Class: SDM::ManagedSecrets

Inherits:
Object
  • Object
show all
Extended by:
Gem::Deprecate
Defined in:
lib/svc.rb

Overview

ManagedSecret is a private vertical for creating, reading, updating, deleting, listing and rotating the managed secrets in the secrets engines as an authenticated user.

See ManagedSecret.

Instance Method Summary collapse

Constructor Details

#initialize(channel, parent) ⇒ ManagedSecrets

Returns a new instance of ManagedSecrets.



4199
4200
4201
4202
4203
4204
4205
4206
 
# File 'lib/svc.rb', line 4199

def initialize(channel, parent)
  begin
    @stub = V1::ManagedSecrets::Stub.new(nil, nil, channel_override: channel)
  rescue => exception
    raise Plumbing::convert_error_to_porcelain(exception)
  end
  @parent = parent
end

Instance Method Details

#create(managed_secret, deadline: nil) ⇒ Object

Create creates a Managed Secret



4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
 
# File 'lib/svc.rb', line 4287

def create(
  managed_secret,
  deadline: nil
)
  req = V1::ManagedSecretCreateRequest.new()

  req.managed_secret = Plumbing::convert_managed_secret_to_plumbing(managed_secret)
  # Execute before interceptor hooks
  req = @parent.interceptor.execute_before("ManagedSecrets.Create", self, req)
  tries = 0
  plumbing_response = nil
  loop do
    begin
      plumbing_response = @stub.create(req, metadata: @parent.get_metadata("ManagedSecrets.Create", req), deadline: deadline)
    rescue => exception
      if (@parent.shouldRetry(tries, exception, deadline))
        tries + +sleep(@parent.exponentialBackoff(tries, deadline))
        next
      end
      raise Plumbing::convert_error_to_porcelain(exception)
    end
    break
  end

  # Execute after interceptor hooks
  plumbing_response = @parent.interceptor.execute_after("ManagedSecrets.Create", self, req, plumbing_response)

  resp = ManagedSecretCreateResponse.new()
  resp.managed_secret = Plumbing::convert_managed_secret_to_porcelain(plumbing_response.managed_secret)
  resp.meta = Plumbing::convert_create_response_metadata_to_porcelain(plumbing_response.meta)
  resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
  resp
end

#delete(id, deadline: nil) ⇒ Object

Delete deletes a Managed Secret



4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
 
# File 'lib/svc.rb', line 4391

def delete(
  id,
  deadline: nil
)
  req = V1::ManagedSecretDeleteRequest.new()

  req.id = (id)
  # Execute before interceptor hooks
  req = @parent.interceptor.execute_before("ManagedSecrets.Delete", self, req)
  tries = 0
  plumbing_response = nil
  loop do
    begin
      plumbing_response = @stub.delete(req, metadata: @parent.get_metadata("ManagedSecrets.Delete", req), deadline: deadline)
    rescue => exception
      if (@parent.shouldRetry(tries, exception, deadline))
        tries + +sleep(@parent.exponentialBackoff(tries, deadline))
        next
      end
      raise Plumbing::convert_error_to_porcelain(exception)
    end
    break
  end

  # Execute after interceptor hooks
  plumbing_response = @parent.interceptor.execute_after("ManagedSecrets.Delete", self, req, plumbing_response)

  resp = ManagedSecretDeleteResponse.new()
  resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
  resp
end

#force_delete(id, deadline: nil) ⇒ Object

ForceDelete deletes a Managed Secret regardless of errors on external system



4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
 
# File 'lib/svc.rb', line 4424

def force_delete(
  id,
  deadline: nil
)
  req = V1::ManagedSecretDeleteRequest.new()

  req.id = (id)
  # Execute before interceptor hooks
  req = @parent.interceptor.execute_before("ManagedSecrets.ForceDelete", self, req)
  tries = 0
  plumbing_response = nil
  loop do
    begin
      plumbing_response = @stub.force_delete(req, metadata: @parent.get_metadata("ManagedSecrets.ForceDelete", req), deadline: deadline)
    rescue => exception
      if (@parent.shouldRetry(tries, exception, deadline))
        tries + +sleep(@parent.exponentialBackoff(tries, deadline))
        next
      end
      raise Plumbing::convert_error_to_porcelain(exception)
    end
    break
  end

  # Execute after interceptor hooks
  plumbing_response = @parent.interceptor.execute_after("ManagedSecrets.ForceDelete", self, req, plumbing_response)

  resp = ManagedSecretDeleteResponse.new()
  resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
  resp
end

#get(id, deadline: nil) ⇒ Object

Get gets details of a Managed Secret without sensitive data



4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
 
# File 'lib/svc.rb', line 4457

def get(
  id,
  deadline: nil
)
  req = V1::ManagedSecretGetRequest.new()
  if not @parent.snapshot_time.nil?
    req.meta = V1::GetRequestMetadata.new()
    req.meta.snapshot_at = @parent.snapshot_time
  end

  req.id = (id)
  # Execute before interceptor hooks
  req = @parent.interceptor.execute_before("ManagedSecrets.Get", self, req)
  tries = 0
  plumbing_response = nil
  loop do
    begin
      plumbing_response = @stub.get(req, metadata: @parent.get_metadata("ManagedSecrets.Get", req), deadline: deadline)
    rescue => exception
      if (@parent.shouldRetry(tries, exception, deadline))
        tries + +sleep(@parent.exponentialBackoff(tries, deadline))
        next
      end
      raise Plumbing::convert_error_to_porcelain(exception)
    end
    break
  end

  # Execute after interceptor hooks
  plumbing_response = @parent.interceptor.execute_after("ManagedSecrets.Get", self, req, plumbing_response)

  resp = ManagedSecretGetResponse.new()
  resp.managed_secret = Plumbing::convert_managed_secret_to_porcelain(plumbing_response.managed_secret)
  resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
  resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
  resp
end

#list(filter, *args, deadline: nil) ⇒ Object

List returns Managed Secrets from a Secret Engine.



4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
 
# File 'lib/svc.rb', line 4209

def list(
  filter,
  *args,
  deadline: nil
)
  req = V1::ManagedSecretListRequest.new()
  req.meta = V1::ListRequestMetadata.new()
  if not @parent.page_limit.nil?
    req.meta.limit = @parent.page_limit
  end
  if not @parent.snapshot_time.nil?
    req.meta.snapshot_at = @parent.snapshot_time
  end

  req.filter = Plumbing::quote_filter_args(filter, *args)
  resp = Enumerator::Generator.new { |g|
    tries = 0
    loop do
      begin
        plumbing_response = @stub.list(req, metadata: @parent.get_metadata("ManagedSecrets.List", req), deadline: deadline)
      rescue => exception
        if (@parent.shouldRetry(tries, exception, deadline))
          tries + +sleep(@parent.exponentialBackoff(tries, deadline))
          next
        end
        raise Plumbing::convert_error_to_porcelain(exception)
      end
      tries = 0
      plumbing_response.managed_secrets.each do |plumbing_item|
        g.yield Plumbing::convert_managed_secret_to_porcelain(plumbing_item)
      end
      break if plumbing_response.meta.next_cursor == ""
      req.meta.cursor = plumbing_response.meta.next_cursor
    end
  }
  resp
end

#list_by_actor(filter, *args, deadline: nil) ⇒ Object

List returns Managed Secrets for an Actor from a Secret Engine.



4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
 
# File 'lib/svc.rb', line 4248

def list_by_actor(
  filter,
  *args,
  deadline: nil
)
  req = V1::ManagedSecretListRequest.new()
  req.meta = V1::ListRequestMetadata.new()
  if not @parent.page_limit.nil?
    req.meta.limit = @parent.page_limit
  end
  if not @parent.snapshot_time.nil?
    req.meta.snapshot_at = @parent.snapshot_time
  end

  req.filter = Plumbing::quote_filter_args(filter, *args)
  resp = Enumerator::Generator.new { |g|
    tries = 0
    loop do
      begin
        plumbing_response = @stub.list_by_actor(req, metadata: @parent.get_metadata("ManagedSecrets.ListByActor", req), deadline: deadline)
      rescue => exception
        if (@parent.shouldRetry(tries, exception, deadline))
          tries + +sleep(@parent.exponentialBackoff(tries, deadline))
          next
        end
        raise Plumbing::convert_error_to_porcelain(exception)
      end
      tries = 0
      plumbing_response.managed_secrets.each do |plumbing_item|
        g.yield Plumbing::convert_managed_secret_to_porcelain(plumbing_item)
      end
      break if plumbing_response.meta.next_cursor == ""
      req.meta.cursor = plumbing_response.meta.next_cursor
    end
  }
  resp
end

#logs(filter, *args, deadline: nil) ⇒ Object

Logs returns the audit records for the managed secret. This may be replaced in the future.



4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
 
# File 'lib/svc.rb', line 4569

def logs(
  filter,
  *args,
  deadline: nil
)
  req = V1::ManagedSecretLogsRequest.new()
  req.meta = V1::ListRequestMetadata.new()
  if not @parent.page_limit.nil?
    req.meta.limit = @parent.page_limit
  end
  if not @parent.snapshot_time.nil?
    req.meta.snapshot_at = @parent.snapshot_time
  end

  req.filter = Plumbing::quote_filter_args(filter, *args)
  resp = Enumerator::Generator.new { |g|
    tries = 0
    loop do
      begin
        plumbing_response = @stub.logs(req, metadata: @parent.get_metadata("ManagedSecrets.Logs", req), deadline: deadline)
      rescue => exception
        if (@parent.shouldRetry(tries, exception, deadline))
          tries + +sleep(@parent.exponentialBackoff(tries, deadline))
          next
        end
        raise Plumbing::convert_error_to_porcelain(exception)
      end
      tries = 0
      plumbing_response.managed_secret_logs.each do |plumbing_item|
        g.yield Plumbing::convert_managed_secret_log_to_porcelain(plumbing_item)
      end
      break if plumbing_response.meta.next_cursor == ""
      req.meta.cursor = plumbing_response.meta.next_cursor
    end
  }
  resp
end

#retrieve(id, deadline: nil) ⇒ Object

Retrieve returns Managed Secret with sensitive data



4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
 
# File 'lib/svc.rb', line 4496

def retrieve(
  id,
  deadline: nil
)
  req = V1::ManagedSecretRetrieveRequest.new()

  req.id = (id)
  # Execute before interceptor hooks
  req = @parent.interceptor.execute_before("ManagedSecrets.Retrieve", self, req)
  tries = 0
  plumbing_response = nil
  loop do
    begin
      plumbing_response = @stub.retrieve(req, metadata: @parent.get_metadata("ManagedSecrets.Retrieve", req), deadline: deadline)
    rescue => exception
      if (@parent.shouldRetry(tries, exception, deadline))
        tries + +sleep(@parent.exponentialBackoff(tries, deadline))
        next
      end
      raise Plumbing::convert_error_to_porcelain(exception)
    end
    break
  end

  # Execute after interceptor hooks
  plumbing_response = @parent.interceptor.execute_after("ManagedSecrets.Retrieve", self, req, plumbing_response)

  resp = ManagedSecretRetrieveResponse.new()
  resp.managed_secret = Plumbing::convert_managed_secret_to_porcelain(plumbing_response.managed_secret)
  resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
  resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
  resp
end

#rotate(id, deadline: nil) ⇒ Object

Rotate forces rotation of Managed Secret



4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
 
# File 'lib/svc.rb', line 4357

def rotate(
  id,
  deadline: nil
)
  req = V1::ManagedSecretRotateRequest.new()

  req.id = (id)
  # Execute before interceptor hooks
  req = @parent.interceptor.execute_before("ManagedSecrets.Rotate", self, req)
  tries = 0
  plumbing_response = nil
  loop do
    begin
      plumbing_response = @stub.rotate(req, metadata: @parent.get_metadata("ManagedSecrets.Rotate", req), deadline: deadline)
    rescue => exception
      if (@parent.shouldRetry(tries, exception, deadline))
        tries + +sleep(@parent.exponentialBackoff(tries, deadline))
        next
      end
      raise Plumbing::convert_error_to_porcelain(exception)
    end
    break
  end

  # Execute after interceptor hooks
  plumbing_response = @parent.interceptor.execute_after("ManagedSecrets.Rotate", self, req, plumbing_response)

  resp = ManagedSecretRotateResponse.new()
  resp.meta = Plumbing::convert_generic_response_metadata_to_porcelain(plumbing_response.meta)
  resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
  resp
end

#update(managed_secret, deadline: nil) ⇒ Object

Update updates a Managed Secret



4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
 
# File 'lib/svc.rb', line 4322

def update(
  managed_secret,
  deadline: nil
)
  req = V1::ManagedSecretUpdateRequest.new()

  req.managed_secret = Plumbing::convert_managed_secret_to_plumbing(managed_secret)
  # Execute before interceptor hooks
  req = @parent.interceptor.execute_before("ManagedSecrets.Update", self, req)
  tries = 0
  plumbing_response = nil
  loop do
    begin
      plumbing_response = @stub.update(req, metadata: @parent.get_metadata("ManagedSecrets.Update", req), deadline: deadline)
    rescue => exception
      if (@parent.shouldRetry(tries, exception, deadline))
        tries + +sleep(@parent.exponentialBackoff(tries, deadline))
        next
      end
      raise Plumbing::convert_error_to_porcelain(exception)
    end
    break
  end

  # Execute after interceptor hooks
  plumbing_response = @parent.interceptor.execute_after("ManagedSecrets.Update", self, req, plumbing_response)

  resp = ManagedSecretUpdateResponse.new()
  resp.managed_secret = Plumbing::convert_managed_secret_to_porcelain(plumbing_response.managed_secret)
  resp.meta = Plumbing::convert_update_response_metadata_to_porcelain(plumbing_response.meta)
  resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
  resp
end

#validate(id, deadline: nil) ⇒ Object

Validate returns the result of testing the stored credential against the secret engine.



4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
 
# File 'lib/svc.rb', line 4532

def validate(
  id,
  deadline: nil
)
  req = V1::ManagedSecretValidateRequest.new()

  req.id = (id)
  # Execute before interceptor hooks
  req = @parent.interceptor.execute_before("ManagedSecrets.Validate", self, req)
  tries = 0
  plumbing_response = nil
  loop do
    begin
      plumbing_response = @stub.validate(req, metadata: @parent.get_metadata("ManagedSecrets.Validate", req), deadline: deadline)
    rescue => exception
      if (@parent.shouldRetry(tries, exception, deadline))
        tries + +sleep(@parent.exponentialBackoff(tries, deadline))
        next
      end
      raise Plumbing::convert_error_to_porcelain(exception)
    end
    break
  end

  # Execute after interceptor hooks
  plumbing_response = @parent.interceptor.execute_after("ManagedSecrets.Validate", self, req, plumbing_response)

  resp = ManagedSecretValidateResponse.new()
  resp.invalid_info = (plumbing_response.invalid_info)
  resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
  resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
  resp.valid = (plumbing_response.valid)
  resp
end