SECRETMANAGER
secretmanager.projects.locations.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.list
valid {
input.ReqMap.name == STRING
input.Qs.filter == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.addVersion
valid {
input.Body.payload.data == STRING
input.Body.payload.dataCrc32c == STRING
input.ReqMap.parent == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.create
valid {
input.Body.annotations.STRING == STRING
input.Body.customerManagedEncryption.kmsKeyName == STRING
input.Body.etag == STRING
input.Body.expireTime == STRING
input.Body.labels.STRING == STRING
input.Body.replication.automatic.customerManagedEncryption.kmsKeyName == STRING
input.Body.replication.userManaged.replicas[_].customerManagedEncryption.kmsKeyName == STRING
input.Body.replication.userManaged.replicas[_].location == STRING
input.Body.rotation.nextRotationTime == STRING
input.Body.rotation.rotationPeriod == STRING
input.Body.topics[_].name == STRING
input.Body.ttl == STRING
input.Body.versionAliases.STRING == STRING
input.Body.versionDestroyTtl == STRING
input.ReqMap.parent == STRING
input.Qs.secretId == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.delete
valid {
input.ReqMap.name == STRING
input.Qs.etag == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.getIamPolicy
valid {
input.ReqMap.resource == STRING
input.Qs.options.requestedPolicyVersion == INTEGER
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.patch
valid {
input.Body.annotations.STRING == STRING
input.Body.customerManagedEncryption.kmsKeyName == STRING
input.Body.etag == STRING
input.Body.expireTime == STRING
input.Body.labels.STRING == STRING
input.Body.replication.automatic.customerManagedEncryption.kmsKeyName == STRING
input.Body.replication.userManaged.replicas[_].customerManagedEncryption.kmsKeyName == STRING
input.Body.replication.userManaged.replicas[_].location == STRING
input.Body.rotation.nextRotationTime == STRING
input.Body.rotation.rotationPeriod == STRING
input.Body.topics[_].name == STRING
input.Body.ttl == STRING
input.Body.versionAliases.STRING == STRING
input.Body.versionDestroyTtl == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.setIamPolicy
enum_AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]
valid {
input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_AuditLogConfigLogType[_]
input.Body.policy.auditConfigs[_].service == STRING
input.Body.policy.bindings[_].condition.description == STRING
input.Body.policy.bindings[_].condition.expression == STRING
input.Body.policy.bindings[_].condition.location == STRING
input.Body.policy.bindings[_].condition.title == STRING
input.Body.policy.bindings[_].members[_] == STRING
input.Body.policy.bindings[_].role == STRING
input.Body.policy.etag == STRING
input.Body.policy.version == INTEGER
input.Body.updateMask == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.testIamPermissions
valid {
input.Body.permissions[_] == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.versions.access
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.versions.destroy
valid {
input.Body.etag == STRING
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.versions.disable
valid {
input.Body.etag == STRING
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.versions.enable
valid {
input.Body.etag == STRING
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.versions.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.locations.secrets.versions.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.addVersion
valid {
input.Body.payload.data == STRING
input.Body.payload.dataCrc32c == STRING
input.ReqMap.parent == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.create
valid {
input.Body.annotations.STRING == STRING
input.Body.customerManagedEncryption.kmsKeyName == STRING
input.Body.etag == STRING
input.Body.expireTime == STRING
input.Body.labels.STRING == STRING
input.Body.replication.automatic.customerManagedEncryption.kmsKeyName == STRING
input.Body.replication.userManaged.replicas[_].customerManagedEncryption.kmsKeyName == STRING
input.Body.replication.userManaged.replicas[_].location == STRING
input.Body.rotation.nextRotationTime == STRING
input.Body.rotation.rotationPeriod == STRING
input.Body.topics[_].name == STRING
input.Body.ttl == STRING
input.Body.versionAliases.STRING == STRING
input.Body.versionDestroyTtl == STRING
input.ReqMap.parent == STRING
input.Qs.secretId == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.delete
valid {
input.ReqMap.name == STRING
input.Qs.etag == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.getIamPolicy
valid {
input.ReqMap.resource == STRING
input.Qs.options.requestedPolicyVersion == INTEGER
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.patch
valid {
input.Body.annotations.STRING == STRING
input.Body.customerManagedEncryption.kmsKeyName == STRING
input.Body.etag == STRING
input.Body.expireTime == STRING
input.Body.labels.STRING == STRING
input.Body.replication.automatic.customerManagedEncryption.kmsKeyName == STRING
input.Body.replication.userManaged.replicas[_].customerManagedEncryption.kmsKeyName == STRING
input.Body.replication.userManaged.replicas[_].location == STRING
input.Body.rotation.nextRotationTime == STRING
input.Body.rotation.rotationPeriod == STRING
input.Body.topics[_].name == STRING
input.Body.ttl == STRING
input.Body.versionAliases.STRING == STRING
input.Body.versionDestroyTtl == STRING
input.ReqMap.name == STRING
input.Qs.updateMask == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.setIamPolicy
enum_AuditLogConfigLogType := [ "LOG_TYPE_UNSPECIFIED", "ADMIN_READ", "DATA_WRITE", "DATA_READ" ]
valid {
input.Body.policy.auditConfigs[_].auditLogConfigs[_].exemptedMembers[_] == STRING
input.Body.policy.auditConfigs[_].auditLogConfigs[_].logType == enum_AuditLogConfigLogType[_]
input.Body.policy.auditConfigs[_].service == STRING
input.Body.policy.bindings[_].condition.description == STRING
input.Body.policy.bindings[_].condition.expression == STRING
input.Body.policy.bindings[_].condition.location == STRING
input.Body.policy.bindings[_].condition.title == STRING
input.Body.policy.bindings[_].members[_] == STRING
input.Body.policy.bindings[_].role == STRING
input.Body.policy.etag == STRING
input.Body.policy.version == INTEGER
input.Body.updateMask == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.testIamPermissions
valid {
input.Body.permissions[_] == STRING
input.ReqMap.resource == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.versions.access
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.versions.destroy
valid {
input.Body.etag == STRING
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.versions.disable
valid {
input.Body.etag == STRING
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.versions.enable
valid {
input.Body.etag == STRING
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.versions.get
valid {
input.ReqMap.name == STRING
input.ProviderMetadata.Region == STRING
}
secretmanager.projects.secrets.versions.list
valid {
input.ReqMap.parent == STRING
input.Qs.filter == STRING
input.Qs.pageSize == INTEGER
input.Qs.pageToken == STRING
input.ProviderMetadata.Region == STRING
}
Updated 5 days ago