suguo
/
googleapis
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: added expire_time and ttl fields to Secret 

PiperOrigin-RevId: 352563582
This commit is contained in:
Google APIs 2021-01-19 07:29:20 -08:00 committed by Copybara-Service
parent 61ab0348bd
commit 9ecdacc9a0
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
google/cloud/secretmanager/v1/BUILD.bazel
View File

@ -22,6 +22,7 @@ proto_library(
"//google/api:resource_proto",
"//google/iam/v1:iam_policy_proto",
"//google/iam/v1:policy_proto",
"@com_google_protobuf//:duration_proto",
"@com_google_protobuf//:empty_proto",
"@com_google_protobuf//:field_mask_proto",
"@com_google_protobuf//:timestamp_proto",

18
google/cloud/secretmanager/v1/resources.proto
View File

@ -18,6 +18,7 @@ package google.cloud.secretmanager.v1;
import "google/api/field_behavior.proto";
import "google/api/resource.proto";
import "google/protobuf/duration.proto";
import "google/protobuf/timestamp.proto";
import "google/api/annotations.proto";
@ -68,6 +69,23 @@ message Secret {
//
// No more than 64 labels can be assigned to a given resource.
map<string, string> labels = 4;
// Expiration policy attached to the [Secret][google.cloud.secretmanager.v1.Secret]. If specified the [Secret][google.cloud.secretmanager.v1.Secret]
// and all [SecretVersions][google.cloud.secretmanager.v1.SecretVersion] will be automatically deleted at
// expiration. Expired secrets are irreversibly deleted.
//
// Expiration is *not* the recommended way to set time-based permissions. [IAM
// Conditions](https://cloud.google.com/secret-manager/docs/access-control#conditions)
// is recommended for granting time-based permissions because the operation
// can be reversed.
oneof expiration {
// Optional. Timestamp in UTC when the [Secret][google.cloud.secretmanager.v1.Secret] is scheduled to expire. This is
// always provided on output, regardless of what was sent on input.
google.protobuf.Timestamp expire_time = 6 [(google.api.field_behavior) = OPTIONAL];
// Input only. The TTL for the [Secret][google.cloud.secretmanager.v1.Secret].
google.protobuf.Duration ttl = 7 [(google.api.field_behavior) = INPUT_ONLY];
}
}
// A secret version resource in the Secret Manager API.