@ibm-cloud/secrets-manager 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +7 -8
- package/secrets-manager/v1.d.ts +487 -156
- package/secrets-manager/v1.js +206 -101
- package/secrets-manager/v1.js.map +1 -1
package/secrets-manager/v1.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* (C) Copyright IBM Corp.
|
|
2
|
+
* (C) Copyright IBM Corp. 2022.
|
|
3
3
|
*
|
|
4
4
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
5
5
|
* you may not use this file except in compliance with the License.
|
|
@@ -18,8 +18,8 @@ import { IncomingHttpHeaders, OutgoingHttpHeaders } from 'http';
|
|
|
18
18
|
import { BaseService, UserOptions } from 'ibm-cloud-sdk-core';
|
|
19
19
|
/**
|
|
20
20
|
* With IBM Cloud® Secrets Manager, you can create, lease, and centrally manage secrets that are used in IBM Cloud
|
|
21
|
-
* services or your custom-built applications. Secrets are stored in a dedicated instance of Secrets Manager,
|
|
22
|
-
* open source HashiCorp Vault.
|
|
21
|
+
* services or your custom-built applications. Secrets are stored in a dedicated instance of Secrets Manager, which is
|
|
22
|
+
* built on open source HashiCorp Vault.
|
|
23
23
|
*
|
|
24
24
|
* API Version: 1.0.0
|
|
25
25
|
* See: https://cloud.ibm.com/docs/secrets-manager
|
|
@@ -124,7 +124,7 @@ declare class SecretsManagerV1 extends BaseService {
|
|
|
124
124
|
/**
|
|
125
125
|
* Create a secret.
|
|
126
126
|
*
|
|
127
|
-
*
|
|
127
|
+
* Create a secret or import an existing value that you can use to access or authenticate to a protected resource.
|
|
128
128
|
*
|
|
129
129
|
* Use this method to either generate or import an existing secret, such as an arbitrary value or a TLS certificate,
|
|
130
130
|
* that you can manage in your Secrets Manager service instance. A successful request stores the secret in your
|
|
@@ -204,7 +204,7 @@ declare class SecretsManagerV1 extends BaseService {
|
|
|
204
204
|
/**
|
|
205
205
|
* Get a secret.
|
|
206
206
|
*
|
|
207
|
-
*
|
|
207
|
+
* Get a secret and its details by specifying the ID of the secret.
|
|
208
208
|
*
|
|
209
209
|
* A successful request returns the secret data that is associated with your secret, along with other metadata. To
|
|
210
210
|
* view only the details of a specified secret without retrieving its value, use the [Get secret
|
|
@@ -222,14 +222,15 @@ declare class SecretsManagerV1 extends BaseService {
|
|
|
222
222
|
*
|
|
223
223
|
* Invokes an action on a specified secret. This method supports the following actions:
|
|
224
224
|
*
|
|
225
|
-
* - `rotate`: Replace the value of
|
|
225
|
+
* - `rotate`: Replace the value of a secret.
|
|
226
|
+
* - `restore`: Restore a previous version of an `iam_credentials` secret.
|
|
226
227
|
* - `delete_credentials`: Delete the API key that is associated with an `iam_credentials` secret.
|
|
227
228
|
*
|
|
228
229
|
* @param {Object} params - The parameters to send to the service.
|
|
229
230
|
* @param {string} params.secretType - The secret type.
|
|
230
231
|
* @param {string} params.id - The v4 UUID that uniquely identifies the secret.
|
|
231
232
|
* @param {string} params.action - The action to perform on the specified secret.
|
|
232
|
-
* @param {SecretAction} params.secretAction - The properties to update for the secret.
|
|
233
|
+
* @param {SecretAction} [params.secretAction] - The properties to update for the secret.
|
|
233
234
|
* @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
|
|
234
235
|
* @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecret>>}
|
|
235
236
|
*/
|
|
@@ -246,6 +247,20 @@ declare class SecretsManagerV1 extends BaseService {
|
|
|
246
247
|
* @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>}
|
|
247
248
|
*/
|
|
248
249
|
deleteSecret(params: SecretsManagerV1.DeleteSecretParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>;
|
|
250
|
+
/**
|
|
251
|
+
* List versions of a secret.
|
|
252
|
+
*
|
|
253
|
+
* Retrieves a list of the versions of a secret.
|
|
254
|
+
*
|
|
255
|
+
* A successful request returns the list of the versions along with the metadata of each version.
|
|
256
|
+
*
|
|
257
|
+
* @param {Object} params - The parameters to send to the service.
|
|
258
|
+
* @param {string} params.secretType - The secret type.
|
|
259
|
+
* @param {string} params.id - The v4 UUID that uniquely identifies the secret.
|
|
260
|
+
* @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
|
|
261
|
+
* @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretVersions>>}
|
|
262
|
+
*/
|
|
263
|
+
listSecretVersions(params: SecretsManagerV1.ListSecretVersionsParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretVersions>>;
|
|
249
264
|
/**
|
|
250
265
|
* Get a version of a secret.
|
|
251
266
|
*
|
|
@@ -363,7 +378,7 @@ declare class SecretsManagerV1 extends BaseService {
|
|
|
363
378
|
* configuration](#create_config_element) method.
|
|
364
379
|
*
|
|
365
380
|
* @param {Object} params - The parameters to send to the service.
|
|
366
|
-
* @param {string} params.secretType -
|
|
381
|
+
* @param {string} params.secretType - The secret type.
|
|
367
382
|
* @param {EngineConfig} params.engineConfig - Properties to update for a secrets engine.
|
|
368
383
|
* @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
|
|
369
384
|
* @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.Empty>>}
|
|
@@ -385,7 +400,7 @@ declare class SecretsManagerV1 extends BaseService {
|
|
|
385
400
|
*
|
|
386
401
|
* Adds a configuration element to the specified secret type.
|
|
387
402
|
*
|
|
388
|
-
* Use this method to define the configurations that are required to enable the
|
|
403
|
+
* Use this method to define the configurations that are required to enable the public certificates (`public_cert`)
|
|
389
404
|
* engine. You can add up to 10 certificate authority and DNS provider configurations for your instance.
|
|
390
405
|
*
|
|
391
406
|
* @param {Object} params - The parameters to send to the service.
|
|
@@ -394,7 +409,7 @@ declare class SecretsManagerV1 extends BaseService {
|
|
|
394
409
|
* @param {string} params.name - The human-readable name to assign to your configuration.
|
|
395
410
|
* @param {string} params.type - The type of configuration. Value options differ depending on the `config_element`
|
|
396
411
|
* property that you want to define.
|
|
397
|
-
* @param {
|
|
412
|
+
* @param {JsonObject} params.config - The configuration to define for the specified secret type.
|
|
398
413
|
* @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
|
|
399
414
|
* @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSingleConfigElement>>}
|
|
400
415
|
*/
|
|
@@ -435,7 +450,7 @@ declare class SecretsManagerV1 extends BaseService {
|
|
|
435
450
|
* @param {string} params.configName - The name of your configuration.
|
|
436
451
|
* @param {string} params.type - The type of configuration. Value options differ depending on the `config_element`
|
|
437
452
|
* property that you want to define.
|
|
438
|
-
* @param {JsonObject} params.config -
|
|
453
|
+
* @param {JsonObject} params.config - Properties that describe a configuration, which depends on type.
|
|
439
454
|
* @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
|
|
440
455
|
* @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSingleConfigElement>>}
|
|
441
456
|
*/
|
|
@@ -529,7 +544,8 @@ declare namespace SecretsManagerV1 {
|
|
|
529
544
|
IAM_CREDENTIALS = "iam_credentials",
|
|
530
545
|
IMPORTED_CERT = "imported_cert",
|
|
531
546
|
PUBLIC_CERT = "public_cert",
|
|
532
|
-
USERNAME_PASSWORD = "username_password"
|
|
547
|
+
USERNAME_PASSWORD = "username_password",
|
|
548
|
+
KV = "kv"
|
|
533
549
|
}
|
|
534
550
|
}
|
|
535
551
|
/** Parameters for the `listSecrets` operation. */
|
|
@@ -560,7 +576,8 @@ declare namespace SecretsManagerV1 {
|
|
|
560
576
|
IAM_CREDENTIALS = "iam_credentials",
|
|
561
577
|
IMPORTED_CERT = "imported_cert",
|
|
562
578
|
PUBLIC_CERT = "public_cert",
|
|
563
|
-
USERNAME_PASSWORD = "username_password"
|
|
579
|
+
USERNAME_PASSWORD = "username_password",
|
|
580
|
+
KV = "kv"
|
|
564
581
|
}
|
|
565
582
|
}
|
|
566
583
|
/** Parameters for the `listAllSecrets` operation. */
|
|
@@ -630,7 +647,8 @@ declare namespace SecretsManagerV1 {
|
|
|
630
647
|
IAM_CREDENTIALS = "iam_credentials",
|
|
631
648
|
IMPORTED_CERT = "imported_cert",
|
|
632
649
|
PUBLIC_CERT = "public_cert",
|
|
633
|
-
USERNAME_PASSWORD = "username_password"
|
|
650
|
+
USERNAME_PASSWORD = "username_password",
|
|
651
|
+
KV = "kv"
|
|
634
652
|
}
|
|
635
653
|
}
|
|
636
654
|
/** Parameters for the `updateSecret` operation. */
|
|
@@ -642,7 +660,7 @@ declare namespace SecretsManagerV1 {
|
|
|
642
660
|
/** The action to perform on the specified secret. */
|
|
643
661
|
action: UpdateSecretConstants.Action | string;
|
|
644
662
|
/** The properties to update for the secret. */
|
|
645
|
-
secretAction
|
|
663
|
+
secretAction?: SecretAction;
|
|
646
664
|
headers?: OutgoingHttpHeaders;
|
|
647
665
|
}
|
|
648
666
|
/** Constants for the `updateSecret` operation. */
|
|
@@ -653,11 +671,13 @@ declare namespace SecretsManagerV1 {
|
|
|
653
671
|
IAM_CREDENTIALS = "iam_credentials",
|
|
654
672
|
IMPORTED_CERT = "imported_cert",
|
|
655
673
|
PUBLIC_CERT = "public_cert",
|
|
656
|
-
USERNAME_PASSWORD = "username_password"
|
|
674
|
+
USERNAME_PASSWORD = "username_password",
|
|
675
|
+
KV = "kv"
|
|
657
676
|
}
|
|
658
677
|
/** The action to perform on the specified secret. */
|
|
659
678
|
enum Action {
|
|
660
679
|
ROTATE = "rotate",
|
|
680
|
+
RESTORE = "restore",
|
|
661
681
|
DELETE_CREDENTIALS = "delete_credentials"
|
|
662
682
|
}
|
|
663
683
|
}
|
|
@@ -677,7 +697,28 @@ declare namespace SecretsManagerV1 {
|
|
|
677
697
|
IAM_CREDENTIALS = "iam_credentials",
|
|
678
698
|
IMPORTED_CERT = "imported_cert",
|
|
679
699
|
PUBLIC_CERT = "public_cert",
|
|
680
|
-
USERNAME_PASSWORD = "username_password"
|
|
700
|
+
USERNAME_PASSWORD = "username_password",
|
|
701
|
+
KV = "kv"
|
|
702
|
+
}
|
|
703
|
+
}
|
|
704
|
+
/** Parameters for the `listSecretVersions` operation. */
|
|
705
|
+
interface ListSecretVersionsParams {
|
|
706
|
+
/** The secret type. */
|
|
707
|
+
secretType: ListSecretVersionsConstants.SecretType | string;
|
|
708
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
709
|
+
id: string;
|
|
710
|
+
headers?: OutgoingHttpHeaders;
|
|
711
|
+
}
|
|
712
|
+
/** Constants for the `listSecretVersions` operation. */
|
|
713
|
+
namespace ListSecretVersionsConstants {
|
|
714
|
+
/** The secret type. */
|
|
715
|
+
enum SecretType {
|
|
716
|
+
ARBITRARY = "arbitrary",
|
|
717
|
+
IAM_CREDENTIALS = "iam_credentials",
|
|
718
|
+
IMPORTED_CERT = "imported_cert",
|
|
719
|
+
PUBLIC_CERT = "public_cert",
|
|
720
|
+
USERNAME_PASSWORD = "username_password",
|
|
721
|
+
KV = "kv"
|
|
681
722
|
}
|
|
682
723
|
}
|
|
683
724
|
/** Parameters for the `getSecretVersion` operation. */
|
|
@@ -699,8 +740,12 @@ declare namespace SecretsManagerV1 {
|
|
|
699
740
|
namespace GetSecretVersionConstants {
|
|
700
741
|
/** The secret type. */
|
|
701
742
|
enum SecretType {
|
|
743
|
+
ARBITRARY = "arbitrary",
|
|
744
|
+
IAM_CREDENTIALS = "iam_credentials",
|
|
702
745
|
IMPORTED_CERT = "imported_cert",
|
|
703
|
-
PUBLIC_CERT = "public_cert"
|
|
746
|
+
PUBLIC_CERT = "public_cert",
|
|
747
|
+
USERNAME_PASSWORD = "username_password",
|
|
748
|
+
KV = "kv"
|
|
704
749
|
}
|
|
705
750
|
}
|
|
706
751
|
/** Parameters for the `getSecretVersionMetadata` operation. */
|
|
@@ -722,8 +767,12 @@ declare namespace SecretsManagerV1 {
|
|
|
722
767
|
namespace GetSecretVersionMetadataConstants {
|
|
723
768
|
/** The secret type. */
|
|
724
769
|
enum SecretType {
|
|
770
|
+
ARBITRARY = "arbitrary",
|
|
771
|
+
IAM_CREDENTIALS = "iam_credentials",
|
|
725
772
|
IMPORTED_CERT = "imported_cert",
|
|
726
|
-
PUBLIC_CERT = "public_cert"
|
|
773
|
+
PUBLIC_CERT = "public_cert",
|
|
774
|
+
USERNAME_PASSWORD = "username_password",
|
|
775
|
+
KV = "kv"
|
|
727
776
|
}
|
|
728
777
|
}
|
|
729
778
|
/** Parameters for the `getSecretMetadata` operation. */
|
|
@@ -742,7 +791,8 @@ declare namespace SecretsManagerV1 {
|
|
|
742
791
|
IAM_CREDENTIALS = "iam_credentials",
|
|
743
792
|
IMPORTED_CERT = "imported_cert",
|
|
744
793
|
PUBLIC_CERT = "public_cert",
|
|
745
|
-
USERNAME_PASSWORD = "username_password"
|
|
794
|
+
USERNAME_PASSWORD = "username_password",
|
|
795
|
+
KV = "kv"
|
|
746
796
|
}
|
|
747
797
|
}
|
|
748
798
|
/** Parameters for the `updateSecretMetadata` operation. */
|
|
@@ -765,7 +815,8 @@ declare namespace SecretsManagerV1 {
|
|
|
765
815
|
IAM_CREDENTIALS = "iam_credentials",
|
|
766
816
|
IMPORTED_CERT = "imported_cert",
|
|
767
817
|
PUBLIC_CERT = "public_cert",
|
|
768
|
-
USERNAME_PASSWORD = "username_password"
|
|
818
|
+
USERNAME_PASSWORD = "username_password",
|
|
819
|
+
KV = "kv"
|
|
769
820
|
}
|
|
770
821
|
}
|
|
771
822
|
/** Parameters for the `putPolicy` operation. */
|
|
@@ -818,6 +869,7 @@ declare namespace SecretsManagerV1 {
|
|
|
818
869
|
}
|
|
819
870
|
/** Parameters for the `putConfig` operation. */
|
|
820
871
|
interface PutConfigParams {
|
|
872
|
+
/** The secret type. */
|
|
821
873
|
secretType: PutConfigConstants.SecretType | string;
|
|
822
874
|
/** Properties to update for a secrets engine. */
|
|
823
875
|
engineConfig: EngineConfig;
|
|
@@ -825,7 +877,7 @@ declare namespace SecretsManagerV1 {
|
|
|
825
877
|
}
|
|
826
878
|
/** Constants for the `putConfig` operation. */
|
|
827
879
|
namespace PutConfigConstants {
|
|
828
|
-
/**
|
|
880
|
+
/** The secret type. */
|
|
829
881
|
enum SecretType {
|
|
830
882
|
IAM_CREDENTIALS = "iam_credentials"
|
|
831
883
|
}
|
|
@@ -857,7 +909,7 @@ declare namespace SecretsManagerV1 {
|
|
|
857
909
|
*/
|
|
858
910
|
type: CreateConfigElementConstants.Type | string;
|
|
859
911
|
/** The configuration to define for the specified secret type. */
|
|
860
|
-
config:
|
|
912
|
+
config: JsonObject;
|
|
861
913
|
headers?: OutgoingHttpHeaders;
|
|
862
914
|
}
|
|
863
915
|
/** Constants for the `createConfigElement` operation. */
|
|
@@ -933,6 +985,7 @@ declare namespace SecretsManagerV1 {
|
|
|
933
985
|
* define.
|
|
934
986
|
*/
|
|
935
987
|
type: UpdateConfigElementConstants.Type | string;
|
|
988
|
+
/** Properties that describe a configuration, which depends on type. */
|
|
936
989
|
config: JsonObject;
|
|
937
990
|
headers?: OutgoingHttpHeaders;
|
|
938
991
|
}
|
|
@@ -980,15 +1033,6 @@ declare namespace SecretsManagerV1 {
|
|
|
980
1033
|
/*************************
|
|
981
1034
|
* model interfaces
|
|
982
1035
|
************************/
|
|
983
|
-
/** CertificateSecretData. */
|
|
984
|
-
interface CertificateSecretData {
|
|
985
|
-
/** The contents of the certificate. */
|
|
986
|
-
certificate?: string;
|
|
987
|
-
/** The private key that is associated with the certificate. */
|
|
988
|
-
private_key?: string;
|
|
989
|
-
/** The intermediate certificate that is associated with the certificate. */
|
|
990
|
-
intermediate?: string;
|
|
991
|
-
}
|
|
992
1036
|
/** The metadata that describes the resource array. */
|
|
993
1037
|
interface CollectionMetadata {
|
|
994
1038
|
/** The type of resources in the resource array. */
|
|
@@ -1005,10 +1049,7 @@ declare namespace SecretsManagerV1 {
|
|
|
1005
1049
|
*/
|
|
1006
1050
|
type: string;
|
|
1007
1051
|
/** The configuration to define for the specified secret type. */
|
|
1008
|
-
config:
|
|
1009
|
-
}
|
|
1010
|
-
/** The configuration to define for the specified secret type. */
|
|
1011
|
-
interface ConfigElementDefConfig {
|
|
1052
|
+
config: JsonObject;
|
|
1012
1053
|
}
|
|
1013
1054
|
/** Properties that describe a configuration element. */
|
|
1014
1055
|
interface ConfigElementMetadata {
|
|
@@ -1059,24 +1100,6 @@ declare namespace SecretsManagerV1 {
|
|
|
1059
1100
|
/** GetSecretPolicies. */
|
|
1060
1101
|
interface GetSecretPolicies {
|
|
1061
1102
|
}
|
|
1062
|
-
/** Properties that describe a rotation policy. */
|
|
1063
|
-
interface GetSecretPolicyRotationResourcesItem {
|
|
1064
|
-
/** The v4 UUID that uniquely identifies the policy. */
|
|
1065
|
-
id: string;
|
|
1066
|
-
/** The Cloud Resource Name (CRN) that uniquely identifies your cloud resources. */
|
|
1067
|
-
crn?: string;
|
|
1068
|
-
/** The date the policy was created. The date format follows RFC 3339. */
|
|
1069
|
-
creation_date?: string;
|
|
1070
|
-
/** The unique identifier for the entity that created the policy. */
|
|
1071
|
-
created_by?: string;
|
|
1072
|
-
/** Updates when the policy is replaced or modified. The date format follows RFC 3339. */
|
|
1073
|
-
last_update_date?: string;
|
|
1074
|
-
/** The unique identifier for the entity that updated the policy. */
|
|
1075
|
-
updated_by?: string;
|
|
1076
|
-
/** The MIME type that represents the policy. Currently, only the default is supported. */
|
|
1077
|
-
type: string;
|
|
1078
|
-
rotation: SecretPolicyRotationRotation;
|
|
1079
|
-
}
|
|
1080
1103
|
/** Properties that describe the version of a secret. */
|
|
1081
1104
|
interface GetSecretVersion {
|
|
1082
1105
|
/** The metadata that describes the resource array. */
|
|
@@ -1102,7 +1125,7 @@ declare namespace SecretsManagerV1 {
|
|
|
1102
1125
|
interface IssuanceInfo {
|
|
1103
1126
|
/** The date the certificate was ordered. The date format follows RFC 3339. */
|
|
1104
1127
|
ordered_on?: string;
|
|
1105
|
-
/**
|
|
1128
|
+
/** A code that identifies an issuance error.
|
|
1106
1129
|
*
|
|
1107
1130
|
* This field, along with `error_message`, is returned when Secrets Manager successfully processes your request,
|
|
1108
1131
|
* but a certificate is unable to be issued by the certificate authority.
|
|
@@ -1125,6 +1148,13 @@ declare namespace SecretsManagerV1 {
|
|
|
1125
1148
|
/** The name that was assigned to the DNS provider configuration. */
|
|
1126
1149
|
dns?: string;
|
|
1127
1150
|
}
|
|
1151
|
+
/** Properties that describe a list of versions of a secret. */
|
|
1152
|
+
interface ListSecretVersions {
|
|
1153
|
+
/** The metadata that describes the resource array. */
|
|
1154
|
+
metadata: CollectionMetadata;
|
|
1155
|
+
/** A collection of resources. */
|
|
1156
|
+
resources?: SecretVersionInfo[];
|
|
1157
|
+
}
|
|
1128
1158
|
/** Properties that describe a list of secrets. */
|
|
1129
1159
|
interface ListSecrets {
|
|
1130
1160
|
/** The metadata that describes the resource array. */
|
|
@@ -1137,7 +1167,7 @@ declare namespace SecretsManagerV1 {
|
|
|
1137
1167
|
/** Determines whether Secrets Manager rotates your certificate automatically.
|
|
1138
1168
|
*
|
|
1139
1169
|
* If set to `true`, the service reorders your certificate 31 days before it expires. To access the previous
|
|
1140
|
-
* version of the
|
|
1170
|
+
* version of the certificate, you can use the [Get a version of a secret](#get-secret-version) method.
|
|
1141
1171
|
*/
|
|
1142
1172
|
auto_rotate?: boolean;
|
|
1143
1173
|
/** Determines whether Secrets Manager rotates the private key for your certificate automatically.
|
|
@@ -1221,6 +1251,9 @@ declare namespace SecretsManagerV1 {
|
|
|
1221
1251
|
/** SecretVersion. */
|
|
1222
1252
|
interface SecretVersion {
|
|
1223
1253
|
}
|
|
1254
|
+
/** Properties that describe a secret version within a list of secret versions. */
|
|
1255
|
+
interface SecretVersionInfo {
|
|
1256
|
+
}
|
|
1224
1257
|
/** SecretVersionMetadata. */
|
|
1225
1258
|
interface SecretVersionMetadata {
|
|
1226
1259
|
}
|
|
@@ -1237,8 +1270,9 @@ declare namespace SecretsManagerV1 {
|
|
|
1237
1270
|
id?: string;
|
|
1238
1271
|
/** Labels that you can use to filter for secrets in your instance.
|
|
1239
1272
|
*
|
|
1240
|
-
* Up to 30 labels can be created. Labels can be
|
|
1241
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
1273
|
+
* Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
|
|
1274
|
+
* characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
1275
|
+
* character (|).
|
|
1242
1276
|
*
|
|
1243
1277
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1244
1278
|
*/
|
|
@@ -1310,8 +1344,8 @@ declare namespace SecretsManagerV1 {
|
|
|
1310
1344
|
secret_group_id?: string;
|
|
1311
1345
|
/** Labels that you can use to filter for secrets in your instance.
|
|
1312
1346
|
*
|
|
1313
|
-
* Up to 30 labels can be created. Labels can be
|
|
1314
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
1347
|
+
* Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
|
|
1348
|
+
* not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
1315
1349
|
*
|
|
1316
1350
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1317
1351
|
*/
|
|
@@ -1350,16 +1384,53 @@ declare namespace SecretsManagerV1 {
|
|
|
1350
1384
|
expiration_date?: string;
|
|
1351
1385
|
/** The new secret data to assign to the secret. */
|
|
1352
1386
|
payload?: string;
|
|
1387
|
+
/** The data that is associated with the secret version. The data object contains the field `payload`. */
|
|
1353
1388
|
secret_data?: JsonObject;
|
|
1354
1389
|
}
|
|
1390
|
+
/** ArbitrarySecretVersion. */
|
|
1391
|
+
interface ArbitrarySecretVersion extends SecretVersion {
|
|
1392
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
1393
|
+
id?: string;
|
|
1394
|
+
/** The ID of the secret version. */
|
|
1395
|
+
version_id?: string;
|
|
1396
|
+
/** The date that the version of the secret was created. */
|
|
1397
|
+
creation_date?: string;
|
|
1398
|
+
/** The unique identifier for the entity that created the secret version. */
|
|
1399
|
+
created_by?: string;
|
|
1400
|
+
/** The data that is associated with the secret version. The data object contains the field `payload`. */
|
|
1401
|
+
secret_data?: JsonObject;
|
|
1402
|
+
}
|
|
1403
|
+
/** ArbitrarySecretVersionInfo. */
|
|
1404
|
+
interface ArbitrarySecretVersionInfo extends SecretVersionInfo {
|
|
1405
|
+
/** The ID of the secret version. */
|
|
1406
|
+
id?: string;
|
|
1407
|
+
/** The date that the version of the secret was created. */
|
|
1408
|
+
creation_date?: string;
|
|
1409
|
+
/** The unique identifier for the entity that created the secret version. */
|
|
1410
|
+
created_by?: string;
|
|
1411
|
+
/** Indicates whether the payload for the secret version is stored and available. */
|
|
1412
|
+
payload_available?: boolean;
|
|
1413
|
+
/** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
|
|
1414
|
+
* service API.
|
|
1415
|
+
*/
|
|
1416
|
+
downloaded?: boolean;
|
|
1417
|
+
}
|
|
1355
1418
|
/** Properties that describe a secret version. */
|
|
1356
1419
|
interface ArbitrarySecretVersionMetadata extends SecretVersionMetadata {
|
|
1357
|
-
/** The
|
|
1420
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
1358
1421
|
id?: string;
|
|
1422
|
+
/** The ID of the secret version. */
|
|
1423
|
+
version_id?: string;
|
|
1359
1424
|
/** The date that the version of the secret was created. */
|
|
1360
1425
|
creation_date?: string;
|
|
1361
1426
|
/** The unique identifier for the entity that created the secret version. */
|
|
1362
1427
|
created_by?: string;
|
|
1428
|
+
/** Indicates whether the payload for the secret version is stored and available. */
|
|
1429
|
+
payload_available?: boolean;
|
|
1430
|
+
/** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
|
|
1431
|
+
* service API.
|
|
1432
|
+
*/
|
|
1433
|
+
downloaded?: boolean;
|
|
1363
1434
|
}
|
|
1364
1435
|
/** Metadata properties that describe a certificate secret. */
|
|
1365
1436
|
interface CertificateSecretMetadata extends SecretMetadata {
|
|
@@ -1367,8 +1438,9 @@ declare namespace SecretsManagerV1 {
|
|
|
1367
1438
|
id?: string;
|
|
1368
1439
|
/** Labels that you can use to filter for secrets in your instance.
|
|
1369
1440
|
*
|
|
1370
|
-
* Up to 30 labels can be created. Labels can be
|
|
1371
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
1441
|
+
* Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
|
|
1442
|
+
* characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
1443
|
+
* character (|).
|
|
1372
1444
|
*
|
|
1373
1445
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1374
1446
|
*/
|
|
@@ -1409,8 +1481,8 @@ declare namespace SecretsManagerV1 {
|
|
|
1409
1481
|
versions_total?: number;
|
|
1410
1482
|
/** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
|
|
1411
1483
|
serial_number?: string;
|
|
1412
|
-
/** The identifier for the cryptographic
|
|
1413
|
-
* the
|
|
1484
|
+
/** The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign
|
|
1485
|
+
* the certificate.
|
|
1414
1486
|
*/
|
|
1415
1487
|
algorithm?: string;
|
|
1416
1488
|
/** The identifier for the cryptographic algorithm that was used to generate the public key that is associated
|
|
@@ -1453,8 +1525,8 @@ declare namespace SecretsManagerV1 {
|
|
|
1453
1525
|
secret_group_id?: string;
|
|
1454
1526
|
/** Labels that you can use to filter for secrets in your instance.
|
|
1455
1527
|
*
|
|
1456
|
-
* Up to 30 labels can be created. Labels can be
|
|
1457
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
1528
|
+
* Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
|
|
1529
|
+
* not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
1458
1530
|
*
|
|
1459
1531
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1460
1532
|
*/
|
|
@@ -1493,11 +1565,16 @@ declare namespace SecretsManagerV1 {
|
|
|
1493
1565
|
* line with embedded newline characters.
|
|
1494
1566
|
*/
|
|
1495
1567
|
intermediate?: string;
|
|
1568
|
+
/** The data that is associated with the secret. The data object contains the following fields:
|
|
1569
|
+
* `certificate`: The contents of the certificate.
|
|
1570
|
+
* `private_key`: The private key that is associated with the certificate.
|
|
1571
|
+
* `intermediate`: The intermediate certificate that is associated with the certificate.
|
|
1572
|
+
*/
|
|
1496
1573
|
secret_data?: JsonObject;
|
|
1497
1574
|
/** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
|
|
1498
1575
|
serial_number?: string;
|
|
1499
|
-
/** The identifier for the cryptographic
|
|
1500
|
-
* the
|
|
1576
|
+
/** The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign
|
|
1577
|
+
* the certificate.
|
|
1501
1578
|
*/
|
|
1502
1579
|
algorithm?: string;
|
|
1503
1580
|
/** The identifier for the cryptographic algorithm that was used to generate the public key that is associated
|
|
@@ -1522,8 +1599,6 @@ declare namespace SecretsManagerV1 {
|
|
|
1522
1599
|
interface CertificateSecretVersion extends SecretVersion {
|
|
1523
1600
|
/** The v4 UUID that uniquely identifies the secret. */
|
|
1524
1601
|
id?: string;
|
|
1525
|
-
/** The Cloud Resource Name (CRN) that uniquely identifies the secret. */
|
|
1526
|
-
crn?: string;
|
|
1527
1602
|
/** The ID of the secret version. */
|
|
1528
1603
|
version_id?: string;
|
|
1529
1604
|
/** The date that the version of the secret was created. */
|
|
@@ -1535,71 +1610,58 @@ declare namespace SecretsManagerV1 {
|
|
|
1535
1610
|
serial_number?: string;
|
|
1536
1611
|
/** The date that the certificate expires. The date format follows RFC 3339. */
|
|
1537
1612
|
expiration_date?: string;
|
|
1538
|
-
|
|
1613
|
+
/** The data that is associated with the secret version. The data object contains the following fields:
|
|
1614
|
+
* `certificate`: The contents of the certificate.
|
|
1615
|
+
* `private_key`: The private key that is associated with the certificate.
|
|
1616
|
+
* `intermediate`: The intermediate certificate that is associated with the certificate.
|
|
1617
|
+
*/
|
|
1618
|
+
secret_data?: JsonObject;
|
|
1539
1619
|
}
|
|
1540
|
-
/**
|
|
1541
|
-
interface
|
|
1620
|
+
/** CertificateSecretVersionInfo. */
|
|
1621
|
+
interface CertificateSecretVersionInfo extends SecretVersionInfo {
|
|
1542
1622
|
/** The ID of the secret version. */
|
|
1543
1623
|
id?: string;
|
|
1544
1624
|
/** The date that the version of the secret was created. */
|
|
1545
1625
|
creation_date?: string;
|
|
1546
1626
|
/** The unique identifier for the entity that created the secret version. */
|
|
1547
1627
|
created_by?: string;
|
|
1628
|
+
/** Indicates whether the payload for the secret version is stored and available. */
|
|
1629
|
+
payload_available?: boolean;
|
|
1630
|
+
/** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
|
|
1631
|
+
* service API.
|
|
1632
|
+
*/
|
|
1633
|
+
downloaded?: boolean;
|
|
1548
1634
|
/** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
|
|
1549
1635
|
serial_number?: string;
|
|
1550
1636
|
/** The date that the certificate expires. The date format follows RFC 3339. */
|
|
1551
1637
|
expiration_date?: string;
|
|
1552
1638
|
validity?: CertificateValidity;
|
|
1553
1639
|
}
|
|
1554
|
-
/** Properties that describe
|
|
1555
|
-
interface
|
|
1556
|
-
/** The
|
|
1557
|
-
|
|
1558
|
-
|
|
1559
|
-
|
|
1560
|
-
|
|
1561
|
-
|
|
1562
|
-
|
|
1563
|
-
|
|
1564
|
-
/**
|
|
1565
|
-
|
|
1566
|
-
|
|
1567
|
-
*
|
|
1568
|
-
* [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-classic-infrastructure).
|
|
1569
|
-
*/
|
|
1570
|
-
classic_infrastructure_password: string;
|
|
1571
|
-
}
|
|
1572
|
-
/** Properties that describe an IBM Cloud Internet Services (CIS) configuration. */
|
|
1573
|
-
interface ConfigElementDefConfigCloudInternetServicesConfig extends ConfigElementDefConfig {
|
|
1574
|
-
/** The Cloud Resource Name (CRN) that is associated with the CIS instance. */
|
|
1575
|
-
cis_crn: string;
|
|
1576
|
-
/** An IBM Cloud API key that has the capability to list domains in your CIS instance.
|
|
1577
|
-
*
|
|
1578
|
-
* To grant Secrets Manager the ability to view the CIS instance and all of its domains, the API key must be
|
|
1579
|
-
* assigned the Reader service role on Internet Services (`internet-svcs`).
|
|
1580
|
-
*
|
|
1581
|
-
* If you need to manage specific domains, you can assign the Manager role. For production environments, it is
|
|
1582
|
-
* recommended that you assign the Reader access role, and then use the
|
|
1583
|
-
* [IAM Policy Management API](https://cloud.ibm.com/apidocs/iam-policy-management#create-policy) to control
|
|
1584
|
-
* specific domains. For more information, see the
|
|
1585
|
-
* [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-specific-domains).
|
|
1586
|
-
*/
|
|
1587
|
-
cis_apikey?: string;
|
|
1588
|
-
}
|
|
1589
|
-
/** Properties that describe a Let's Encrypt configuration. */
|
|
1590
|
-
interface ConfigElementDefConfigLetsEncryptConfig extends ConfigElementDefConfig {
|
|
1591
|
-
/** The private key that is associated with your Automatic Certificate Management Environment (ACME) account.
|
|
1592
|
-
*
|
|
1593
|
-
* If you have a working ACME client or account for Let's Encrypt, you can use the existing private key to enable
|
|
1594
|
-
* communications with Secrets Manager. If you don't have an account yet, you can create one. For more information,
|
|
1595
|
-
* see the
|
|
1596
|
-
* [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#create-acme-account).
|
|
1640
|
+
/** Properties that describe a secret version. */
|
|
1641
|
+
interface CertificateSecretVersionMetadata extends SecretVersionMetadata {
|
|
1642
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
1643
|
+
id?: string;
|
|
1644
|
+
/** The ID of the secret version. */
|
|
1645
|
+
version_id?: string;
|
|
1646
|
+
/** The date that the version of the secret was created. */
|
|
1647
|
+
creation_date?: string;
|
|
1648
|
+
/** The unique identifier for the entity that created the secret version. */
|
|
1649
|
+
created_by?: string;
|
|
1650
|
+
/** Indicates whether the payload for the secret version is stored and available. */
|
|
1651
|
+
payload_available?: boolean;
|
|
1652
|
+
/** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
|
|
1653
|
+
* service API.
|
|
1597
1654
|
*/
|
|
1598
|
-
|
|
1655
|
+
downloaded?: boolean;
|
|
1656
|
+
/** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
|
|
1657
|
+
serial_number?: string;
|
|
1658
|
+
/** The date that the certificate expires. The date format follows RFC 3339. */
|
|
1659
|
+
expiration_date?: string;
|
|
1660
|
+
validity?: CertificateValidity;
|
|
1599
1661
|
}
|
|
1600
1662
|
/** Configuration for the IAM credentials engine. */
|
|
1601
1663
|
interface CreateIAMCredentialsSecretEngineRootConfig extends EngineConfig {
|
|
1602
|
-
/** An IBM Cloud API key that
|
|
1664
|
+
/** An IBM Cloud API key that can create and manage service IDs.
|
|
1603
1665
|
*
|
|
1604
1666
|
* The API key must be assigned the Editor platform role on the Access Groups Service and the Operator platform
|
|
1605
1667
|
* role on the IAM Identity Service. For more information, see the
|
|
@@ -1611,8 +1673,16 @@ declare namespace SecretsManagerV1 {
|
|
|
1611
1673
|
}
|
|
1612
1674
|
/** Delete the credentials that are associated with an `iam_credentials` secret. */
|
|
1613
1675
|
interface DeleteCredentialsForIAMCredentialsSecret extends SecretAction {
|
|
1614
|
-
/** The
|
|
1615
|
-
|
|
1676
|
+
/** The ID of the API key that you want to delete. If the secret was created with a static service ID, only the
|
|
1677
|
+
* API key is deleted. Otherwise, the service ID is deleted together with its API key.
|
|
1678
|
+
*/
|
|
1679
|
+
api_key_id?: string;
|
|
1680
|
+
/** The service ID that you want to delete. This property can be used instead of the `api_key_id` field, but
|
|
1681
|
+
* only for secrets that were created with a service ID that was generated by Secrets Manager.
|
|
1682
|
+
*
|
|
1683
|
+
* **Deprecated.** Use the `api_key_id` field instead.
|
|
1684
|
+
*/
|
|
1685
|
+
service_id?: string;
|
|
1616
1686
|
}
|
|
1617
1687
|
/** Certificate authorities configuration. */
|
|
1618
1688
|
interface GetConfigElementsResourcesItemCertificateAuthoritiesConfig extends GetConfigElementsResourcesItem {
|
|
@@ -1627,11 +1697,11 @@ declare namespace SecretsManagerV1 {
|
|
|
1627
1697
|
/** The metadata that describes the resource array. */
|
|
1628
1698
|
metadata: CollectionMetadata;
|
|
1629
1699
|
/** A collection of resources. */
|
|
1630
|
-
resources:
|
|
1700
|
+
resources: JsonObject[];
|
|
1631
1701
|
}
|
|
1632
1702
|
/** Configuration for the IAM credentials engine. */
|
|
1633
1703
|
interface IAMCredentialsSecretEngineRootConfig extends GetConfigResourcesItem {
|
|
1634
|
-
/** An IBM Cloud API key that
|
|
1704
|
+
/** An IBM Cloud API key that can create and manage service IDs.
|
|
1635
1705
|
*
|
|
1636
1706
|
* The API key must be assigned the Editor platform role on the Access Groups Service and the Operator platform
|
|
1637
1707
|
* role on the IAM Identity Service. For more information, see the
|
|
@@ -1647,8 +1717,9 @@ declare namespace SecretsManagerV1 {
|
|
|
1647
1717
|
id?: string;
|
|
1648
1718
|
/** Labels that you can use to filter for secrets in your instance.
|
|
1649
1719
|
*
|
|
1650
|
-
* Up to 30 labels can be created. Labels can be
|
|
1651
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
1720
|
+
* Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
|
|
1721
|
+
* characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
1722
|
+
* character (|).
|
|
1652
1723
|
*
|
|
1653
1724
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1654
1725
|
*/
|
|
@@ -1692,13 +1763,32 @@ declare namespace SecretsManagerV1 {
|
|
|
1692
1763
|
* For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
|
|
1693
1764
|
* be either an integer that specifies the number of seconds, or the string representation of a duration, such as
|
|
1694
1765
|
* `120m` or `24h`.
|
|
1766
|
+
*
|
|
1767
|
+
* Minimum duration is 1 minute. Maximum is 90 days.
|
|
1695
1768
|
*/
|
|
1696
1769
|
ttl?: any;
|
|
1697
|
-
/**
|
|
1698
|
-
*
|
|
1699
|
-
*
|
|
1770
|
+
/** Determines whether to use the same service ID and API key for future read operations on an
|
|
1771
|
+
* `iam_credentials` secret.
|
|
1772
|
+
*
|
|
1773
|
+
* If set to `true`, the service reuses the current credentials. If set to `false`, a new service ID and API key
|
|
1774
|
+
* are generated each time that the secret is read or accessed.
|
|
1700
1775
|
*/
|
|
1701
1776
|
reuse_api_key?: boolean;
|
|
1777
|
+
/** Indicates whether an `iam_credentials` secret was created with a static service ID.
|
|
1778
|
+
*
|
|
1779
|
+
* If the value is `true`, the service ID for the secret was provided by the user at secret creation. If the value
|
|
1780
|
+
* is `false`, the service ID was generated by Secrets Manager.
|
|
1781
|
+
*/
|
|
1782
|
+
service_id_is_static?: boolean;
|
|
1783
|
+
/** The service ID under which the API key is created. The service ID is included in the metadata only if the
|
|
1784
|
+
* secret was created with a static service ID.
|
|
1785
|
+
*/
|
|
1786
|
+
service_id?: string;
|
|
1787
|
+
/** The access groups that define the capabilities of the service ID and API key that are generated for an
|
|
1788
|
+
* `iam_credentials` secret. The access groups are included in the metadata only if the secret was created with a
|
|
1789
|
+
* service ID that was generated by Secrets Manager.
|
|
1790
|
+
*/
|
|
1791
|
+
access_groups?: string[];
|
|
1702
1792
|
}
|
|
1703
1793
|
/** Properties that describe a secret. */
|
|
1704
1794
|
interface IAMCredentialsSecretResource extends SecretResource {
|
|
@@ -1722,8 +1812,8 @@ declare namespace SecretsManagerV1 {
|
|
|
1722
1812
|
secret_group_id?: string;
|
|
1723
1813
|
/** Labels that you can use to filter for secrets in your instance.
|
|
1724
1814
|
*
|
|
1725
|
-
* Up to 30 labels can be created. Labels can be
|
|
1726
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
1815
|
+
* Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
|
|
1816
|
+
* not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
1727
1817
|
*
|
|
1728
1818
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1729
1819
|
*/
|
|
@@ -1755,10 +1845,13 @@ declare namespace SecretsManagerV1 {
|
|
|
1755
1845
|
* For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
|
|
1756
1846
|
* be either an integer that specifies the number of seconds, or the string representation of a duration, such as
|
|
1757
1847
|
* `120m` or `24h`.
|
|
1848
|
+
*
|
|
1849
|
+
* Minimum duration is 1 minute. Maximum is 90 days.
|
|
1758
1850
|
*/
|
|
1759
1851
|
ttl?: any;
|
|
1760
1852
|
/** The access groups that define the capabilities of the service ID and API key that are generated for an
|
|
1761
|
-
* `iam_credentials` secret.
|
|
1853
|
+
* `iam_credentials` secret. If you prefer to use an existing service ID that is already assigned the access
|
|
1854
|
+
* policies that you require, you can omit this parameter and use the `service_id` field instead.
|
|
1762
1855
|
*
|
|
1763
1856
|
* **Tip:** To list the access groups that are available in an account, you can use the [IAM Access Groups
|
|
1764
1857
|
* API](https://cloud.ibm.com/apidocs/iam-access-groups#list-access-groups). To find the ID of an access group in
|
|
@@ -1772,26 +1865,193 @@ declare namespace SecretsManagerV1 {
|
|
|
1772
1865
|
* you want to continue to use the same API key for future read operations, see the `reuse_api_key` field.
|
|
1773
1866
|
*/
|
|
1774
1867
|
api_key?: string;
|
|
1775
|
-
/** The
|
|
1776
|
-
|
|
1868
|
+
/** The ID of the API key that is generated for this secret. */
|
|
1869
|
+
api_key_id?: string;
|
|
1870
|
+
/** The service ID under which the API key (see the `api_key` field) is created.
|
|
1871
|
+
*
|
|
1872
|
+
* If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation and adds
|
|
1873
|
+
* it to the access groups that you assign.
|
|
1874
|
+
*
|
|
1875
|
+
* Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or
|
|
1876
|
+
* retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not
|
|
1877
|
+
* include the `access_groups` parameter.
|
|
1777
1878
|
*/
|
|
1778
1879
|
service_id?: string;
|
|
1779
|
-
/**
|
|
1880
|
+
/** Indicates whether an `iam_credentials` secret was created with a static service ID.
|
|
1881
|
+
*
|
|
1882
|
+
* If `true`, the service ID for the secret was provided by the user at secret creation. If `false`, the service ID
|
|
1883
|
+
* was generated by Secrets Manager.
|
|
1884
|
+
*/
|
|
1885
|
+
service_id_is_static?: boolean;
|
|
1886
|
+
/** Determines whether to use the same service ID and API key for future read operations on an
|
|
1887
|
+
* `iam_credentials` secret.
|
|
1780
1888
|
*
|
|
1781
|
-
*
|
|
1782
|
-
*
|
|
1783
|
-
* API key is generated each time that the secret is read or accessed.
|
|
1889
|
+
* If set to `true`, the service reuses the current credentials. If set to `false`, a new service ID and API key
|
|
1890
|
+
* are generated each time that the secret is read or accessed.
|
|
1784
1891
|
*/
|
|
1785
1892
|
reuse_api_key?: boolean;
|
|
1786
1893
|
}
|
|
1894
|
+
/** IAMCredentialsSecretVersion. */
|
|
1895
|
+
interface IAMCredentialsSecretVersion extends SecretVersion {
|
|
1896
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
1897
|
+
id?: string;
|
|
1898
|
+
/** The ID of the secret version. */
|
|
1899
|
+
version_id?: string;
|
|
1900
|
+
/** The date that the version of the secret was created. */
|
|
1901
|
+
creation_date?: string;
|
|
1902
|
+
/** The unique identifier for the entity that created the secret version. */
|
|
1903
|
+
created_by?: string;
|
|
1904
|
+
/** The data that is associated with the secret version. The data object contains the following fields:
|
|
1905
|
+
* `api_key`: The API key that is generated for this secret.
|
|
1906
|
+
* `api_key_id`: The ID of the API key that is generated for this secret.
|
|
1907
|
+
* `service_id`: The service ID under which the API key is created.
|
|
1908
|
+
*/
|
|
1909
|
+
secret_data?: JsonObject;
|
|
1910
|
+
}
|
|
1911
|
+
/** IAMCredentialsSecretVersionInfo. */
|
|
1912
|
+
interface IAMCredentialsSecretVersionInfo extends SecretVersionInfo {
|
|
1913
|
+
/** The ID of the secret version. */
|
|
1914
|
+
id?: string;
|
|
1915
|
+
/** The date that the version of the secret was created. */
|
|
1916
|
+
creation_date?: string;
|
|
1917
|
+
/** The unique identifier for the entity that created the secret version. */
|
|
1918
|
+
created_by?: string;
|
|
1919
|
+
/** Indicates whether the payload for the secret version is stored and available. */
|
|
1920
|
+
payload_available?: boolean;
|
|
1921
|
+
/** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
|
|
1922
|
+
* service API.
|
|
1923
|
+
*/
|
|
1924
|
+
downloaded?: boolean;
|
|
1925
|
+
}
|
|
1787
1926
|
/** Properties that describe a secret version. */
|
|
1788
1927
|
interface IAMCredentialsSecretVersionMetadata extends SecretVersionMetadata {
|
|
1789
|
-
/** The
|
|
1928
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
1790
1929
|
id?: string;
|
|
1930
|
+
/** The ID of the secret version. */
|
|
1931
|
+
version_id?: string;
|
|
1791
1932
|
/** The date that the version of the secret was created. */
|
|
1792
1933
|
creation_date?: string;
|
|
1793
1934
|
/** The unique identifier for the entity that created the secret version. */
|
|
1794
1935
|
created_by?: string;
|
|
1936
|
+
/** Indicates whether the payload for the secret version is stored and available. */
|
|
1937
|
+
payload_available?: boolean;
|
|
1938
|
+
/** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
|
|
1939
|
+
* service API.
|
|
1940
|
+
*/
|
|
1941
|
+
downloaded?: boolean;
|
|
1942
|
+
}
|
|
1943
|
+
/** Metadata properties that describe a key-value secret. */
|
|
1944
|
+
interface KvSecretMetadata extends SecretMetadata {
|
|
1945
|
+
/** The unique ID of the secret. */
|
|
1946
|
+
id?: string;
|
|
1947
|
+
/** Labels that you can use to filter for secrets in your instance.
|
|
1948
|
+
*
|
|
1949
|
+
* Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
|
|
1950
|
+
* characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
1951
|
+
* character (|).
|
|
1952
|
+
*
|
|
1953
|
+
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1954
|
+
*/
|
|
1955
|
+
labels?: string[];
|
|
1956
|
+
/** A human-readable alias to assign to your secret.
|
|
1957
|
+
*
|
|
1958
|
+
* To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
|
|
1959
|
+
*/
|
|
1960
|
+
name: string;
|
|
1961
|
+
/** An extended description of your secret.
|
|
1962
|
+
*
|
|
1963
|
+
* To protect your privacy, do not use personal data, such as your name or location, as a description for your
|
|
1964
|
+
* secret.
|
|
1965
|
+
*/
|
|
1966
|
+
description?: string;
|
|
1967
|
+
/** The v4 UUID that uniquely identifies the secret group to assign to this secret.
|
|
1968
|
+
*
|
|
1969
|
+
* If you omit this parameter, your secret is assigned to the `default` secret group.
|
|
1970
|
+
*/
|
|
1971
|
+
secret_group_id?: string;
|
|
1972
|
+
/** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
|
|
1973
|
+
* Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
|
|
1974
|
+
*/
|
|
1975
|
+
state?: number;
|
|
1976
|
+
/** A text representation of the secret state. */
|
|
1977
|
+
state_description?: string;
|
|
1978
|
+
/** The secret type. */
|
|
1979
|
+
secret_type?: string;
|
|
1980
|
+
/** The Cloud Resource Name (CRN) that uniquely identifies the resource. */
|
|
1981
|
+
crn?: string;
|
|
1982
|
+
/** The date the secret was created. The date format follows RFC 3339. */
|
|
1983
|
+
creation_date?: string;
|
|
1984
|
+
/** The unique identifier for the entity that created the secret. */
|
|
1985
|
+
created_by?: string;
|
|
1986
|
+
/** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
|
|
1987
|
+
last_update_date?: string;
|
|
1988
|
+
/** The number of versions the secret has. */
|
|
1989
|
+
versions_total?: number;
|
|
1990
|
+
}
|
|
1991
|
+
/** Properties that describe a secret. */
|
|
1992
|
+
interface KvSecretResource extends SecretResource {
|
|
1993
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
1994
|
+
id?: string;
|
|
1995
|
+
/** A human-readable alias to assign to your secret.
|
|
1996
|
+
*
|
|
1997
|
+
* To protect your privacy, do not use personal data, such as your name or location, as an alias for your secret.
|
|
1998
|
+
*/
|
|
1999
|
+
name: string;
|
|
2000
|
+
/** An extended description of your secret.
|
|
2001
|
+
*
|
|
2002
|
+
* To protect your privacy, do not use personal data, such as your name or location, as a description for your
|
|
2003
|
+
* secret.
|
|
2004
|
+
*/
|
|
2005
|
+
description?: string;
|
|
2006
|
+
/** The v4 UUID that uniquely identifies the secret group to assign to this secret.
|
|
2007
|
+
*
|
|
2008
|
+
* If you omit this parameter, your secret is assigned to the `default` secret group.
|
|
2009
|
+
*/
|
|
2010
|
+
secret_group_id?: string;
|
|
2011
|
+
/** Labels that you can use to filter for secrets in your instance.
|
|
2012
|
+
*
|
|
2013
|
+
* Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
|
|
2014
|
+
* not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
2015
|
+
*
|
|
2016
|
+
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
2017
|
+
*/
|
|
2018
|
+
labels?: string[];
|
|
2019
|
+
/** The secret state based on NIST SP 800-57. States are integers and correspond to the Pre-activation = 0,
|
|
2020
|
+
* Active = 1, Suspended = 2, Deactivated = 3, and Destroyed = 5 values.
|
|
2021
|
+
*/
|
|
2022
|
+
state?: number;
|
|
2023
|
+
/** A text representation of the secret state. */
|
|
2024
|
+
state_description?: string;
|
|
2025
|
+
/** The secret type. */
|
|
2026
|
+
secret_type?: string;
|
|
2027
|
+
/** The Cloud Resource Name (CRN) that uniquely identifies your Secrets Manager resource. */
|
|
2028
|
+
crn?: string;
|
|
2029
|
+
/** The date the secret was created. The date format follows RFC 3339. */
|
|
2030
|
+
creation_date?: string;
|
|
2031
|
+
/** The unique identifier for the entity that created the secret. */
|
|
2032
|
+
created_by?: string;
|
|
2033
|
+
/** Updates when the actual secret is modified. The date format follows RFC 3339. */
|
|
2034
|
+
last_update_date?: string;
|
|
2035
|
+
/** The number of versions that are associated with a secret. */
|
|
2036
|
+
versions_total?: number;
|
|
2037
|
+
/** An array that contains metadata for each secret version. For more information on the metadata properties,
|
|
2038
|
+
* see [Get secret version metadata](#get-secret-version-metadata).
|
|
2039
|
+
*/
|
|
2040
|
+
versions?: JsonObject[];
|
|
2041
|
+
/** The date the secret material expires. The date format follows RFC 3339.
|
|
2042
|
+
*
|
|
2043
|
+
* You can set an expiration date on supported secret types at their creation. If you create a secret without
|
|
2044
|
+
* specifying an expiration date, the secret does not expire. The `expiration_date` field is supported for the
|
|
2045
|
+
* following secret types:
|
|
2046
|
+
*
|
|
2047
|
+
* - `arbitrary`
|
|
2048
|
+
* - `username_password`.
|
|
2049
|
+
*/
|
|
2050
|
+
expiration_date?: string;
|
|
2051
|
+
/** The new secret data to assign to the secret. */
|
|
2052
|
+
payload?: JsonObject;
|
|
2053
|
+
/** The data that is associated with the secret version. The data object contains the field `payload`. */
|
|
2054
|
+
secret_data?: JsonObject;
|
|
1795
2055
|
}
|
|
1796
2056
|
/** Configuration for the public certificates engine. */
|
|
1797
2057
|
interface PublicCertSecretEngineRootConfig extends GetConfigResourcesItem {
|
|
@@ -1801,13 +2061,14 @@ declare namespace SecretsManagerV1 {
|
|
|
1801
2061
|
dns_providers?: ConfigElementMetadata[];
|
|
1802
2062
|
}
|
|
1803
2063
|
/** Metadata properties that describe a public certificate secret. */
|
|
1804
|
-
interface
|
|
2064
|
+
interface PublicCertificateSecretMetadata extends SecretMetadata {
|
|
1805
2065
|
/** The unique ID of the secret. */
|
|
1806
2066
|
id?: string;
|
|
1807
2067
|
/** Labels that you can use to filter for secrets in your instance.
|
|
1808
2068
|
*
|
|
1809
|
-
* Up to 30 labels can be created. Labels can be
|
|
1810
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
2069
|
+
* Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
|
|
2070
|
+
* characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
2071
|
+
* character (|).
|
|
1811
2072
|
*
|
|
1812
2073
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1813
2074
|
*/
|
|
@@ -1853,8 +2114,8 @@ declare namespace SecretsManagerV1 {
|
|
|
1853
2114
|
* Set to `false` for the certificate file to contain only the issued certificate.
|
|
1854
2115
|
*/
|
|
1855
2116
|
bundle_certs?: boolean;
|
|
1856
|
-
/** The identifier for the cryptographic
|
|
1857
|
-
*
|
|
2117
|
+
/** The identifier for the cryptographic algorithm to be used by the issuing certificate authority to sign the
|
|
2118
|
+
* certificate.
|
|
1858
2119
|
*/
|
|
1859
2120
|
algorithm?: string;
|
|
1860
2121
|
/** The identifier for the cryptographic algorithm to be used to generate the public key that is associated with
|
|
@@ -1895,8 +2156,8 @@ declare namespace SecretsManagerV1 {
|
|
|
1895
2156
|
secret_group_id?: string;
|
|
1896
2157
|
/** Labels that you can use to filter for secrets in your instance.
|
|
1897
2158
|
*
|
|
1898
|
-
* Up to 30 labels can be created. Labels can be
|
|
1899
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
2159
|
+
* Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
|
|
2160
|
+
* not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
1900
2161
|
*
|
|
1901
2162
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
1902
2163
|
*/
|
|
@@ -1940,15 +2201,15 @@ declare namespace SecretsManagerV1 {
|
|
|
1940
2201
|
* To view a list of your configured authorities, use the [List configurations API](#get-secret-config-element).
|
|
1941
2202
|
*/
|
|
1942
2203
|
dns?: string;
|
|
1943
|
-
/** The identifier for the cryptographic
|
|
1944
|
-
*
|
|
2204
|
+
/** The identifier for the cryptographic algorithm to be used by the issuing certificate authority to sign the
|
|
2205
|
+
* certificate.
|
|
1945
2206
|
*/
|
|
1946
2207
|
algorithm?: string;
|
|
1947
2208
|
/** The identifier for the cryptographic algorithm to be used to generate the public key that is associated with
|
|
1948
2209
|
* the certificate.
|
|
1949
2210
|
*
|
|
1950
|
-
* The algorithm that you select determines the encryption
|
|
1951
|
-
* generate keys and sign certificates. For longer living certificates it is recommended to use longer keys to
|
|
2211
|
+
* The algorithm that you select determines the encryption algorithm (`RSA` or `ECDSA`) and key size to be used to
|
|
2212
|
+
* generate keys and sign certificates. For longer living certificates, it is recommended to use longer keys to
|
|
1952
2213
|
* provide more encryption protection.
|
|
1953
2214
|
*/
|
|
1954
2215
|
key_algorithm?: string;
|
|
@@ -1956,12 +2217,29 @@ declare namespace SecretsManagerV1 {
|
|
|
1956
2217
|
alt_names?: string[];
|
|
1957
2218
|
/** The fully qualified domain name or host domain name for the certificate. */
|
|
1958
2219
|
common_name?: string;
|
|
2220
|
+
/** Indicates whether the issued certificate includes a private key. */
|
|
2221
|
+
private_key_included?: boolean;
|
|
2222
|
+
/** Indicates whether the issued certificate includes an intermediate certificate. */
|
|
2223
|
+
intermediate_included?: boolean;
|
|
1959
2224
|
rotation?: Rotation;
|
|
1960
2225
|
/** Issuance information that is associated with your certificate. */
|
|
1961
2226
|
issuance_info?: IssuanceInfo;
|
|
1962
|
-
|
|
2227
|
+
validity?: CertificateValidity;
|
|
2228
|
+
/** The data that is associated with the secret. The data object contains the following fields:
|
|
2229
|
+
*
|
|
2230
|
+
* `certificate`: The contents of the certificate.
|
|
2231
|
+
*
|
|
2232
|
+
* `private_key`: The private key that is associated with the certificate.
|
|
2233
|
+
*
|
|
2234
|
+
* `intermediate`: The intermediate certificate that is associated with the certificate.
|
|
2235
|
+
*/
|
|
1963
2236
|
secret_data?: JsonObject;
|
|
1964
2237
|
}
|
|
2238
|
+
/** The request body of a `restore` action. */
|
|
2239
|
+
interface RestoreIAMCredentialsSecretBody extends SecretAction {
|
|
2240
|
+
/** The ID of the target version or the alias `previous`. */
|
|
2241
|
+
version_id: string;
|
|
2242
|
+
}
|
|
1965
2243
|
/** The request body of a `rotate` action. */
|
|
1966
2244
|
interface RotateArbitrarySecretBody extends SecretAction {
|
|
1967
2245
|
/** The new secret data to assign to an `arbitrary` secret. */
|
|
@@ -1977,8 +2255,13 @@ declare namespace SecretsManagerV1 {
|
|
|
1977
2255
|
intermediate?: string;
|
|
1978
2256
|
}
|
|
1979
2257
|
/** The request body of a `rotate` action. */
|
|
2258
|
+
interface RotateKvSecretBody extends SecretAction {
|
|
2259
|
+
/** The new secret data to assign to a key-value secret. */
|
|
2260
|
+
payload: JsonObject;
|
|
2261
|
+
}
|
|
2262
|
+
/** The request body of a `rotate` action. */
|
|
1980
2263
|
interface RotatePublicCertBody extends SecretAction {
|
|
1981
|
-
/** Determine whether keys
|
|
2264
|
+
/** Determine whether keys must be rotated. */
|
|
1982
2265
|
rotate_keys: boolean;
|
|
1983
2266
|
}
|
|
1984
2267
|
/** The request body of a `rotate` action. */
|
|
@@ -2004,8 +2287,9 @@ declare namespace SecretsManagerV1 {
|
|
|
2004
2287
|
id?: string;
|
|
2005
2288
|
/** Labels that you can use to filter for secrets in your instance.
|
|
2006
2289
|
*
|
|
2007
|
-
* Up to 30 labels can be created. Labels can be
|
|
2008
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
2290
|
+
* Up to 30 labels can be created. Labels can be in the range 2 - 30 characters, including spaces. Special
|
|
2291
|
+
* characters that are not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe
|
|
2292
|
+
* character (|).
|
|
2009
2293
|
*
|
|
2010
2294
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
2011
2295
|
*/
|
|
@@ -2077,8 +2361,8 @@ declare namespace SecretsManagerV1 {
|
|
|
2077
2361
|
secret_group_id?: string;
|
|
2078
2362
|
/** Labels that you can use to filter for secrets in your instance.
|
|
2079
2363
|
*
|
|
2080
|
-
* Up to 30 labels can be created. Labels can be
|
|
2081
|
-
* permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
2364
|
+
* Up to 30 labels can be created. Labels can be 2 - 30 characters, including spaces. Special characters that are
|
|
2365
|
+
* not permitted include the angled bracket, comma, colon, ampersand, and vertical pipe character (|).
|
|
2082
2366
|
*
|
|
2083
2367
|
* To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
|
|
2084
2368
|
*/
|
|
@@ -2109,6 +2393,10 @@ declare namespace SecretsManagerV1 {
|
|
|
2109
2393
|
username?: string;
|
|
2110
2394
|
/** The password to assign to this secret. */
|
|
2111
2395
|
password?: string;
|
|
2396
|
+
/** The data that is associated with the secret version. The data object contains the following fields:
|
|
2397
|
+
* `username`: The username that is associated with the secret version.
|
|
2398
|
+
* `password`: The password that is associated with the secret version.
|
|
2399
|
+
*/
|
|
2112
2400
|
secret_data?: JsonObject;
|
|
2113
2401
|
/** The date the secret material expires. The date format follows RFC 3339.
|
|
2114
2402
|
*
|
|
@@ -2127,14 +2415,57 @@ declare namespace SecretsManagerV1 {
|
|
|
2127
2415
|
*/
|
|
2128
2416
|
next_rotation_date?: string;
|
|
2129
2417
|
}
|
|
2418
|
+
/** UsernamePasswordSecretVersion. */
|
|
2419
|
+
interface UsernamePasswordSecretVersion extends SecretVersion {
|
|
2420
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
2421
|
+
id?: string;
|
|
2422
|
+
/** The ID of the secret version. */
|
|
2423
|
+
version_id?: string;
|
|
2424
|
+
/** The date that the version of the secret was created. */
|
|
2425
|
+
creation_date?: string;
|
|
2426
|
+
/** The unique identifier for the entity that created the secret version. */
|
|
2427
|
+
created_by?: string;
|
|
2428
|
+
/** Indicates whether the version of the secret was created by automatic rotation. */
|
|
2429
|
+
auto_rotated?: boolean;
|
|
2430
|
+
/** The data that is associated with the secret version. The data object contains the following fields:
|
|
2431
|
+
* `username`: The username that is associated with the secret version.
|
|
2432
|
+
* `password`: The password that is associated with the secret version.
|
|
2433
|
+
*/
|
|
2434
|
+
secret_data?: JsonObject;
|
|
2435
|
+
}
|
|
2436
|
+
/** UsernamePasswordSecretVersionInfo. */
|
|
2437
|
+
interface UsernamePasswordSecretVersionInfo extends SecretVersionInfo {
|
|
2438
|
+
/** The ID of the secret version. */
|
|
2439
|
+
id?: string;
|
|
2440
|
+
/** The date that the version of the secret was created. */
|
|
2441
|
+
creation_date?: string;
|
|
2442
|
+
/** The unique identifier for the entity that created the secret version. */
|
|
2443
|
+
created_by?: string;
|
|
2444
|
+
/** Indicates whether the payload for the secret version is stored and available. */
|
|
2445
|
+
payload_available?: boolean;
|
|
2446
|
+
/** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
|
|
2447
|
+
* service API.
|
|
2448
|
+
*/
|
|
2449
|
+
downloaded?: boolean;
|
|
2450
|
+
/** Indicates whether the version of the secret was created by automatic rotation. */
|
|
2451
|
+
auto_rotated?: boolean;
|
|
2452
|
+
}
|
|
2130
2453
|
/** Properties that describe a secret version. */
|
|
2131
2454
|
interface UsernamePasswordSecretVersionMetadata extends SecretVersionMetadata {
|
|
2132
|
-
/** The
|
|
2455
|
+
/** The v4 UUID that uniquely identifies the secret. */
|
|
2133
2456
|
id?: string;
|
|
2457
|
+
/** The ID of the secret version. */
|
|
2458
|
+
version_id?: string;
|
|
2134
2459
|
/** The date that the version of the secret was created. */
|
|
2135
2460
|
creation_date?: string;
|
|
2136
2461
|
/** The unique identifier for the entity that created the secret version. */
|
|
2137
2462
|
created_by?: string;
|
|
2463
|
+
/** Indicates whether the payload for the secret version is stored and available. */
|
|
2464
|
+
payload_available?: boolean;
|
|
2465
|
+
/** Indicates whether the secret data that is associated with a secret version was retrieved in a call to the
|
|
2466
|
+
* service API.
|
|
2467
|
+
*/
|
|
2468
|
+
downloaded?: boolean;
|
|
2138
2469
|
/** Indicates whether the version of the secret was created by automatic rotation. */
|
|
2139
2470
|
auto_rotated?: boolean;
|
|
2140
2471
|
}
|