Hook for Secrets Manager service.

Module Contents



Hook for the Google Secret Manager API.

class'google_cloud_default', impersonation_chain=None, **kwargs)[source]


Hook for the Google Secret Manager API.


All the methods in the hook where project_id is used must be called with keyword arguments rather than positional.

  • gcp_conn_id (str) – The connection ID to use when fetching connection info.

  • impersonation_chain (str | Sequence[str] | None) – Optional service account to impersonate using short-term credentials, or chained list of accounts required to get the access_token of the last account in the list, which will be impersonated in the request. If set as a string, the account must grant the originating account the Service Account Token Creator IAM role. If set as a sequence, the identities from the list must grant Service Account Token Creator IAM role to the directly preceding identity, with first account from the list granting this role to the originating account.


Retrieves the connection to Secret Manager.


Secret Manager client.

Return type

get_secret(secret_id, secret_version='latest', project_id=None)[source]

Get secret value from the Secret Manager.

  • secret_id (str) – Secret Key

  • secret_version (str) – version of the secret (default is ‘latest’)

  • project_id (str | None) – Project id (if you want to override the project_id from credentials)

Was this entry helpful?