Skip to content

Commit

Permalink
Automatically generated by magic modules for service: secretmanagerre…
Browse files Browse the repository at this point in the history
…gional and resource: Secret

Signed-off-by: abheda-crest <[email protected]>
  • Loading branch information
abheda-crest committed Oct 21, 2024
1 parent 79411a1 commit 866c2bf
Show file tree
Hide file tree
Showing 10 changed files with 459 additions and 0 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -367,6 +367,7 @@ The following resources are available in the InSpec GCP Profile
| [google_runtime_config_config_iam_policy](docs/resources/google_runtime_config_config_iam_policy.md) | No Plural Resource |
| [google_runtime_config_variable](docs/resources/google_runtime_config_variable.md) | [google_runtime_config_variables](docs/resources/google_runtime_config_variables.md) |
| [google_secret_manager_secret](docs/resources/google_secret_manager_secret.md) | [google_secret_manager_secrets](docs/resources/google_secret_manager_secrets.md) |
| [google_secret_manage_regional_secret](docs/resources/google_secret_manager_regional_secret.md) | [google_secret_manager_regional_secrets](docs/resources/google_secret_manager_regional_secrets.md) |
| [google_service_account](docs/resources/google_service_account.md) | [google_service_accounts](docs/resources/google_service_accounts.md) |
| No Singular Resource | [google_service_networking_service_connections](docs/resources/google_service_networking_service_connections.md) |
| [google_service_account_key](docs/resources/google_service_account_key.md) | [google_service_account_keys](docs/resources/google_service_account_keys.md) |
Expand Down
63 changes: 63 additions & 0 deletions docs/resources/google_secret_manager_regional_secret.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
---
title: About the google_secret_manager_regional_secret resource
platform: gcp
---

## Syntax
A `google_secret_manager_regional_secret` is used to test a Google Regional Secret resource

## Examples
```
describe google_secret_manager_regional_secret(name: 'projects/<project>/locations/<location>/secrets/<secret>', region: 'value_region') do
it { should exist }
end
describe google_secret_manager_regional_secret(name: "does_not_exit", region: 'value_region') do
it { should_not exist }
end
```

## Properties
Properties that can be accessed from the `google_secret_manager_regional_secret` resource:


* `name`: The resource name of the Regional Secret. Format: `projects/{{project}}/locations/{{location}}/secrets/{{secret_id}}`

* `create_time`: The time at which the Regional Secret was created.

* `labels`: The labels assigned to this Regional Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}][\p{Ll}\p{Lo}\p{N}_-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [\p{Ll}\p{Lo}\p{N}_-]{0,63} No more than 64 labels can be assigned to a given resource. An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

* `annotations`: Custom metadata about the regional secret.
Annotations are distinct from various forms of labels. Annotations exist to allow
client tools to store their own state information without requiring a database.
Annotation keys must be between 1 and 63 characters long, have a UTF-8 encoding of
maximum 128 bytes, begin and end with an alphanumeric character ([a-z0-9A-Z]), and
may have dashes (-), underscores (_), dots (.), and alphanumerics in between these
symbols.
The total size of annotation keys and values must be less than 16KiB.

* `customer_managed_encryption`: Customer Managed Encryption for the secret.

* `kms_key_name`: Describes the Cloud KMS encryption key that will be used to protect destination secret.

* `topics`: A list of up to 10 Pub/Sub topics to which messages are published when control plane operations are called on the secret or its versions.

* `name`: The resource name of the Pub/Sub topic that will be published to, in the following format: projects/*/topics/*. For publication to succeed, the Secret Manager Service Agent service account must have pubsub.publisher permissions on the topic.

* `expire_time`: Timestamp in UTC when the Secret is scheduled to expire. This is always provided on output, regardless of what was sent on input. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

* `ttl`: The TTL for the Secret. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".

* `version_destroy_ttl`: Secret Version TTL after destruction request. This is a part of the delayed delete feature on Secret Version. For secret with versionDestroyTtl>0, version destruction doesn't happen immediately on calling destroy instead the version goes to a disabled state and the actual destruction happens after this TTL expires. It must be atleast 24h.

* `rotation`: The rotation time and period for a Secret. At `next_rotation_time`, Secret Manager will send a Pub/Sub notification to the topics configured on the Secret. `topics` must be set to configure rotation.

* `next_rotation_time`: Timestamp in UTC at which the Secret is scheduled to rotate. A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

* `rotation_period`: The Duration between rotation notifications. Must be in seconds and at least 3600s (1h) and at most 3153600000s (100 years). If rotationPeriod is set, `next_rotation_time` must be set. `next_rotation_time` will be advanced by this period when the service automatically sends rotation notifications.


## GCP Permissions

Ensure the [Secret Manager API](https://console.cloud.google.com/apis/library/secretmanager.googleapis.com/) is enabled for the current project.
37 changes: 37 additions & 0 deletions docs/resources/google_secret_manager_regional_secrets.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
---
title: About the google_secret_manager_regional_secrets resource
platform: gcp
---

## Syntax
A `google_secret_manager_regional_secrets` is used to test a Google Regional Secret resource

## Examples
```
describe google_secret_manager_regional_secrets(parent: ' value_parent', region: 'value_region') do
it { should exist }
end
```

## Properties
Properties that can be accessed from the `google_secret_manager_regional_secrets` resource:

See [google_secret_manager_regional_secret.md](google_secret_manager_regional_secret.md) for more detailed information
* `names`: an array of `google_secret_manager_regional_secret` name
* `create_times`: an array of `google_secret_manager_regional_secret` create_time
* `annotations`: an array of `google_secret_manager_regional_secret` annotation
* `labels`: an array of `google_secret_manager_regional_secret` labels
* `topics`: an array of `google_secret_manager_regional_secret` topics
* `expire_times`: an array of `google_secret_manager_regional_secret` expire_time
* `ttls`: an array of `google_secret_manager_regional_secret` ttl
* `rotations`: an array of `google_secret_manager_regional_secret` rotation
* `customer_managed_encryptions`: an array of `google_secret_manager_regional_secret` customer_managed_encryption
* `version_destroy_ttl`: an array of `google_secret_manager_regional_secret` version_destroy_ttl

## Filter Criteria
This resource supports all of the above properties as filter criteria, which can be used
with `where` as a block or a method.

## GCP Permissions

Ensure the [Secret Manager Regional API](https://console.cloud.google.com/apis/library/secretmanager.googleapis.com/) is enabled for the current project.
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
module GoogleInSpec
module SecretManagerRegional
module Property
class SecretCustomerManagedEncryption
attr_reader :kms_key_name

def initialize(args = nil, parent_identifier = nil)
return if args.nil?
@parent_identifier = parent_identifier
@kms_key_name = args['kmsKeyName']
end

def to_s
"#{@parent_identifier} SecretCustomerManagedEncryption"
end
end

class SecretCustomerManagedEncryptionArray
def self.parse(value, parent_identifier)
return if value.nil?
return SecretCustomerManagedEncryption.new(value, parent_identifier) unless value.is_a?(::Array)
value.map { |v| SecretCustomerManagedEncryption.new(v, parent_identifier) }
end
end
end
end
end
37 changes: 37 additions & 0 deletions libraries/google/secretmanagerregional/property/secret_rotation.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
module GoogleInSpec
module SecretManagerRegional
module Property
class SecretRotation
attr_reader :next_rotation_time

attr_reader :rotation_period

def initialize(args = nil, parent_identifier = nil)
return if args.nil?
@parent_identifier = parent_identifier
@next_rotation_time = args['nextRotationTime']
@rotation_period = args['rotationPeriod']
end

def to_s
"#{@parent_identifier} SecretRotation"
end
end
end
end
end
42 changes: 42 additions & 0 deletions libraries/google/secretmanagerregional/property/secret_topics.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
module GoogleInSpec
module SecretManagerRegional
module Property
class SecretTopics
attr_reader :name

def initialize(args = nil, parent_identifier = nil)
return if args.nil?
@parent_identifier = parent_identifier
@name = args['name']
end

def to_s
"#{@parent_identifier} SecretTopics"
end
end

class SecretTopicsArray
def self.parse(value, parent_identifier)
return if value.nil?
return SecretTopics.new(value, parent_identifier) unless value.is_a?(::Array)
value.map { |v| SecretTopics.new(v, parent_identifier) }
end
end
end
end
end
76 changes: 76 additions & 0 deletions libraries/google_secret_manager_regional_secret.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
require 'gcp_backend'
require 'google/secretmanagerregional/property/secret_customer_managed_encryption'
require 'google/secretmanagerregional/property/secret_rotation'
require 'google/secretmanagerregional/property/secret_topics'

# A provider to manage Secret Manager resources.
class SecretManagerRegionalSecret < GcpResourceBase
name 'google_secret_manager_regional_secret'
desc 'Secret'
supports platform: 'gcp'

attr_reader :params
attr_reader :name
attr_reader :create_time
attr_reader :annotations
attr_reader :labels
attr_reader :topics
attr_reader :expire_time
attr_reader :customer_managed_encryption
attr_reader :version_destroy_ttl
attr_reader :version_aliases
attr_reader :rotation

def initialize(params)
super(params.merge({ use_http_transport: true }))
@params = params
@fetched = @connection.fetch(product_url(params[:beta]), resource_base_url, params, 'Get')
parse unless @fetched.nil?
end

def parse
@name = @fetched['name']
@create_time = @fetched['createTime']
@annotations = @fetched['annotations']
@labels = @fetched['labels']
@topics = GoogleInSpec::SecretManagerRegional::Property::SecretTopicsArray.parse(@fetched['topics'], to_s)
@expire_time = @fetched['expireTime']
@customer_managed_encryption = GoogleInSpec::SecretManagerRegional::Property::SecretCustomerManagedEncryptionArray.parse(@fetched['customerManagedEncryption'], to_s)
@version_destroy_ttl = @fetched['versionDestroyTtl']
@version_aliases = @fetched['versionAliases']
@rotation = GoogleInSpec::SecretManagerRegional::Property::SecretRotation.new(@fetched['rotation'], to_s)
end

def exists?
!@fetched.nil?
end

def to_s
"Secret #{@params[:name]}"
end

private

def product_url(_ = nil)
'https://secretmanager.{{region}}.rep.googleapis.com/v1/'
end

def resource_base_url
'{{name}}'
end
end
Loading

0 comments on commit 866c2bf

Please sign in to comment.