Search in sources :

Example 26 with SecretManagerServiceClient

use of com.google.cloud.secretmanager.v1.SecretManagerServiceClient in project java-secretmanager by googleapis.

the class EnableSecretVersion method enableSecretVersion.

// Enable an existing secret version.
public void enableSecretVersion(String projectId, String secretId, String versionId) throws IOException {
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
        // Build the name from the version.
        SecretVersionName secretVersionName = SecretVersionName.of(projectId, secretId, versionId);
        // Create the secret.
        SecretVersion version = client.enableSecretVersion(secretVersionName);
        System.out.printf("Enabled secret version %s\n", version.getName());
    }
}
Also used : SecretVersionName(com.google.cloud.secretmanager.v1.SecretVersionName) SecretVersion(com.google.cloud.secretmanager.v1.SecretVersion) SecretManagerServiceClient(com.google.cloud.secretmanager.v1.SecretManagerServiceClient)

Example 27 with SecretManagerServiceClient

use of com.google.cloud.secretmanager.v1.SecretManagerServiceClient in project java-secretmanager by googleapis.

the class GetSecretVersion method getSecretVersion.

// Get an existing secret version.
public void getSecretVersion(String projectId, String secretId, String versionId) throws IOException {
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
        // Build the name from the version.
        SecretVersionName secretVersionName = SecretVersionName.of(projectId, secretId, versionId);
        // Create the secret.
        SecretVersion version = client.getSecretVersion(secretVersionName);
        System.out.printf("Secret version %s, state %s\n", version.getName(), version.getState());
    }
}
Also used : SecretVersionName(com.google.cloud.secretmanager.v1.SecretVersionName) SecretVersion(com.google.cloud.secretmanager.v1.SecretVersion) SecretManagerServiceClient(com.google.cloud.secretmanager.v1.SecretManagerServiceClient)

Example 28 with SecretManagerServiceClient

use of com.google.cloud.secretmanager.v1.SecretManagerServiceClient in project java-secretmanager by googleapis.

the class IamGrantAccess method iamGrantAccess.

// Grant a member access to a particular secret.
public void iamGrantAccess(String projectId, String secretId, String member) throws IOException {
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
        // Build the name from the version.
        SecretName secretName = SecretName.of(projectId, secretId);
        // Request the current IAM policy.
        Policy currentPolicy = client.getIamPolicy(GetIamPolicyRequest.newBuilder().setResource(secretName.toString()).build());
        // Build the new binding.
        Binding binding = Binding.newBuilder().setRole("roles/secretmanager.secretAccessor").addMembers(member).build();
        // Create a new IAM policy from the current policy, adding the binding.
        Policy newPolicy = Policy.newBuilder().mergeFrom(currentPolicy).addBindings(binding).build();
        // Save the updated IAM policy.
        client.setIamPolicy(SetIamPolicyRequest.newBuilder().setResource(secretName.toString()).setPolicy(newPolicy).build());
        System.out.printf("Updated IAM policy for %s\n", secretId);
    }
}
Also used : SecretName(com.google.cloud.secretmanager.v1.SecretName) Policy(com.google.iam.v1.Policy) Binding(com.google.iam.v1.Binding) SecretManagerServiceClient(com.google.cloud.secretmanager.v1.SecretManagerServiceClient)

Example 29 with SecretManagerServiceClient

use of com.google.cloud.secretmanager.v1.SecretManagerServiceClient in project java-secretmanager by googleapis.

the class IamRevokeAccess method iamRevokeAccess.

// Revoke a member access to a particular secret.
public void iamRevokeAccess(String projectId, String secretId, String member) throws IOException {
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
        // Build the name from the version.
        SecretName secretName = SecretName.of(projectId, secretId);
        // Request the current IAM policy.
        Policy policy = client.getIamPolicy(GetIamPolicyRequest.newBuilder().setResource(secretName.toString()).build());
        // Search through bindings and remove matches.
        String roleToFind = "roles/secretmanager.secretAccessor";
        for (Binding binding : policy.getBindingsList()) {
            if (binding.getRole() == roleToFind && binding.getMembersList().contains(member)) {
                binding.getMembersList().remove(member);
            }
        }
        // Save the updated IAM policy.
        client.setIamPolicy(SetIamPolicyRequest.newBuilder().setResource(secretName.toString()).setPolicy(policy).build());
        System.out.printf("Updated IAM policy for %s\n", secretId);
    }
}
Also used : SecretName(com.google.cloud.secretmanager.v1.SecretName) Policy(com.google.iam.v1.Policy) Binding(com.google.iam.v1.Binding) SecretManagerServiceClient(com.google.cloud.secretmanager.v1.SecretManagerServiceClient)

Example 30 with SecretManagerServiceClient

use of com.google.cloud.secretmanager.v1.SecretManagerServiceClient in project java-secretmanager by googleapis.

the class ListSecretVersions method listSecretVersions.

// List all secret versions for a secret.
public void listSecretVersions(String projectId, String secretId) throws IOException {
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
        // Build the parent name.
        SecretName projectName = SecretName.of(projectId, secretId);
        // Get all versions.
        ListSecretVersionsPagedResponse pagedResponse = client.listSecretVersions(projectName);
        // List all versions and their state.
        pagedResponse.iterateAll().forEach(version -> {
            System.out.printf("Secret version %s, %s\n", version.getName(), version.getState());
        });
    }
}
Also used : SecretName(com.google.cloud.secretmanager.v1.SecretName) ListSecretVersionsPagedResponse(com.google.cloud.secretmanager.v1.SecretManagerServiceClient.ListSecretVersionsPagedResponse) SecretManagerServiceClient(com.google.cloud.secretmanager.v1.SecretManagerServiceClient)

Aggregations

SecretManagerServiceClient (com.google.cloud.secretmanager.v1.SecretManagerServiceClient)56 SecretName (com.google.cloud.secretmanager.v1.SecretName)24 SecretVersion (com.google.cloud.secretmanager.v1.SecretVersion)21 SecretVersionName (com.google.cloud.secretmanager.v1.SecretVersionName)16 Secret (com.google.cloud.secretmanager.v1.Secret)14 ProjectName (com.google.cloud.secretmanager.v1.ProjectName)13 AccessSecretVersionResponse (com.google.cloud.secretmanager.v1.AccessSecretVersionResponse)10 ByteString (com.google.protobuf.ByteString)9 SecretPayload (com.google.cloud.secretmanager.v1.SecretPayload)7 ListSecretsPagedResponse (com.google.cloud.secretmanager.v1.SecretManagerServiceClient.ListSecretsPagedResponse)5 Test (org.junit.Test)5 DeleteSecretRequest (com.google.cloud.secretmanager.v1.DeleteSecretRequest)4 Binding (com.google.iam.v1.Binding)4 Policy (com.google.iam.v1.Policy)4 ListSecretVersionsPagedResponse (com.google.cloud.secretmanager.v1.SecretManagerServiceClient.ListSecretVersionsPagedResponse)3 FieldMask (com.google.protobuf.FieldMask)3 Singleton (javax.inject.Singleton)3 AfterClass (org.junit.AfterClass)3 GoogleSecretManagerV1AccessStrategy (org.springframework.cloud.config.server.environment.secretmanager.GoogleSecretManagerV1AccessStrategy)3 AddSecretVersionRequest (com.google.cloud.secretmanager.v1.AddSecretVersionRequest)2