Lockbox API, REST: Secret.ScheduleVersionDestruction
Schedules the specified version for destruction.
Scheduled destruction can be cancelled with the SecretService.CancelVersionDestruction method.
HTTP request
POST https://lockbox.api.cloud.yandex.net/lockbox/v1/secrets/{secretId}:scheduleVersionDestruction
Path parameters
Field |
Description |
secretId |
string Required field. ID of the secret whose version should be scheduled for destruction. |
Body parameters
{
"versionId": "string",
"pendingPeriod": "string"
}
Field |
Description |
versionId |
string Required field. ID of the version to be destroyed. |
pendingPeriod |
string (duration) Time interval between the version destruction request and actual destruction. |
Response
HTTP Code: 200 - OK
{
"id": "string",
"description": "string",
"createdAt": "string",
"createdBy": "string",
"modifiedAt": "string",
"done": "boolean",
"metadata": {
"secretId": "string",
"versionId": "string",
"destroyAt": "string"
},
// Includes only one of the fields `error`, `response`
"error": {
"code": "integer",
"message": "string",
"details": [
"object"
]
},
"response": {
"id": "string",
"secretId": "string",
"createdAt": "string",
"destroyAt": "string",
"description": "string",
"status": "string",
"payloadEntryKeys": [
"string"
],
// Includes only one of the fields `passwordPayloadSpecification`
"passwordPayloadSpecification": {
"passwordKey": "string",
"length": "string",
"includeUppercase": "boolean",
"includeLowercase": "boolean",
"includeDigits": "boolean",
"includePunctuation": "boolean",
"includedPunctuation": "string",
"excludedPunctuation": "string"
}
// end of the list of possible fields
}
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
Field |
Description |
id |
string ID of the operation. |
description |
string Description of the operation. 0-256 characters long. |
createdAt |
string (date-time) Creation timestamp. String in RFC3339 To work with values in this field, use the APIs described in the |
createdBy |
string ID of the user or service account who initiated the operation. |
modifiedAt |
string (date-time) The time when the Operation resource was last modified. String in RFC3339 To work with values in this field, use the APIs described in the |
done |
boolean If the value is |
metadata |
ScheduleVersionDestructionMetadata Service-specific metadata associated with the operation. |
error |
The error result of the operation in case of failure or cancellation. Includes only one of the fields The operation result. |
response |
The normal response of the operation in case of success. Includes only one of the fields The operation result. |
ScheduleVersionDestructionMetadata
Field |
Description |
secretId |
string ID of the secret whose version is being scheduled for destruction. |
versionId |
string ID of the version that is being scheduled for destruction. |
destroyAt |
string (date-time) Destruction timestamp. String in RFC3339 To work with values in this field, use the APIs described in the |
Status
The error result of the operation in case of failure or cancellation.
Field |
Description |
code |
integer (int32) Error code. An enum value of google.rpc.Code |
message |
string An error message. |
details[] |
object A list of messages that carry the error details. |
Version
Field |
Description |
id |
string ID of the version. |
secretId |
string ID of the secret that the version belongs to. |
createdAt |
string (date-time) Time when the version was created. String in RFC3339 To work with values in this field, use the APIs described in the |
destroyAt |
string (date-time) Time when the version is going to be destroyed. Empty unless the status String in RFC3339 To work with values in this field, use the APIs described in the |
description |
string Description of the version. |
status |
enum (Status) Status of the secret.
|
payloadEntryKeys[] |
string Keys of the entries contained in the version payload. |
passwordPayloadSpecification |
Includes only one of the fields |
PasswordPayloadSpecification
Field |
Description |
passwordKey |
string Required field. key of the entry to store generated password value |
length |
string (int64) password length; by default, a reasonable length will be decided |
includeUppercase |
boolean whether at least one A..Z character is included in the password, true by default |
includeLowercase |
boolean whether at least one a..z character is included in the password, true by default |
includeDigits |
boolean whether at least one 0..9 character is included in the password, true by default |
includePunctuation |
boolean whether at least one punctuation character is included in the password, true by default |
includedPunctuation |
string If include_punctuation is true, one of these two fields (not both) may be used optionally to customize the punctuation: |
excludedPunctuation |
string a string of punctuation characters to exclude from the default (at most 31, it's not allowed to exclude all the 32) |