Console
    Start free

    gcloud secrets update

    NAME
    gcloud secrets update - update a secret's metadata
    SYNOPSIS
    gcloud secrets update SECRET [ --etag = ETAG ] [ --location = LOCATION ] [ --update-labels =[ KEY = VALUE , …]] [ --add-topics =[ ADD-TOPICS , …]     | --clear-topics     | --remove-topics =[ REMOVE-TOPICS , …]] [ --clear-annotations     | --remove-annotations =[ KEY , …]     | --update-annotations =[ KEY = VALUE , …]] [ --clear-labels     | --remove-labels =[ KEY , …]] [ --clear-version-aliases     | --remove-version-aliases =[ KEY , …]     | --update-version-aliases =[ KEY = VALUE , …]] [ --expire-time = EXPIRE-TIME     | --remove-expiration     | --ttl = TTL ] [ --next-rotation-time = NEXT_ROTATION_TIME --remove-next-rotation-time --remove-rotation-period --remove-rotation-schedule --rotation-period = ROTATION_PERIOD ] [ --regional-kms-key-name = REGIONAL-KMS-KEY-NAME     | --remove-regional-kms-key-name ] [ --remove-version-destroy-ttl     | --version-destroy-ttl = VERSION-DESTROY-TTL ] [ GCLOUD_WIDE_FLAG ]
    DESCRIPTION
    Update a secret's metadata (e.g. labels). This command will return an error if given a secret that does not exist.
    EXAMPLES
    Update the label of a secret named my-secret . 
     gcloud  
secrets  
update  
my-secret  
 --update-labels 
 = 
 foo 
 = 
bar

    Update the label of a secret using an etag.

     gcloud  
secrets  
update  
my-secret  
 --update-labels 
 = 
 foo 
 = 
bar  
 --etag 
 = 
 123

    Update a secret to have a next-rotation-time:

     gcloud  
secrets  
update  
my-secret  
 --next-rotation-time 
 = 
 "2030-01-01T15:30:00-05:00"

    Update a secret to have a next-rotation-time and rotation-period:

     gcloud  
secrets  
update  
my-secret  
 --next-rotation-time 
 = 
 "2030-01-01T15:30:00-05:00" 
  
 --rotation-period 
 = 
 "7200s"

    Update a secret to remove the next-rotation-time:

     gcloud  
secrets  
update  
my-secret  
 --remove-next-rotation-time

    Update a secret to clear rotation policy:

     gcloud  
secrets  
update  
my-secret  
 --remove-rotation-schedule

    Update version destroy ttl of a secret:

     gcloud  
secrets  
update  
my-secret  
 --version-destroy-ttl 
 = 
 "86400s"

    Disable delayed secret version destroy:

     gcloud  
secrets  
update  
my-secret  
 --remove-version-destroy-ttl
    POSITIONAL ARGUMENTS
    Secret resource - The secret to update. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

    To set the project attribute:

    • provide the argument SECRET on the command line with a fully specified name;
    • provide the argument --project on the command line;
    • set the property core/project .

    This must be specified.

    SECRET
    ID of the secret or fully qualified identifier for the secret.

    To set the secret attribute:

    • provide the argument SECRET on the command line.
    FLAGS
    --etag = ETAG
    Current entity tag (ETag) of the secret. If specified, the secret is updated only if the ETag provided matches the current secret's ETag.
    Location resource - The location to update secret. This represents a Cloud resource. (NOTE) Some attributes are not given arguments in this group but can be set in other ways.

    To set the project attribute:

    • provide the argument --location on the command line with a fully specified name;
    • provide the argument --project on the command line;
    • set the property core/project .
    --location = LOCATION
    ID of the location or fully qualified identifier for the location.

    To set the location attribute:

    • provide the argument --location on the command line.
    --update-labels =[ KEY = VALUE ,…]
    List of label KEY=VALUE pairs to update. If a label exists, its value is modified. Otherwise, a new label is created.

    Keys must start with a lowercase character and contain only hyphens ( - ), underscores ( _ ), lowercase characters, and numbers. Values must contain only hyphens ( - ), underscores ( _ ), lowercase characters, and numbers.

    Topics.

    At most one of these can be specified:

    --add-topics =[ ADD-TOPICS ,…]
    List of Pub/Sub topics to add to the secret.
    --clear-topics
    Clear all Pub/Sub topics from the secret.
    --remove-topics =[ REMOVE-TOPICS ,…]
    List of Pub/Sub topics to remove from the secret.
    Annotations

    At most one of these can be specified:

    --clear-annotations
    Remove all Annotations.
    --remove-annotations =[ KEY ,…]
    List of Annotations to be removed.
    --update-annotations =[ KEY = VALUE ,…]
    List of key-value pairs to set as Annotations.
    At most one of these can be specified:
    --clear-labels
    Remove all labels. If --update-labels is also specified then --clear-labels is applied first.

    For example, to remove all labels:

     gcloud  
secrets  
update  
 --clear-labels

    To remove all existing labels and create two new labels, foo and baz :

     gcloud  
secrets  
update  
 --clear-labels 
  
 --update-labels 
  
 foo 
 = 
bar,baz = 
qux
    --remove-labels =[ KEY ,…]
    List of label keys to remove. If a label does not exist it is silently ignored. If --update-labels is also specified then --update-labels is applied first.
    Version Aliases

    At most one of these can be specified:

    --clear-version-aliases
    Remove all Version Aliases.
    --remove-version-aliases =[ KEY ,…]
    List of Version Aliases to be removed.
    --update-version-aliases =[ KEY = VALUE ,…]
    List of key-value pairs to set as Version Aliases.
    Expiration.

    At most one of these can be specified:

    --expire-time = EXPIRE-TIME
    Timestamp at which to automatically delete the secret.
    --remove-expiration
    If set, removes scheduled expiration from secret (if it had one).
    --ttl = TTL
    Duration of time (in seconds) from the running of the command until the secret is automatically deleted.
    Rotation.
    --next-rotation-time = NEXT_ROTATION_TIME
    Timestamp at which to send rotation notification.
    --remove-next-rotation-time
    Remove timestamp at which to send rotation notification.
    --remove-rotation-period
    If set, removes the rotation period, cancelling all rotations except for the next one.
    --remove-rotation-schedule
    If set, removes rotation policy from a secret.
    --rotation-period = ROTATION_PERIOD
    Duration of time (in seconds) between rotation notifications.
    regional kms key.

    At most one of these can be specified:

    --regional-kms-key-name = REGIONAL-KMS-KEY-NAME
    regional kms key name for regional secret.
    --remove-regional-kms-key-name
    If set, removes the regional kms key.
    Version destroy ttl.

    At most one of these can be specified:

    --remove-version-destroy-ttl
    If set, removes the version destroy TTL from the secret.
    --version-destroy-ttl = VERSION-DESTROY-TTL
    Secret Version TTL after destruction request. For secret with TTL>0, version destruction does not happen immediately on calling destroy; instead, the version goes to a disabled state and destruction happens after the TTL expires. See $ gcloud topic datetimes for information on duration formats.
    GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file , --account , --billing-project , --configuration , --flags-file , --flatten , --format , --help , --impersonate-service-account , --log-http , --project , --quiet , --trace-token , --user-output-enabled , --verbosity .

    Run $ gcloud help for details.

    NOTES
    This variant is also available: 
      gcloud  
beta  
secrets  
update
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: