Yandex Cloud
Поиск
Связаться с экспертомПопробовать бесплатно
  • Кейсы
  • Документация
  • Блог
  • Все сервисы
  • Статус работы сервисов
  • Marketplace
    • Популярные
    • Инфраструктура и сеть
    • Платформа данных
    • Искусственный интеллект
    • Безопасность
    • Инструменты DevOps
    • Бессерверные вычисления
    • Управление ресурсами
  • Все решения
    • По отраслям
    • По типу задач
    • Экономика платформы
    • Безопасность
    • Техническая поддержка
    • Каталог партнёров
    • Обучение и сертификация
    • Облако для стартапов
    • Облако для крупного бизнеса
    • Центр технологий для общества
    • Облако для интеграторов
    • Поддержка IT-бизнеса
    • Облако для фрилансеров
    • Обучение и сертификация
    • Блог
    • Документация
    • Контент-программа
    • Мероприятия и вебинары
    • Контакты, чаты и сообщества
    • Идеи
    • Калькулятор цен
    • Тарифы
    • Акции и free tier
  • Кейсы
  • Документация
  • Блог
Создавайте контент и получайте гранты!Готовы написать своё руководство? Участвуйте в контент-программе и получайте гранты на работу с облачными сервисами!
Подробнее о программе
Проект Яндекса
© 2026 ООО «Яндекс.Облако»
Yandex Lockbox
  • Начало работы
  • Квоты и лимиты
  • Управление доступом
  • Правила тарификации
  • Справочник Terraform
    • Аутентификация в API
      • Overview
        • Overview
        • Get
        • List
        • Create
        • Update
        • Delete
        • Activate
        • Deactivate
        • ListVersions
        • AddVersion
        • ScheduleVersionDestruction
        • CancelVersionDestruction
        • ListOperations
        • ListAccessBindings
        • SetAccessBindings
        • UpdateAccessBindings
  • Метрики Monitoring
  • Аудитные логи Audit Trails
  • История изменений
  • Вопросы и ответы

В этой статье:

  • HTTP request
  • Body parameters
  • PasswordPayloadSpecification
  • PayloadEntryChange
  • Response
  • Status
  1. Справочник API
  2. REST (англ.)
  3. Secret
  4. Create

Lockbox API, REST: Secret.Create

Статья создана
Yandex Cloud
Обновлена 1 июля 2026 г.
Открыть в Markdown
  • HTTP request
  • Body parameters
  • PasswordPayloadSpecification
  • PayloadEntryChange
  • Response
  • Status

Creates a secret in the specified folder.

HTTP requestHTTP request

POST https://lockbox.api.cloud.yandex.net/lockbox/v1/secrets

Body parametersBody parameters

{
  // Includes only one of the fields `passwordPayloadSpecification`
  "passwordPayloadSpecification": {
    "passwordKey": "string",
    "length": "string",
    "includeUppercase": "boolean",
    "includeLowercase": "boolean",
    "includeDigits": "boolean",
    "includePunctuation": "boolean",
    "includedPunctuation": "string",
    "excludedPunctuation": "string"
  },
  // end of the list of possible fields
  "folderId": "string",
  "name": "string",
  "description": "string",
  "labels": "object",
  "kmsKeyId": "string",
  "versionDescription": "string",
  "versionPayloadEntries": [
    {
      // Includes only one of the fields `textValue`, `binaryValue`
      "textValue": "string",
      "binaryValue": "string",
      // end of the list of possible fields
      "key": "string"
    }
  ],
  "deletionProtection": "boolean",
  "createVersion": "boolean"
}

Field

Description

passwordPayloadSpecification

PasswordPayloadSpecification

Includes only one of the fields passwordPayloadSpecification.

folderId

string

Required field. ID of the folder to create a secret in.

The maximum string length in characters is 50.

name

string

Name of the secret.

The maximum string length in characters is 100.

description

string

Description of the secret.

The maximum string length in characters is 1024.

labels

object (map<string, string>)

Custom labels for the secret as key:value pairs. Maximum 64 per key.
For example, "project": "mvp" or "source": "dictionary".

The maximum string length in characters for each value is 63. The maximum string length in characters for each key is 63. Each key must match the regular expression [a-z][-_0-9a-z]*. Each value must match the regular expression [-_0-9a-z]*. No more than 64 per resource.

kmsKeyId

string

Optional ID of the KMS key will be used to encrypt and decrypt the secret.

The maximum string length in characters is 50.

versionDescription

string

Description of the first version.

The maximum string length in characters is 256.

versionPayloadEntries[]

PayloadEntryChange

Payload entries added to the first version.

deletionProtection

boolean

Flag that inhibits deletion of the secret.

createVersion

boolean

If true: a version will be created with either version_payload_entries or password_payload_specification (one is required).
If false: a version is NOT created, no matter version_payload_entries or password_payload_specification.
Default: a version is created IF either version_payload_entries or password_payload_specification are specified.
It's never allowed to set both version_payload_entries and password_payload_specification.

PasswordPayloadSpecificationPasswordPayloadSpecification

Field

Description

passwordKey

string

Required field. key of the entry to store generated password value

Value must match the regular expression [-_./\\@0-9a-zA-Z]+.

length

string (int64)

password length; by default, a reasonable length will be decided

The maximum value is 256.

includeUppercase

boolean

whether at least one A..Z character is included in the password, true by default

includeLowercase

boolean

whether at least one a..z character is included in the password, true by default

includeDigits

boolean

whether at least one 0..9 character is included in the password, true by default

includePunctuation

boolean

whether at least one punctuation character is included in the password, true by default
punctuation characters by default (there are 32): !"#$%&'()*+,-./:;<=>?@[]^_`{|}~
to customize the punctuation characters, see included_punctuation and excluded_punctuation below

includedPunctuation

string

If include_punctuation is true, one of these two fields (not both) may be used optionally to customize the punctuation:
a string of specific punctuation characters to use (at most, all the 32)

excludedPunctuation

string

a string of punctuation characters to exclude from the default (at most 31, it's not allowed to exclude all the 32)

PayloadEntryChangePayloadEntryChange

Field

Description

textValue

string

Use the field to set a text value.

The maximum string length in characters is 65536.

Includes only one of the fields textValue, binaryValue.

Confidential value of the entry.

binaryValue

string (bytes)

Use the field to set a binary value.

The maximum string length in characters is 65536.

Includes only one of the fields textValue, binaryValue.

Confidential value of the entry.

key

string

Required field. Non-confidential key of the entry.

The maximum string length in characters is 256. Value must match the regular expression [-_./\\@0-9a-zA-Z]+.

ResponseResponse

HTTP Code: 200 - OK

{
  "id": "string",
  "description": "string",
  "createdAt": "string",
  "createdBy": "string",
  "modifiedAt": "string",
  "done": "boolean",
  "metadata": "object",
  // Includes only one of the fields `error`, `response`
  "error": {
    "code": "integer",
    "message": "string",
    "details": [
      "object"
    ]
  },
  "response": "object"
  // end of the list of possible fields
}

An Operation resource. For more information, see Operation.

Field

Description

id

string

ID of the operation.

description

string

Description of the operation. 0-256 characters long.

createdAt

string (date-time)

Creation timestamp.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

createdBy

string

ID of the user or service account who initiated the operation.

modifiedAt

string (date-time)

The time when the Operation resource was last modified.

String in RFC3339 text format. The range of possible values is from
0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z, i.e. from 0 to 9 digits for fractions of a second.

To work with values in this field, use the APIs described in the
Protocol Buffers reference.
In some languages, built-in datetime utilities do not support nanosecond precision (9 digits).

done

boolean

If the value is false, it means the operation is still in progress.
If true, the operation is completed, and either error or response is available.

metadata

object

Service-specific metadata associated with the operation.
It typically contains the ID of the target resource that the operation is performed on.
Any method that returns a long-running operation should document the metadata type, if any.

error

Status

The error result of the operation in case of failure or cancellation.

Includes only one of the fields error, response.

The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.

response

object

The normal response of the operation in case of success.
If the original method returns no data on success, such as Delete,
the response is google.protobuf.Empty.
If the original method is the standard Create/Update,
the response should be the target resource of the operation.
Any method that returns a long-running operation should document the response type, if any.

Includes only one of the fields error, response.

The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.

StatusStatus

The error result of the operation in case of failure or cancellation.

Field

Description

code

integer (int32)

Error code. An enum value of google.rpc.Code.

message

string

An error message.

details[]

object

A list of messages that carry the error details.

Была ли статья полезна?

Предыдущая
List
Следующая
Update
Создавайте контент и получайте гранты!Готовы написать своё руководство? Участвуйте в контент-программе и получайте гранты на работу с облачными сервисами!
Подробнее о программе
Проект Яндекса
© 2026 ООО «Яндекс.Облако»