt) → {Promise}

Destroys a SecretVersion.

Sets the state of the SecretVersion to DESTROYED and irrevocably destroys the secret data.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Required. The resource name of the SecretVersion to destroy in the format projects/* /secrets/* /versions/*.
options object <optional>

Call options. See CallOptions for more details.

disableSecretVersion(request, optionsopt) → {Promise}

Disables a SecretVersion.

Sets the state of the SecretVersion to DISABLED.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Required. The resource name of the SecretVersion to disable in the format projects/* /secrets/* /versions/*.
options object <optional>

Call options. See CallOptions for more details.

enableSecretVersion(request, optionsopt) → {Promise}

Enables a SecretVersion.

Sets the state of the SecretVersion to ENABLED.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Required. The resource name of the SecretVersion to enable in the format projects/* /secrets/* /versions/*.
options object <optional>

Call options. See CallOptions for more details.

getIamPolicy(request, optionsopt) → {Promise}

Gets the access control policy for a secret. Returns empty policy if the secret exists and does not have a policy set.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.
options object <optional>

Call options. See CallOptions for more details.

getProjectId(callback)

Return the project ID used by this class.

Parameters:
Name Type Description
callback function

the callback to be called with the current project Id.

getSecret(request, optionsopt) → {Promise}

Gets metadata for a given Secret.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Required. The resource name of the Secret, in the format projects/* /secrets/*.
options object <optional>

Call options. See CallOptions for more details.

getSecretVersion(request, optionsopt) → {Promise}

Gets metadata for a SecretVersion.

projects/* /secrets/* /versions/latest is an alias to the latest SecretVersion.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
name string

Required. The resource name of the SecretVersion in the format projects/* /secrets/* /versions/*. projects/* /secrets/* /versions/latest is an alias to the latest SecretVersion.
options object <optional>

Call options. See CallOptions for more details.

initialize() → {Promise}

Initialize the client. Performs asynchronous operations (such as authentication) and prepares the client. This function will be called automatically when any class method is called for the first time, but if you need to initialize it before calling an actual method, feel free to call initialize() directly.

You can await on this method if you want to make sure the client is initialized.

listSecrets(request, optionsopt) → {Promise}

Lists Secrets.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Required. The resource name of the project associated with the Secrets, in the format projects/*.
pageSize number <optional>

Optional. The maximum number of results to be returned in a single page. If set to 0, the server decides the number of results to return. If the number is greater than 25000, it is capped at 25000.
pageToken string <optional>

Optional. Pagination token, returned earlier via ListSecretsResponse.next_page_token.
options object <optional>

Call options. See CallOptions for more details.

listSecretsStream(request, optionsopt) → {Stream}

Equivalent to listSecrets, but returns a NodeJS Stream object.

This fetches the paged responses for listSecrets continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Required. The resource name of the project associated with the Secrets, in the format projects/*.
pageSize number <optional>

Optional. The maximum number of results to be returned in a single page. If set to 0, the server decides the number of results to return. If the number is greater than 25000, it is capped at 25000.
pageToken string <optional>

Optional. Pagination token, returned earlier via ListSecretsResponse.next_page_token.
options object <optional>

Call options. See CallOptions for more details.
See:

listSecretVersions(request, optionsopt) → {Promise}

Lists SecretVersions. This call does not return secret data.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Required. The resource name of the Secret associated with the SecretVersions to list, in the format projects/* /secrets/*.
pageSize number <optional>

Optional. The maximum number of results to be returned in a single page. If set to 0, the server decides the number of results to return. If the number is greater than 25000, it is capped at 25000.
pageToken string <optional>

Optional. Pagination token, returned earlier via ListSecretVersionsResponse.next_page_token][].
options object <optional>

Call options. See CallOptions for more details.

listSecretVersionsStream(request, optionsopt) → {Stream}

Equivalent to listSecretVersions, but returns a NodeJS Stream object.

This fetches the paged responses for listSecretVersions continuously and invokes the callback registered for 'data' event for each element in the responses.

The returned object has 'end' method when no more elements are required.

autoPaginate option will be ignored.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Attributes Description
parent string

Required. The resource name of the Secret associated with the SecretVersions to list, in the format projects/* /secrets/*.
pageSize number <optional>

Optional. The maximum number of results to be returned in a single page. If set to 0, the server decides the number of results to return. If the number is greater than 25000, it is capped at 25000.
pageToken string <optional>

Optional. Pagination token, returned earlier via ListSecretVersionsResponse.next_page_token][].
options object <optional>

Call options. See CallOptions for more details.
See:

matchProjectFromSecretName(secretName) → {string}

Parse the project from Secret resource.

Parameters:
Name Type Description
secretName string

A fully-qualified path representing Secret resource.

matchProjectFromSecretVersionName(secretVersionName) → {string}

Parse the project from SecretVersion resource.

Parameters:
Name Type Description
secretVersionName string

A fully-qualified path representing SecretVersion resource.

matchSecretFromSecretName(secretName) → {string}

Parse the secret from Secret resource.

Parameters:
Name Type Description
secretName string

A fully-qualified path representing Secret resource.

matchSecretFromSecretVersionName(secretVersionName) → {string}

Parse the secret from SecretVersion resource.

Parameters:
Name Type Description
secretVersionName string

A fully-qualified path representing SecretVersion resource.

matchSecretVersionFromSecretVersionName(secretVersionName) → {string}

Parse the secret_version from SecretVersion resource.

Parameters:
Name Type Description
secretVersionName string

A fully-qualified path representing SecretVersion resource.

secretPath(project, secret) → {string}

Return a fully-qualified secret resource name string.

Parameters:
Name Type Description
project string
secret string

secretVersionPath(project, secret, secret_version) → {string}

Return a fully-qualified secretVersion resource name string.

Parameters:
Name Type Description
project string
secret string
secret_version string

setIamPolicy(request, optionsopt) → {Promise}

Sets the access control policy on the specified secret. Replaces any existing policy.

Permissions on SecretVersions are enforced according to the policy set on the associated Secret.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.
options object <optional>

Call options. See CallOptions for more details.

testIamPermissions(request, optionsopt) → {Promise}

Returns permissions that a caller has for the specified secret. If the secret does not exist, this call returns an empty set of permissions, not a NOT_FOUND error.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.
options object <optional>

Call options. See CallOptions for more details.

updateSecret(request, optionsopt) → {Promise}

Updates metadata of an existing Secret.

Parameters:
Name Type Attributes Description
request Object

The request object that will be sent.

Properties
Name Type Description
secret google.cloud.secrets.v1beta1.Secret

Required. Secret with updated field values.
updateMask google.protobuf.FieldMask

Required. Specifies the fields to be updated.
options object <optional>

Call options. See CallOptions for more details.