All Superinterfaces:

BaseSecretStoreProvider, LockedSecretStoreProvider
```
@EvolvingAll
public interface GoogleSecretManagerSecretStoreProvider
extends LockedSecretStoreProvider
```
Provides support for fetching secrets from Google Secret Manager.

Field Summary

Fields
Modifier and Type Field Description

static org.slf4j.Logger logger

Method Summary

All Methods Instance Methods Abstract Methods Default Methods
Modifier and Type	Method	Description
`default long`	`expiryDurationSeconds()`	The amount of time in seconds to allow secret values to be cached before re-fetching them from GSM.
`default SecretStore<? extends Secret>`	`getStore(SecretStoreContext context, SecretsReferenceProvider secretsReferenceProvider)`	Get the commons `SecretStore` instance for this instance.
`String`	`id()`	Get the sub-configuration identifier for this secret store instance.
`org.forgerock.openam.sm.annotations.subconfigs.Multiple<PurposeMapping>`	`mappings()`	Maps `Purpose` labels to Google SM secret names.
`String`	`project()`	The Google Cloud Platform project that the instance of Secret Manager lives in.
`default PropertyFormat`	`secretFormat()`	The format of the secret data to use when decoding the secret value.
`default String`	`serviceAccount()`	The GCP service account to use for accessing the Secret Manager.

- Field Detail
  - logger
```
static final org.slf4j.Logger logger
```
- Method Detail
  - id
```
String id()
```
    Get the sub-configuration identifier for this secret store instance.
    
    Specified by:
    
    id in interface BaseSecretStoreProvider
    
    Returns:
    
    The identifier.
  - project
```
String project()
```
    The Google Cloud Platform project that the instance of Secret Manager lives in.
    
    Returns:
    
    the GCP project to look for the Secret Manager instance in.
  - serviceAccount
```
default String serviceAccount()
```
    The GCP service account to use for accessing the Secret Manager. Alternative service accounts can be configured in the global GoogleCloudServiceAccountService.
    
    Returns:
    
    the name of the service account to use.
  - secretFormat
```
default PropertyFormat secretFormat()
```
    The format of the secret data to use when decoding the secret value.
    
    Returns:
    
    the property format to use.
  - expiryDurationSeconds
```
default long expiryDurationSeconds()
```
    The amount of time in seconds to allow secret values to be cached before re-fetching them from GSM.
    
    Returns:
    
    the amount of time in seconds before a secret value expires.
  - mappings
```
org.forgerock.openam.sm.annotations.subconfigs.Multiple<PurposeMapping> mappings()
```
    Maps Purpose labels to Google SM secret names. The mapping may include a {{realm}} placeholder, which will be replaced with the path of the current realm. This allows the same mapping to be used to map different secrets in different realms.
    
    Returns:
    
    the purpose mapping.
  - getStore
```
default SecretStore<? extends Secret> getStore(SecretStoreContext context,
                                               SecretsReferenceProvider secretsReferenceProvider)
                                        throws SecretException
```
    Description copied from interface: LockedSecretStoreProvider
    
    Get the commons SecretStore instance for this instance.
    
    Specified by:
    
    getStore in interface LockedSecretStoreProvider
    
    Parameters:
    
    context - The context in which the store is being created.
    
    secretsReferenceProvider - A provider of secret references that can be used to obtain secrets that are needed to unlock the SecretStore.
    
    Returns:
    
    The instance.
    
    Throws:
    
    SecretException - If the store cannot be constructed for some reason.

Interface GoogleSecretManagerSecretStoreProvider

Field Summary

Method Summary

Field Detail

logger

Method Detail

id

project

serviceAccount

secretFormat

expiryDurationSeconds

mappings

getStore