Skip to content

Commit

Permalink
feat(secretmanager): update the API
Browse files Browse the repository at this point in the history 
#### secretmanager:v1
The following keys were added:
- schemas.Automatic.properties.customerManagedEncryption.$ref
- schemas.Automatic.properties.customerManagedEncryption.description
- schemas.AutomaticStatus.description
- schemas.AutomaticStatus.id
- schemas.AutomaticStatus.properties.customerManagedEncryption.$ref
- schemas.AutomaticStatus.properties.customerManagedEncryption.description
- schemas.AutomaticStatus.properties.customerManagedEncryption.readOnly
- schemas.AutomaticStatus.type
- schemas.Binding.properties.bindingId.description
- schemas.Binding.properties.bindingId.type
- schemas.CustomerManagedEncryption.description
- schemas.CustomerManagedEncryption.id
- schemas.CustomerManagedEncryption.properties.kmsKeyName.description
- schemas.CustomerManagedEncryption.properties.kmsKeyName.type
- schemas.CustomerManagedEncryption.type
- schemas.CustomerManagedEncryptionStatus.description
- schemas.CustomerManagedEncryptionStatus.id
- schemas.CustomerManagedEncryptionStatus.properties.kmsKeyVersionName.description
- schemas.CustomerManagedEncryptionStatus.properties.kmsKeyVersionName.type
- schemas.CustomerManagedEncryptionStatus.type
- schemas.Replica.properties.customerManagedEncryption.$ref
- schemas.Replica.properties.customerManagedEncryption.description
- schemas.ReplicaStatus.description
- schemas.ReplicaStatus.id
- schemas.ReplicaStatus.properties.customerManagedEncryption.$ref
- schemas.ReplicaStatus.properties.customerManagedEncryption.description
- schemas.ReplicaStatus.properties.customerManagedEncryption.readOnly
- schemas.ReplicaStatus.properties.location.description
- schemas.ReplicaStatus.properties.location.readOnly
- schemas.ReplicaStatus.properties.location.type
- schemas.ReplicaStatus.type
- schemas.ReplicationStatus.description
- schemas.ReplicationStatus.id
- schemas.ReplicationStatus.properties.automatic.$ref
- schemas.ReplicationStatus.properties.automatic.description
- schemas.ReplicationStatus.properties.userManaged.$ref
- schemas.ReplicationStatus.properties.userManaged.description
- schemas.ReplicationStatus.type
- schemas.SecretVersion.properties.replicationStatus.$ref
- schemas.SecretVersion.properties.replicationStatus.description
- schemas.UserManagedStatus.description
- schemas.UserManagedStatus.id
- schemas.UserManagedStatus.properties.replicas.description
- schemas.UserManagedStatus.properties.replicas.items.$ref
- schemas.UserManagedStatus.properties.replicas.readOnly
- schemas.UserManagedStatus.properties.replicas.type
- schemas.UserManagedStatus.type

The following keys were changed:
- schemas.Replication.description

#### secretmanager:v1beta1
The following keys were added:
- schemas.Binding.properties.bindingId.description
- schemas.Binding.properties.bindingId.type
  • Loading branch information
@JustinBeckwith
JustinBeckwith committed Oct 5, 2020
1 parent 51f38fa commit 585365d
Show file tree
Hide file tree
Showing 4 changed files with 196 additions and 6 deletions.
104 changes: 101 additions & 3 deletions discovery/secretmanager-v1.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -628,7 +628,7 @@
}
}
},
"revision": "20200807",
"revision": "20200918",
"rootUrl": "https://secretmanager.googleapis.com/",
"schemas": {
"AccessSecretVersionResponse": {
Expand Down Expand Up @@ -708,13 +708,34 @@
"Automatic": {
"description": "A replication policy that replicates the Secret payload without any restrictions.",
"id": "Automatic",
"properties": {},
"properties": {
"customerManagedEncryption": {
"$ref": "CustomerManagedEncryption",
"description": "Optional. The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used. Updates to the Secret encryption configuration only apply to SecretVersions added afterwards. They do not apply retroactively to existing SecretVersions."
}
},
"type": "object"
},
"AutomaticStatus": {
"description": "The replication status of a SecretVersion using automatic replication. Only populated if the parent Secret has an automatic replication policy.",
"id": "AutomaticStatus",
"properties": {
"customerManagedEncryption": {
"$ref": "CustomerManagedEncryptionStatus",
"description": "Output only. The customer-managed encryption status of the SecretVersion. Only populated if customer-managed encryption is used.",
"readOnly": true
}
},
"type": "object"
},
"Binding": {
"description": "Associates `members` with a `role`.",
"id": "Binding",
"properties": {
"bindingId": {
"description": "A client-specified ID for this binding. Expected to be globally unique to support the internal bindings-by-ID API.",
"type": "string"
},
"condition": {
"$ref": "Expr",
"description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
Expand All @@ -733,6 +754,28 @@
},
"type": "object"
},
"CustomerManagedEncryption": {
"description": "Configuration for encrypting secret payloads using customer-managed encryption keys (CMEK).",
"id": "CustomerManagedEncryption",
"properties": {
"kmsKeyName": {
"description": "Required. The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads. For secrets using the UserManaged replication policy type, Cloud KMS CryptoKeys must reside in the same location as the replica location. For secrets using the Automatic replication policy type, Cloud KMS CryptoKeys must reside in `global`. The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*`.",
"type": "string"
}
},
"type": "object"
},
"CustomerManagedEncryptionStatus": {
"description": "Describes the status of customer-managed encryption.",
"id": "CustomerManagedEncryptionStatus",
"properties": {
"kmsKeyVersionName": {
"description": "Required. The resource name of the Cloud KMS CryptoKeyVersion used to encrypt the secret payload, in the following format: `projects/*/locations/*/keyRings/*/cryptoKeys/*/versions/*`.",
"type": "string"
}
},
"type": "object"
},
"DestroySecretVersionRequest": {
"description": "Request message for SecretManagerService.DestroySecretVersion.",
"id": "DestroySecretVersionRequest",
Expand Down Expand Up @@ -913,15 +956,36 @@
"description": "Represents a Replica for this Secret.",
"id": "Replica",
"properties": {
"customerManagedEncryption": {
"$ref": "CustomerManagedEncryption",
"description": "Optional. The customer-managed encryption configuration of the User-Managed Replica. If no configuration is provided, Google-managed default encryption is used. Updates to the Secret encryption configuration only apply to SecretVersions added afterwards. They do not apply retroactively to existing SecretVersions."
},
"location": {
"description": "The canonical IDs of the location to replicate data. For example: `\"us-east1\"`.",
"type": "string"
}
},
"type": "object"
},
"ReplicaStatus": {
"description": "Describes the status of a user-managed replica for the SecretVersion.",
"id": "ReplicaStatus",
"properties": {
"customerManagedEncryption": {
"$ref": "CustomerManagedEncryptionStatus",
"description": "Output only. The customer-managed encryption status of the SecretVersion. Only populated if customer-managed encryption is used.",
"readOnly": true
},
"location": {
"description": "Output only. The canonical ID of the replica location. For example: `\"us-east1\"`.",
"readOnly": true,
"type": "string"
}
},
"type": "object"
},
"Replication": {
"description": "A policy that defines the replication configuration of data. ",
"description": "A policy that defines the replication and encryption configuration of data.",
"id": "Replication",
"properties": {
"automatic": {
Expand All @@ -935,6 +999,21 @@
},
"type": "object"
},
"ReplicationStatus": {
"description": "The replication status of a SecretVersion.",
"id": "ReplicationStatus",
"properties": {
"automatic": {
"$ref": "AutomaticStatus",
"description": "Describes the replication status of a SecretVersion with automatic replication. Only populated if the parent Secret has an automatic replication policy."
},
"userManaged": {
"$ref": "UserManagedStatus",
"description": "Describes the replication status of a SecretVersion with user-managed replication. Only populated if the parent Secret has a user-managed replication policy."
}
},
"type": "object"
},
"Secret": {
"description": "A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.",
"id": "Secret",
Expand Down Expand Up @@ -997,6 +1076,10 @@
"readOnly": true,
"type": "string"
},
"replicationStatus": {
"$ref": "ReplicationStatus",
"description": "The replication status of the SecretVersion."
},
"state": {
"description": "Output only. The current state of the SecretVersion.",
"enum": [
Expand Down Expand Up @@ -1074,6 +1157,21 @@
}
},
"type": "object"
},
"UserManagedStatus": {
"description": "The replication status of a SecretVersion using user-managed replication. Only populated if the parent Secret has a user-managed replication policy.",
"id": "UserManagedStatus",
"properties": {
"replicas": {
"description": "Output only. The list of replica statuses for the SecretVersion.",
"items": {
"$ref": "ReplicaStatus"
},
"readOnly": true,
"type": "array"
}
},
"type": "object"
}
},
"servicePath": "",
Expand Down
6 changes: 5 additions & 1 deletion discovery/secretmanager-v1beta1.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -628,7 +628,7 @@
}
}
},
"revision": "20200807",
"revision": "20200918",
"rootUrl": "https://secretmanager.googleapis.com/",
"schemas": {
"AccessSecretVersionResponse": {
Expand Down Expand Up @@ -715,6 +715,10 @@
"description": "Associates `members` with a `role`.",
"id": "Binding",
"properties": {
"bindingId": {
"description": "A client-specified ID for this binding. Expected to be globally unique to support the internal bindings-by-ID API.",
"type": "string"
},
"condition": {
"$ref": "Expr",
"description": "The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies)."
Expand Down
88 changes: 86 additions & 2 deletions src/apis/secretmanager/v1.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,11 +178,29 @@ export namespace secretmanager_v1 {
/**
* A replication policy that replicates the Secret payload without any restrictions.
*/
export interface Schema$Automatic {}
export interface Schema$Automatic {
/**
* Optional. The customer-managed encryption configuration of the Secret. If no configuration is provided, Google-managed default encryption is used. Updates to the Secret encryption configuration only apply to SecretVersions added afterwards. They do not apply retroactively to existing SecretVersions.
*/
customerManagedEncryption?: Schema$CustomerManagedEncryption;
}
/**
* The replication status of a SecretVersion using automatic replication. Only populated if the parent Secret has an automatic replication policy.
*/
export interface Schema$AutomaticStatus {
/**
* Output only. The customer-managed encryption status of the SecretVersion. Only populated if customer-managed encryption is used.
*/
customerManagedEncryption?: Schema$CustomerManagedEncryptionStatus;
}
/**
* Associates `members` with a `role`.
*/
export interface Schema$Binding {
/**
* A client-specified ID for this binding. Expected to be globally unique to support the internal bindings-by-ID API.
*/
bindingId?: string | null;
/**
* The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
*/
Expand All @@ -196,6 +214,24 @@ export namespace secretmanager_v1 {
*/
role?: string | null;
}
/**
* Configuration for encrypting secret payloads using customer-managed encryption keys (CMEK).
*/
export interface Schema$CustomerManagedEncryption {
/**
* Required. The resource name of the Cloud KMS CryptoKey used to encrypt secret payloads. For secrets using the UserManaged replication policy type, Cloud KMS CryptoKeys must reside in the same location as the replica location. For secrets using the Automatic replication policy type, Cloud KMS CryptoKeys must reside in `global`. The expected format is `projects/x/locations/x/keyRings/x/cryptoKeys/x.
*/
kmsKeyName?: string | null;
}
/**
* Describes the status of customer-managed encryption.
*/
export interface Schema$CustomerManagedEncryptionStatus {
/**
* Required. The resource name of the Cloud KMS CryptoKeyVersion used to encrypt the secret payload, in the following format: `projects/x/locations/x/keyRings/x/cryptoKeys/x/versions/x.
*/
kmsKeyVersionName?: string | null;
}
/**
* Request message for SecretManagerService.DestroySecretVersion.
*/
Expand Down Expand Up @@ -330,13 +366,30 @@ export namespace secretmanager_v1 {
* Represents a Replica for this Secret.
*/
export interface Schema$Replica {
/**
* Optional. The customer-managed encryption configuration of the User-Managed Replica. If no configuration is provided, Google-managed default encryption is used. Updates to the Secret encryption configuration only apply to SecretVersions added afterwards. They do not apply retroactively to existing SecretVersions.
*/
customerManagedEncryption?: Schema$CustomerManagedEncryption;
/**
* The canonical IDs of the location to replicate data. For example: `"us-east1"`.
*/
location?: string | null;
}
/**
* A policy that defines the replication configuration of data.
* Describes the status of a user-managed replica for the SecretVersion.
*/
export interface Schema$ReplicaStatus {
/**
* Output only. The customer-managed encryption status of the SecretVersion. Only populated if customer-managed encryption is used.
*/
customerManagedEncryption?: Schema$CustomerManagedEncryptionStatus;
/**
* Output only. The canonical ID of the replica location. For example: `"us-east1"`.
*/
location?: string | null;
}
/**
* A policy that defines the replication and encryption configuration of data.
*/
export interface Schema$Replication {
/**
Expand All @@ -348,6 +401,19 @@ export namespace secretmanager_v1 {
*/
userManaged?: Schema$UserManaged;
}
/**
* The replication status of a SecretVersion.
*/
export interface Schema$ReplicationStatus {
/**
* Describes the replication status of a SecretVersion with automatic replication. Only populated if the parent Secret has an automatic replication policy.
*/
automatic?: Schema$AutomaticStatus;
/**
* Describes the replication status of a SecretVersion with user-managed replication. Only populated if the parent Secret has a user-managed replication policy.
*/
userManaged?: Schema$UserManagedStatus;
}
/**
* A Secret is a logical secret whose value and versions can be accessed. A Secret is made up of zero or more SecretVersions that represent the secret data.
*/
Expand Down Expand Up @@ -394,6 +460,10 @@ export namespace secretmanager_v1 {
* Output only. The resource name of the SecretVersion in the format `projects/x/secrets/x/versions/x. SecretVersion IDs in a Secret start at 1 and are incremented for each subsequent version of the secret.
*/
name?: string | null;
/**
* The replication status of the SecretVersion.
*/
replicationStatus?: Schema$ReplicationStatus;
/**
* Output only. The current state of the SecretVersion.
*/
Expand Down Expand Up @@ -439,6 +509,15 @@ export namespace secretmanager_v1 {
*/
replicas?: Schema$Replica[];
}
/**
* The replication status of a SecretVersion using user-managed replication. Only populated if the parent Secret has a user-managed replication policy.
*/
export interface Schema$UserManagedStatus {
/**
* Output only. The list of replica statuses for the SecretVersion.
*/
replicas?: Schema$ReplicaStatus[];
}

export class Resource$Projects {
context: APIRequestContext;
Expand Down Expand Up @@ -818,6 +897,7 @@ export namespace secretmanager_v1 {
* // "createTime": "my_createTime",
* // "destroyTime": "my_destroyTime",
* // "name": "my_name",
* // "replicationStatus": {},
* // "state": "my_state"
* // }
* }
Expand Down Expand Up @@ -2343,6 +2423,7 @@ export namespace secretmanager_v1 {
* // "createTime": "my_createTime",
* // "destroyTime": "my_destroyTime",
* // "name": "my_name",
* // "replicationStatus": {},
* // "state": "my_state"
* // }
* }
Expand Down Expand Up @@ -2485,6 +2566,7 @@ export namespace secretmanager_v1 {
* // "createTime": "my_createTime",
* // "destroyTime": "my_destroyTime",
* // "name": "my_name",
* // "replicationStatus": {},
* // "state": "my_state"
* // }
* }
Expand Down Expand Up @@ -2627,6 +2709,7 @@ export namespace secretmanager_v1 {
* // "createTime": "my_createTime",
* // "destroyTime": "my_destroyTime",
* // "name": "my_name",
* // "replicationStatus": {},
* // "state": "my_state"
* // }
* }
Expand Down Expand Up @@ -2760,6 +2843,7 @@ export namespace secretmanager_v1 {
* // "createTime": "my_createTime",
* // "destroyTime": "my_destroyTime",
* // "name": "my_name",
* // "replicationStatus": {},
* // "state": "my_state"
* // }
* }
Expand Down
4 changes: 4 additions & 0 deletions src/apis/secretmanager/v1beta1.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,10 @@ export namespace secretmanager_v1beta1 {
* Associates `members` with a `role`.
*/
export interface Schema$Binding {
/**
* A client-specified ID for this binding. Expected to be globally unique to support the internal bindings-by-ID API.
*/
bindingId?: string | null;
/**
* The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
*/
Expand Down

0 comments on commit 585365d

Please sign in to comment.