Creating a Secret Version
Function
This API is used to create a new version of a secret to encrypt and store a new secret value. By default, The latest secret version in SYSCURRENT state. The previous version is in the SYSPREVIOUS state. You can overwrite the default behavior by specifying the VersionStage parameter.
Constraints
On the CSMS console, only the secret_string field can be configured. To add binary secrets to the secret_binary field, use an SDK or API.
A secret can have up to 20 versions in CSMS.
You can only add versions to enabled secrets.
Secret versions are numbered v1, v2, v3, and so on based on their creation time.
Debugging
You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.
URI
POST /v1/{project_id}/secrets/{secret_name}/versions
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
project_id |
Yes |
String |
Project ID. |
secret_name |
Yes |
String |
Secret name. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. It can be obtained by calling the IAM API that is used for obtaining a user token. The value of X-Subject-Token in the response header is the user token. |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
secret_binary |
No |
String |
Value of a new secret. The value is encrypted and stored in the initial version of the secret. Type: Base64-encoded binary data object Constraint: Either secret_binary or secret_string must be configured. The maximum size is 32 KB. |
secret_string |
No |
String |
Value of a new secret. The value is encrypted and stored in the initial version of the secret. Constraint: Either secret_binary or secret_string must be configured. The maximum size is 32 KB. |
version_stages |
No |
Array of strings |
Version status added to a secret version when the version is stored. If this parameter is not specified, the SYSCURRENT status is used for the new version. Constraint: The array can contain up to 12 elements. The stage length can be up to 64 bytes. |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
|---|---|---|
version_metadata |
VersionMetadata object |
Status of a secret version. |
Parameter |
Type |
Description |
|---|---|---|
id |
String |
Secret version ID, which is unique under a secret object. |
create_time |
Long |
Time when a secret version was created. The timestamp indicates the total seconds past the start of the epoch date (January 1, 1970). |
kms_key_id |
String |
ID of the KMS CMK used to encrypt a secret version value. |
secret_name |
String |
Secret name. |
version_stages |
Array of strings |
Secret version status list. Every version status is unique under a secret. If you add a status tag in use to a new version, the tag will be automatically removed from the old version. If version_stage is not specified, the temporary tag SYSCURRENT will be added to this version. |
Status code: 400
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 401
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 403
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 404
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 500
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 502
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 504
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Example Requests
{
"secret_string" : "secret_string"
}
Example Responses
Status code: 200
Request succeeded.
{
"version_metadata" : {
"id" : "bb6a3d22-dc93-47ac-b5bd-88df7ad35f1e",
"kms_key_id" : "b168fe00ff56492495a7d22974df2d0b",
"create_time" : 1581507580000,
"secret_name" : "secret-name-demo",
"version_stages" : [ "pending", "used" ]
}
}
Status Codes
Status Code |
Description |
|---|---|
200 |
Request succeeded. |
400 |
Invalid request parameters. |
401 |
You must enter a username and password to access the requested page. |
403 |
Authentication failed. |
404 |
The requested resource does not exist or is not found. |
500 |
Internal service error. |
502 |
Failed to complete the request. The server received an invalid response. |
504 |
Gateway timeout. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
