@ibm-cloud/secrets-manager 1.0.31 → 1.0.34

package/secrets-manager/v1.js

@@ -39,7 +39,7 @@ var __assign = (this && this.__assign) || function () {
     return __assign.apply(this, arguments);
 };
 /**
- * IBM OpenAPI SDK Code Generator Version: 3.46.0-a4e29da0-20220224-210428
+ * IBM OpenAPI SDK Code Generator Version: 3.51.0-5b8b699d-20220613-200818
  */
 var extend = require("extend");
 var ibm_cloud_sdk_core_1 = require("ibm-cloud-sdk-core");
@@ -71,9 +71,6 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
         if (options.serviceUrl) {
             _this.setServiceUrl(options.serviceUrl);
         }
-        else {
-            _this.setServiceUrl(SecretsManagerV1.DEFAULT_SERVICE_URL);
-        }
         return _this;
     }
     /*************************
@@ -109,7 +106,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Create a secret group.
      *
-     * Creates a secret group that you can use to organize secrets and control who on your team has access to them.
+     * Create a secret group that you can use to organize secrets and control who on your team has access to them.
      *
      * A successful request returns the ID value of the secret group, along with other metadata. To learn more about
      * secret groups, check out the
@@ -152,7 +149,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * List secret groups.
      *
-     * Retrieves the list of secret groups that are available in your Secrets Manager instance.
+     * List the secret groups that are available in your Secrets Manager instance.
      *
      * @param {Object} [params] - The parameters to send to the service.
      * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
@@ -183,7 +180,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Get a secret group.
      *
-     * Retrieves the metadata of an existing secret group by specifying the ID of the group.
+     * Get the metadata of an existing secret group by specifying the ID of the group.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.id - The v4 UUID that uniquely identifies the secret group.
@@ -219,7 +216,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Update a secret group.
      *
-     * Updates the metadata of an existing secret group, such as its name or description.
+     * Update the metadata of an existing secret group, such as its name or description.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.id - The v4 UUID that uniquely identifies the secret group.
@@ -263,7 +260,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Delete a secret group.
      *
-     * Deletes a secret group by specifying the ID of the secret group.
+     * Delete a secret group by specifying the ID of the secret group.
      *
      * **Note:** To delete a secret group, it must be empty. If you need to remove a secret group that contains secrets,
      * you must first [delete the secrets](#delete-secret) that are associated with the group.
@@ -355,7 +352,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * List secrets by type.
      *
-     * Retrieves a list of secrets based on the type that you specify.
+     * List the secrets in your Secrets Manager instance based on the type that you specify.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -364,12 +361,12 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
      * resources.
      *
      * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use
-     * `../secrets/{secret-type}?limit=5`.
+     * `../secrets/{secret_type}?limit=5`.
      * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
      * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
      *
      * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
-     * `../secrets/{secret-type}?offset=25&limit=25`.
+     * `..?offset=25&limit=25`.
      * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
      * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecrets>>}
      */
@@ -407,7 +404,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * List all secrets.
      *
-     * Retrieves a list of all secrets in your Secrets Manager instance.
+     * List all of the secrets in your Secrets Manager instance.
      *
      * @param {Object} [params] - The parameters to send to the service.
      * @param {number} [params.limit] - The number of secrets to retrieve. By default, list operations return the first
@@ -415,28 +412,28 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
      * resources.
      *
      * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use
-     * `../secrets/{secret-type}?limit=5`.
+     * `../secrets/{secret_type}?limit=5`.
      * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
      * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
      *
      * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
-     * `../secrets/{secret-type}?offset=25&limit=25`.
+     * `..?offset=25&limit=25`.
      * @param {string} [params.search] - Filter secrets that contain the specified string. The fields that are searched
      * include: id, name, description, labels, secret_type.
      *
      * **Usage:** If you want to list only the secrets that contain the string "text", use
-     * `../secrets/{secret-type}?search=text`.
+     * `../secrets/{secret_type}?search=text`.
      * @param {string} [params.sortBy] - Sort a list of secrets by the specified field.
      *
      * **Usage:** To sort a list of secrets by their creation date, use
-     * `../secrets/{secret-type}?sort_by=creation_date`.
+     * `../secrets/{secret_type}?sort_by=creation_date`.
      * @param {string[]} [params.groups] - Filter secrets by groups.
      *
      * You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets
      * that are in the default secret group, use the `default` keyword.
      *
      * **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group,
-     * use `../secrets?groups={secret_group_ID},default`.
+     * use `..?groups={secret_group_ID},default`.
      * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
      * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecrets>>}
      */
@@ -515,7 +512,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Invoke an action on a secret.
      *
-     * Invokes an action on a specified secret. This method supports the following actions:
+     * Invoke an action on a specified secret. This method supports the following actions:
      *
      * - `rotate`: Replace the value of a secret.
      * - `restore`: Restore a previous version of an `iam_credentials` secret.
@@ -567,7 +564,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Delete a secret.
      *
-     * Deletes a secret by specifying the ID of the secret.
+     * Delete a secret by specifying the ID of the secret.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -603,7 +600,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * List versions of a secret.
      *
-     * Retrieves a list of the versions of a secret.
+     * List the versions of a secret.
      *
      * A successful request returns the list of the versions along with the metadata of each version.
      *
@@ -643,7 +640,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Get a version of a secret.
      *
-     * Retrieves a version of a secret by specifying the ID of the version or the alias `previous`.
+     * Get a version of a secret by specifying the ID of the version or the alias `previous`.
      *
      * A successful request returns the secret data that is associated with the specified version of your secret, along
      * with other metadata.
@@ -687,10 +684,61 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
         };
         return this.createRequest(parameters);
     };
+    /**
+     * Invoke an action on a version of a secret.
+     *
+     * Invoke an action on a specified version of a secret. This method supports the following actions:
+     *
+     * - `revoke`: Revoke a version of a private certificate.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
+     * `previous` to retrieve the previous version.
+     *
+     * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
+     * the response details.
+     * @param {string} params.action - The action to perform on the specified secret version.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecret>>}
+     */
+    SecretsManagerV1.prototype.updateSecretVersion = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = ['secretType', 'id', 'versionId', 'action'];
+        var _validParams = ['secretType', 'id', 'versionId', 'action', 'headers'];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var query = {
+            'action': _params.action,
+        };
+        var path = {
+            'secret_type': _params.secretType,
+            'id': _params.id,
+            'version_id': _params.versionId,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'updateSecretVersion');
+        var parameters = {
+            options: {
+                url: '/api/v1/secrets/{secret_type}/{id}/versions/{version_id}',
+                method: 'POST',
+                qs: query,
+                path: path,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
     /**
      * Get secret version metadata.
      *
-     * Retrieves secret version metadata by specifying the ID of the version or the alias `previous`.
+     * Get the metadata of a secret version by specifying the ID of the version or the alias `previous`.
      *
      * A successful request returns the metadata that is associated with the specified version of your secret.
      *
@@ -736,7 +784,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Get secret metadata.
      *
-     * Retrieves the details of a secret by specifying the ID.
+     * Get the details of a secret by specifying its ID.
      *
      * A successful request returns only metadata about the secret, such as its name and creation date. To retrieve the
      * value of a secret, use the [Get a secret](#get-secret) or [Get a version of a secret](#get-secret-version) methods.
@@ -777,7 +825,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Update secret metadata.
      *
-     * Updates the metadata of a secret, such as its name or description.
+     * Update the metadata of a secret, such as its name or description.
      *
      * To update the actual contents of a secret, rotate the secret by using the [Invoke an action on a
      * secret](#update-secret) method.
@@ -823,15 +871,450 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
         };
         return this.createRequest(parameters);
     };
+    /*************************
+     * locks
+     ************************/
+    /**
+     * List secret locks.
+     *
+     * List the locks that are associated with a specified secret.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {number} [params.limit] - The number of secrets with locks to retrieve. By default, list operations return
+     * the first 25 items. To retrieve a different set of items, use `limit` with `offset` to page through your available
+     * resources.
+     *
+     * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+     * `..?limit=5`.
+     * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
+     * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
+     *
+     * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+     * `..?offset=25&limit=25`.
+     * @param {string} [params.search] - Filter locks that contain the specified string in the field "name".
+     *
+     * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+     * `..?search=text`.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretLocks>>}
+     */
+    SecretsManagerV1.prototype.getLocks = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = ['secretType', 'id'];
+        var _validParams = ['secretType', 'id', 'limit', 'offset', 'search', 'headers'];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var query = {
+            'limit': _params.limit,
+            'offset': _params.offset,
+            'search': _params.search,
+        };
+        var path = {
+            'secret_type': _params.secretType,
+            'id': _params.id,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'getLocks');
+        var parameters = {
+            options: {
+                url: '/api/v1/locks/{secret_type}/{id}',
+                method: 'GET',
+                qs: query,
+                path: path,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
+    /**
+     * Lock a secret.
+     *
+     * Create a lock on the current version of a secret.
+     *
+     * A lock can be used to prevent a secret from being deleted or modified while it's in use by your applications. A
+     * successful request attaches a new lock to your secret, or replaces a lock of the same name if it already exists.
+     * Additionally, you can use this method to clear any matching locks on a secret by using one of the following
+     * optional lock modes:
+     *
+     * - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret.
+     * - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if
+     * it doesn't have any locks.
+     *
+     * For more information about locking secrets, check out the
+     * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-locks).
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {LockSecretBodyLocksItem[]} [params.locks] - The lock data to be attached to a secret version.
+     * @param {string} [params.mode] - An optional lock mode. At lock creation, you can set one of the following modes to
+     * clear any matching locks on a secret version.
+     *
+     * - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret.
+     * - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if
+     * it doesn't have any locks.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>}
+     */
+    SecretsManagerV1.prototype.lockSecret = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = ['secretType', 'id'];
+        var _validParams = ['secretType', 'id', 'locks', 'mode', 'headers'];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var body = {
+            'locks': _params.locks,
+        };
+        var query = {
+            'mode': _params.mode,
+        };
+        var path = {
+            'secret_type': _params.secretType,
+            'id': _params.id,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'lockSecret');
+        var parameters = {
+            options: {
+                url: '/api/v1/locks/{secret_type}/{id}/lock',
+                method: 'POST',
+                body: body,
+                qs: query,
+                path: path,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                    'Content-Type': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
+    /**
+     * Unlock a secret.
+     *
+     * Delete one or more locks that are associated with the current version of a secret.
+     *
+     * A successful request deletes the locks that you specify. To remove all locks, you can pass `{"locks": ["*"]}` in in
+     * the request body. Otherwise, specify the names of the locks that you want to delete. For example, `{"locks":
+     * ["lock1", "lock2"]}`.
+     *
+     * **Note:** A secret is considered unlocked and able to be revoked or deleted only after all of its locks are
+     * removed. To understand whether a secret contains locks, check the `locks_total` field that is returned as part of
+     * the metadata of your secret.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string[]} [params.locks] - A comma-separated list of locks to delete.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>}
+     */
+    SecretsManagerV1.prototype.unlockSecret = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = ['secretType', 'id'];
+        var _validParams = ['secretType', 'id', 'locks', 'headers'];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var body = {
+            'locks': _params.locks,
+        };
+        var path = {
+            'secret_type': _params.secretType,
+            'id': _params.id,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'unlockSecret');
+        var parameters = {
+            options: {
+                url: '/api/v1/locks/{secret_type}/{id}/unlock',
+                method: 'POST',
+                body: body,
+                path: path,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                    'Content-Type': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
+    /**
+     * List secret version locks.
+     *
+     * List the locks that are associated with a specified secret version.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
+     * `previous` to retrieve the previous version.
+     *
+     * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
+     * the response details.
+     * @param {number} [params.limit] - The number of secrets with locks to retrieve. By default, list operations return
+     * the first 25 items. To retrieve a different set of items, use `limit` with `offset` to page through your available
+     * resources.
+     *
+     * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+     * `..?limit=5`.
+     * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
+     * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
+     *
+     * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+     * `..?offset=25&limit=25`.
+     * @param {string} [params.search] - Filter locks that contain the specified string in the field "name".
+     *
+     * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+     * `..?search=text`.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretLocks>>}
+     */
+    SecretsManagerV1.prototype.getSecretVersionLocks = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = ['secretType', 'id', 'versionId'];
+        var _validParams = ['secretType', 'id', 'versionId', 'limit', 'offset', 'search', 'headers'];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var query = {
+            'limit': _params.limit,
+            'offset': _params.offset,
+            'search': _params.search,
+        };
+        var path = {
+            'secret_type': _params.secretType,
+            'id': _params.id,
+            'version_id': _params.versionId,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'getSecretVersionLocks');
+        var parameters = {
+            options: {
+                url: '/api/v1/locks/{secret_type}/{id}/versions/{version_id}',
+                method: 'GET',
+                qs: query,
+                path: path,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
+    /**
+     * Lock a secret version.
+     *
+     * Create a lock on the specified version of a secret.
+     *
+     * A lock can be used to prevent a secret from being deleted or modified while it's in use by your applications. A
+     * successful request attaches a new lock to the specified version, or replaces a lock of the same name if it already
+     * exists. Additionally, you can use this method to clear any matching locks on a secret version by using one of the
+     * following optional lock modes:
+     *
+     * - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret.
+     * - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if
+     * it doesn't have any locks.
+     *
+     * For more information about locking secrets, check out the
+     * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-locks).
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
+     * `previous` to retrieve the previous version.
+     *
+     * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
+     * the response details.
+     * @param {LockSecretBodyLocksItem[]} [params.locks] - The lock data to be attached to a secret version.
+     * @param {string} [params.mode] - An optional lock mode. At lock creation, you can set one of the following modes to
+     * clear any matching locks on a secret version.
+     *
+     * - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret.
+     * - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if
+     * it doesn't have any locks.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>}
+     */
+    SecretsManagerV1.prototype.lockSecretVersion = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = ['secretType', 'id', 'versionId'];
+        var _validParams = ['secretType', 'id', 'versionId', 'locks', 'mode', 'headers'];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var body = {
+            'locks': _params.locks,
+        };
+        var query = {
+            'mode': _params.mode,
+        };
+        var path = {
+            'secret_type': _params.secretType,
+            'id': _params.id,
+            'version_id': _params.versionId,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'lockSecretVersion');
+        var parameters = {
+            options: {
+                url: '/api/v1/locks/{secret_type}/{id}/versions/{version_id}/lock',
+                method: 'POST',
+                body: body,
+                qs: query,
+                path: path,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                    'Content-Type': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
+    /**
+     * Unlock a secret version.
+     *
+     * Delete one or more locks that are associated with the specified secret version.
+     *
+     * A successful request deletes the locks that you specify. To remove all locks, you can pass `{"locks": ["*"]}` in in
+     * the request body. Otherwise, specify the names of the locks that you want to delete. For example, `{"locks":
+     * ["lock-1", "lock-2"]}`.
+     *
+     * **Note:** A secret is considered unlocked and able to be revoked or deleted only after all of its locks are
+     * removed. To understand whether a secret contains locks, check the `locks_total` field that is returned as part of
+     * the metadata of your secret.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
+     * `previous` to retrieve the previous version.
+     *
+     * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
+     * the response details.
+     * @param {string[]} [params.locks] - A comma-separated list of locks to delete.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>}
+     */
+    SecretsManagerV1.prototype.unlockSecretVersion = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = ['secretType', 'id', 'versionId'];
+        var _validParams = ['secretType', 'id', 'versionId', 'locks', 'headers'];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var body = {
+            'locks': _params.locks,
+        };
+        var path = {
+            'secret_type': _params.secretType,
+            'id': _params.id,
+            'version_id': _params.versionId,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'unlockSecretVersion');
+        var parameters = {
+            options: {
+                url: '/api/v1/locks/{secret_type}/{id}/versions/{version_id}/unlock',
+                method: 'POST',
+                body: body,
+                path: path,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                    'Content-Type': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
+    /**
+     * List all secrets and locks.
+     *
+     * List the lock details that are associated with all secrets in your Secrets Manager instance.
+     *
+     * @param {Object} [params] - The parameters to send to the service.
+     * @param {number} [params.limit] - The number of secrets with locks to retrieve. By default, list operations return
+     * the first 25 items. To retrieve a different set of items, use `limit` with `offset` to page through your available
+     * resources.
+     *
+     * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+     * `..?limit=5`.
+     * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
+     * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
+     *
+     * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+     * `..?offset=25&limit=25`.
+     * @param {string} [params.search] - Filter locks that contain the specified string in the field "name".
+     *
+     * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+     * `..?search=text`.
+     * @param {string[]} [params.groups] - Filter secrets by groups.
+     *
+     * You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets
+     * that are in the default secret group, use the `default` keyword.
+     *
+     * **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group,
+     * use `..?groups={secret_group_ID},default`.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetInstanceLocks>>}
+     */
+    SecretsManagerV1.prototype.listInstanceSecretsLocks = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = [];
+        var _validParams = ['limit', 'offset', 'search', 'groups', 'headers'];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var query = {
+            'limit': _params.limit,
+            'offset': _params.offset,
+            'search': _params.search,
+            'groups': _params.groups,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'listInstanceSecretsLocks');
+        var parameters = {
+            options: {
+                url: '/api/v1/locks',
+                method: 'GET',
+                qs: query,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
     /*************************
      * policies
      ************************/
     /**
      * Set secret policies.
      *
-     * Creates or updates one or more policies, such as an [automatic rotation
-     * policy](http://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-rotate-secrets#auto-rotate-secret), for the
-     * specified secret.
+     * Create or update one or more policies, such as an [automatic rotation
+     * policy](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-automatic-rotation), for the specified
+     * secret.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -882,7 +1365,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * List secret policies.
      *
-     * Retrieves a list of policies that are associated with a specified secret.
+     * List the rotation policies that are associated with a specified secret.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -928,11 +1411,11 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Set the configuration of a secret type.
      *
-     * Sets the configuration for the specified secret type.
+     * Set the configuration for the specified secret type.
      *
      * Use this method to configure the IAM credentials (`iam_credentials`) engine for your service instance. Looking to
-     * set up certificate ordering? To configure the public certificates (`public_cert`) engine, use the [Add a
-     * configuration](#create_config_element) method.
+     * order or generate certificates? To configure the public certificates (`public_cert`) or  private certificates
+     * (`private_cert`) engines, use the [Add a configuration](#create_config_element) method.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -971,7 +1454,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Get the configuration of a secret type.
      *
-     * Retrieves the configuration that is associated with the specified secret type.
+     * Get the configuration that is associated with the specified secret type.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -1007,17 +1490,17 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Add a configuration.
      *
-     * Adds a configuration element to the specified secret type.
+     * Add a configuration element to the specified secret type.
      *
      * Use this method to define the configurations that are required to enable the public certificates (`public_cert`)
-     * engine and the private certificates (`private_cert`) engine.
+     * and private certificates (`private_cert`) engines.
      *
      * You can add multiple configurations for your instance as follows:
      *
      * - Up to 10 public certificate authority configurations
      * - Up to 10 DNS provider configurations
-     * - Up to 10 private root certifiate authority configurations
-     * - Up to 10 private intermediate certifiate authority configurations
+     * - Up to 10 private root certificate authority configurations
+     * - Up to 10 private intermediate certificate authority configurations
      * - Up to 10 certificate templates.
      *
      * @param {Object} params - The parameters to send to the service.
@@ -1067,7 +1550,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * List configurations.
      *
-     * Lists the configuration elements that are associated with a specified secret type.
+     * List the configuration elements that are associated with a specified secret type.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -1105,7 +1588,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Get a configuration.
      *
-     * Retrieves the details of a specific configuration that is associated with a secret type.
+     * Get the details of a specific configuration that is associated with a secret type.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -1145,7 +1628,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Update a configuration.
      *
-     * Updates a configuration element that is associated with the specified secret type.
+     * Update a configuration element that is associated with the specified secret type.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -1191,10 +1674,74 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
         };
         return this.createRequest(parameters);
     };
+    /**
+     * Invoke an action on a configuration.
+     *
+     * Invoke an action on a specified configuration element. This method supports the following actions:
+     *
+     * - `sign_intermediate`: Sign an intermediate certificate authority.
+     * - `sign_csr`: Sign a certificate signing request.
+     * - `set_signed`: Set a signed intermediate certificate authority.
+     * - `revoke`: Revoke an internally signed intermediate certificate authority certificate.
+     * - `rotate_crl`: Rotate the certificate revocation list (CRL) of an intermediate certificate authority.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.configElement - The configuration element on which the action is applied.
+     * @param {string} params.configName - The name of the certificate authority.
+     * @param {string} params.action - The action to perform on the specified configuration element.
+     * @param {ConfigAction} [params.config] - Properties that describe an action on a configuration element.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ConfigElementActionResult>>}
+     */
+    SecretsManagerV1.prototype.actionOnConfigElement = function (params) {
+        var _params = __assign({}, params);
+        var _requiredParams = ['secretType', 'configElement', 'configName', 'action'];
+        var _validParams = [
+            'secretType',
+            'configElement',
+            'configName',
+            'action',
+            'config',
+            'headers',
+        ];
+        var _validationErrors = ibm_cloud_sdk_core_1.validateParams(_params, _requiredParams, _validParams);
+        if (_validationErrors) {
+            return Promise.reject(_validationErrors);
+        }
+        var body = {
+            'config': _params.config,
+        };
+        var query = {
+            'action': _params.action,
+        };
+        var path = {
+            'secret_type': _params.secretType,
+            'config_element': _params.configElement,
+            'config_name': _params.configName,
+        };
+        var sdkHeaders = common_1.getSdkHeaders(SecretsManagerV1.DEFAULT_SERVICE_NAME, 'v1', 'actionOnConfigElement');
+        var parameters = {
+            options: {
+                url: '/api/v1/config/{secret_type}/{config_element}/{config_name}',
+                method: 'POST',
+                body: body,
+                qs: query,
+                path: path,
+            },
+            defaultOptions: extend(true, {}, this.baseOptions, {
+                headers: extend(true, sdkHeaders, {
+                    'Accept': 'application/json',
+                    'Content-Type': 'application/json',
+                }, _params.headers),
+            }),
+        };
+        return this.createRequest(parameters);
+    };
     /**
      * Delete a configuration.
      *
-     * Deletes a configuration element from the specified secret type.
+     * Delete a configuration element from the specified secret type.
      *
      * @param {Object} params - The parameters to send to the service.
      * @param {string} params.secretType - The secret type.
@@ -1235,7 +1782,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Register with Event Notifications.
      *
-     * Creates a registration between a Secrets Manager instance and [Event
+     * Create a registration between a Secrets Manager instance and [Event
      * Notifications](https://cloud.ibm.com/apidocs/event-notifications).
      *
      * A successful request adds Secrets Manager as a source that you can reference from your Event Notifications
@@ -1289,7 +1836,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Get Event Notifications registration details.
      *
-     * Retrieves the details of an existing registration between a Secrets Manager instance and Event Notifications.
+     * Get the details of an existing registration between a Secrets Manager instance and Event Notifications.
      *
      * @param {Object} [params] - The parameters to send to the service.
      * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
@@ -1320,7 +1867,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /**
      * Unregister from Event Notifications.
      *
-     * Deletes a registration between a Secrets Manager instance and Event Notifications.
+     * Delete a registration between a Secrets Manager instance and Event Notifications.
      *
      * A successful request removes your Secrets Manager instance as a source in Event Notifications.
      *
@@ -1349,7 +1896,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
         return this.createRequest(parameters);
     };
     /**
-     * Send test event.
+     * Send a test event.
      *
      * Send a test event from a Secrets Manager instance to a configured [Event
      * Notifications](https://cloud.ibm.com/apidocs/event-notifications) instance.
@@ -1382,7 +1929,6 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
         };
         return this.createRequest(parameters);
     };
-    SecretsManagerV1.DEFAULT_SERVICE_URL = 'https://secrets-manager.cloud.ibm.com';
     SecretsManagerV1.DEFAULT_SERVICE_NAME = 'secrets_manager';
     return SecretsManagerV1;
 }(ibm_cloud_sdk_core_1.BaseService));
@@ -1423,7 +1969,7 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
     /** Constants for the `listAllSecrets` operation. */
     var ListAllSecretsConstants;
     (function (ListAllSecretsConstants) {
-        /** Sort a list of secrets by the specified field. **Usage:** To sort a list of secrets by their creation date, use `../secrets/{secret-type}?sort_by=creation_date`. */
+        /** Sort a list of secrets by the specified field. **Usage:** To sort a list of secrets by their creation date, use `../secrets/{secret_type}?sort_by=creation_date`. */
         var SortBy;
         (function (SortBy) {
             SortBy["ID"] = "id";
@@ -1516,6 +2062,20 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
             SecretType["KV"] = "kv";
         })(SecretType = GetSecretVersionConstants.SecretType || (GetSecretVersionConstants.SecretType = {}));
     })(GetSecretVersionConstants = SecretsManagerV1.GetSecretVersionConstants || (SecretsManagerV1.GetSecretVersionConstants = {}));
+    /** Constants for the `updateSecretVersion` operation. */
+    var UpdateSecretVersionConstants;
+    (function (UpdateSecretVersionConstants) {
+        /** The secret type. */
+        var SecretType;
+        (function (SecretType) {
+            SecretType["PRIVATE_CERT"] = "private_cert";
+        })(SecretType = UpdateSecretVersionConstants.SecretType || (UpdateSecretVersionConstants.SecretType = {}));
+        /** The action to perform on the specified secret version. */
+        var Action;
+        (function (Action) {
+            Action["REVOKE"] = "revoke";
+        })(Action = UpdateSecretVersionConstants.Action || (UpdateSecretVersionConstants.Action = {}));
+    })(UpdateSecretVersionConstants = SecretsManagerV1.UpdateSecretVersionConstants || (SecretsManagerV1.UpdateSecretVersionConstants = {}));
     /** Constants for the `getSecretVersionMetadata` operation. */
     var GetSecretVersionMetadataConstants;
     (function (GetSecretVersionMetadataConstants) {
@@ -1561,6 +2121,108 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
             SecretType["KV"] = "kv";
         })(SecretType = UpdateSecretMetadataConstants.SecretType || (UpdateSecretMetadataConstants.SecretType = {}));
     })(UpdateSecretMetadataConstants = SecretsManagerV1.UpdateSecretMetadataConstants || (SecretsManagerV1.UpdateSecretMetadataConstants = {}));
+    /** Constants for the `getLocks` operation. */
+    var GetLocksConstants;
+    (function (GetLocksConstants) {
+        /** The secret type. */
+        var SecretType;
+        (function (SecretType) {
+            SecretType["ARBITRARY"] = "arbitrary";
+            SecretType["IAM_CREDENTIALS"] = "iam_credentials";
+            SecretType["IMPORTED_CERT"] = "imported_cert";
+            SecretType["PUBLIC_CERT"] = "public_cert";
+            SecretType["PRIVATE_CERT"] = "private_cert";
+            SecretType["USERNAME_PASSWORD"] = "username_password";
+            SecretType["KV"] = "kv";
+        })(SecretType = GetLocksConstants.SecretType || (GetLocksConstants.SecretType = {}));
+    })(GetLocksConstants = SecretsManagerV1.GetLocksConstants || (SecretsManagerV1.GetLocksConstants = {}));
+    /** Constants for the `lockSecret` operation. */
+    var LockSecretConstants;
+    (function (LockSecretConstants) {
+        /** The secret type. */
+        var SecretType;
+        (function (SecretType) {
+            SecretType["ARBITRARY"] = "arbitrary";
+            SecretType["IAM_CREDENTIALS"] = "iam_credentials";
+            SecretType["IMPORTED_CERT"] = "imported_cert";
+            SecretType["PUBLIC_CERT"] = "public_cert";
+            SecretType["PRIVATE_CERT"] = "private_cert";
+            SecretType["USERNAME_PASSWORD"] = "username_password";
+            SecretType["KV"] = "kv";
+        })(SecretType = LockSecretConstants.SecretType || (LockSecretConstants.SecretType = {}));
+        /** An optional lock mode. At lock creation, you can set one of the following modes to clear any matching locks on a secret version. - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret. - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if it doesn't have any locks. */
+        var Mode;
+        (function (Mode) {
+            Mode["EXCLUSIVE"] = "exclusive";
+            Mode["EXCLUSIVE_DELETE"] = "exclusive_delete";
+        })(Mode = LockSecretConstants.Mode || (LockSecretConstants.Mode = {}));
+    })(LockSecretConstants = SecretsManagerV1.LockSecretConstants || (SecretsManagerV1.LockSecretConstants = {}));
+    /** Constants for the `unlockSecret` operation. */
+    var UnlockSecretConstants;
+    (function (UnlockSecretConstants) {
+        /** The secret type. */
+        var SecretType;
+        (function (SecretType) {
+            SecretType["ARBITRARY"] = "arbitrary";
+            SecretType["IAM_CREDENTIALS"] = "iam_credentials";
+            SecretType["IMPORTED_CERT"] = "imported_cert";
+            SecretType["PUBLIC_CERT"] = "public_cert";
+            SecretType["PRIVATE_CERT"] = "private_cert";
+            SecretType["USERNAME_PASSWORD"] = "username_password";
+            SecretType["KV"] = "kv";
+        })(SecretType = UnlockSecretConstants.SecretType || (UnlockSecretConstants.SecretType = {}));
+    })(UnlockSecretConstants = SecretsManagerV1.UnlockSecretConstants || (SecretsManagerV1.UnlockSecretConstants = {}));
+    /** Constants for the `getSecretVersionLocks` operation. */
+    var GetSecretVersionLocksConstants;
+    (function (GetSecretVersionLocksConstants) {
+        /** The secret type. */
+        var SecretType;
+        (function (SecretType) {
+            SecretType["ARBITRARY"] = "arbitrary";
+            SecretType["IAM_CREDENTIALS"] = "iam_credentials";
+            SecretType["IMPORTED_CERT"] = "imported_cert";
+            SecretType["PUBLIC_CERT"] = "public_cert";
+            SecretType["PRIVATE_CERT"] = "private_cert";
+            SecretType["USERNAME_PASSWORD"] = "username_password";
+            SecretType["KV"] = "kv";
+        })(SecretType = GetSecretVersionLocksConstants.SecretType || (GetSecretVersionLocksConstants.SecretType = {}));
+    })(GetSecretVersionLocksConstants = SecretsManagerV1.GetSecretVersionLocksConstants || (SecretsManagerV1.GetSecretVersionLocksConstants = {}));
+    /** Constants for the `lockSecretVersion` operation. */
+    var LockSecretVersionConstants;
+    (function (LockSecretVersionConstants) {
+        /** The secret type. */
+        var SecretType;
+        (function (SecretType) {
+            SecretType["ARBITRARY"] = "arbitrary";
+            SecretType["IAM_CREDENTIALS"] = "iam_credentials";
+            SecretType["IMPORTED_CERT"] = "imported_cert";
+            SecretType["PUBLIC_CERT"] = "public_cert";
+            SecretType["PRIVATE_CERT"] = "private_cert";
+            SecretType["USERNAME_PASSWORD"] = "username_password";
+            SecretType["KV"] = "kv";
+        })(SecretType = LockSecretVersionConstants.SecretType || (LockSecretVersionConstants.SecretType = {}));
+        /** An optional lock mode. At lock creation, you can set one of the following modes to clear any matching locks on a secret version. - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret. - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if it doesn't have any locks. */
+        var Mode;
+        (function (Mode) {
+            Mode["EXCLUSIVE"] = "exclusive";
+            Mode["EXCLUSIVE_DELETE"] = "exclusive_delete";
+        })(Mode = LockSecretVersionConstants.Mode || (LockSecretVersionConstants.Mode = {}));
+    })(LockSecretVersionConstants = SecretsManagerV1.LockSecretVersionConstants || (SecretsManagerV1.LockSecretVersionConstants = {}));
+    /** Constants for the `unlockSecretVersion` operation. */
+    var UnlockSecretVersionConstants;
+    (function (UnlockSecretVersionConstants) {
+        /** The secret type. */
+        var SecretType;
+        (function (SecretType) {
+            SecretType["ARBITRARY"] = "arbitrary";
+            SecretType["IAM_CREDENTIALS"] = "iam_credentials";
+            SecretType["IMPORTED_CERT"] = "imported_cert";
+            SecretType["PUBLIC_CERT"] = "public_cert";
+            SecretType["PRIVATE_CERT"] = "private_cert";
+            SecretType["USERNAME_PASSWORD"] = "username_password";
+            SecretType["KV"] = "kv";
+        })(SecretType = UnlockSecretVersionConstants.SecretType || (UnlockSecretVersionConstants.SecretType = {}));
+    })(UnlockSecretVersionConstants = SecretsManagerV1.UnlockSecretVersionConstants || (SecretsManagerV1.UnlockSecretVersionConstants = {}));
     /** Constants for the `putPolicy` operation. */
     var PutPolicyConstants;
     (function (PutPolicyConstants) {
@@ -1711,6 +2373,30 @@ var SecretsManagerV1 = /** @class */ (function (_super) {
             Type["CERTIFICATE_TEMPLATE"] = "certificate_template";
         })(Type = UpdateConfigElementConstants.Type || (UpdateConfigElementConstants.Type = {}));
     })(UpdateConfigElementConstants = SecretsManagerV1.UpdateConfigElementConstants || (SecretsManagerV1.UpdateConfigElementConstants = {}));
+    /** Constants for the `actionOnConfigElement` operation. */
+    var ActionOnConfigElementConstants;
+    (function (ActionOnConfigElementConstants) {
+        /** The secret type. */
+        var SecretType;
+        (function (SecretType) {
+            SecretType["PRIVATE_CERT"] = "private_cert";
+        })(SecretType = ActionOnConfigElementConstants.SecretType || (ActionOnConfigElementConstants.SecretType = {}));
+        /** The configuration element on which the action is applied. */
+        var ConfigElement;
+        (function (ConfigElement) {
+            ConfigElement["ROOT_CERTIFICATE_AUTHORITIES"] = "root_certificate_authorities";
+            ConfigElement["INTERMEDIATE_CERTIFICATE_AUTHORITIES"] = "intermediate_certificate_authorities";
+        })(ConfigElement = ActionOnConfigElementConstants.ConfigElement || (ActionOnConfigElementConstants.ConfigElement = {}));
+        /** The action to perform on the specified configuration element. */
+        var Action;
+        (function (Action) {
+            Action["SIGN_INTERMEDIATE"] = "sign_intermediate";
+            Action["SIGN_CSR"] = "sign_csr";
+            Action["SET_SIGNED"] = "set_signed";
+            Action["REVOKE"] = "revoke";
+            Action["ROTATE_CRL"] = "rotate_crl";
+        })(Action = ActionOnConfigElementConstants.Action || (ActionOnConfigElementConstants.Action = {}));
+    })(ActionOnConfigElementConstants = SecretsManagerV1.ActionOnConfigElementConstants || (SecretsManagerV1.ActionOnConfigElementConstants = {}));
     /** Constants for the `deleteConfigElement` operation. */
     var DeleteConfigElementConstants;
     (function (DeleteConfigElementConstants) {