Search in sources :

Example 11 with SecretName

use of com.google.cloud.secretmanager.v1.SecretName in project java-docs-samples by GoogleCloudPlatform.

the class DeleteSecretWithEtag method deleteSecret.

// Delete an existing secret with the given name and etag.
public static void deleteSecret(String projectId, String secretId, String etag) throws IOException {
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
        // Build the secret name.
        SecretName secretName = SecretName.of(projectId, secretId);
        // Construct the request.
        DeleteSecretRequest request = DeleteSecretRequest.newBuilder().setName(secretName.toString()).setEtag(etag).build();
        // Delete the secret.
        client.deleteSecret(request);
        System.out.printf("Deleted secret %s\n", secretId);
    }
}
Also used : SecretName(com.google.cloud.secretmanager.v1.SecretName) SecretManagerServiceClient(com.google.cloud.secretmanager.v1.SecretManagerServiceClient) DeleteSecretRequest(com.google.cloud.secretmanager.v1.DeleteSecretRequest)

Example 12 with SecretName

use of com.google.cloud.secretmanager.v1.SecretName in project java-docs-samples by GoogleCloudPlatform.

the class IamGrantAccess method iamGrantAccess.

// Grant a member access to a particular secret.
public static void iamGrantAccess(String projectId, String secretId, String member) throws IOException {
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
        // Build the name from the version.
        SecretName secretName = SecretName.of(projectId, secretId);
        // Request the current IAM policy.
        Policy currentPolicy = client.getIamPolicy(GetIamPolicyRequest.newBuilder().setResource(secretName.toString()).build());
        // Build the new binding.
        Binding binding = Binding.newBuilder().setRole("roles/secretmanager.secretAccessor").addMembers(member).build();
        // Create a new IAM policy from the current policy, adding the binding.
        Policy newPolicy = Policy.newBuilder().mergeFrom(currentPolicy).addBindings(binding).build();
        // Save the updated IAM policy.
        client.setIamPolicy(SetIamPolicyRequest.newBuilder().setResource(secretName.toString()).setPolicy(newPolicy).build());
        System.out.printf("Updated IAM policy for %s\n", secretId);
    }
}
Also used : SecretName(com.google.cloud.secretmanager.v1.SecretName) Policy(com.google.iam.v1.Policy) Binding(com.google.iam.v1.Binding) SecretManagerServiceClient(com.google.cloud.secretmanager.v1.SecretManagerServiceClient)

Example 13 with SecretName

use of com.google.cloud.secretmanager.v1.SecretName in project java-docs-samples by GoogleCloudPlatform.

the class SnippetsIT method testAddSecretVersion.

@Test
public void testAddSecretVersion() throws IOException {
    SecretName name = SecretName.parse(TEST_SECRET_WITH_VERSIONS.getName());
    AddSecretVersion.addSecretVersion(name.getProject(), name.getSecret());
    assertThat(stdOut.toString()).contains("Added secret version");
}
Also used : SecretName(com.google.cloud.secretmanager.v1.SecretName) Test(org.junit.Test)

Example 14 with SecretName

use of com.google.cloud.secretmanager.v1.SecretName in project java-docs-samples by GoogleCloudPlatform.

the class IamRevokeAccess method iamRevokeAccess.

// Revoke a member access to a particular secret.
public static void iamRevokeAccess(String projectId, String secretId, String member) throws IOException {
    // the "close" method on the client to safely clean up any remaining background resources.
    try (SecretManagerServiceClient client = SecretManagerServiceClient.create()) {
        // Build the name from the version.
        SecretName secretName = SecretName.of(projectId, secretId);
        // Request the current IAM policy.
        Policy policy = client.getIamPolicy(GetIamPolicyRequest.newBuilder().setResource(secretName.toString()).build());
        // Search through bindings and remove matches.
        String roleToFind = "roles/secretmanager.secretAccessor";
        for (Binding binding : policy.getBindingsList()) {
            if (binding.getRole() == roleToFind && binding.getMembersList().contains(member)) {
                binding.getMembersList().remove(member);
            }
        }
        // Save the updated IAM policy.
        client.setIamPolicy(SetIamPolicyRequest.newBuilder().setResource(secretName.toString()).setPolicy(policy).build());
        System.out.printf("Updated IAM policy for %s\n", secretId);
    }
}
Also used : SecretName(com.google.cloud.secretmanager.v1.SecretName) Policy(com.google.iam.v1.Policy) Binding(com.google.iam.v1.Binding) SecretManagerServiceClient(com.google.cloud.secretmanager.v1.SecretManagerServiceClient)

Example 15 with SecretName

use of com.google.cloud.secretmanager.v1.SecretName in project spring-cloud-gcp by GoogleCloudPlatform.

the class SecretManagerTemplate method createNewSecretVersion.

/**
 * Create a new version of the secret with the specified payload under a {@link Secret}. Will also
 * create the parent secret if it does not already exist.
 */
private void createNewSecretVersion(String secretId, ByteString payload, String projectId) {
    if (!secretExists(secretId, projectId)) {
        createSecretInternal(secretId, projectId);
    }
    SecretName name = SecretName.of(projectId, secretId);
    AddSecretVersionRequest payloadRequest = AddSecretVersionRequest.newBuilder().setParent(name.toString()).setPayload(SecretPayload.newBuilder().setData(payload)).build();
    secretManagerServiceClient.addSecretVersion(payloadRequest);
}
Also used : SecretName(com.google.cloud.secretmanager.v1.SecretName) AddSecretVersionRequest(com.google.cloud.secretmanager.v1.AddSecretVersionRequest)

Aggregations

SecretName (com.google.cloud.secretmanager.v1.SecretName)52 SecretManagerServiceClient (com.google.cloud.secretmanager.v1.SecretManagerServiceClient)23 Test (org.junit.Test)22 DeleteSecretRequest (com.google.cloud.secretmanager.v1.DeleteSecretRequest)8 Secret (com.google.cloud.secretmanager.v1.Secret)5 SecretVersion (com.google.cloud.secretmanager.v1.SecretVersion)5 AddSecretVersionRequest (com.google.cloud.secretmanager.v1.AddSecretVersionRequest)4 ListSecretVersionsPagedResponse (com.google.cloud.secretmanager.v1.SecretManagerServiceClient.ListSecretVersionsPagedResponse)4 SecretPayload (com.google.cloud.secretmanager.v1.SecretPayload)4 Binding (com.google.iam.v1.Binding)4 Policy (com.google.iam.v1.Policy)4 FieldMask (com.google.protobuf.FieldMask)3 AfterClass (org.junit.AfterClass)3 ListSecretVersionsRequest (com.google.cloud.secretmanager.v1.ListSecretVersionsRequest)2 AccessSecretVersionResponse (com.google.cloud.secretmanager.v1.AccessSecretVersionResponse)1 SecretVersionName (com.google.cloud.secretmanager.v1.SecretVersionName)1 AbstractMessage (com.google.protobuf.AbstractMessage)1 ByteString (com.google.protobuf.ByteString)1 EventListener (io.micronaut.runtime.event.annotation.EventListener)1 ArrayList (java.util.ArrayList)1