@ibm-cloud/secrets-manager 0.1.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/{readme.md → README.md} +6 -8
  2. package/auth/index.d.ts +1 -1
  3. package/lib/common.js +1 -1
  4. package/lib/common.js.map +1 -1
  5. package/package.json +20 -19
  6. package/secrets-manager/v1.d.ts +1682 -347
  7. package/secrets-manager/v1.js +877 -338
  8. package/secrets-manager/v1.js.map +1 -1
package/secrets-manager/v1.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  /**
2
- * (C) Copyright IBM Corp. 2021.
2
+ * (C) Copyright IBM Corp. 2022.
3
3
  *
4
4
  * Licensed under the Apache License, Version 2.0 (the "License");
5
5
  * you may not use this file except in compliance with the License.
@@ -18,8 +18,11 @@ import { IncomingHttpHeaders, OutgoingHttpHeaders } from 'http';
18
18
  import { BaseService, UserOptions } from 'ibm-cloud-sdk-core';
19
19
  /**
20
20
  * With IBM Cloud® Secrets Manager, you can create, lease, and centrally manage secrets that are used in IBM Cloud
21
- * services or your custom-built applications. Secrets are stored in a dedicated instance of Secrets Manager, built on
22
- * open source HashiCorp Vault.
21
+ * services or your custom-built applications. Secrets are stored in a dedicated instance of Secrets Manager, which is
22
+ * built on open source HashiCorp Vault.
23
+ *
24
+ * API Version: 1.0.0
25
+ * See: https://cloud.ibm.com/docs/secrets-manager
23
26
  */
24
27
  declare class SecretsManagerV1 extends BaseService {
25
28
  static DEFAULT_SERVICE_URL: string;
@@ -48,65 +51,6 @@ declare class SecretsManagerV1 extends BaseService {
48
51
  * @returns {SecretsManagerV1}
49
52
  */
50
53
  constructor(options: UserOptions);
51
- /*************************
52
- * config
53
- ************************/
54
- /**
55
- * Configure secrets of a given type.
56
- *
57
- * Updates the configuration for the given secret type.
58
- *
59
- * @param {Object} params - The parameters to send to the service.
60
- * @param {string} params.secretType - The secret type.
61
- * @param {EngineConfigOneOf} params.engineConfigOneOf - The base request for setting secret engine configuration.
62
- * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
63
- * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>}
64
- */
65
- putConfig(params: SecretsManagerV1.PutConfigParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>;
66
- /**
67
- * Get the configuration for a secret type.
68
- *
69
- * Retrieves the configuration that is associated with the given secret type.
70
- *
71
- * @param {Object} params - The parameters to send to the service.
72
- * @param {string} params.secretType - The secret type.
73
- * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
74
- * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetConfig>>}
75
- */
76
- getConfig(params: SecretsManagerV1.GetConfigParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetConfig>>;
77
- /*************************
78
- * policies
79
- ************************/
80
- /**
81
- * Set secret policies.
82
- *
83
- * Creates or updates one or more policies, such as an [automatic rotation
84
- * policy](http://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-rotate-secrets#auto-rotate-secret), for the
85
- * specified secret.
86
- *
87
- * @param {Object} params - The parameters to send to the service.
88
- * @param {string} params.secretType - The secret type.
89
- * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
90
- * @param {CollectionMetadata} params.metadata - The metadata that describes the resource array.
91
- * @param {SecretPolicyRotation[]} params.resources - A collection of resources.
92
- * @param {string} [params.policy] - The type of policy that is associated with the specified secret.
93
- * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
94
- * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretPoliciesOneOf>>}
95
- */
96
- putPolicy(params: SecretsManagerV1.PutPolicyParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretPoliciesOneOf>>;
97
- /**
98
- * List secret policies.
99
- *
100
- * Retrieves a list of policies that are associated with a specified secret.
101
- *
102
- * @param {Object} params - The parameters to send to the service.
103
- * @param {string} params.secretType - The secret type.
104
- * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
105
- * @param {string} [params.policy] - The type of policy that is associated with the specified secret.
106
- * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
107
- * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretPoliciesOneOf>>}
108
- */
109
- getPolicy(params: SecretsManagerV1.GetPolicyParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretPoliciesOneOf>>;
110
54
  /*************************
111
55
  * secretGroups
112
56
  ************************/
@@ -180,13 +124,15 @@ declare class SecretsManagerV1 extends BaseService {
180
124
  /**
181
125
  * Create a secret.
182
126
  *
183
- * Creates a secret that you can use to access or authenticate to a protected resource.
127
+ * Create a secret or import an existing value that you can use to access or authenticate to a protected resource.
184
128
  *
185
- * A successful request stores the secret in your dedicated instance based on the secret type and data that you
186
- * specify. The response returns the ID value of the secret, along with other metadata.
129
+ * Use this method to either generate or import an existing secret, such as an arbitrary value or a TLS certificate,
130
+ * that you can manage in your Secrets Manager service instance. A successful request stores the secret in your
131
+ * dedicated instance based on the secret type and data that you specify. The response returns the ID value of the
132
+ * secret, along with other metadata.
187
133
  *
188
134
  * To learn more about the types of secrets that you can create with Secrets Manager, check out the
189
- * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-basics).
135
+ * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-what-is-secret).
190
136
  *
191
137
  * @param {Object} params - The parameters to send to the service.
192
138
  * @param {string} params.secretType - The secret type.
@@ -258,7 +204,7 @@ declare class SecretsManagerV1 extends BaseService {
258
204
  /**
259
205
  * Get a secret.
260
206
  *
261
- * Retrieves a secret and its details by specifying the ID of the secret.
207
+ * Get a secret and its details by specifying the ID of the secret.
262
208
  *
263
209
  * A successful request returns the secret data that is associated with your secret, along with other metadata. To
264
210
  * view only the details of a specified secret without retrieving its value, use the [Get secret
@@ -276,14 +222,15 @@ declare class SecretsManagerV1 extends BaseService {
276
222
  *
277
223
  * Invokes an action on a specified secret. This method supports the following actions:
278
224
  *
279
- * - `rotate`: Replace the value of an `arbitrary` or `username_password` secret.
225
+ * - `rotate`: Replace the value of a secret.
226
+ * - `restore`: Restore a previous version of an `iam_credentials` secret.
280
227
  * - `delete_credentials`: Delete the API key that is associated with an `iam_credentials` secret.
281
228
  *
282
229
  * @param {Object} params - The parameters to send to the service.
283
230
  * @param {string} params.secretType - The secret type.
284
231
  * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
285
232
  * @param {string} params.action - The action to perform on the specified secret.
286
- * @param {SecretActionOneOf} params.secretActionOneOf - The base request body for invoking an action on a secret.
233
+ * @param {SecretAction} [params.secretAction] - The properties to update for the secret.
287
234
  * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
288
235
  * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecret>>}
289
236
  */
@@ -300,13 +247,66 @@ declare class SecretsManagerV1 extends BaseService {
300
247
  * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>}
301
248
  */
302
249
  deleteSecret(params: SecretsManagerV1.DeleteSecretParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>;
250
+ /**
251
+ * List versions of a secret.
252
+ *
253
+ * Retrieves a list of the versions of a secret.
254
+ *
255
+ * A successful request returns the list of the versions along with the metadata of each version.
256
+ *
257
+ * @param {Object} params - The parameters to send to the service.
258
+ * @param {string} params.secretType - The secret type.
259
+ * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
260
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
261
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretVersions>>}
262
+ */
263
+ listSecretVersions(params: SecretsManagerV1.ListSecretVersionsParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretVersions>>;
264
+ /**
265
+ * Get a version of a secret.
266
+ *
267
+ * Retrieves a version of a secret by specifying the ID of the version or the alias `previous`.
268
+ *
269
+ * A successful request returns the secret data that is associated with the specified version of your secret, along
270
+ * with other metadata.
271
+ *
272
+ * @param {Object} params - The parameters to send to the service.
273
+ * @param {string} params.secretType - The secret type.
274
+ * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
275
+ * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
276
+ * `previous` to retrieve the previous version.
277
+ *
278
+ * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
279
+ * the response details.
280
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
281
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretVersion>>}
282
+ */
283
+ getSecretVersion(params: SecretsManagerV1.GetSecretVersionParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretVersion>>;
284
+ /**
285
+ * Get secret version metadata.
286
+ *
287
+ * Retrieves secret version metadata by specifying the ID of the version or the alias `previous`.
288
+ *
289
+ * A successful request returns the metadata that is associated with the specified version of your secret.
290
+ *
291
+ * @param {Object} params - The parameters to send to the service.
292
+ * @param {string} params.secretType - The secret type.
293
+ * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
294
+ * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
295
+ * `previous` to retrieve the previous version.
296
+ *
297
+ * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
298
+ * the response details.
299
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
300
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretVersionMetadata>>}
301
+ */
302
+ getSecretVersionMetadata(params: SecretsManagerV1.GetSecretVersionMetadataParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretVersionMetadata>>;
303
303
  /**
304
304
  * Get secret metadata.
305
305
  *
306
306
  * Retrieves the details of a secret by specifying the ID.
307
307
  *
308
308
  * A successful request returns only metadata about the secret, such as its name and creation date. To retrieve the
309
- * value of a secret, use the [Get a secret](#get-secret) method.
309
+ * value of a secret, use the [Get a secret](#get-secret) or [Get a version of a secret](#get-secret-version) methods.
310
310
  *
311
311
  * @param {Object} params - The parameters to send to the service.
312
312
  * @param {string} params.secretType - The secret type.
@@ -332,6 +332,142 @@ declare class SecretsManagerV1 extends BaseService {
332
332
  * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.SecretMetadataRequest>>}
333
333
  */
334
334
  updateSecretMetadata(params: SecretsManagerV1.UpdateSecretMetadataParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.SecretMetadataRequest>>;
335
+ /*************************
336
+ * policies
337
+ ************************/
338
+ /**
339
+ * Set secret policies.
340
+ *
341
+ * Creates or updates one or more policies, such as an [automatic rotation
342
+ * policy](http://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-rotate-secrets#auto-rotate-secret), for the
343
+ * specified secret.
344
+ *
345
+ * @param {Object} params - The parameters to send to the service.
346
+ * @param {string} params.secretType - The secret type.
347
+ * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
348
+ * @param {CollectionMetadata} params.metadata - The metadata that describes the resource array.
349
+ * @param {SecretPolicyRotation[]} params.resources - A collection of resources.
350
+ * @param {string} [params.policy] - The type of policy that is associated with the specified secret.
351
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
352
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretPolicies>>}
353
+ */
354
+ putPolicy(params: SecretsManagerV1.PutPolicyParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretPolicies>>;
355
+ /**
356
+ * List secret policies.
357
+ *
358
+ * Retrieves a list of policies that are associated with a specified secret.
359
+ *
360
+ * @param {Object} params - The parameters to send to the service.
361
+ * @param {string} params.secretType - The secret type.
362
+ * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
363
+ * @param {string} [params.policy] - The type of policy that is associated with the specified secret.
364
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
365
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretPolicies>>}
366
+ */
367
+ getPolicy(params: SecretsManagerV1.GetPolicyParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretPolicies>>;
368
+ /*************************
369
+ * config
370
+ ************************/
371
+ /**
372
+ * Set the configuration of a secret type.
373
+ *
374
+ * Sets the configuration for the specified secret type.
375
+ *
376
+ * Use this method to configure the IAM credentials (`iam_credentials`) engine for your service instance. Looking to
377
+ * set up certificate ordering? To configure the public certificates (`public_cert`) engine, use the [Add a
378
+ * configuration](#create_config_element) method.
379
+ *
380
+ * @param {Object} params - The parameters to send to the service.
381
+ * @param {string} params.secretType - The secret type.
382
+ * @param {EngineConfig} params.engineConfig - Properties to update for a secrets engine.
383
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
384
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>}
385
+ */
386
+ putConfig(params: SecretsManagerV1.PutConfigParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>;
387
+ /**
388
+ * Get the configuration of a secret type.
389
+ *
390
+ * Retrieves the configuration that is associated with the specified secret type.
391
+ *
392
+ * @param {Object} params - The parameters to send to the service.
393
+ * @param {string} params.secretType - The secret type.
394
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
395
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetConfig>>}
396
+ */
397
+ getConfig(params: SecretsManagerV1.GetConfigParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetConfig>>;
398
+ /**
399
+ * Add a configuration.
400
+ *
401
+ * Adds a configuration element to the specified secret type.
402
+ *
403
+ * Use this method to define the configurations that are required to enable the public certificates (`public_cert`)
404
+ * engine. You can add up to 10 certificate authority and DNS provider configurations for your instance.
405
+ *
406
+ * @param {Object} params - The parameters to send to the service.
407
+ * @param {string} params.secretType - The secret type.
408
+ * @param {string} params.configElement - The configuration element to define or manage.
409
+ * @param {string} params.name - The human-readable name to assign to your configuration.
410
+ * @param {string} params.type - The type of configuration. Value options differ depending on the `config_element`
411
+ * property that you want to define.
412
+ * @param {JsonObject} params.config - The configuration to define for the specified secret type.
413
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
414
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSingleConfigElement>>}
415
+ */
416
+ createConfigElement(params: SecretsManagerV1.CreateConfigElementParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSingleConfigElement>>;
417
+ /**
418
+ * List configurations.
419
+ *
420
+ * Lists the configuration elements that are associated with a specified secret type.
421
+ *
422
+ * @param {Object} params - The parameters to send to the service.
423
+ * @param {string} params.secretType - The secret type.
424
+ * @param {string} params.configElement - The configuration element to define or manage.
425
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
426
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetConfigElements>>}
427
+ */
428
+ getConfigElements(params: SecretsManagerV1.GetConfigElementsParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetConfigElements>>;
429
+ /**
430
+ * Get a configuration.
431
+ *
432
+ * Retrieves the details of a specific configuration that is associated with a secret type.
433
+ *
434
+ * @param {Object} params - The parameters to send to the service.
435
+ * @param {string} params.secretType - The secret type.
436
+ * @param {string} params.configElement - The configuration element to define or manage.
437
+ * @param {string} params.configName - The name of your configuration.
438
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
439
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSingleConfigElement>>}
440
+ */
441
+ getConfigElement(params: SecretsManagerV1.GetConfigElementParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSingleConfigElement>>;
442
+ /**
443
+ * Update a configuration.
444
+ *
445
+ * Updates a configuration element that is associated with the specified secret type.
446
+ *
447
+ * @param {Object} params - The parameters to send to the service.
448
+ * @param {string} params.secretType - The secret type.
449
+ * @param {string} params.configElement - The configuration element to define or manage.
450
+ * @param {string} params.configName - The name of your configuration.
451
+ * @param {string} params.type - The type of configuration. Value options differ depending on the `config_element`
452
+ * property that you want to define.
453
+ * @param {JsonObject} params.config - Properties that describe a configuration, which depends on type.
454
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
455
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSingleConfigElement>>}
456
+ */
457
+ updateConfigElement(params: SecretsManagerV1.UpdateConfigElementParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSingleConfigElement>>;
458
+ /**
459
+ * Delete a configuration.
460
+ *
461
+ * Deletes a configuration element from the specified secret type.
462
+ *
463
+ * @param {Object} params - The parameters to send to the service.
464
+ * @param {string} params.secretType - The secret type.
465
+ * @param {string} params.configElement - The configuration element to define or manage.
466
+ * @param {string} params.configName - The name of your configuration.
467
+ * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
468
+ * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>}
469
+ */
470
+ deleteConfigElement(params: SecretsManagerV1.DeleteConfigElementParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>;
335
471
  }
336
472
  /*************************
337
473
  * interfaces
@@ -356,80 +492,6 @@ declare namespace SecretsManagerV1 {
356
492
  /*************************
357
493
  * request interfaces
358
494
  ************************/
359
- /** Parameters for the `putConfig` operation. */
360
- interface PutConfigParams {
361
- /** The secret type. */
362
- secretType: PutConfigConstants.SecretType | string;
363
- /** The base request for setting secret engine configuration. */
364
- engineConfigOneOf: EngineConfigOneOf;
365
- headers?: OutgoingHttpHeaders;
366
- }
367
- /** Constants for the `putConfig` operation. */
368
- namespace PutConfigConstants {
369
- /** The secret type. */
370
- enum SecretType {
371
- IAM_CREDENTIALS = "iam_credentials"
372
- }
373
- }
374
- /** Parameters for the `getConfig` operation. */
375
- interface GetConfigParams {
376
- /** The secret type. */
377
- secretType: GetConfigConstants.SecretType | string;
378
- headers?: OutgoingHttpHeaders;
379
- }
380
- /** Constants for the `getConfig` operation. */
381
- namespace GetConfigConstants {
382
- /** The secret type. */
383
- enum SecretType {
384
- IAM_CREDENTIALS = "iam_credentials"
385
- }
386
- }
387
- /** Parameters for the `putPolicy` operation. */
388
- interface PutPolicyParams {
389
- /** The secret type. */
390
- secretType: PutPolicyConstants.SecretType | string;
391
- /** The v4 UUID that uniquely identifies the secret. */
392
- id: string;
393
- /** The metadata that describes the resource array. */
394
- metadata: CollectionMetadata;
395
- /** A collection of resources. */
396
- resources: SecretPolicyRotation[];
397
- /** The type of policy that is associated with the specified secret. */
398
- policy?: PutPolicyConstants.Policy | string;
399
- headers?: OutgoingHttpHeaders;
400
- }
401
- /** Constants for the `putPolicy` operation. */
402
- namespace PutPolicyConstants {
403
- /** The secret type. */
404
- enum SecretType {
405
- USERNAME_PASSWORD = "username_password"
406
- }
407
- /** The type of policy that is associated with the specified secret. */
408
- enum Policy {
409
- ROTATION = "rotation"
410
- }
411
- }
412
- /** Parameters for the `getPolicy` operation. */
413
- interface GetPolicyParams {
414
- /** The secret type. */
415
- secretType: GetPolicyConstants.SecretType | string;
416
- /** The v4 UUID that uniquely identifies the secret. */
417
- id: string;
418
- /** The type of policy that is associated with the specified secret. */
419
- policy?: GetPolicyConstants.Policy | string;
420
- headers?: OutgoingHttpHeaders;
421
- }
422
- /** Constants for the `getPolicy` operation. */
423
- namespace GetPolicyConstants {
424
- /** The secret type. */
425
- enum SecretType {
426
- USERNAME_PASSWORD = "username_password"
427
- }
428
- /** The type of policy that is associated with the specified secret. */
429
- enum Policy {
430
- ROTATION = "rotation"
431
- }
432
- }
433
495
  /** Parameters for the `createSecretGroup` operation. */
434
496
  interface CreateSecretGroupParams {
435
497
  /** The metadata that describes the resource array. */
@@ -479,8 +541,11 @@ declare namespace SecretsManagerV1 {
479
541
  /** The secret type. */
480
542
  enum SecretType {
481
543
  ARBITRARY = "arbitrary",
544
+ IAM_CREDENTIALS = "iam_credentials",
545
+ IMPORTED_CERT = "imported_cert",
546
+ PUBLIC_CERT = "public_cert",
482
547
  USERNAME_PASSWORD = "username_password",
483
- IAM_CREDENTIALS = "iam_credentials"
548
+ KV = "kv"
484
549
  }
485
550
  }
486
551
  /** Parameters for the `listSecrets` operation. */
@@ -508,8 +573,11 @@ declare namespace SecretsManagerV1 {
508
573
  /** The secret type. */
509
574
  enum SecretType {
510
575
  ARBITRARY = "arbitrary",
576
+ IAM_CREDENTIALS = "iam_credentials",
577
+ IMPORTED_CERT = "imported_cert",
578
+ PUBLIC_CERT = "public_cert",
511
579
  USERNAME_PASSWORD = "username_password",
512
- IAM_CREDENTIALS = "iam_credentials"
580
+ KV = "kv"
513
581
  }
514
582
  }
515
583
  /** Parameters for the `listAllSecrets` operation. */
@@ -576,8 +644,11 @@ declare namespace SecretsManagerV1 {
576
644
  /** The secret type. */
577
645
  enum SecretType {
578
646
  ARBITRARY = "arbitrary",
647
+ IAM_CREDENTIALS = "iam_credentials",
648
+ IMPORTED_CERT = "imported_cert",
649
+ PUBLIC_CERT = "public_cert",
579
650
  USERNAME_PASSWORD = "username_password",
580
- IAM_CREDENTIALS = "iam_credentials"
651
+ KV = "kv"
581
652
  }
582
653
  }
583
654
  /** Parameters for the `updateSecret` operation. */
@@ -588,8 +659,8 @@ declare namespace SecretsManagerV1 {
588
659
  id: string;
589
660
  /** The action to perform on the specified secret. */
590
661
  action: UpdateSecretConstants.Action | string;
591
- /** The base request body for invoking an action on a secret. */
592
- secretActionOneOf: SecretActionOneOf;
662
+ /** The properties to update for the secret. */
663
+ secretAction?: SecretAction;
593
664
  headers?: OutgoingHttpHeaders;
594
665
  }
595
666
  /** Constants for the `updateSecret` operation. */
@@ -597,12 +668,16 @@ declare namespace SecretsManagerV1 {
597
668
  /** The secret type. */
598
669
  enum SecretType {
599
670
  ARBITRARY = "arbitrary",
671
+ IAM_CREDENTIALS = "iam_credentials",
672
+ IMPORTED_CERT = "imported_cert",
673
+ PUBLIC_CERT = "public_cert",
600
674
  USERNAME_PASSWORD = "username_password",
601
- IAM_CREDENTIALS = "iam_credentials"
675
+ KV = "kv"
602
676
  }
603
677
  /** The action to perform on the specified secret. */
604
678
  enum Action {
605
679
  ROTATE = "rotate",
680
+ RESTORE = "restore",
606
681
  DELETE_CREDENTIALS = "delete_credentials"
607
682
  }
608
683
  }
@@ -619,37 +694,117 @@ declare namespace SecretsManagerV1 {
619
694
  /** The secret type. */
620
695
  enum SecretType {
621
696
  ARBITRARY = "arbitrary",
697
+ IAM_CREDENTIALS = "iam_credentials",
698
+ IMPORTED_CERT = "imported_cert",
699
+ PUBLIC_CERT = "public_cert",
622
700
  USERNAME_PASSWORD = "username_password",
623
- IAM_CREDENTIALS = "iam_credentials"
701
+ KV = "kv"
624
702
  }
625
703
  }
626
- /** Parameters for the `getSecretMetadata` operation. */
627
- interface GetSecretMetadataParams {
704
+ /** Parameters for the `listSecretVersions` operation. */
705
+ interface ListSecretVersionsParams {
628
706
  /** The secret type. */
629
- secretType: GetSecretMetadataConstants.SecretType | string;
707
+ secretType: ListSecretVersionsConstants.SecretType | string;
630
708
  /** The v4 UUID that uniquely identifies the secret. */
631
709
  id: string;
632
710
  headers?: OutgoingHttpHeaders;
633
711
  }
634
- /** Constants for the `getSecretMetadata` operation. */
635
- namespace GetSecretMetadataConstants {
712
+ /** Constants for the `listSecretVersions` operation. */
713
+ namespace ListSecretVersionsConstants {
636
714
  /** The secret type. */
637
715
  enum SecretType {
638
716
  ARBITRARY = "arbitrary",
717
+ IAM_CREDENTIALS = "iam_credentials",
718
+ IMPORTED_CERT = "imported_cert",
719
+ PUBLIC_CERT = "public_cert",
639
720
  USERNAME_PASSWORD = "username_password",
640
- IAM_CREDENTIALS = "iam_credentials"
721
+ KV = "kv"
641
722
  }
642
723
  }
643
- /** Parameters for the `updateSecretMetadata` operation. */
644
- interface UpdateSecretMetadataParams {
724
+ /** Parameters for the `getSecretVersion` operation. */
725
+ interface GetSecretVersionParams {
645
726
  /** The secret type. */
646
- secretType: UpdateSecretMetadataConstants.SecretType | string;
727
+ secretType: GetSecretVersionConstants.SecretType | string;
647
728
  /** The v4 UUID that uniquely identifies the secret. */
648
729
  id: string;
649
- /** The metadata that describes the resource array. */
650
- metadata: CollectionMetadata;
651
- /** A collection of resources. */
652
- resources: SecretMetadata[];
730
+ /** The v4 UUID that uniquely identifies the secret version. You can also use `previous` to retrieve the
731
+ * previous version.
732
+ *
733
+ * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and
734
+ * check the response details.
735
+ */
736
+ versionId: string;
737
+ headers?: OutgoingHttpHeaders;
738
+ }
739
+ /** Constants for the `getSecretVersion` operation. */
740
+ namespace GetSecretVersionConstants {
741
+ /** The secret type. */
742
+ enum SecretType {
743
+ ARBITRARY = "arbitrary",
744
+ IAM_CREDENTIALS = "iam_credentials",
745
+ IMPORTED_CERT = "imported_cert",
746
+ PUBLIC_CERT = "public_cert",
747
+ USERNAME_PASSWORD = "username_password",
748
+ KV = "kv"
749
+ }
750
+ }
751
+ /** Parameters for the `getSecretVersionMetadata` operation. */
752
+ interface GetSecretVersionMetadataParams {
753
+ /** The secret type. */
754
+ secretType: GetSecretVersionMetadataConstants.SecretType | string;
755
+ /** The v4 UUID that uniquely identifies the secret. */
756
+ id: string;
757
+ /** The v4 UUID that uniquely identifies the secret version. You can also use `previous` to retrieve the
758
+ * previous version.
759
+ *
760
+ * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and
761
+ * check the response details.
762
+ */
763
+ versionId: string;
764
+ headers?: OutgoingHttpHeaders;
765
+ }
766
+ /** Constants for the `getSecretVersionMetadata` operation. */
767
+ namespace GetSecretVersionMetadataConstants {
768
+ /** The secret type. */
769
+ enum SecretType {
770
+ ARBITRARY = "arbitrary",
771
+ IAM_CREDENTIALS = "iam_credentials",
772
+ IMPORTED_CERT = "imported_cert",
773
+ PUBLIC_CERT = "public_cert",
774
+ USERNAME_PASSWORD = "username_password",
775
+ KV = "kv"
776
+ }
777
+ }
778
+ /** Parameters for the `getSecretMetadata` operation. */
779
+ interface GetSecretMetadataParams {
780
+ /** The secret type. */
781
+ secretType: GetSecretMetadataConstants.SecretType | string;
782
+ /** The v4 UUID that uniquely identifies the secret. */
783
+ id: string;
784
+ headers?: OutgoingHttpHeaders;
785
+ }
786
+ /** Constants for the `getSecretMetadata` operation. */
787
+ namespace GetSecretMetadataConstants {
788
+ /** The secret type. */
789
+ enum SecretType {
790
+ ARBITRARY = "arbitrary",
791
+ IAM_CREDENTIALS = "iam_credentials",
792
+ IMPORTED_CERT = "imported_cert",
793
+ PUBLIC_CERT = "public_cert",
794
+ USERNAME_PASSWORD = "username_password",
795
+ KV = "kv"
796
+ }
797
+ }
798
+ /** Parameters for the `updateSecretMetadata` operation. */
799
+ interface UpdateSecretMetadataParams {
800
+ /** The secret type. */
801
+ secretType: UpdateSecretMetadataConstants.SecretType | string;
802
+ /** The v4 UUID that uniquely identifies the secret. */
803
+ id: string;
804
+ /** The metadata that describes the resource array. */
805
+ metadata: CollectionMetadata;
806
+ /** A collection of resources. */
807
+ resources: SecretMetadata[];
653
808
  headers?: OutgoingHttpHeaders;
654
809
  }
655
810
  /** Constants for the `updateSecretMetadata` operation. */
@@ -657,10 +812,224 @@ declare namespace SecretsManagerV1 {
657
812
  /** The secret type. */
658
813
  enum SecretType {
659
814
  ARBITRARY = "arbitrary",
815
+ IAM_CREDENTIALS = "iam_credentials",
816
+ IMPORTED_CERT = "imported_cert",
817
+ PUBLIC_CERT = "public_cert",
818
+ USERNAME_PASSWORD = "username_password",
819
+ KV = "kv"
820
+ }
821
+ }
822
+ /** Parameters for the `putPolicy` operation. */
823
+ interface PutPolicyParams {
824
+ /** The secret type. */
825
+ secretType: PutPolicyConstants.SecretType | string;
826
+ /** The v4 UUID that uniquely identifies the secret. */
827
+ id: string;
828
+ /** The metadata that describes the resource array. */
829
+ metadata: CollectionMetadata;
830
+ /** A collection of resources. */
831
+ resources: SecretPolicyRotation[];
832
+ /** The type of policy that is associated with the specified secret. */
833
+ policy?: PutPolicyConstants.Policy | string;
834
+ headers?: OutgoingHttpHeaders;
835
+ }
836
+ /** Constants for the `putPolicy` operation. */
837
+ namespace PutPolicyConstants {
838
+ /** The secret type. */
839
+ enum SecretType {
840
+ USERNAME_PASSWORD = "username_password",
841
+ PUBLIC_CERT = "public_cert"
842
+ }
843
+ /** The type of policy that is associated with the specified secret. */
844
+ enum Policy {
845
+ ROTATION = "rotation"
846
+ }
847
+ }
848
+ /** Parameters for the `getPolicy` operation. */
849
+ interface GetPolicyParams {
850
+ /** The secret type. */
851
+ secretType: GetPolicyConstants.SecretType | string;
852
+ /** The v4 UUID that uniquely identifies the secret. */
853
+ id: string;
854
+ /** The type of policy that is associated with the specified secret. */
855
+ policy?: GetPolicyConstants.Policy | string;
856
+ headers?: OutgoingHttpHeaders;
857
+ }
858
+ /** Constants for the `getPolicy` operation. */
859
+ namespace GetPolicyConstants {
860
+ /** The secret type. */
861
+ enum SecretType {
660
862
  USERNAME_PASSWORD = "username_password",
863
+ PUBLIC_CERT = "public_cert"
864
+ }
865
+ /** The type of policy that is associated with the specified secret. */
866
+ enum Policy {
867
+ ROTATION = "rotation"
868
+ }
869
+ }
870
+ /** Parameters for the `putConfig` operation. */
871
+ interface PutConfigParams {
872
+ /** The secret type. */
873
+ secretType: PutConfigConstants.SecretType | string;
874
+ /** Properties to update for a secrets engine. */
875
+ engineConfig: EngineConfig;
876
+ headers?: OutgoingHttpHeaders;
877
+ }
878
+ /** Constants for the `putConfig` operation. */
879
+ namespace PutConfigConstants {
880
+ /** The secret type. */
881
+ enum SecretType {
661
882
  IAM_CREDENTIALS = "iam_credentials"
662
883
  }
663
884
  }
885
+ /** Parameters for the `getConfig` operation. */
886
+ interface GetConfigParams {
887
+ /** The secret type. */
888
+ secretType: GetConfigConstants.SecretType | string;
889
+ headers?: OutgoingHttpHeaders;
890
+ }
891
+ /** Constants for the `getConfig` operation. */
892
+ namespace GetConfigConstants {
893
+ /** The secret type. */
894
+ enum SecretType {
895
+ IAM_CREDENTIALS = "iam_credentials",
896
+ PUBLIC_CERT = "public_cert"
897
+ }
898
+ }
899
+ /** Parameters for the `createConfigElement` operation. */
900
+ interface CreateConfigElementParams {
901
+ /** The secret type. */
902
+ secretType: CreateConfigElementConstants.SecretType | string;
903
+ /** The configuration element to define or manage. */
904
+ configElement: CreateConfigElementConstants.ConfigElement | string;
905
+ /** The human-readable name to assign to your configuration. */
906
+ name: string;
907
+ /** The type of configuration. Value options differ depending on the `config_element` property that you want to
908
+ * define.
909
+ */
910
+ type: CreateConfigElementConstants.Type | string;
911
+ /** The configuration to define for the specified secret type. */
912
+ config: JsonObject;
913
+ headers?: OutgoingHttpHeaders;
914
+ }
915
+ /** Constants for the `createConfigElement` operation. */
916
+ namespace CreateConfigElementConstants {
917
+ /** The secret type. */
918
+ enum SecretType {
919
+ PUBLIC_CERT = "public_cert"
920
+ }
921
+ /** The configuration element to define or manage. */
922
+ enum ConfigElement {
923
+ CERTIFICATE_AUTHORITIES = "certificate_authorities",
924
+ DNS_PROVIDERS = "dns_providers"
925
+ }
926
+ /** The type of configuration. Value options differ depending on the `config_element` property that you want to define. */
927
+ enum Type {
928
+ LETSENCRYPT = "letsencrypt",
929
+ LETSENCRYPT_STAGE = "letsencrypt-stage",
930
+ CIS = "cis",
931
+ CLASSIC_INFRASTRUCTURE = "classic_infrastructure"
932
+ }
933
+ }
934
+ /** Parameters for the `getConfigElements` operation. */
935
+ interface GetConfigElementsParams {
936
+ /** The secret type. */
937
+ secretType: GetConfigElementsConstants.SecretType | string;
938
+ /** The configuration element to define or manage. */
939
+ configElement: GetConfigElementsConstants.ConfigElement | string;
940
+ headers?: OutgoingHttpHeaders;
941
+ }
942
+ /** Constants for the `getConfigElements` operation. */
943
+ namespace GetConfigElementsConstants {
944
+ /** The secret type. */
945
+ enum SecretType {
946
+ PUBLIC_CERT = "public_cert"
947
+ }
948
+ /** The configuration element to define or manage. */
949
+ enum ConfigElement {
950
+ CERTIFICATE_AUTHORITIES = "certificate_authorities",
951
+ DNS_PROVIDERS = "dns_providers"
952
+ }
953
+ }
954
+ /** Parameters for the `getConfigElement` operation. */
955
+ interface GetConfigElementParams {
956
+ /** The secret type. */
957
+ secretType: GetConfigElementConstants.SecretType | string;
958
+ /** The configuration element to define or manage. */
959
+ configElement: GetConfigElementConstants.ConfigElement | string;
960
+ /** The name of your configuration. */
961
+ configName: string;
962
+ headers?: OutgoingHttpHeaders;
963
+ }
964
+ /** Constants for the `getConfigElement` operation. */
965
+ namespace GetConfigElementConstants {
966
+ /** The secret type. */
967
+ enum SecretType {
968
+ PUBLIC_CERT = "public_cert"
969
+ }
970
+ /** The configuration element to define or manage. */
971
+ enum ConfigElement {
972
+ CERTIFICATE_AUTHORITIES = "certificate_authorities",
973
+ DNS_PROVIDERS = "dns_providers"
974
+ }
975
+ }
976
+ /** Parameters for the `updateConfigElement` operation. */
977
+ interface UpdateConfigElementParams {
978
+ /** The secret type. */
979
+ secretType: UpdateConfigElementConstants.SecretType | string;
980
+ /** The configuration element to define or manage. */
981
+ configElement: UpdateConfigElementConstants.ConfigElement | string;
982
+ /** The name of your configuration. */
983
+ configName: string;
984
+ /** The type of configuration. Value options differ depending on the `config_element` property that you want to
985
+ * define.
986
+ */
987
+ type: UpdateConfigElementConstants.Type | string;
988
+ /** Properties that describe a configuration, which depends on type. */
989
+ config: JsonObject;
990
+ headers?: OutgoingHttpHeaders;
991
+ }
992
+ /** Constants for the `updateConfigElement` operation. */
993
+ namespace UpdateConfigElementConstants {
994
+ /** The secret type. */
995
+ enum SecretType {
996
+ PUBLIC_CERT = "public_cert"
997
+ }
998
+ /** The configuration element to define or manage. */
999
+ enum ConfigElement {
1000
+ CERTIFICATE_AUTHORITIES = "certificate_authorities",
1001
+ DNS_PROVIDERS = "dns_providers"
1002
+ }
1003
+ /** The type of configuration. Value options differ depending on the `config_element` property that you want to define. */
1004
+ enum Type {
1005
+ LETSENCRYPT = "letsencrypt",
1006
+ LETSENCRYPT_STAGE = "letsencrypt-stage",
1007
+ CIS = "cis",
1008
+ CLASSIC_INFRASTRUCTURE = "classic_infrastructure"
1009
+ }
1010
+ }
1011
+ /** Parameters for the `deleteConfigElement` operation. */
1012
+ interface DeleteConfigElementParams {
1013
+ /** The secret type. */
1014
+ secretType: DeleteConfigElementConstants.SecretType | string;
1015
+ /** The configuration element to define or manage. */
1016
+ configElement: DeleteConfigElementConstants.ConfigElement | string;
1017
+ /** The name of your configuration. */
1018
+ configName: string;
1019
+ headers?: OutgoingHttpHeaders;
1020
+ }
1021
+ /** Constants for the `deleteConfigElement` operation. */
1022
+ namespace DeleteConfigElementConstants {
1023
+ /** The secret type. */
1024
+ enum SecretType {
1025
+ PUBLIC_CERT = "public_cert"
1026
+ }
1027
+ /** The configuration element to define or manage. */
1028
+ enum ConfigElement {
1029
+ CERTIFICATE_AUTHORITIES = "certificate_authorities",
1030
+ DNS_PROVIDERS = "dns_providers"
1031
+ }
1032
+ }
664
1033
  /*************************
665
1034
  * model interfaces
666
1035
  ************************/
@@ -671,82 +1040,153 @@ declare namespace SecretsManagerV1 {
671
1040
  /** The number of elements in the resource array. */
672
1041
  collection_total: number;
673
1042
  }
674
- /** The base schema for creating secrets. */
1043
+ /** The configuration to add or update. */
1044
+ interface ConfigElementDef {
1045
+ /** The human-readable name to assign to your configuration. */
1046
+ name: string;
1047
+ /** The type of configuration. Value options differ depending on the `config_element` property that you want to
1048
+ * define.
1049
+ */
1050
+ type: string;
1051
+ /** The configuration to define for the specified secret type. */
1052
+ config: JsonObject;
1053
+ }
1054
+ /** Properties that describe a configuration element. */
1055
+ interface ConfigElementMetadata {
1056
+ /** The human-readable name to assign to your configuration. */
1057
+ name: string;
1058
+ /** The type of configuration. Value options differ depending on the `config_element` property that you want to
1059
+ * define.
1060
+ */
1061
+ type: string;
1062
+ }
1063
+ /** Properties that describe a secret. */
675
1064
  interface CreateSecret {
676
1065
  /** The metadata that describes the resource array. */
677
1066
  metadata: CollectionMetadata;
678
1067
  /** A collection of resources. */
679
1068
  resources: SecretResource[];
680
1069
  }
681
- /** EngineConfigOneOf. */
682
- interface EngineConfigOneOf {
1070
+ /** EngineConfig. */
1071
+ interface EngineConfig {
683
1072
  }
684
- /** Configuration that is used to generate IAM credentials. */
1073
+ /** Configuration for the specified secret type. */
685
1074
  interface GetConfig {
686
1075
  /** The metadata that describes the resource array. */
687
1076
  metadata: CollectionMetadata;
688
1077
  /** A collection of resources. */
689
- resources: IAMSecretEngineRootConfig[];
1078
+ resources: GetConfigResourcesItem[];
1079
+ }
1080
+ /** Properties that describe a list of configurations. */
1081
+ interface GetConfigElements {
1082
+ /** The metadata that describes the resource array. */
1083
+ metadata: CollectionMetadata;
1084
+ /** A collection of resources. */
1085
+ resources: GetConfigElementsResourcesItem[];
690
1086
  }
691
- /** The base schema for retrieving a secret. */
1087
+ /** GetConfigElementsResourcesItem. */
1088
+ interface GetConfigElementsResourcesItem {
1089
+ }
1090
+ /** GetConfigResourcesItem. */
1091
+ interface GetConfigResourcesItem {
1092
+ }
1093
+ /** Properties that describe a secret. */
692
1094
  interface GetSecret {
693
1095
  /** The metadata that describes the resource array. */
694
1096
  metadata: CollectionMetadata;
695
1097
  /** A collection of resources. */
696
1098
  resources: SecretResource[];
697
1099
  }
698
- /** GetSecretPoliciesOneOf. */
699
- interface GetSecretPoliciesOneOf {
1100
+ /** GetSecretPolicies. */
1101
+ interface GetSecretPolicies {
700
1102
  }
701
- /** Properties that are associated with a rotation policy. */
702
- interface GetSecretPoliciesOneOfGetSecretPolicyRotationResourcesItem {
703
- /** The v4 UUID that uniquely identifies the policy. */
704
- id: string;
705
- /** The Cloud Resource Name (CRN) that uniquely identifies your cloud resources. */
706
- crn?: string;
707
- /** The date the policy was created. The date format follows RFC 3339. */
708
- creation_date?: string;
709
- /** The unique identifier for the entity that created the policy. */
710
- created_by?: string;
711
- /** Updates when the policy is replaced or modified. The date format follows RFC 3339. */
712
- last_update_date?: string;
713
- /** The unique identifier for the entity that updated the policy. */
714
- updated_by?: string;
715
- /** The MIME type that represents the policy. Currently, only the default is supported. */
716
- type: string;
717
- /** The secret rotation time interval. */
718
- rotation: SecretPolicyRotationRotation;
1103
+ /** Properties that describe the version of a secret. */
1104
+ interface GetSecretVersion {
1105
+ /** The metadata that describes the resource array. */
1106
+ metadata: CollectionMetadata;
1107
+ /** A collection of resources. */
1108
+ resources: SecretVersion[];
1109
+ }
1110
+ /** Properties that describe the version of a secret. */
1111
+ interface GetSecretVersionMetadata {
1112
+ /** The metadata that describes the resource array. */
1113
+ metadata: CollectionMetadata;
1114
+ /** A collection of resources. */
1115
+ resources: SecretVersionMetadata[];
1116
+ }
1117
+ /** Properties that describe a configuration. */
1118
+ interface GetSingleConfigElement {
1119
+ /** The metadata that describes the resource array. */
1120
+ metadata: CollectionMetadata;
1121
+ /** A collection of resources. */
1122
+ resources: ConfigElementDef[];
719
1123
  }
720
- /** Configuration that is used to generate IAM credentials. */
721
- interface IAMSecretEngineRootConfig {
722
- /** An IBM Cloud API key that has the capability to create and manage service IDs.
1124
+ /** Issuance information that is associated with your certificate. */
1125
+ interface IssuanceInfo {
1126
+ /** The date the certificate was ordered. The date format follows RFC 3339. */
1127
+ ordered_on?: string;
1128
+ /** A code that identifies an issuance error.
723
1129
  *
724
- * The API key must be assigned the Editor platform role on the Access Groups Service and the Operator platform
725
- * role on the IAM Identity Service. For more information, see [Enabling the IAM secrets
726
- * engine](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-engines#configure-iam-engine).
1130
+ * This field, along with `error_message`, is returned when Secrets Manager successfully processes your request,
1131
+ * but a certificate is unable to be issued by the certificate authority.
727
1132
  */
728
- api_key: string;
729
- /** The hash value of the IBM Cloud API key that is used to create and manage service IDs. */
730
- api_key_hash?: string;
1133
+ error_code?: string;
1134
+ /** A human-readable message that provides details about the issuance error. */
1135
+ error_message?: string;
1136
+ /** Indicates whether the issued certificate is bundled with intermediate certificates. */
1137
+ bundle_certs?: boolean;
1138
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
1139
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
1140
+ */
1141
+ state?: number;
1142
+ /** A text representation of the secret state. */
1143
+ state_description?: string;
1144
+ /** Indicates whether the issued certificate is configured with an automatic rotation policy. */
1145
+ auto_rotated?: boolean;
1146
+ /** The name that was assigned to the certificate authority configuration. */
1147
+ ca?: string;
1148
+ /** The name that was assigned to the DNS provider configuration. */
1149
+ dns?: string;
731
1150
  }
732
- /** The base schema for listing secrets. */
1151
+ /** Properties that describe a list of versions of a secret. */
1152
+ interface ListSecretVersions {
1153
+ /** The metadata that describes the resource array. */
1154
+ metadata: CollectionMetadata;
1155
+ /** A collection of resources. */
1156
+ resources?: SecretVersionInfo[];
1157
+ }
1158
+ /** Properties that describe a list of secrets. */
733
1159
  interface ListSecrets {
734
1160
  /** The metadata that describes the resource array. */
735
1161
  metadata: CollectionMetadata;
736
1162
  /** A collection of resources. */
737
1163
  resources?: SecretResource[];
738
1164
  }
739
- /** SecretActionOneOf. */
740
- interface SecretActionOneOf {
1165
+ /** Rotation. */
1166
+ interface Rotation {
1167
+ /** Determines whether Secrets Manager rotates your certificate automatically.
1168
+ *
1169
+ * If set to `true`, the service reorders your certificate 31 days before it expires. To access the previous
1170
+ * version of the certificate, you can use the [Get a version of a secret](#get-secret-version) method.
1171
+ */
1172
+ auto_rotate?: boolean;
1173
+ /** Determines whether Secrets Manager rotates the private key for your certificate automatically.
1174
+ *
1175
+ * If set to `true`, the service generates and stores a new private key for your rotated certificate.
1176
+ */
1177
+ rotate_keys?: boolean;
1178
+ }
1179
+ /** SecretAction. */
1180
+ interface SecretAction {
741
1181
  }
742
- /** The base schema definition for a secret group. */
1182
+ /** Properties that describe a secret group. */
743
1183
  interface SecretGroupDef {
744
1184
  /** The metadata that describes the resource array. */
745
1185
  metadata: CollectionMetadata;
746
1186
  /** A collection of resources. */
747
1187
  resources: SecretGroupResource[];
748
1188
  }
749
- /** Metadata properties that describe a secret group. */
1189
+ /** Metadata properties to update for a secret group. */
750
1190
  interface SecretGroupMetadataUpdatable {
751
1191
  /** A human-readable name to assign to your secret group.
752
1192
  *
@@ -786,14 +1226,729 @@ declare namespace SecretsManagerV1 {
786
1226
  /** SecretGroupResource accepts additional properties. */
787
1227
  [propName: string]: any;
788
1228
  }
789
- /** Metadata properties that describe a secret. */
790
- interface SecretMetadata {
1229
+ /** SecretMetadata. */
1230
+ interface SecretMetadata {
1231
+ }
1232
+ /** The metadata of a secret. */
1233
+ interface SecretMetadataRequest {
1234
+ /** The metadata that describes the resource array. */
1235
+ metadata: CollectionMetadata;
1236
+ /** A collection of resources. */
1237
+ resources: SecretMetadata[];
1238
+ }
1239
+ /** Properties that describe a rotation policy. */
1240
+ interface SecretPolicyRotation {
1241
+ /** The MIME type that represents the policy. Currently, only the default is supported. */
1242
+ type: string;
1243
+ rotation: SecretPolicyRotationRotation;
1244
+ }
1245
+ /** SecretPolicyRotationRotation. */
1246
+ interface SecretPolicyRotationRotation {
1247
+ }
1248
+ /** SecretResource. */
1249
+ interface SecretResource {
1250
+ }
1251
+ /** SecretVersion. */
1252
+ interface SecretVersion {
1253
+ }
1254
+ /** Properties that describe a secret version within a list of secret versions. */
1255
+ interface SecretVersionInfo {
1256
+ }
1257
+ /** SecretVersionMetadata. */
1258
+ interface SecretVersionMetadata {
1259
+ }
1260
+ /** CertificateValidity. */
1261
+ interface CertificateValidity {
1262
+ /** The date the certificate validity period begins. */
1263
+ not_before?: string;
1264
+ /** The date the certificate validity period ends. */
1265
+ not_after?: string;
1266
+ }
1267
+ /** Metadata properties that describe an arbitrary secret. */
1268
+ interface ArbitrarySecretMetadata extends SecretMetadata {
1269
+ /** The unique ID of the secret. */
1270
+ id?: string;
1271
+ /** Labels that you can use to filter for secrets in your instance.
1272
+ *
1273
+ * Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
1274
+ * characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
1275
+ * character (|).
1276
+ *
1277
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
1278
+ */
1279
+ labels?: string[];
1280
+ /** A human-readable alias to assign to your secret.
1281
+ *
1282
+ * To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
1283
+ */
1284
+ name: string;
1285
+ /** An extended description of your secret.
1286
+ *
1287
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
1288
+ * secret.
1289
+ */
1290
+ description?: string;
1291
+ /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
1292
+ *
1293
+ * If you omit this parameter, your secret is assigned to the `default` secret group.
1294
+ */
1295
+ secret_group_id?: string;
1296
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
1297
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
1298
+ */
1299
+ state?: number;
1300
+ /** A text representation of the secret state. */
1301
+ state_description?: string;
1302
+ /** The secret type. */
1303
+ secret_type?: string;
1304
+ /** The Cloud Resource Name (CRN) that uniquely identifies the resource. */
1305
+ crn?: string;
1306
+ /** The date the secret was created. The date format follows RFC 3339. */
1307
+ creation_date?: string;
1308
+ /** The unique identifier for the entity that created the secret. */
1309
+ created_by?: string;
1310
+ /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
1311
+ last_update_date?: string;
1312
+ /** The number of versions the secret has. */
1313
+ versions_total?: number;
1314
+ /** The date the secret material expires. The date format follows RFC 3339.
1315
+ *
1316
+ * You can set an expiration date on supported secret types at their creation. If you create a secret without
1317
+ * specifying an expiration date, the secret does not expire. The `expiration_date` field is supported for the
1318
+ * following secret types:
1319
+ *
1320
+ * - `arbitrary`
1321
+ * - `username_password`.
1322
+ */
1323
+ expiration_date?: string;
1324
+ }
1325
+ /** Properties that describe a secret. */
1326
+ interface ArbitrarySecretResource extends SecretResource {
1327
+ /** The v4 UUID that uniquely identifies the secret. */
1328
+ id?: string;
1329
+ /** A human-readable alias to assign to your secret.
1330
+ *
1331
+ * To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
1332
+ */
1333
+ name: string;
1334
+ /** An extended description of your secret.
1335
+ *
1336
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
1337
+ * secret.
1338
+ */
1339
+ description?: string;
1340
+ /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
1341
+ *
1342
+ * If you omit this parameter, your secret is assigned to the `default` secret group.
1343
+ */
1344
+ secret_group_id?: string;
1345
+ /** Labels that you can use to filter for secrets in your instance.
1346
+ *
1347
+ * Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
1348
+ * not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
1349
+ *
1350
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
1351
+ */
1352
+ labels?: string[];
1353
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
1354
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
1355
+ */
1356
+ state?: number;
1357
+ /** A text representation of the secret state. */
1358
+ state_description?: string;
1359
+ /** The secret type. */
1360
+ secret_type?: string;
1361
+ /** The Cloud Resource Name (CRN) that uniquely identifies your Secrets Manager resource. */
1362
+ crn?: string;
1363
+ /** The date the secret was created. The date format follows RFC 3339. */
1364
+ creation_date?: string;
1365
+ /** The unique identifier for the entity that created the secret. */
1366
+ created_by?: string;
1367
+ /** Updates when the actual secret is modified. The date format follows RFC 3339. */
1368
+ last_update_date?: string;
1369
+ /** The number of versions that are associated with a secret. */
1370
+ versions_total?: number;
1371
+ /** An array that contains metadata for each secret version. For more information on the metadata properties,
1372
+ * see [Get secret version metadata](#get-secret-version-metadata).
1373
+ */
1374
+ versions?: JsonObject[];
1375
+ /** The date the secret material expires. The date format follows RFC 3339.
1376
+ *
1377
+ * You can set an expiration date on supported secret types at their creation. If you create a secret without
1378
+ * specifying an expiration date, the secret does not expire. The `expiration_date` field is supported for the
1379
+ * following secret types:
1380
+ *
1381
+ * - `arbitrary`
1382
+ * - `username_password`.
1383
+ */
1384
+ expiration_date?: string;
1385
+ /** The new secret data to assign to the secret. */
1386
+ payload?: string;
1387
+ /** The data that is associated with the secret version. The data object contains the field `payload`. */
1388
+ secret_data?: JsonObject;
1389
+ }
1390
+ /** ArbitrarySecretVersion. */
1391
+ interface ArbitrarySecretVersion extends SecretVersion {
1392
+ /** The v4 UUID that uniquely identifies the secret. */
1393
+ id?: string;
1394
+ /** The ID of the secret version. */
1395
+ version_id?: string;
1396
+ /** The date that the version of the secret was created. */
1397
+ creation_date?: string;
1398
+ /** The unique identifier for the entity that created the secret version. */
1399
+ created_by?: string;
1400
+ /** The data that is associated with the secret version. The data object contains the field `payload`. */
1401
+ secret_data?: JsonObject;
1402
+ }
1403
+ /** ArbitrarySecretVersionInfo. */
1404
+ interface ArbitrarySecretVersionInfo extends SecretVersionInfo {
1405
+ /** The ID of the secret version. */
1406
+ id?: string;
1407
+ /** The date that the version of the secret was created. */
1408
+ creation_date?: string;
1409
+ /** The unique identifier for the entity that created the secret version. */
1410
+ created_by?: string;
1411
+ /** Indicates whether the payload for the secret version is stored and available. */
1412
+ payload_available?: boolean;
1413
+ /** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
1414
+ * service API.
1415
+ */
1416
+ downloaded?: boolean;
1417
+ }
1418
+ /** Properties that describe a secret version. */
1419
+ interface ArbitrarySecretVersionMetadata extends SecretVersionMetadata {
1420
+ /** The v4 UUID that uniquely identifies the secret. */
1421
+ id?: string;
1422
+ /** The ID of the secret version. */
1423
+ version_id?: string;
1424
+ /** The date that the version of the secret was created. */
1425
+ creation_date?: string;
1426
+ /** The unique identifier for the entity that created the secret version. */
1427
+ created_by?: string;
1428
+ /** Indicates whether the payload for the secret version is stored and available. */
1429
+ payload_available?: boolean;
1430
+ /** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
1431
+ * service API.
1432
+ */
1433
+ downloaded?: boolean;
1434
+ }
1435
+ /** Metadata properties that describe a certificate secret. */
1436
+ interface CertificateSecretMetadata extends SecretMetadata {
1437
+ /** The unique ID of the secret. */
1438
+ id?: string;
1439
+ /** Labels that you can use to filter for secrets in your instance.
1440
+ *
1441
+ * Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
1442
+ * characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
1443
+ * character (|).
1444
+ *
1445
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
1446
+ */
1447
+ labels?: string[];
1448
+ /** A human-readable alias to assign to your secret.
1449
+ *
1450
+ * To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
1451
+ */
1452
+ name: string;
1453
+ /** An extended description of your secret.
1454
+ *
1455
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
1456
+ * secret.
1457
+ */
1458
+ description?: string;
1459
+ /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
1460
+ *
1461
+ * If you omit this parameter, your secret is assigned to the `default` secret group.
1462
+ */
1463
+ secret_group_id?: string;
1464
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
1465
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
1466
+ */
1467
+ state?: number;
1468
+ /** A text representation of the secret state. */
1469
+ state_description?: string;
1470
+ /** The secret type. */
1471
+ secret_type?: string;
1472
+ /** The Cloud Resource Name (CRN) that uniquely identifies the resource. */
1473
+ crn?: string;
1474
+ /** The date the secret was created. The date format follows RFC 3339. */
1475
+ creation_date?: string;
1476
+ /** The unique identifier for the entity that created the secret. */
1477
+ created_by?: string;
1478
+ /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
1479
+ last_update_date?: string;
1480
+ /** The number of versions the secret has. */
1481
+ versions_total?: number;
1482
+ /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
1483
+ serial_number?: string;
1484
+ /** The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign
1485
+ * the certificate.
1486
+ */
1487
+ algorithm?: string;
1488
+ /** The identifier for the cryptographic algorithm that was used to generate the public key that is associated
1489
+ * with the certificate.
1490
+ */
1491
+ key_algorithm?: string;
1492
+ /** The distinguished name that identifies the entity that signed and issued the certificate. */
1493
+ issuer?: string;
1494
+ validity?: CertificateValidity;
1495
+ /** The fully qualified domain name or host domain name that is defined for the certificate. */
1496
+ common_name?: string;
1497
+ /** Indicates whether the certificate was imported with an associated intermediate certificate. */
1498
+ intermediate_included?: boolean;
1499
+ /** Indicates whether the certificate was imported with an associated private key. */
1500
+ private_key_included?: boolean;
1501
+ /** The alternative names that are defined for the certificate. */
1502
+ alt_names?: string[];
1503
+ /** The date that the certificate expires. The date format follows RFC 3339. */
1504
+ expiration_date?: string;
1505
+ }
1506
+ /** Properties that describe a secret. */
1507
+ interface CertificateSecretResource extends SecretResource {
1508
+ /** The v4 UUID that uniquely identifies the secret. */
1509
+ id?: string;
1510
+ /** A human-readable alias to assign to your secret.
1511
+ *
1512
+ * To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
1513
+ */
1514
+ name: string;
1515
+ /** An extended description of your secret.
1516
+ *
1517
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
1518
+ * secret.
1519
+ */
1520
+ description?: string;
1521
+ /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
1522
+ *
1523
+ * If you omit this parameter, your secret is assigned to the `default` secret group.
1524
+ */
1525
+ secret_group_id?: string;
1526
+ /** Labels that you can use to filter for secrets in your instance.
1527
+ *
1528
+ * Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
1529
+ * not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
1530
+ *
1531
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
1532
+ */
1533
+ labels?: string[];
1534
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
1535
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
1536
+ */
1537
+ state?: number;
1538
+ /** A text representation of the secret state. */
1539
+ state_description?: string;
1540
+ /** The secret type. */
1541
+ secret_type?: string;
1542
+ /** The Cloud Resource Name (CRN) that uniquely identifies your Secrets Manager resource. */
1543
+ crn?: string;
1544
+ /** The date the secret was created. The date format follows RFC 3339. */
1545
+ creation_date?: string;
1546
+ /** The unique identifier for the entity that created the secret. */
1547
+ created_by?: string;
1548
+ /** Updates when the actual secret is modified. The date format follows RFC 3339. */
1549
+ last_update_date?: string;
1550
+ /** The number of versions that are associated with a secret. */
1551
+ versions_total?: number;
1552
+ /** An array that contains metadata for each secret version. For more information on the metadata properties,
1553
+ * see [Get secret version metadata](#get-secret-version-metadata).
1554
+ */
1555
+ versions?: JsonObject[];
1556
+ /** The contents of your certificate. The data must be formatted on a single line with embedded newline
1557
+ * characters.
1558
+ */
1559
+ certificate?: string;
1560
+ /** The private key to associate with the certificate. The data must be formatted on a single line with embedded
1561
+ * newline characters.
1562
+ */
1563
+ private_key?: string;
1564
+ /** The intermediate certificate to associate with the root certificate. The data must be formatted on a single
1565
+ * line with embedded newline characters.
1566
+ */
1567
+ intermediate?: string;
1568
+ /** The data that is associated with the secret. The data object contains the following fields:
1569
+ * `certificate`: The contents of the certificate.
1570
+ * `private_key`: The private key that is associated with the certificate.
1571
+ * `intermediate`: The intermediate certificate that is associated with the certificate.
1572
+ */
1573
+ secret_data?: JsonObject;
1574
+ /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
1575
+ serial_number?: string;
1576
+ /** The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign
1577
+ * the certificate.
1578
+ */
1579
+ algorithm?: string;
1580
+ /** The identifier for the cryptographic algorithm that was used to generate the public key that is associated
1581
+ * with the certificate.
1582
+ */
1583
+ key_algorithm?: string;
1584
+ /** The distinguished name that identifies the entity that signed and issued the certificate. */
1585
+ issuer?: string;
1586
+ validity?: CertificateValidity;
1587
+ /** The fully qualified domain name or host domain name that is defined for the certificate. */
1588
+ common_name?: string;
1589
+ /** Indicates whether the certificate was imported with an associated intermediate certificate. */
1590
+ intermediate_included?: boolean;
1591
+ /** Indicates whether the certificate was imported with an associated private key. */
1592
+ private_key_included?: boolean;
1593
+ /** The alternative names that are defined for the certificate. */
1594
+ alt_names?: string[];
1595
+ /** The date that the certificate expires. The date format follows RFC 3339. */
1596
+ expiration_date?: string;
1597
+ }
1598
+ /** CertificateSecretVersion. */
1599
+ interface CertificateSecretVersion extends SecretVersion {
1600
+ /** The v4 UUID that uniquely identifies the secret. */
1601
+ id?: string;
1602
+ /** The ID of the secret version. */
1603
+ version_id?: string;
1604
+ /** The date that the version of the secret was created. */
1605
+ creation_date?: string;
1606
+ /** The unique identifier for the entity that created the secret version. */
1607
+ created_by?: string;
1608
+ validity?: CertificateValidity;
1609
+ /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
1610
+ serial_number?: string;
1611
+ /** The date that the certificate expires. The date format follows RFC 3339. */
1612
+ expiration_date?: string;
1613
+ /** The data that is associated with the secret version. The data object contains the following fields:
1614
+ * `certificate`: The contents of the certificate.
1615
+ * `private_key`: The private key that is associated with the certificate.
1616
+ * `intermediate`: The intermediate certificate that is associated with the certificate.
1617
+ */
1618
+ secret_data?: JsonObject;
1619
+ }
1620
+ /** CertificateSecretVersionInfo. */
1621
+ interface CertificateSecretVersionInfo extends SecretVersionInfo {
1622
+ /** The ID of the secret version. */
1623
+ id?: string;
1624
+ /** The date that the version of the secret was created. */
1625
+ creation_date?: string;
1626
+ /** The unique identifier for the entity that created the secret version. */
1627
+ created_by?: string;
1628
+ /** Indicates whether the payload for the secret version is stored and available. */
1629
+ payload_available?: boolean;
1630
+ /** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
1631
+ * service API.
1632
+ */
1633
+ downloaded?: boolean;
1634
+ /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
1635
+ serial_number?: string;
1636
+ /** The date that the certificate expires. The date format follows RFC 3339. */
1637
+ expiration_date?: string;
1638
+ validity?: CertificateValidity;
1639
+ }
1640
+ /** Properties that describe a secret version. */
1641
+ interface CertificateSecretVersionMetadata extends SecretVersionMetadata {
1642
+ /** The v4 UUID that uniquely identifies the secret. */
1643
+ id?: string;
1644
+ /** The ID of the secret version. */
1645
+ version_id?: string;
1646
+ /** The date that the version of the secret was created. */
1647
+ creation_date?: string;
1648
+ /** The unique identifier for the entity that created the secret version. */
1649
+ created_by?: string;
1650
+ /** Indicates whether the payload for the secret version is stored and available. */
1651
+ payload_available?: boolean;
1652
+ /** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
1653
+ * service API.
1654
+ */
1655
+ downloaded?: boolean;
1656
+ /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
1657
+ serial_number?: string;
1658
+ /** The date that the certificate expires. The date format follows RFC 3339. */
1659
+ expiration_date?: string;
1660
+ validity?: CertificateValidity;
1661
+ }
1662
+ /** Configuration for the IAM credentials engine. */
1663
+ interface CreateIAMCredentialsSecretEngineRootConfig extends EngineConfig {
1664
+ /** An IBM Cloud API key that can create and manage service IDs.
1665
+ *
1666
+ * The API key must be assigned the Editor platform role on the Access Groups Service and the Operator platform
1667
+ * role on the IAM Identity Service. For more information, see the
1668
+ * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-configure-iam-engine).
1669
+ */
1670
+ api_key: string;
1671
+ /** The hash value of the IBM Cloud API key that is used to create and manage service IDs. */
1672
+ api_key_hash?: string;
1673
+ }
1674
+ /** Delete the credentials that are associated with an `iam_credentials` secret. */
1675
+ interface DeleteCredentialsForIAMCredentialsSecret extends SecretAction {
1676
+ /** The ID of the API key that you want to delete. If the secret was created with a static service ID, only the
1677
+ * API key is deleted. Otherwise, the service ID is deleted together with its API key.
1678
+ */
1679
+ api_key_id?: string;
1680
+ /** The service ID that you want to delete. This property can be used instead of the `api_key_id` field, but
1681
+ * only for secrets that were created with a service ID that was generated by Secrets Manager.
1682
+ *
1683
+ * **Deprecated.** Use the `api_key_id` field instead.
1684
+ */
1685
+ service_id?: string;
1686
+ }
1687
+ /** Certificate authorities configuration. */
1688
+ interface GetConfigElementsResourcesItemCertificateAuthoritiesConfig extends GetConfigElementsResourcesItem {
1689
+ certificate_authorities: ConfigElementMetadata[];
1690
+ }
1691
+ /** DNS providers configuration. */
1692
+ interface GetConfigElementsResourcesItemDnsProvidersConfig extends GetConfigElementsResourcesItem {
1693
+ dns_providers: ConfigElementMetadata[];
1694
+ }
1695
+ /** Properties that describe a rotation policy. */
1696
+ interface GetSecretPolicyRotation extends GetSecretPolicies {
1697
+ /** The metadata that describes the resource array. */
1698
+ metadata: CollectionMetadata;
1699
+ /** A collection of resources. */
1700
+ resources: JsonObject[];
1701
+ }
1702
+ /** Configuration for the IAM credentials engine. */
1703
+ interface IAMCredentialsSecretEngineRootConfig extends GetConfigResourcesItem {
1704
+ /** An IBM Cloud API key that can create and manage service IDs.
1705
+ *
1706
+ * The API key must be assigned the Editor platform role on the Access Groups Service and the Operator platform
1707
+ * role on the IAM Identity Service. For more information, see the
1708
+ * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-configure-iam-engine).
1709
+ */
1710
+ api_key: string;
1711
+ /** The hash value of the IBM Cloud API key that is used to create and manage service IDs. */
1712
+ api_key_hash?: string;
1713
+ }
1714
+ /** Metadata properties that describe a iam_credentials secret. */
1715
+ interface IAMCredentialsSecretMetadata extends SecretMetadata {
1716
+ /** The unique ID of the secret. */
1717
+ id?: string;
1718
+ /** Labels that you can use to filter for secrets in your instance.
1719
+ *
1720
+ * Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
1721
+ * characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
1722
+ * character (|).
1723
+ *
1724
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
1725
+ */
1726
+ labels?: string[];
1727
+ /** A human-readable alias to assign to your secret.
1728
+ *
1729
+ * To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
1730
+ */
1731
+ name: string;
1732
+ /** An extended description of your secret.
1733
+ *
1734
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
1735
+ * secret.
1736
+ */
1737
+ description?: string;
1738
+ /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
1739
+ *
1740
+ * If you omit this parameter, your secret is assigned to the `default` secret group.
1741
+ */
1742
+ secret_group_id?: string;
1743
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
1744
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
1745
+ */
1746
+ state?: number;
1747
+ /** A text representation of the secret state. */
1748
+ state_description?: string;
1749
+ /** The secret type. */
1750
+ secret_type?: string;
1751
+ /** The Cloud Resource Name (CRN) that uniquely identifies the resource. */
1752
+ crn?: string;
1753
+ /** The date the secret was created. The date format follows RFC 3339. */
1754
+ creation_date?: string;
1755
+ /** The unique identifier for the entity that created the secret. */
1756
+ created_by?: string;
1757
+ /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
1758
+ last_update_date?: string;
1759
+ /** The number of versions the secret has. */
1760
+ versions_total?: number;
1761
+ /** The time-to-live (TTL) or lease duration to assign to generated credentials.
1762
+ *
1763
+ * For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
1764
+ * be either an integer that specifies the number of seconds, or the string representation of a duration, such as
1765
+ * `120m` or `24h`.
1766
+ *
1767
+ * Minimum duration is 1 minute. Maximum is 90 days.
1768
+ */
1769
+ ttl?: any;
1770
+ /** Determines whether to use the same service ID and API key for future read operations on an
1771
+ * `iam_credentials` secret.
1772
+ *
1773
+ * If set to `true`, the service reuses the current credentials. If set to `false`, a new service ID and API key
1774
+ * are generated each time that the secret is read or accessed.
1775
+ */
1776
+ reuse_api_key?: boolean;
1777
+ /** Indicates whether an `iam_credentials` secret was created with a static service ID.
1778
+ *
1779
+ * If the value is `true`, the service ID for the secret was provided by the user at secret creation. If the value
1780
+ * is `false`, the service ID was generated by Secrets Manager.
1781
+ */
1782
+ service_id_is_static?: boolean;
1783
+ /** The service ID under which the API key is created. The service ID is included in the metadata only if the
1784
+ * secret was created with a static service ID.
1785
+ */
1786
+ service_id?: string;
1787
+ /** The access groups that define the capabilities of the service ID and API key that are generated for an
1788
+ * `iam_credentials` secret. The access groups are included in the metadata only if the secret was created with a
1789
+ * service ID that was generated by Secrets Manager.
1790
+ */
1791
+ access_groups?: string[];
1792
+ }
1793
+ /** Properties that describe a secret. */
1794
+ interface IAMCredentialsSecretResource extends SecretResource {
1795
+ /** The v4 UUID that uniquely identifies the secret. */
1796
+ id?: string;
1797
+ /** A human-readable alias to assign to your secret.
1798
+ *
1799
+ * To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
1800
+ */
1801
+ name: string;
1802
+ /** An extended description of your secret.
1803
+ *
1804
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
1805
+ * secret.
1806
+ */
1807
+ description?: string;
1808
+ /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
1809
+ *
1810
+ * If you omit this parameter, your secret is assigned to the `default` secret group.
1811
+ */
1812
+ secret_group_id?: string;
1813
+ /** Labels that you can use to filter for secrets in your instance.
1814
+ *
1815
+ * Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
1816
+ * not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
1817
+ *
1818
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
1819
+ */
1820
+ labels?: string[];
1821
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
1822
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
1823
+ */
1824
+ state?: number;
1825
+ /** A text representation of the secret state. */
1826
+ state_description?: string;
1827
+ /** The secret type. */
1828
+ secret_type?: string;
1829
+ /** The Cloud Resource Name (CRN) that uniquely identifies your Secrets Manager resource. */
1830
+ crn?: string;
1831
+ /** The date the secret was created. The date format follows RFC 3339. */
1832
+ creation_date?: string;
1833
+ /** The unique identifier for the entity that created the secret. */
1834
+ created_by?: string;
1835
+ /** Updates when the actual secret is modified. The date format follows RFC 3339. */
1836
+ last_update_date?: string;
1837
+ /** The number of versions that are associated with a secret. */
1838
+ versions_total?: number;
1839
+ /** An array that contains metadata for each secret version. For more information on the metadata properties,
1840
+ * see [Get secret version metadata](#get-secret-version-metadata).
1841
+ */
1842
+ versions?: JsonObject[];
1843
+ /** The time-to-live (TTL) or lease duration to assign to generated credentials.
1844
+ *
1845
+ * For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
1846
+ * be either an integer that specifies the number of seconds, or the string representation of a duration, such as
1847
+ * `120m` or `24h`.
1848
+ *
1849
+ * Minimum duration is 1 minute. Maximum is 90 days.
1850
+ */
1851
+ ttl?: any;
1852
+ /** The access groups that define the capabilities of the service ID and API key that are generated for an
1853
+ * `iam_credentials` secret. If you prefer to use an existing service ID that is already assigned the access
1854
+ * policies that you require, you can omit this parameter and use the `service_id` field instead.
1855
+ *
1856
+ * **Tip:** To list the access groups that are available in an account, you can use the [IAM Access Groups
1857
+ * API](https://cloud.ibm.com/apidocs/iam-access-groups#list-access-groups). To find the ID of an access group in
1858
+ * the console, go to **Manage > Access (IAM) > Access groups**. Select the access group to inspect, and click
1859
+ * **Details** to view its ID.
1860
+ */
1861
+ access_groups?: string[];
1862
+ /** The API key that is generated for this secret.
1863
+ *
1864
+ * After the secret reaches the end of its lease (see the `ttl` field), the API key is deleted automatically. If
1865
+ * you want to continue to use the same API key for future read operations, see the `reuse_api_key` field.
1866
+ */
1867
+ api_key?: string;
1868
+ /** The ID of the API key that is generated for this secret. */
1869
+ api_key_id?: string;
1870
+ /** The service ID under which the API key (see the `api_key` field) is created.
1871
+ *
1872
+ * If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation and adds
1873
+ * it to the access groups that you assign.
1874
+ *
1875
+ * Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or
1876
+ * retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not
1877
+ * include the `access_groups` parameter.
1878
+ */
1879
+ service_id?: string;
1880
+ /** Indicates whether an `iam_credentials` secret was created with a static service ID.
1881
+ *
1882
+ * If `true`, the service ID for the secret was provided by the user at secret creation. If `false`, the service ID
1883
+ * was generated by Secrets Manager.
1884
+ */
1885
+ service_id_is_static?: boolean;
1886
+ /** Determines whether to use the same service ID and API key for future read operations on an
1887
+ * `iam_credentials` secret.
1888
+ *
1889
+ * If set to `true`, the service reuses the current credentials. If set to `false`, a new service ID and API key
1890
+ * are generated each time that the secret is read or accessed.
1891
+ */
1892
+ reuse_api_key?: boolean;
1893
+ }
1894
+ /** IAMCredentialsSecretVersion. */
1895
+ interface IAMCredentialsSecretVersion extends SecretVersion {
1896
+ /** The v4 UUID that uniquely identifies the secret. */
1897
+ id?: string;
1898
+ /** The ID of the secret version. */
1899
+ version_id?: string;
1900
+ /** The date that the version of the secret was created. */
1901
+ creation_date?: string;
1902
+ /** The unique identifier for the entity that created the secret version. */
1903
+ created_by?: string;
1904
+ /** The data that is associated with the secret version. The data object contains the following fields:
1905
+ * `api_key`: The API key that is generated for this secret.
1906
+ * `api_key_id`: The ID of the API key that is generated for this secret.
1907
+ * `service_id`: The service ID under which the API key is created.
1908
+ */
1909
+ secret_data?: JsonObject;
1910
+ }
1911
+ /** IAMCredentialsSecretVersionInfo. */
1912
+ interface IAMCredentialsSecretVersionInfo extends SecretVersionInfo {
1913
+ /** The ID of the secret version. */
1914
+ id?: string;
1915
+ /** The date that the version of the secret was created. */
1916
+ creation_date?: string;
1917
+ /** The unique identifier for the entity that created the secret version. */
1918
+ created_by?: string;
1919
+ /** Indicates whether the payload for the secret version is stored and available. */
1920
+ payload_available?: boolean;
1921
+ /** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
1922
+ * service API.
1923
+ */
1924
+ downloaded?: boolean;
1925
+ }
1926
+ /** Properties that describe a secret version. */
1927
+ interface IAMCredentialsSecretVersionMetadata extends SecretVersionMetadata {
1928
+ /** The v4 UUID that uniquely identifies the secret. */
1929
+ id?: string;
1930
+ /** The ID of the secret version. */
1931
+ version_id?: string;
1932
+ /** The date that the version of the secret was created. */
1933
+ creation_date?: string;
1934
+ /** The unique identifier for the entity that created the secret version. */
1935
+ created_by?: string;
1936
+ /** Indicates whether the payload for the secret version is stored and available. */
1937
+ payload_available?: boolean;
1938
+ /** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
1939
+ * service API.
1940
+ */
1941
+ downloaded?: boolean;
1942
+ }
1943
+ /** Metadata properties that describe a key-value secret. */
1944
+ interface KvSecretMetadata extends SecretMetadata {
791
1945
  /** The unique ID of the secret. */
792
1946
  id?: string;
793
1947
  /** Labels that you can use to filter for secrets in your instance.
794
1948
  *
795
- * Up to 30 labels can be created. Labels can be between 2-30 characters, including spaces. Special characters not
796
- * permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
1949
+ * Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
1950
+ * characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
1951
+ * character (|).
797
1952
  *
798
1953
  * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
799
1954
  */
@@ -822,28 +1977,6 @@ declare namespace SecretsManagerV1 {
822
1977
  state_description?: string;
823
1978
  /** The secret type. */
824
1979
  secret_type?: string;
825
- /** The date the secret material expires. The date format follows RFC 3339.
826
- *
827
- * You can set an expiration date on supported secret types at their creation. If you create a secret without
828
- * specifying an expiration date, the secret does not expire. The `expiration_date` field is supported for the
829
- * following secret types:
830
- *
831
- * - `arbitrary`
832
- * - `username_password`.
833
- */
834
- expiration_date?: string;
835
- /** The time-to-live (TTL) or lease duration to assign to generated credentials.
836
- *
837
- * For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
838
- * be either an integer that specifies the number of seconds, or the string representation of a duration, such as
839
- * `120m` or `24h`.
840
- */
841
- ttl?: any;
842
- /** For `iam_credentials` secrets, this field controls whether to use the same service ID and API key for future
843
- * read operations on this secret. If set to `true`, the service reuses the current credentials. If set to `false`,
844
- * a new service ID and API key is generated each time that the secret is read or accessed.
845
- */
846
- reuse_api_key?: boolean;
847
1980
  /** The Cloud Resource Name (CRN) that uniquely identifies the resource. */
848
1981
  crn?: string;
849
1982
  /** The date the secret was created. The date format follows RFC 3339. */
@@ -852,80 +1985,11 @@ declare namespace SecretsManagerV1 {
852
1985
  created_by?: string;
853
1986
  /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
854
1987
  last_update_date?: string;
1988
+ /** The number of versions the secret has. */
1989
+ versions_total?: number;
855
1990
  }
856
- /** The metadata of a secret. */
857
- interface SecretMetadataRequest {
858
- /** The metadata that describes the resource array. */
859
- metadata: CollectionMetadata;
860
- /** A collection of resources. */
861
- resources: SecretMetadata[];
862
- }
863
- /** Properties that are associated with a rotation policy. */
864
- interface SecretPolicyRotation {
865
- /** The MIME type that represents the policy. Currently, only the default is supported. */
866
- type: string;
867
- /** The secret rotation time interval. */
868
- rotation: SecretPolicyRotationRotation;
869
- }
870
- /** The secret rotation time interval. */
871
- interface SecretPolicyRotationRotation {
872
- /** Specifies the length of the secret rotation time interval. */
873
- interval: number;
874
- /** Specifies the units for the secret rotation time interval. */
875
- unit: string;
876
- }
877
- /** SecretResource. */
878
- interface SecretResource {
879
- }
880
- /** Properties that are associated with a specific secret version. */
881
- interface SecretVersion {
882
- /** The ID of the secret version. */
883
- id?: string;
884
- /** The date that the version of the secret was created. */
885
- creation_date?: string;
886
- /** The unique identifier for the entity that created the secret. */
887
- created_by?: string;
888
- /** Indicates whether the version of the secret was created by automatic rotation. */
889
- auto_rotated?: boolean;
890
- }
891
- /** Configuration that is used to generate IAM credentials. */
892
- interface EngineConfigOneOfIAMSecretEngineRootConfig extends EngineConfigOneOf {
893
- /** An IBM Cloud API key that has the capability to create and manage service IDs.
894
- *
895
- * The API key must be assigned the Editor platform role on the Access Groups Service and the Operator platform
896
- * role on the IAM Identity Service. For more information, see [Enabling the IAM secrets
897
- * engine](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-engines#configure-iam-engine).
898
- */
899
- api_key: string;
900
- /** The hash value of the IBM Cloud API key that is used to create and manage service IDs. */
901
- api_key_hash?: string;
902
- }
903
- /** The base schema for retrieving a policy that is associated with a secret. */
904
- interface GetSecretPoliciesOneOfGetSecretPolicyRotation extends GetSecretPoliciesOneOf {
905
- /** The metadata that describes the resource array. */
906
- metadata: CollectionMetadata;
907
- /** A collection of resources. */
908
- resources: GetSecretPoliciesOneOfGetSecretPolicyRotationResourcesItem[];
909
- }
910
- /** Delete the credentials that are associated with an `iam_credentials` secret. */
911
- interface SecretActionOneOfDeleteCredentialsForIAMSecret extends SecretActionOneOf {
912
- /** The service ID that you want to delete. It is deleted together with its API key. */
913
- service_id: string;
914
- }
915
- /** The request body of a `rotate` action. */
916
- interface SecretActionOneOfRotateArbitrarySecretBody extends SecretActionOneOf {
917
- /** The new secret data to assign to an `arbitrary` secret. */
918
- payload: string;
919
- }
920
- /** The request body of a `rotate` action. */
921
- interface SecretActionOneOfRotateUsernamePasswordSecretBody extends SecretActionOneOf {
922
- /** The new password to assign to a `username_password` secret. */
923
- password: string;
924
- }
925
- /** The base schema for secrets. */
926
- interface SecretResourceArbitrarySecretResource extends SecretResource {
927
- /** The MIME type that represents the secret. */
928
- type?: string;
1991
+ /** Properties that describe a secret. */
1992
+ interface KvSecretResource extends SecretResource {
929
1993
  /** The v4 UUID that uniquely identifies the secret. */
930
1994
  id?: string;
931
1995
  /** A human-readable alias to assign to your secret.
@@ -946,8 +2010,8 @@ declare namespace SecretsManagerV1 {
946
2010
  secret_group_id?: string;
947
2011
  /** Labels that you can use to filter for secrets in your instance.
948
2012
  *
949
- * Up to 30 labels can be created. Labels can be between 2-30 characters, including spaces. Special characters not
950
- * permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
2013
+ * Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
2014
+ * not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
951
2015
  *
952
2016
  * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
953
2017
  */
@@ -968,8 +2032,12 @@ declare namespace SecretsManagerV1 {
968
2032
  created_by?: string;
969
2033
  /** Updates when the actual secret is modified. The date format follows RFC 3339. */
970
2034
  last_update_date?: string;
971
- /** An array that contains metadata for each secret version. */
972
- versions?: SecretVersion[];
2035
+ /** The number of versions that are associated with a secret. */
2036
+ versions_total?: number;
2037
+ /** An array that contains metadata for each secret version. For more information on the metadata properties,
2038
+ * see [Get secret version metadata](#get-secret-version-metadata).
2039
+ */
2040
+ versions?: JsonObject[];
973
2041
  /** The date the secret material expires. The date format follows RFC 3339.
974
2042
  *
975
2043
  * You can set an expiration date on supported secret types at their creation. If you create a secret without
@@ -980,14 +2048,94 @@ declare namespace SecretsManagerV1 {
980
2048
  * - `username_password`.
981
2049
  */
982
2050
  expiration_date?: string;
983
- /** The new secret data to assign to an `arbitrary` secret. */
984
- payload?: string;
2051
+ /** The new secret data to assign to the secret. */
2052
+ payload?: JsonObject;
2053
+ /** The data that is associated with the secret version. The data object contains the field `payload`. */
985
2054
  secret_data?: JsonObject;
986
2055
  }
987
- /** The base schema for secrets. */
988
- interface SecretResourceIAMSecretResource extends SecretResource {
989
- /** The MIME type that represents the secret. */
990
- type?: string;
2056
+ /** Configuration for the public certificates engine. */
2057
+ interface PublicCertSecretEngineRootConfig extends GetConfigResourcesItem {
2058
+ /** The certificate authority configurations that are associated with your instance. */
2059
+ certificate_authorities?: ConfigElementMetadata[];
2060
+ /** The DNS provider configurations that are associated with your instance. */
2061
+ dns_providers?: ConfigElementMetadata[];
2062
+ }
2063
+ /** Metadata properties that describe a public certificate secret. */
2064
+ interface PublicCertificateSecretMetadata extends SecretMetadata {
2065
+ /** The unique ID of the secret. */
2066
+ id?: string;
2067
+ /** Labels that you can use to filter for secrets in your instance.
2068
+ *
2069
+ * Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
2070
+ * characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
2071
+ * character (|).
2072
+ *
2073
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
2074
+ */
2075
+ labels?: string[];
2076
+ /** A human-readable alias to assign to your secret.
2077
+ *
2078
+ * To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
2079
+ */
2080
+ name: string;
2081
+ /** An extended description of your secret.
2082
+ *
2083
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
2084
+ * secret.
2085
+ */
2086
+ description?: string;
2087
+ /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
2088
+ *
2089
+ * If you omit this parameter, your secret is assigned to the `default` secret group.
2090
+ */
2091
+ secret_group_id?: string;
2092
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
2093
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
2094
+ */
2095
+ state?: number;
2096
+ /** A text representation of the secret state. */
2097
+ state_description?: string;
2098
+ /** The secret type. */
2099
+ secret_type?: string;
2100
+ /** The Cloud Resource Name (CRN) that uniquely identifies the resource. */
2101
+ crn?: string;
2102
+ /** The date the secret was created. The date format follows RFC 3339. */
2103
+ creation_date?: string;
2104
+ /** The unique identifier for the entity that created the secret. */
2105
+ created_by?: string;
2106
+ /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
2107
+ last_update_date?: string;
2108
+ /** The number of versions the secret has. */
2109
+ versions_total?: number;
2110
+ /** The distinguished name that identifies the entity that signed and issued the certificate. */
2111
+ issuer?: string;
2112
+ /** Determines whether your issued certificate is bundled with intermediate certificates.
2113
+ *
2114
+ * Set to `false` for the certificate file to contain only the issued certificate.
2115
+ */
2116
+ bundle_certs?: boolean;
2117
+ /** The identifier for the cryptographic algorithm to be used by the issuing certificate authority to sign the
2118
+ * certificate.
2119
+ */
2120
+ algorithm?: string;
2121
+ /** The identifier for the cryptographic algorithm to be used to generate the public key that is associated with
2122
+ * the certificate.
2123
+ */
2124
+ key_algorithm?: string;
2125
+ /** The alternative names that are defined for the certificate. */
2126
+ alt_names?: string[];
2127
+ /** The fully qualified domain name or host domain name for the certificate. */
2128
+ common_name?: string;
2129
+ /** Indicates whether the certificate was ordered with an associated intermediate certificate. */
2130
+ intermediate_included?: boolean;
2131
+ /** Indicates whether the certificate was ordered with an associated private key. */
2132
+ private_key_included?: boolean;
2133
+ rotation?: Rotation;
2134
+ /** Issuance information that is associated with your certificate. */
2135
+ issuance_info?: IssuanceInfo;
2136
+ }
2137
+ /** Properties that describe a secret. */
2138
+ interface PublicCertificateSecretResource extends SecretResource {
991
2139
  /** The v4 UUID that uniquely identifies the secret. */
992
2140
  id?: string;
993
2141
  /** A human-readable alias to assign to your secret.
@@ -1008,8 +2156,8 @@ declare namespace SecretsManagerV1 {
1008
2156
  secret_group_id?: string;
1009
2157
  /** Labels that you can use to filter for secrets in your instance.
1010
2158
  *
1011
- * Up to 30 labels can be created. Labels can be between 2-30 characters, including spaces. Special characters not
1012
- * permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
2159
+ * Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
2160
+ * not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
1013
2161
  *
1014
2162
  * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
1015
2163
  */
@@ -1030,44 +2178,169 @@ declare namespace SecretsManagerV1 {
1030
2178
  created_by?: string;
1031
2179
  /** Updates when the actual secret is modified. The date format follows RFC 3339. */
1032
2180
  last_update_date?: string;
1033
- /** An array that contains metadata for each secret version. */
1034
- versions?: SecretVersion[];
1035
- /** The time-to-live (TTL) or lease duration to assign to generated credentials.
2181
+ /** The number of versions that are associated with a secret. */
2182
+ versions_total?: number;
2183
+ /** An array that contains metadata for each secret version. For more information on the metadata properties,
2184
+ * see [Get secret version metadata](#get-secret-version-metadata).
2185
+ */
2186
+ versions?: JsonObject[];
2187
+ /** The distinguished name that identifies the entity that signed and issued the certificate. */
2188
+ issuer?: string;
2189
+ /** Determines whether your issued certificate is bundled with intermediate certificates.
1036
2190
  *
1037
- * For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
1038
- * be either an integer that specifies the number of seconds, or the string representation of a duration, such as
1039
- * `120m` or `24h`.
2191
+ * Set to `false` for the certificate file to contain only the issued certificate.
1040
2192
  */
1041
- ttl?: any;
1042
- /** The access groups that define the capabilities of the service ID and API key that are generated for an
1043
- * `iam_credentials` secret.
2193
+ bundle_certs?: boolean;
2194
+ /** The name of the certificate authority configuration.
1044
2195
  *
1045
- * **Tip:** To find the ID of an access group, go to **Manage > Access (IAM) > Access groups** in the IBM Cloud
1046
- * console. Select the access group to inspect, and click **Details** to view its ID.
2196
+ * To view a list of your configured authorities, use the [List configurations API](#get-secret-config-element).
1047
2197
  */
1048
- access_groups?: string[];
1049
- /** The API key that is generated for this secret.
2198
+ ca?: string;
2199
+ /** The name of the DNS provider configuration.
1050
2200
  *
1051
- * After the secret reaches the end of its lease (see the `ttl` field), the API key is deleted automatically. If
1052
- * you want to continue to use the same API key for future read operations, see the `reuse_api_key` field.
2201
+ * To view a list of your configured authorities, use the [List configurations API](#get-secret-config-element).
1053
2202
  */
1054
- api_key?: string;
1055
- /** The service ID under which the API key (see the `api_key` field) is created. This service ID is added to the
1056
- * access groups that you assign for this secret.
2203
+ dns?: string;
2204
+ /** The identifier for the cryptographic algorithm to be used by the issuing certificate authority to sign the
2205
+ * certificate.
1057
2206
  */
1058
- service_id?: string;
1059
- /** Set to `true` to reuse the service ID and API key for this secret.
2207
+ algorithm?: string;
2208
+ /** The identifier for the cryptographic algorithm to be used to generate the public key that is associated with
2209
+ * the certificate.
1060
2210
  *
1061
- * Use this field to control whether to use the same service ID and API key for future read operations on this
1062
- * secret. If set to `true`, the service reuses the current credentials. If set to `false`, a new service ID and
1063
- * API key is generated each time that the secret is read or accessed.
2211
+ * The algorithm that you select determines the encryption algorithm (`RSA` or `ECDSA`) and key size to be used to
2212
+ * generate keys and sign certificates. For longer living certificates, it is recommended to use longer keys to
2213
+ * provide more encryption protection.
1064
2214
  */
1065
- reuse_api_key?: boolean;
2215
+ key_algorithm?: string;
2216
+ /** The alternative names that are defined for the certificate. */
2217
+ alt_names?: string[];
2218
+ /** The fully qualified domain name or host domain name for the certificate. */
2219
+ common_name?: string;
2220
+ /** Indicates whether the issued certificate includes a private key. */
2221
+ private_key_included?: boolean;
2222
+ /** Indicates whether the issued certificate includes an intermediate certificate. */
2223
+ intermediate_included?: boolean;
2224
+ rotation?: Rotation;
2225
+ /** Issuance information that is associated with your certificate. */
2226
+ issuance_info?: IssuanceInfo;
2227
+ validity?: CertificateValidity;
2228
+ /** The data that is associated with the secret. The data object contains the following fields:
2229
+ *
2230
+ * `certificate`: The contents of the certificate.
2231
+ *
2232
+ * `private_key`: The private key that is associated with the certificate.
2233
+ *
2234
+ * `intermediate`: The intermediate certificate that is associated with the certificate.
2235
+ */
2236
+ secret_data?: JsonObject;
1066
2237
  }
1067
- /** The base schema for secrets. */
1068
- interface SecretResourceUsernamePasswordSecretResource extends SecretResource {
1069
- /** The MIME type that represents the secret. */
1070
- type?: string;
2238
+ /** The request body of a `restore` action. */
2239
+ interface RestoreIAMCredentialsSecretBody extends SecretAction {
2240
+ /** The ID of the target version or the alias `previous`. */
2241
+ version_id: string;
2242
+ }
2243
+ /** The request body of a `rotate` action. */
2244
+ interface RotateArbitrarySecretBody extends SecretAction {
2245
+ /** The new secret data to assign to an `arbitrary` secret. */
2246
+ payload: string;
2247
+ }
2248
+ /** The request body of a rotate certificate action. */
2249
+ interface RotateCertificateBody extends SecretAction {
2250
+ /** The new data to associate with the certificate. */
2251
+ certificate: string;
2252
+ /** The new private key to associate with the certificate. */
2253
+ private_key?: string;
2254
+ /** The new intermediate certificate to associate with the certificate. */
2255
+ intermediate?: string;
2256
+ }
2257
+ /** The request body of a `rotate` action. */
2258
+ interface RotateKvSecretBody extends SecretAction {
2259
+ /** The new secret data to assign to a key-value secret. */
2260
+ payload: JsonObject;
2261
+ }
2262
+ /** The request body of a `rotate` action. */
2263
+ interface RotatePublicCertBody extends SecretAction {
2264
+ /** Determine whether keys must be rotated. */
2265
+ rotate_keys: boolean;
2266
+ }
2267
+ /** The request body of a `rotate` action. */
2268
+ interface RotateUsernamePasswordSecretBody extends SecretAction {
2269
+ /** The new password to assign to a `username_password` secret. */
2270
+ password: string;
2271
+ }
2272
+ /** The secret rotation time interval. */
2273
+ interface SecretPolicyRotationRotationPolicyRotation extends SecretPolicyRotationRotation {
2274
+ /** Specifies the length of the secret rotation time interval. */
2275
+ interval: number;
2276
+ /** Specifies the units for the secret rotation time interval. */
2277
+ unit: string;
2278
+ }
2279
+ /** The `public_cert` secret rotation policy. */
2280
+ interface SecretPolicyRotationRotationPublicCertPolicyRotation extends SecretPolicyRotationRotation {
2281
+ auto_rotate: boolean;
2282
+ rotate_keys: boolean;
2283
+ }
2284
+ /** Metadata properties that describe a username_password secret. */
2285
+ interface UsernamePasswordSecretMetadata extends SecretMetadata {
2286
+ /** The unique ID of the secret. */
2287
+ id?: string;
2288
+ /** Labels that you can use to filter for secrets in your instance.
2289
+ *
2290
+ * Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
2291
+ * characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
2292
+ * character (|).
2293
+ *
2294
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
2295
+ */
2296
+ labels?: string[];
2297
+ /** A human-readable alias to assign to your secret.
2298
+ *
2299
+ * To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
2300
+ */
2301
+ name: string;
2302
+ /** An extended description of your secret.
2303
+ *
2304
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
2305
+ * secret.
2306
+ */
2307
+ description?: string;
2308
+ /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
2309
+ *
2310
+ * If you omit this parameter, your secret is assigned to the `default` secret group.
2311
+ */
2312
+ secret_group_id?: string;
2313
+ /** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
2314
+ * Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
2315
+ */
2316
+ state?: number;
2317
+ /** A text representation of the secret state. */
2318
+ state_description?: string;
2319
+ /** The secret type. */
2320
+ secret_type?: string;
2321
+ /** The Cloud Resource Name (CRN) that uniquely identifies the resource. */
2322
+ crn?: string;
2323
+ /** The date the secret was created. The date format follows RFC 3339. */
2324
+ creation_date?: string;
2325
+ /** The unique identifier for the entity that created the secret. */
2326
+ created_by?: string;
2327
+ /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
2328
+ last_update_date?: string;
2329
+ /** The number of versions the secret has. */
2330
+ versions_total?: number;
2331
+ /** The date the secret material expires. The date format follows RFC 3339.
2332
+ *
2333
+ * You can set an expiration date on supported secret types at their creation. If you create a secret without
2334
+ * specifying an expiration date, the secret does not expire. The `expiration_date` field is supported for the
2335
+ * following secret types:
2336
+ *
2337
+ * - `arbitrary`
2338
+ * - `username_password`.
2339
+ */
2340
+ expiration_date?: string;
2341
+ }
2342
+ /** Properties that describe a secret. */
2343
+ interface UsernamePasswordSecretResource extends SecretResource {
1071
2344
  /** The v4 UUID that uniquely identifies the secret. */
1072
2345
  id?: string;
1073
2346
  /** A human-readable alias to assign to your secret.
@@ -1088,8 +2361,8 @@ declare namespace SecretsManagerV1 {
1088
2361
  secret_group_id?: string;
1089
2362
  /** Labels that you can use to filter for secrets in your instance.
1090
2363
  *
1091
- * Up to 30 labels can be created. Labels can be between 2-30 characters, including spaces. Special characters not
1092
- * permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
2364
+ * Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
2365
+ * not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
1093
2366
  *
1094
2367
  * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
1095
2368
  */
@@ -1110,12 +2383,20 @@ declare namespace SecretsManagerV1 {
1110
2383
  created_by?: string;
1111
2384
  /** Updates when the actual secret is modified. The date format follows RFC 3339. */
1112
2385
  last_update_date?: string;
1113
- /** An array that contains metadata for each secret version. */
1114
- versions?: SecretVersion[];
2386
+ /** The number of versions that are associated with a secret. */
2387
+ versions_total?: number;
2388
+ /** An array that contains metadata for each secret version. For more information on the metadata properties,
2389
+ * see [Get secret version metadata](#get-secret-version-metadata).
2390
+ */
2391
+ versions?: JsonObject[];
1115
2392
  /** The username to assign to this secret. */
1116
2393
  username?: string;
1117
2394
  /** The password to assign to this secret. */
1118
2395
  password?: string;
2396
+ /** The data that is associated with the secret version. The data object contains the following fields:
2397
+ * `username`: The username that is associated with the secret version.
2398
+ * `password`: The password that is associated with the secret version.
2399
+ */
1119
2400
  secret_data?: JsonObject;
1120
2401
  /** The date the secret material expires. The date format follows RFC 3339.
1121
2402
  *
@@ -1134,5 +2415,59 @@ declare namespace SecretsManagerV1 {
1134
2415
  */
1135
2416
  next_rotation_date?: string;
1136
2417
  }
2418
+ /** UsernamePasswordSecretVersion. */
2419
+ interface UsernamePasswordSecretVersion extends SecretVersion {
2420
+ /** The v4 UUID that uniquely identifies the secret. */
2421
+ id?: string;
2422
+ /** The ID of the secret version. */
2423
+ version_id?: string;
2424
+ /** The date that the version of the secret was created. */
2425
+ creation_date?: string;
2426
+ /** The unique identifier for the entity that created the secret version. */
2427
+ created_by?: string;
2428
+ /** Indicates whether the version of the secret was created by automatic rotation. */
2429
+ auto_rotated?: boolean;
2430
+ /** The data that is associated with the secret version. The data object contains the following fields:
2431
+ * `username`: The username that is associated with the secret version.
2432
+ * `password`: The password that is associated with the secret version.
2433
+ */
2434
+ secret_data?: JsonObject;
2435
+ }
2436
+ /** UsernamePasswordSecretVersionInfo. */
2437
+ interface UsernamePasswordSecretVersionInfo extends SecretVersionInfo {
2438
+ /** The ID of the secret version. */
2439
+ id?: string;
2440
+ /** The date that the version of the secret was created. */
2441
+ creation_date?: string;
2442
+ /** The unique identifier for the entity that created the secret version. */
2443
+ created_by?: string;
2444
+ /** Indicates whether the payload for the secret version is stored and available. */
2445
+ payload_available?: boolean;
2446
+ /** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
2447
+ * service API.
2448
+ */
2449
+ downloaded?: boolean;
2450
+ /** Indicates whether the version of the secret was created by automatic rotation. */
2451
+ auto_rotated?: boolean;
2452
+ }
2453
+ /** Properties that describe a secret version. */
2454
+ interface UsernamePasswordSecretVersionMetadata extends SecretVersionMetadata {
2455
+ /** The v4 UUID that uniquely identifies the secret. */
2456
+ id?: string;
2457
+ /** The ID of the secret version. */
2458
+ version_id?: string;
2459
+ /** The date that the version of the secret was created. */
2460
+ creation_date?: string;
2461
+ /** The unique identifier for the entity that created the secret version. */
2462
+ created_by?: string;
2463
+ /** Indicates whether the payload for the secret version is stored and available. */
2464
+ payload_available?: boolean;
2465
+ /** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
2466
+ * service API.
2467
+ */
2468
+ downloaded?: boolean;
2469
+ /** Indicates whether the version of the secret was created by automatic rotation. */
2470
+ auto_rotated?: boolean;
2471
+ }
1137
2472
  }
1138
2473
  export = SecretsManagerV1;