1. Docs
  2. Reference
  3. API
  4. pulumi_gcp
  5. secretmanager

This page documents the language specification for the gcp package. If you're looking for help working with the inputs, outputs, or functions of gcp resources in a Pulumi program, please see the resource documentation for examples and API reference.

secretmanager

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-gcp repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-google repo.

class pulumi_gcp.secretmanager.AwaitableGetSecretVersionResult(create_time=None, destroy_time=None, enabled=None, id=None, name=None, project=None, secret=None, secret_data=None, version=None)
class pulumi_gcp.secretmanager.GetSecretVersionResult(create_time=None, destroy_time=None, enabled=None, id=None, name=None, project=None, secret=None, secret_data=None, version=None)

A collection of values returned by getSecretVersion.

create_time = None

The time at which the Secret was created.

destroy_time = None

The time at which the Secret was destroyed. Only present if state is DESTROYED.

enabled = None

True if the current state of the SecretVersion is enabled.

id = None

The provider-assigned unique ID for this managed resource.

name = None

The resource name of the SecretVersion. Format: projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}

secret_data = None

The secret data. No larger than 64KiB.

class pulumi_gcp.secretmanager.Secret(resource_name, opts=None, labels=None, project=None, replication=None, secret_id=None, __props__=None, __name__=None, __opts__=None)

A Secret is a logical secret whose value and versions can be accessed.

To get more information about Secret, see:

import pulumi
import pulumi_gcp as gcp

secret_basic = gcp.secretmanager.Secret("secret-basic",
    labels={
        "label": "my-label",
    },
    replication={
        "userManaged": {
            "replicas": [
                {
                    "location": "us-central1",
                },
                {
                    "location": "us-east1",
                },
            ],
        },
    },
    secret_id="secret")
Parameters

  • resource*name (str) –

    The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • labels (pulumi.Input[dict]) – The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [p{Ll}p{Lo}][p{Ll}p{Lo}p{N}*-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [p{Ll}p{Lo}p{N}_-]{0,63} No more than 64 labels can be assigned to a given resource. An object containing a list of “key”: value pairs. Example: { “name”: “wrench”, “mass”: “1.3kg”, “count”: “3” }.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • replication (pulumi.Input[dict]) – The replication policy of the secret data attached to the Secret. It cannot be changed after the Secret has been created. Structure is documented below.

  • secret_id (pulumi.Input[str]) – This must be unique within the project.

The replication object supports the following:

  • automatic (pulumi.Input[bool]) - The Secret will automatically be replicated without any restrictions.

  • userManaged (pulumi.Input[dict]) - The Secret will automatically be replicated without any restrictions. Structure is documented below.

    • replicas (pulumi.Input[list]) - The list of Replicas for this Secret. Cannot be empty. Structure is documented below.

      • location (pulumi.Input[str]) - The canonical IDs of the location to replicate data. For example: “us-east1”.

create_time: pulumi.Output[str] = None

The time at which the Secret was created.

labels: pulumi.Output[dict] = None

The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [p{Ll}p{Lo}][p{Ll}p{Lo}p{N}-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [p{Ll}p{Lo}p{N}-]{0,63} No more than 64 labels can be assigned to a given resource. An object containing a list of “key”: value pairs. Example: { “name”: “wrench”, “mass”: “1.3kg”, “count”: “3” }.

name: pulumi.Output[str] = None

The resource name of the Secret. Format: ‘projects/{{project}}/secrets/{{secret_id}}’

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

replication: pulumi.Output[dict] = None

The replication policy of the secret data attached to the Secret. It cannot be changed after the Secret has been created. Structure is documented below.

  • automatic (bool) - The Secret will automatically be replicated without any restrictions.

  • userManaged (dict) - The Secret will automatically be replicated without any restrictions. Structure is documented below.

    • replicas (list) - The list of Replicas for this Secret. Cannot be empty. Structure is documented below.

      • location (str) - The canonical IDs of the location to replicate data. For example: “us-east1”.

secret_id: pulumi.Output[str] = None

This must be unique within the project.

static get(resource_name, id, opts=None, create_time=None, labels=None, name=None, project=None, replication=None, secret_id=None)

Get an existing Secret resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • create*time (pulumi.Input[str]) –

    The time at which the Secret was created.

  • labels (pulumi.Input[dict]) – The labels assigned to this Secret. Label keys must be between 1 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [p{Ll}p{Lo}][p{Ll}p{Lo}p{N}*-]{0,62} Label values must be between 0 and 63 characters long, have a UTF-8 encoding of maximum 128 bytes, and must conform to the following PCRE regular expression: [p{Ll}p{Lo}p{N}_-]{0,63} No more than 64 labels can be assigned to a given resource. An object containing a list of “key”: value pairs. Example: { “name”: “wrench”, “mass”: “1.3kg”, “count”: “3” }.

  • name (pulumi.Input[str]) – The resource name of the Secret. Format: ‘projects/{{project}}/secrets/{{secret_id}}’

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • replication (pulumi.Input[dict]) – The replication policy of the secret data attached to the Secret. It cannot be changed after the Secret has been created. Structure is documented below.

  • secret_id (pulumi.Input[str]) – This must be unique within the project.

The replication object supports the following:

  • automatic (pulumi.Input[bool]) - The Secret will automatically be replicated without any restrictions.

  • userManaged (pulumi.Input[dict]) - The Secret will automatically be replicated without any restrictions. Structure is documented below.

    • replicas (pulumi.Input[list]) - The list of Replicas for this Secret. Cannot be empty. Structure is documented below.

      • location (pulumi.Input[str]) - The canonical IDs of the location to replicate data. For example: “us-east1”.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_gcp.secretmanager.SecretIamBinding(resource_name, opts=None, condition=None, members=None, project=None, role=None, secret_id=None, __props__=None, __name__=None, __opts__=None)

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

  • secretmanager.SecretIamPolicy: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached.

  • secretmanager.SecretIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved.

  • secretmanager.SecretIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

Note: secretmanager.SecretIamPolicy cannot be used in conjunction with secretmanager.SecretIamBinding and secretmanager.SecretIamMember or they will fight over what your policy should be.

Note: secretmanager.SecretIamBinding resources can be used in conjunction with secretmanager.SecretIamMember resources only if they do not grant privilege to the same role.

import pulumi
import pulumi_gcp as gcp

admin = gcp.organizations.get_iam_policy(binding=[{
    "role": "roles/viewer",
    "members": ["user:jane@example.com"],
}])
policy = gcp.secretmanager.SecretIamPolicy("policy",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    policy_data=admin.policy_data)

import pulumi
import pulumi_gcp as gcp

binding = gcp.secretmanager.SecretIamBinding("binding",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    role="roles/viewer",
    members=["user:jane@example.com"])

import pulumi
import pulumi_gcp as gcp

member = gcp.secretmanager.SecretIamMember("member",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    role="roles/viewer",
    member="user:jane@example.com")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • role (pulumi.Input[str]) – The role that should be applied. Only one secretmanager.SecretIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

The condition object supports the following:

  • description (pulumi.Input[str])

  • expression (pulumi.Input[str])

  • title (pulumi.Input[str])

etag: pulumi.Output[str] = None

(Computed) The etag of the IAM policy.

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

role: pulumi.Output[str] = None

The role that should be applied. Only one secretmanager.SecretIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

static get(resource_name, id, opts=None, condition=None, etag=None, members=None, project=None, role=None, secret_id=None)

Get an existing SecretIamBinding resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • etag (pulumi.Input[str]) – (Computed) The etag of the IAM policy.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • role (pulumi.Input[str]) – The role that should be applied. Only one secretmanager.SecretIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

The condition object supports the following:

  • description (pulumi.Input[str])

  • expression (pulumi.Input[str])

  • title (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_gcp.secretmanager.SecretIamMember(resource_name, opts=None, condition=None, member=None, project=None, role=None, secret_id=None, __props__=None, __name__=None, __opts__=None)

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

  • secretmanager.SecretIamPolicy: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached.

  • secretmanager.SecretIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved.

  • secretmanager.SecretIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

Note: secretmanager.SecretIamPolicy cannot be used in conjunction with secretmanager.SecretIamBinding and secretmanager.SecretIamMember or they will fight over what your policy should be.

Note: secretmanager.SecretIamBinding resources can be used in conjunction with secretmanager.SecretIamMember resources only if they do not grant privilege to the same role.

import pulumi
import pulumi_gcp as gcp

admin = gcp.organizations.get_iam_policy(binding=[{
    "role": "roles/viewer",
    "members": ["user:jane@example.com"],
}])
policy = gcp.secretmanager.SecretIamPolicy("policy",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    policy_data=admin.policy_data)

import pulumi
import pulumi_gcp as gcp

binding = gcp.secretmanager.SecretIamBinding("binding",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    role="roles/viewer",
    members=["user:jane@example.com"])

import pulumi
import pulumi_gcp as gcp

member = gcp.secretmanager.SecretIamMember("member",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    role="roles/viewer",
    member="user:jane@example.com")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • role (pulumi.Input[str]) – The role that should be applied. Only one secretmanager.SecretIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

The condition object supports the following:

  • description (pulumi.Input[str])

  • expression (pulumi.Input[str])

  • title (pulumi.Input[str])

etag: pulumi.Output[str] = None

(Computed) The etag of the IAM policy.

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

role: pulumi.Output[str] = None

The role that should be applied. Only one secretmanager.SecretIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

static get(resource_name, id, opts=None, condition=None, etag=None, member=None, project=None, role=None, secret_id=None)

Get an existing SecretIamMember resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • etag (pulumi.Input[str]) – (Computed) The etag of the IAM policy.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

  • role (pulumi.Input[str]) – The role that should be applied. Only one secretmanager.SecretIamBinding can be used per role. Note that custom roles must be of the format [projects|organizations]/{parent-name}/roles/{role-name}.

The condition object supports the following:

  • description (pulumi.Input[str])

  • expression (pulumi.Input[str])

  • title (pulumi.Input[str])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_gcp.secretmanager.SecretIamPolicy(resource_name, opts=None, policy_data=None, project=None, secret_id=None, __props__=None, __name__=None, __opts__=None)

Three different resources help you manage your IAM policy for Secret Manager Secret. Each of these resources serves a different use case:

  • secretmanager.SecretIamPolicy: Authoritative. Sets the IAM policy for the secret and replaces any existing policy already attached.

  • secretmanager.SecretIamBinding: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the secret are preserved.

  • secretmanager.SecretIamMember: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the secret are preserved.

Note: secretmanager.SecretIamPolicy cannot be used in conjunction with secretmanager.SecretIamBinding and secretmanager.SecretIamMember or they will fight over what your policy should be.

Note: secretmanager.SecretIamBinding resources can be used in conjunction with secretmanager.SecretIamMember resources only if they do not grant privilege to the same role.

import pulumi
import pulumi_gcp as gcp

admin = gcp.organizations.get_iam_policy(binding=[{
    "role": "roles/viewer",
    "members": ["user:jane@example.com"],
}])
policy = gcp.secretmanager.SecretIamPolicy("policy",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    policy_data=admin.policy_data)

import pulumi
import pulumi_gcp as gcp

binding = gcp.secretmanager.SecretIamBinding("binding",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    role="roles/viewer",
    members=["user:jane@example.com"])

import pulumi
import pulumi_gcp as gcp

member = gcp.secretmanager.SecretIamMember("member",
    project=google_secret_manager_secret["secret-basic"]["project"],
    secret_id=google_secret_manager_secret["secret-basic"]["secret_id"],
    role="roles/viewer",
    member="user:jane@example.com")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • policy_data (pulumi.Input[str]) – The policy data generated by a organizations.getIAMPolicy data source.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

etag: pulumi.Output[str] = None

(Computed) The etag of the IAM policy.

policy_data: pulumi.Output[str] = None

The policy data generated by a organizations.getIAMPolicy data source.

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

static get(resource_name, id, opts=None, etag=None, policy_data=None, project=None, secret_id=None)

Get an existing SecretIamPolicy resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • etag (pulumi.Input[str]) – (Computed) The etag of the IAM policy.

  • policy_data (pulumi.Input[str]) – The policy data generated by a organizations.getIAMPolicy data source.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the project will be parsed from the identifier of the parent resource. If no project is provided in the parent identifier and no project is specified, the provider project is used.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_gcp.secretmanager.SecretVersion(resource_name, opts=None, enabled=None, secret=None, secret_data=None, __props__=None, __name__=None, __opts__=None)

A secret version resource.

Warning: All arguments including payload.secret_data will be stored in the raw state as plain-text.

import pulumi
import pulumi_gcp as gcp

secret_basic = gcp.secretmanager.Secret("secret-basic",
    secret_id="secret-version",
    labels={
        "label": "my-label",
    },
    replication={
        "automatic": True,
    })
secret_version_basic = gcp.secretmanager.SecretVersion("secret-version-basic",
    secret=secret_basic.id,
    secret_data="secret-data")
Parameters

  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • enabled (pulumi.Input[bool]) – The current state of the SecretVersion.

  • secret (pulumi.Input[str]) – Secret Manager secret resource

  • secret_data (pulumi.Input[str]) – The secret data. Must be no larger than 64KiB. Note: This property is sensitive and will not be displayed in the plan.

create_time: pulumi.Output[str] = None

The time at which the Secret was created.

destroy_time: pulumi.Output[str] = None

The time at which the Secret was destroyed. Only present if state is DESTROYED.

enabled: pulumi.Output[bool] = None

The current state of the SecretVersion.

name: pulumi.Output[str] = None

The resource name of the SecretVersion. Format: ‘projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}’

secret: pulumi.Output[str] = None

Secret Manager secret resource

secret_data: pulumi.Output[str] = None

The secret data. Must be no larger than 64KiB. Note: This property is sensitive and will not be displayed in the plan.

static get(resource_name, id, opts=None, create_time=None, destroy_time=None, enabled=None, name=None, secret=None, secret_data=None)

Get an existing SecretVersion resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters

  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • create_time (pulumi.Input[str]) – The time at which the Secret was created.

  • destroy_time (pulumi.Input[str]) – The time at which the Secret was destroyed. Only present if state is DESTROYED.

  • enabled (pulumi.Input[bool]) – The current state of the SecretVersion.

  • name (pulumi.Input[str]) – The resource name of the SecretVersion. Format: ‘projects/{{project}}/secrets/{{secret_id}}/versions/{{version}}’

  • secret (pulumi.Input[str]) – Secret Manager secret resource

  • secret_data (pulumi.Input[str]) – The secret data. Must be no larger than 64KiB. Note: This property is sensitive and will not be displayed in the plan.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

pulumi_gcp.secretmanager.get_secret_version(project=None, secret=None, version=None, opts=None)

Get a Secret Manager secret’s version. For more information see the official documentation and API.

import pulumi
import pulumi_gcp as gcp

basic = gcp.secretmanager.get_secret_version(secret="my-secret")
Parameters

  • project (str) – The project to get the secret version for. If it is not provided, the provider project is used.

  • secret (str) – The secret to get the secret version for.

  • version (str) – The version of the secret to get. If it is not provided, the latest version is retrieved.