docs-archive/apache-airflow-providers-google/8.0.0/_sources/_api/airflow/providers/google/cloud/secrets/secret_manager/index.rst.txt - airflow-site - Git at Google

 :py:mod:`airflow.providers.google.cloud.secrets.secret_manager`
 ===============================================================

 .. py:module:: airflow.providers.google.cloud.secrets.secret_manager

 .. autoapi-nested-parse::

    Objects relating to sourcing connections from Google Cloud Secrets Manager


 Module Contents
 ---------------

 Classes
 ~~~~~~~

 .. autoapisummary::

    airflow.providers.google.cloud.secrets.secret_manager.CloudSecretManagerBackend


 Attributes
 ~~~~~~~~~~

 .. autoapisummary::

    airflow.providers.google.cloud.secrets.secret_manager.log
    airflow.providers.google.cloud.secrets.secret_manager.SECRET_ID_PATTERN


 .. py:data:: log


 .. py:data:: SECRET_ID_PATTERN
    :annotation: = ^[a-zA-Z0-9-_]*$


 .. py:class:: CloudSecretManagerBackend(connections_prefix = 'airflow-connections', variables_prefix = 'airflow-variables', config_prefix = 'airflow-config', gcp_keyfile_dict = None, gcp_key_path = None, gcp_scopes = None, project_id = None, sep = '-', **kwargs)

    Bases: :py:obj:`airflow.secrets.BaseSecretsBackend`, :py:obj:`airflow.utils.log.logging_mixin.LoggingMixin`

    Retrieves Connection object from Google Cloud Secrets Manager

    Configurable via ``airflow.cfg`` as follows:

    .. code-block:: ini

        [secrets]
        backend = airflow.providers.google.cloud.secrets.secret_manager.CloudSecretManagerBackend
        backend_kwargs = {"connections_prefix": "airflow-connections", "sep": "-"}

    For example, if the Secrets Manager secret id is ``airflow-connections-smtp_default``, this would be
    accessible if you provide ``{"connections_prefix": "airflow-connections", "sep": "-"}`` and request
    conn_id ``smtp_default``.

    If the Secrets Manager secret id is ``airflow-variables-hello``, this would be
    accessible if you provide ``{"variables_prefix": "airflow-variables", "sep": "-"}`` and request
    Variable Key ``hello``.

    The full secret id should follow the pattern "[a-zA-Z0-9-_]".

    :param connections_prefix: Specifies the prefix of the secret to read to get Connections.
        If set to None (null), requests for connections will not be sent to GCP Secrets Manager
    :param variables_prefix: Specifies the prefix of the secret to read to get Variables.
        If set to None (null), requests for variables will not be sent to GCP Secrets Manager
    :param config_prefix: Specifies the prefix of the secret to read to get Airflow Configurations
        containing secrets.
        If set to None (null), requests for configurations will not be sent to GCP Secrets Manager
    :param gcp_key_path: Path to Google Cloud Service Account key file (JSON). Mutually exclusive with
        gcp_keyfile_dict. use default credentials in the current environment if not provided.
    :param gcp_keyfile_dict: Dictionary of keyfile parameters. Mutually exclusive with gcp_key_path.
    :param gcp_scopes: Comma-separated string containing OAuth2 scopes
    :param project_id: Project ID to read the secrets from. If not passed, the project ID from credentials
        will be used.
    :param sep: Separator used to concatenate connections_prefix and conn_id. Default: "-"

    .. py:method:: client(self)
       :property:

       Property returning secret client.

       :return: Secrets client


    .. py:method:: get_conn_value(self, conn_id)

       Get serialized representation of Connection

       :param conn_id: connection id


    .. py:method:: get_conn_uri(self, conn_id)

       Return URI representation of Connection conn_id.

       As of Airflow version 2.3.0 this method is deprecated.

       :param conn_id: the connection id
       :return: deserialized Connection


    .. py:method:: get_variable(self, key)

       Get Airflow Variable from Environment Variable

       :param key: Variable Key
       :return: Variable Value


    .. py:method:: get_config(self, key)

       Get Airflow Configuration

       :param key: Configuration Option Key
       :return: Configuration Option Value
	:py:mod:`airflow.providers.google.cloud.secrets.secret_manager`
	===============================================================

	.. py:module:: airflow.providers.google.cloud.secrets.secret_manager

	.. autoapi-nested-parse::

	Objects relating to sourcing connections from Google Cloud Secrets Manager



	Module Contents
	---------------

	Classes
	~~~~~~~

	.. autoapisummary::

	airflow.providers.google.cloud.secrets.secret_manager.CloudSecretManagerBackend




	Attributes
	~~~~~~~~~~

	.. autoapisummary::

	airflow.providers.google.cloud.secrets.secret_manager.log
	airflow.providers.google.cloud.secrets.secret_manager.SECRET_ID_PATTERN


	.. py:data:: log




	.. py:data:: SECRET_ID_PATTERN
	:annotation: = ^[a-zA-Z0-9-_]*$



	.. py:class:: CloudSecretManagerBackend(connections_prefix = 'airflow-connections', variables_prefix = 'airflow-variables', config_prefix = 'airflow-config', gcp_keyfile_dict = None, gcp_key_path = None, gcp_scopes = None, project_id = None, sep = '-', **kwargs)

	Bases: :py:obj:`airflow.secrets.BaseSecretsBackend`, :py:obj:`airflow.utils.log.logging_mixin.LoggingMixin`

	Retrieves Connection object from Google Cloud Secrets Manager

	Configurable via ``airflow.cfg`` as follows:

	.. code-block:: ini

	[secrets]
	backend = airflow.providers.google.cloud.secrets.secret_manager.CloudSecretManagerBackend
	backend_kwargs = {"connections_prefix": "airflow-connections", "sep": "-"}

	For example, if the Secrets Manager secret id is ``airflow-connections-smtp_default``, this would be
	accessible if you provide ``{"connections_prefix": "airflow-connections", "sep": "-"}`` and request
	conn_id ``smtp_default``.

	If the Secrets Manager secret id is ``airflow-variables-hello``, this would be
	accessible if you provide ``{"variables_prefix": "airflow-variables", "sep": "-"}`` and request
	Variable Key ``hello``.

	The full secret id should follow the pattern "[a-zA-Z0-9-_]".

	:param connections_prefix: Specifies the prefix of the secret to read to get Connections.
	If set to None (null), requests for connections will not be sent to GCP Secrets Manager
	:param variables_prefix: Specifies the prefix of the secret to read to get Variables.
	If set to None (null), requests for variables will not be sent to GCP Secrets Manager
	:param config_prefix: Specifies the prefix of the secret to read to get Airflow Configurations
	containing secrets.
	If set to None (null), requests for configurations will not be sent to GCP Secrets Manager
	:param gcp_key_path: Path to Google Cloud Service Account key file (JSON). Mutually exclusive with
	gcp_keyfile_dict. use default credentials in the current environment if not provided.
	:param gcp_keyfile_dict: Dictionary of keyfile parameters. Mutually exclusive with gcp_key_path.
	:param gcp_scopes: Comma-separated string containing OAuth2 scopes
	:param project_id: Project ID to read the secrets from. If not passed, the project ID from credentials
	will be used.
	:param sep: Separator used to concatenate connections_prefix and conn_id. Default: "-"

	.. py:method:: client(self)
	:property:

	Property returning secret client.

	:return: Secrets client


	.. py:method:: get_conn_value(self, conn_id)

	Get serialized representation of Connection

	:param conn_id: connection id


	.. py:method:: get_conn_uri(self, conn_id)

	Return URI representation of Connection conn_id.

	As of Airflow version 2.3.0 this method is deprecated.

	:param conn_id: the connection id
	:return: deserialized Connection


	.. py:method:: get_variable(self, key)

	Get Airflow Variable from Environment Variable

	:param key: Variable Key
	:return: Variable Value


	.. py:method:: get_config(self, key)

	Get Airflow Configuration

	:param key: Configuration Option Key
	:return: Configuration Option Value