1// Copyright 2024 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14 15syntax = "proto3"; 16 17package google.cloud.secretmanager.v1beta2; 18 19import "google/api/annotations.proto"; 20import "google/api/client.proto"; 21import "google/api/field_behavior.proto"; 22import "google/api/resource.proto"; 23import "google/cloud/secretmanager/v1beta2/resources.proto"; 24import "google/iam/v1/iam_policy.proto"; 25import "google/iam/v1/policy.proto"; 26import "google/protobuf/empty.proto"; 27import "google/protobuf/field_mask.proto"; 28 29option cc_enable_arenas = true; 30option csharp_namespace = "Google.Cloud.SecretManager.V1Beta2"; 31option go_package = "cloud.google.com/go/secretmanager/apiv1beta2/secretmanagerpb;secretmanagerpb"; 32option java_multiple_files = true; 33option java_outer_classname = "ServiceProto"; 34option java_package = "com.google.cloud.secretmanager.v1beta2"; 35option objc_class_prefix = "GSM"; 36option php_namespace = "Google\\Cloud\\SecretManager\\V1beta2"; 37option ruby_package = "Google::Cloud::SecretManager::V1beta2"; 38 39// Secret Manager Service 40// 41// Manages secrets and operations using those secrets. Implements a REST 42// model with the following objects: 43// 44// * [Secret][google.cloud.secretmanager.v1beta2.Secret] 45// * [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] 46service SecretManagerService { 47 option (google.api.default_host) = "secretmanager.googleapis.com"; 48 option (google.api.oauth_scopes) = 49 "https://www.googleapis.com/auth/cloud-platform"; 50 51 // Lists [Secrets][google.cloud.secretmanager.v1beta2.Secret]. 52 rpc ListSecrets(ListSecretsRequest) returns (ListSecretsResponse) { 53 option (google.api.http) = { 54 get: "/v1beta2/{parent=projects/*}/secrets" 55 additional_bindings { 56 get: "/v1beta2/{parent=projects/*/locations/*}/secrets" 57 } 58 }; 59 option (google.api.method_signature) = "parent"; 60 } 61 62 // Creates a new [Secret][google.cloud.secretmanager.v1beta2.Secret] 63 // containing no 64 // [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. 65 rpc CreateSecret(CreateSecretRequest) returns (Secret) { 66 option (google.api.http) = { 67 post: "/v1beta2/{parent=projects/*}/secrets" 68 body: "secret" 69 additional_bindings { 70 post: "/v1beta2/{parent=projects/*/locations/*}/secrets" 71 body: "secret" 72 } 73 }; 74 option (google.api.method_signature) = "parent,secret_id,secret"; 75 } 76 77 // Creates a new 78 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] 79 // containing secret data and attaches it to an existing 80 // [Secret][google.cloud.secretmanager.v1beta2.Secret]. 81 rpc AddSecretVersion(AddSecretVersionRequest) returns (SecretVersion) { 82 option (google.api.http) = { 83 post: "/v1beta2/{parent=projects/*/secrets/*}:addVersion" 84 body: "*" 85 additional_bindings { 86 post: "/v1beta2/{parent=projects/*/locations/*/secrets/*}:addVersion" 87 body: "*" 88 } 89 }; 90 option (google.api.method_signature) = "parent,payload"; 91 } 92 93 // Gets metadata for a given 94 // [Secret][google.cloud.secretmanager.v1beta2.Secret]. 95 rpc GetSecret(GetSecretRequest) returns (Secret) { 96 option (google.api.http) = { 97 get: "/v1beta2/{name=projects/*/secrets/*}" 98 additional_bindings { 99 get: "/v1beta2/{name=projects/*/locations/*/secrets/*}" 100 } 101 }; 102 option (google.api.method_signature) = "name"; 103 } 104 105 // Updates metadata of an existing 106 // [Secret][google.cloud.secretmanager.v1beta2.Secret]. 107 rpc UpdateSecret(UpdateSecretRequest) returns (Secret) { 108 option (google.api.http) = { 109 patch: "/v1beta2/{secret.name=projects/*/secrets/*}" 110 body: "secret" 111 additional_bindings { 112 patch: "/v1beta2/{secret.name=projects/*/locations/*/secrets/*}" 113 body: "secret" 114 } 115 }; 116 option (google.api.method_signature) = "secret,update_mask"; 117 } 118 119 // Deletes a [Secret][google.cloud.secretmanager.v1beta2.Secret]. 120 rpc DeleteSecret(DeleteSecretRequest) returns (google.protobuf.Empty) { 121 option (google.api.http) = { 122 delete: "/v1beta2/{name=projects/*/secrets/*}" 123 additional_bindings { 124 delete: "/v1beta2/{name=projects/*/locations/*/secrets/*}" 125 } 126 }; 127 option (google.api.method_signature) = "name"; 128 } 129 130 // Lists [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion]. 131 // This call does not return secret data. 132 rpc ListSecretVersions(ListSecretVersionsRequest) 133 returns (ListSecretVersionsResponse) { 134 option (google.api.http) = { 135 get: "/v1beta2/{parent=projects/*/secrets/*}/versions" 136 additional_bindings { 137 get: "/v1beta2/{parent=projects/*/locations/*/secrets/*}/versions" 138 } 139 }; 140 option (google.api.method_signature) = "parent"; 141 } 142 143 // Gets metadata for a 144 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 145 // 146 // `projects/*/secrets/*/versions/latest` is an alias to the most recently 147 // created [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 148 rpc GetSecretVersion(GetSecretVersionRequest) returns (SecretVersion) { 149 option (google.api.http) = { 150 get: "/v1beta2/{name=projects/*/secrets/*/versions/*}" 151 additional_bindings { 152 get: "/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}" 153 } 154 }; 155 option (google.api.method_signature) = "name"; 156 } 157 158 // Accesses a 159 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. This 160 // call returns the secret data. 161 // 162 // `projects/*/secrets/*/versions/latest` is an alias to the most recently 163 // created [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 164 rpc AccessSecretVersion(AccessSecretVersionRequest) 165 returns (AccessSecretVersionResponse) { 166 option (google.api.http) = { 167 get: "/v1beta2/{name=projects/*/secrets/*/versions/*}:access" 168 additional_bindings { 169 get: "/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}:access" 170 } 171 }; 172 option (google.api.method_signature) = "name"; 173 } 174 175 // Disables a 176 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 177 // 178 // Sets the [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] of 179 // the [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] to 180 // [DISABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DISABLED]. 181 rpc DisableSecretVersion(DisableSecretVersionRequest) 182 returns (SecretVersion) { 183 option (google.api.http) = { 184 post: "/v1beta2/{name=projects/*/secrets/*/versions/*}:disable" 185 body: "*" 186 additional_bindings { 187 post: "/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}:disable" 188 body: "*" 189 } 190 }; 191 option (google.api.method_signature) = "name"; 192 } 193 194 // Enables a 195 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 196 // 197 // Sets the [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] of 198 // the [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] to 199 // [ENABLED][google.cloud.secretmanager.v1beta2.SecretVersion.State.ENABLED]. 200 rpc EnableSecretVersion(EnableSecretVersionRequest) returns (SecretVersion) { 201 option (google.api.http) = { 202 post: "/v1beta2/{name=projects/*/secrets/*/versions/*}:enable" 203 body: "*" 204 additional_bindings { 205 post: "/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}:enable" 206 body: "*" 207 } 208 }; 209 option (google.api.method_signature) = "name"; 210 } 211 212 // Destroys a 213 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 214 // 215 // Sets the [state][google.cloud.secretmanager.v1beta2.SecretVersion.state] of 216 // the [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] to 217 // [DESTROYED][google.cloud.secretmanager.v1beta2.SecretVersion.State.DESTROYED] 218 // and irrevocably destroys the secret data. 219 rpc DestroySecretVersion(DestroySecretVersionRequest) 220 returns (SecretVersion) { 221 option (google.api.http) = { 222 post: "/v1beta2/{name=projects/*/secrets/*/versions/*}:destroy" 223 body: "*" 224 additional_bindings { 225 post: "/v1beta2/{name=projects/*/locations/*/secrets/*/versions/*}:destroy" 226 body: "*" 227 } 228 }; 229 option (google.api.method_signature) = "name"; 230 } 231 232 // Sets the access control policy on the specified secret. Replaces any 233 // existing policy. 234 // 235 // Permissions on 236 // [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] are 237 // enforced according to the policy set on the associated 238 // [Secret][google.cloud.secretmanager.v1beta2.Secret]. 239 rpc SetIamPolicy(google.iam.v1.SetIamPolicyRequest) 240 returns (google.iam.v1.Policy) { 241 option (google.api.http) = { 242 post: "/v1beta2/{resource=projects/*/secrets/*}:setIamPolicy" 243 body: "*" 244 additional_bindings { 245 post: "/v1beta2/{resource=projects/*/locations/*/secrets/*}:setIamPolicy" 246 body: "*" 247 } 248 }; 249 } 250 251 // Gets the access control policy for a secret. 252 // Returns empty policy if the secret exists and does not have a policy set. 253 rpc GetIamPolicy(google.iam.v1.GetIamPolicyRequest) 254 returns (google.iam.v1.Policy) { 255 option (google.api.http) = { 256 get: "/v1beta2/{resource=projects/*/secrets/*}:getIamPolicy" 257 additional_bindings { 258 get: "/v1beta2/{resource=projects/*/locations/*/secrets/*}:getIamPolicy" 259 } 260 }; 261 } 262 263 // Returns permissions that a caller has for the specified secret. 264 // If the secret does not exist, this call returns an empty set of 265 // permissions, not a NOT_FOUND error. 266 // 267 // Note: This operation is designed to be used for building permission-aware 268 // UIs and command-line tools, not for authorization checking. This operation 269 // may "fail open" without warning. 270 rpc TestIamPermissions(google.iam.v1.TestIamPermissionsRequest) 271 returns (google.iam.v1.TestIamPermissionsResponse) { 272 option (google.api.http) = { 273 post: "/v1beta2/{resource=projects/*/secrets/*}:testIamPermissions" 274 body: "*" 275 additional_bindings { 276 post: "/v1beta2/{resource=projects/*/locations/*/secrets/*}:testIamPermissions" 277 body: "*" 278 } 279 }; 280 } 281} 282 283// Request message for 284// [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. 285message ListSecretsRequest { 286 // Required. The resource name of the project associated with the 287 // [Secrets][google.cloud.secretmanager.v1beta2.Secret], in the format 288 // `projects/*` or `projects/*/locations/*` 289 string parent = 1 [ 290 (google.api.field_behavior) = REQUIRED, 291 (google.api.resource_reference) = { 292 child_type: "secretmanager.googleapis.com/Secret" 293 } 294 ]; 295 296 // Optional. The maximum number of results to be returned in a single page. If 297 // set to 0, the server decides the number of results to return. If the 298 // number is greater than 25000, it is capped at 25000. 299 int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; 300 301 // Optional. Pagination token, returned earlier via 302 // [ListSecretsResponse.next_page_token][google.cloud.secretmanager.v1beta2.ListSecretsResponse.next_page_token]. 303 string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; 304 305 // Optional. Filter string, adhering to the rules in 306 // [List-operation 307 // filtering](https://cloud.google.com/secret-manager/docs/filtering). List 308 // only secrets matching the filter. If filter is empty, all secrets are 309 // listed. 310 string filter = 4 [(google.api.field_behavior) = OPTIONAL]; 311} 312 313// Response message for 314// [SecretManagerService.ListSecrets][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecrets]. 315message ListSecretsResponse { 316 // The list of [Secrets][google.cloud.secretmanager.v1beta2.Secret] sorted in 317 // reverse by create_time (newest first). 318 repeated Secret secrets = 1; 319 320 // A token to retrieve the next page of results. Pass this value in 321 // [ListSecretsRequest.page_token][google.cloud.secretmanager.v1beta2.ListSecretsRequest.page_token] 322 // to retrieve the next page. 323 string next_page_token = 2; 324 325 // The total number of [Secrets][google.cloud.secretmanager.v1beta2.Secret] 326 // but 0 when the 327 // [ListSecretsRequest.filter][google.cloud.secretmanager.v1beta2.ListSecretsRequest.filter] 328 // field is set. 329 int32 total_size = 3; 330} 331 332// Request message for 333// [SecretManagerService.CreateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.CreateSecret]. 334message CreateSecretRequest { 335 // Required. The resource name of the project to associate with the 336 // [Secret][google.cloud.secretmanager.v1beta2.Secret], in the format 337 // `projects/*` or `projects/*/locations/*`. 338 string parent = 1 [ 339 (google.api.field_behavior) = REQUIRED, 340 (google.api.resource_reference) = { 341 child_type: "secretmanager.googleapis.com/Secret" 342 } 343 ]; 344 345 // Required. This must be unique within the project. 346 // 347 // A secret ID is a string with a maximum length of 255 characters and can 348 // contain uppercase and lowercase letters, numerals, and the hyphen (`-`) and 349 // underscore (`_`) characters. 350 string secret_id = 2 [(google.api.field_behavior) = REQUIRED]; 351 352 // Required. A [Secret][google.cloud.secretmanager.v1beta2.Secret] with 353 // initial field values. 354 Secret secret = 3 [(google.api.field_behavior) = REQUIRED]; 355} 356 357// Request message for 358// [SecretManagerService.AddSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AddSecretVersion]. 359message AddSecretVersionRequest { 360 // Required. The resource name of the 361 // [Secret][google.cloud.secretmanager.v1beta2.Secret] to associate with the 362 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] in the 363 // format `projects/*/secrets/*` or `projects/*/locations/*/secrets/*`. 364 string parent = 1 [ 365 (google.api.field_behavior) = REQUIRED, 366 (google.api.resource_reference) = { 367 type: "secretmanager.googleapis.com/Secret" 368 } 369 ]; 370 371 // Required. The secret payload of the 372 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 373 SecretPayload payload = 2 [(google.api.field_behavior) = REQUIRED]; 374} 375 376// Request message for 377// [SecretManagerService.GetSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecret]. 378message GetSecretRequest { 379 // Required. The resource name of the 380 // [Secret][google.cloud.secretmanager.v1beta2.Secret], in the format 381 // `projects/*/secrets/*` or `projects/*/locations/*/secrets/*`. 382 string name = 1 [ 383 (google.api.field_behavior) = REQUIRED, 384 (google.api.resource_reference) = { 385 type: "secretmanager.googleapis.com/Secret" 386 } 387 ]; 388} 389 390// Request message for 391// [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. 392message ListSecretVersionsRequest { 393 // Required. The resource name of the 394 // [Secret][google.cloud.secretmanager.v1beta2.Secret] associated with the 395 // [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] to list, 396 // in the format `projects/*/secrets/*` or `projects/*/locations/*/secrets/*`. 397 string parent = 1 [ 398 (google.api.field_behavior) = REQUIRED, 399 (google.api.resource_reference) = { 400 type: "secretmanager.googleapis.com/Secret" 401 } 402 ]; 403 404 // Optional. The maximum number of results to be returned in a single page. If 405 // set to 0, the server decides the number of results to return. If the 406 // number is greater than 25000, it is capped at 25000. 407 int32 page_size = 2 [(google.api.field_behavior) = OPTIONAL]; 408 409 // Optional. Pagination token, returned earlier via 410 // ListSecretVersionsResponse.next_page_token][]. 411 string page_token = 3 [(google.api.field_behavior) = OPTIONAL]; 412 413 // Optional. Filter string, adhering to the rules in 414 // [List-operation 415 // filtering](https://cloud.google.com/secret-manager/docs/filtering). List 416 // only secret versions matching the filter. If filter is empty, all secret 417 // versions are listed. 418 string filter = 4 [(google.api.field_behavior) = OPTIONAL]; 419} 420 421// Response message for 422// [SecretManagerService.ListSecretVersions][google.cloud.secretmanager.v1beta2.SecretManagerService.ListSecretVersions]. 423message ListSecretVersionsResponse { 424 // The list of 425 // [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] sorted 426 // in reverse by create_time (newest first). 427 repeated SecretVersion versions = 1; 428 429 // A token to retrieve the next page of results. Pass this value in 430 // [ListSecretVersionsRequest.page_token][google.cloud.secretmanager.v1beta2.ListSecretVersionsRequest.page_token] 431 // to retrieve the next page. 432 string next_page_token = 2; 433 434 // The total number of 435 // [SecretVersions][google.cloud.secretmanager.v1beta2.SecretVersion] but 0 436 // when the 437 // [ListSecretsRequest.filter][google.cloud.secretmanager.v1beta2.ListSecretsRequest.filter] 438 // field is set. 439 int32 total_size = 3; 440} 441 442// Request message for 443// [SecretManagerService.GetSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.GetSecretVersion]. 444message GetSecretVersionRequest { 445 // Required. The resource name of the 446 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] in the 447 // format `projects/*/secrets/*/versions/*` or 448 // `projects/*/locations/*/secrets/*/versions/*`. 449 // 450 // `projects/*/secrets/*/versions/latest` or 451 // `projects/*/locations/*/secrets/*/versions/latest` is an alias to the most 452 // recently created 453 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 454 string name = 1 [ 455 (google.api.field_behavior) = REQUIRED, 456 (google.api.resource_reference) = { 457 type: "secretmanager.googleapis.com/SecretVersion" 458 } 459 ]; 460} 461 462// Request message for 463// [SecretManagerService.UpdateSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.UpdateSecret]. 464message UpdateSecretRequest { 465 // Required. [Secret][google.cloud.secretmanager.v1beta2.Secret] with updated 466 // field values. 467 Secret secret = 1 [(google.api.field_behavior) = REQUIRED]; 468 469 // Required. Specifies the fields to be updated. 470 google.protobuf.FieldMask update_mask = 2 471 [(google.api.field_behavior) = REQUIRED]; 472} 473 474// Request message for 475// [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. 476message AccessSecretVersionRequest { 477 // Required. The resource name of the 478 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] in the 479 // format `projects/*/secrets/*/versions/*` or 480 // `projects/*/locations/*/secrets/*/versions/*`. 481 // 482 // `projects/*/secrets/*/versions/latest` or 483 // `projects/*/locations/*/secrets/*/versions/latest` is an alias to the most 484 // recently created 485 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. 486 string name = 1 [ 487 (google.api.field_behavior) = REQUIRED, 488 (google.api.resource_reference) = { 489 type: "secretmanager.googleapis.com/SecretVersion" 490 } 491 ]; 492} 493 494// Response message for 495// [SecretManagerService.AccessSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.AccessSecretVersion]. 496message AccessSecretVersionResponse { 497 // The resource name of the 498 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] in the 499 // format `projects/*/secrets/*/versions/*` or 500 // `projects/*/locations/*/secrets/*/versions/*`. 501 string name = 1 [(google.api.resource_reference) = { 502 type: "secretmanager.googleapis.com/SecretVersion" 503 }]; 504 505 // Secret payload 506 SecretPayload payload = 2; 507} 508 509// Request message for 510// [SecretManagerService.DeleteSecret][google.cloud.secretmanager.v1beta2.SecretManagerService.DeleteSecret]. 511message DeleteSecretRequest { 512 // Required. The resource name of the 513 // [Secret][google.cloud.secretmanager.v1beta2.Secret] to delete in the format 514 // `projects/*/secrets/*`. 515 string name = 1 [ 516 (google.api.field_behavior) = REQUIRED, 517 (google.api.resource_reference) = { 518 type: "secretmanager.googleapis.com/Secret" 519 } 520 ]; 521 522 // Optional. Etag of the [Secret][google.cloud.secretmanager.v1beta2.Secret]. 523 // The request succeeds if it matches the etag of the currently stored secret 524 // object. If the etag is omitted, the request succeeds. 525 string etag = 2 [(google.api.field_behavior) = OPTIONAL]; 526} 527 528// Request message for 529// [SecretManagerService.DisableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DisableSecretVersion]. 530message DisableSecretVersionRequest { 531 // Required. The resource name of the 532 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] to 533 // disable in the format `projects/*/secrets/*/versions/*` or 534 // `projects/*/locations/*/secrets/*/versions/*`. 535 string name = 1 [ 536 (google.api.field_behavior) = REQUIRED, 537 (google.api.resource_reference) = { 538 type: "secretmanager.googleapis.com/SecretVersion" 539 } 540 ]; 541 542 // Optional. Etag of the 543 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. The 544 // request succeeds if it matches the etag of the currently stored secret 545 // version object. If the etag is omitted, the request succeeds. 546 string etag = 2 [(google.api.field_behavior) = OPTIONAL]; 547} 548 549// Request message for 550// [SecretManagerService.EnableSecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.EnableSecretVersion]. 551message EnableSecretVersionRequest { 552 // Required. The resource name of the 553 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] to enable 554 // in the format `projects/*/secrets/*/versions/*` or 555 // `projects/*/locations/*/secrets/*/versions/*`. 556 string name = 1 [ 557 (google.api.field_behavior) = REQUIRED, 558 (google.api.resource_reference) = { 559 type: "secretmanager.googleapis.com/SecretVersion" 560 } 561 ]; 562 563 // Optional. Etag of the 564 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. The 565 // request succeeds if it matches the etag of the currently stored secret 566 // version object. If the etag is omitted, the request succeeds. 567 string etag = 2 [(google.api.field_behavior) = OPTIONAL]; 568} 569 570// Request message for 571// [SecretManagerService.DestroySecretVersion][google.cloud.secretmanager.v1beta2.SecretManagerService.DestroySecretVersion]. 572message DestroySecretVersionRequest { 573 // Required. The resource name of the 574 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion] to 575 // destroy in the format `projects/*/secrets/*/versions/*` or 576 // `projects/*/locations/*/secrets/*/versions/*`. 577 string name = 1 [ 578 (google.api.field_behavior) = REQUIRED, 579 (google.api.resource_reference) = { 580 type: "secretmanager.googleapis.com/SecretVersion" 581 } 582 ]; 583 584 // Optional. Etag of the 585 // [SecretVersion][google.cloud.secretmanager.v1beta2.SecretVersion]. The 586 // request succeeds if it matches the etag of the currently stored secret 587 // version object. If the etag is omitted, the request succeeds. 588 string etag = 2 [(google.api.field_behavior) = OPTIONAL]; 589} 590