@ibm-cloud/secrets-manager 1.0.33 → 1.0.34

package/secrets-manager/v1.d.ts

@@ -21,7 +21,7 @@ import { BaseService, UserOptions } from 'ibm-cloud-sdk-core';
  * services or your custom-built applications. Secrets are stored in a dedicated instance of Secrets Manager, which is
  * built on open source HashiCorp Vault.
  *
- * API Version: 1.0.33
+ * API Version: 1.0.0
  * See: https://cloud.ibm.com/docs/secrets-manager
  */
 declare class SecretsManagerV1 extends BaseService {
@@ -153,12 +153,12 @@ declare class SecretsManagerV1 extends BaseService {
      * resources.
      *
      * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use
-     * `../secrets/{secret-type}?limit=5`.
+     * `../secrets/{secret_type}?limit=5`.
      * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
      * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
      *
      * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
-     * `../secrets/{secret-type}?offset=25&limit=25`.
+     * `..?offset=25&limit=25`.
      * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
      * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecrets>>}
      */
@@ -174,28 +174,28 @@ declare class SecretsManagerV1 extends BaseService {
      * resources.
      *
      * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use
-     * `../secrets/{secret-type}?limit=5`.
+     * `../secrets/{secret_type}?limit=5`.
      * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
      * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
      *
      * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
-     * `../secrets/{secret-type}?offset=25&limit=25`.
+     * `..?offset=25&limit=25`.
      * @param {string} [params.search] - Filter secrets that contain the specified string. The fields that are searched
      * include: id, name, description, labels, secret_type.
      *
      * **Usage:** If you want to list only the secrets that contain the string "text", use
-     * `../secrets/{secret-type}?search=text`.
+     * `../secrets/{secret_type}?search=text`.
      * @param {string} [params.sortBy] - Sort a list of secrets by the specified field.
      *
      * **Usage:** To sort a list of secrets by their creation date, use
-     * `../secrets/{secret-type}?sort_by=creation_date`.
+     * `../secrets/{secret_type}?sort_by=creation_date`.
      * @param {string[]} [params.groups] - Filter secrets by groups.
      *
      * You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets
      * that are in the default secret group, use the `default` keyword.
      *
      * **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group,
-     * use `../secrets?groups={secret_group_ID},default`.
+     * use `..?groups={secret_group_ID},default`.
      * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
      * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecrets>>}
      */
@@ -352,6 +352,214 @@ declare class SecretsManagerV1 extends BaseService {
      * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.SecretMetadataRequest>>}
      */
     updateSecretMetadata(params: SecretsManagerV1.UpdateSecretMetadataParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.SecretMetadataRequest>>;
+    /*************************
+     * locks
+     ************************/
+    /**
+     * List secret locks.
+     *
+     * List the locks that are associated with a specified secret.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {number} [params.limit] - The number of secrets with locks to retrieve. By default, list operations return
+     * the first 25 items. To retrieve a different set of items, use `limit` with `offset` to page through your available
+     * resources.
+     *
+     * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+     * `..?limit=5`.
+     * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
+     * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
+     *
+     * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+     * `..?offset=25&limit=25`.
+     * @param {string} [params.search] - Filter locks that contain the specified string in the field "name".
+     *
+     * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+     * `..?search=text`.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretLocks>>}
+     */
+    getLocks(params: SecretsManagerV1.GetLocksParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretLocks>>;
+    /**
+     * Lock a secret.
+     *
+     * Create a lock on the current version of a secret.
+     *
+     * A lock can be used to prevent a secret from being deleted or modified while it's in use by your applications. A
+     * successful request attaches a new lock to your secret, or replaces a lock of the same name if it already exists.
+     * Additionally, you can use this method to clear any matching locks on a secret by using one of the following
+     * optional lock modes:
+     *
+     * - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret.
+     * - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if
+     * it doesn't have any locks.
+     *
+     * For more information about locking secrets, check out the
+     * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-locks).
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {LockSecretBodyLocksItem[]} [params.locks] - The lock data to be attached to a secret version.
+     * @param {string} [params.mode] - An optional lock mode. At lock creation, you can set one of the following modes to
+     * clear any matching locks on a secret version.
+     *
+     * - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret.
+     * - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if
+     * it doesn't have any locks.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>}
+     */
+    lockSecret(params: SecretsManagerV1.LockSecretParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>;
+    /**
+     * Unlock a secret.
+     *
+     * Delete one or more locks that are associated with the current version of a secret.
+     *
+     * A successful request deletes the locks that you specify. To remove all locks, you can pass `{"locks": ["*"]}` in in
+     * the request body. Otherwise, specify the names of the locks that you want to delete. For example, `{"locks":
+     * ["lock1", "lock2"]}`.
+     *
+     * **Note:** A secret is considered unlocked and able to be revoked or deleted only after all of its locks are
+     * removed. To understand whether a secret contains locks, check the `locks_total` field that is returned as part of
+     * the metadata of your secret.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string[]} [params.locks] - A comma-separated list of locks to delete.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>}
+     */
+    unlockSecret(params: SecretsManagerV1.UnlockSecretParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>;
+    /**
+     * List secret version locks.
+     *
+     * List the locks that are associated with a specified secret version.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
+     * `previous` to retrieve the previous version.
+     *
+     * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
+     * the response details.
+     * @param {number} [params.limit] - The number of secrets with locks to retrieve. By default, list operations return
+     * the first 25 items. To retrieve a different set of items, use `limit` with `offset` to page through your available
+     * resources.
+     *
+     * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+     * `..?limit=5`.
+     * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
+     * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
+     *
+     * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+     * `..?offset=25&limit=25`.
+     * @param {string} [params.search] - Filter locks that contain the specified string in the field "name".
+     *
+     * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+     * `..?search=text`.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretLocks>>}
+     */
+    getSecretVersionLocks(params: SecretsManagerV1.GetSecretVersionLocksParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.ListSecretLocks>>;
+    /**
+     * Lock a secret version.
+     *
+     * Create a lock on the specified version of a secret.
+     *
+     * A lock can be used to prevent a secret from being deleted or modified while it's in use by your applications. A
+     * successful request attaches a new lock to the specified version, or replaces a lock of the same name if it already
+     * exists. Additionally, you can use this method to clear any matching locks on a secret version by using one of the
+     * following optional lock modes:
+     *
+     * - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret.
+     * - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if
+     * it doesn't have any locks.
+     *
+     * For more information about locking secrets, check out the
+     * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-locks).
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
+     * `previous` to retrieve the previous version.
+     *
+     * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
+     * the response details.
+     * @param {LockSecretBodyLocksItem[]} [params.locks] - The lock data to be attached to a secret version.
+     * @param {string} [params.mode] - An optional lock mode. At lock creation, you can set one of the following modes to
+     * clear any matching locks on a secret version.
+     *
+     * - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret.
+     * - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if
+     * it doesn't have any locks.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>}
+     */
+    lockSecretVersion(params: SecretsManagerV1.LockSecretVersionParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>;
+    /**
+     * Unlock a secret version.
+     *
+     * Delete one or more locks that are associated with the specified secret version.
+     *
+     * A successful request deletes the locks that you specify. To remove all locks, you can pass `{"locks": ["*"]}` in in
+     * the request body. Otherwise, specify the names of the locks that you want to delete. For example, `{"locks":
+     * ["lock-1", "lock-2"]}`.
+     *
+     * **Note:** A secret is considered unlocked and able to be revoked or deleted only after all of its locks are
+     * removed. To understand whether a secret contains locks, check the `locks_total` field that is returned as part of
+     * the metadata of your secret.
+     *
+     * @param {Object} params - The parameters to send to the service.
+     * @param {string} params.secretType - The secret type.
+     * @param {string} params.id - The v4 UUID that uniquely identifies the secret.
+     * @param {string} params.versionId - The v4 UUID that uniquely identifies the secret version. You can also use
+     * `previous` to retrieve the previous version.
+     *
+     * **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and check
+     * the response details.
+     * @param {string[]} [params.locks] - A comma-separated list of locks to delete.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>}
+     */
+    unlockSecretVersion(params: SecretsManagerV1.UnlockSecretVersionParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetSecretLocks>>;
+    /**
+     * List all secrets and locks.
+     *
+     * List the lock details that are associated with all secrets in your Secrets Manager instance.
+     *
+     * @param {Object} [params] - The parameters to send to the service.
+     * @param {number} [params.limit] - The number of secrets with locks to retrieve. By default, list operations return
+     * the first 25 items. To retrieve a different set of items, use `limit` with `offset` to page through your available
+     * resources.
+     *
+     * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+     * `..?limit=5`.
+     * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of
+     * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources.
+     *
+     * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+     * `..?offset=25&limit=25`.
+     * @param {string} [params.search] - Filter locks that contain the specified string in the field "name".
+     *
+     * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+     * `..?search=text`.
+     * @param {string[]} [params.groups] - Filter secrets by groups.
+     *
+     * You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets
+     * that are in the default secret group, use the `default` keyword.
+     *
+     * **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group,
+     * use `..?groups={secret_group_ID},default`.
+     * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
+     * @returns {Promise<SecretsManagerV1.Response<SecretsManagerV1.GetInstanceLocks>>}
+     */
+    listInstanceSecretsLocks(params?: SecretsManagerV1.ListInstanceSecretsLocksParams): Promise<SecretsManagerV1.Response<SecretsManagerV1.GetInstanceLocks>>;
     /*************************
      * policies
      ************************/
@@ -667,14 +875,14 @@ declare namespace SecretsManagerV1 {
          *  different set of items, use `limit` with `offset` to page through your available resources.
          *
          *  **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use
-         *  `../secrets/{secret-type}?limit=5`.
+         *  `../secrets/{secret_type}?limit=5`.
          */
         limit?: number;
         /** The number of secrets to skip. By specifying `offset`, you retrieve a subset of items that starts with the
          *  `offset` value. Use `offset` with `limit` to page through your available resources.
          *
          *  **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
-         *  `../secrets/{secret-type}?offset=25&limit=25`.
+         *  `..?offset=25&limit=25`.
          */
         offset?: number;
         headers?: OutgoingHttpHeaders;
@@ -698,27 +906,27 @@ declare namespace SecretsManagerV1 {
          *  different set of items, use `limit` with `offset` to page through your available resources.
          *
          *  **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 secrets, use
-         *  `../secrets/{secret-type}?limit=5`.
+         *  `../secrets/{secret_type}?limit=5`.
          */
         limit?: number;
         /** The number of secrets to skip. By specifying `offset`, you retrieve a subset of items that starts with the
          *  `offset` value. Use `offset` with `limit` to page through your available resources.
          *
          *  **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
-         *  `../secrets/{secret-type}?offset=25&limit=25`.
+         *  `..?offset=25&limit=25`.
          */
         offset?: number;
         /** Filter secrets that contain the specified string. The fields that are searched include: id, name,
          *  description, labels, secret_type.
          *
          *  **Usage:** If you want to list only the secrets that contain the string "text", use
-         *  `../secrets/{secret-type}?search=text`.
+         *  `../secrets/{secret_type}?search=text`.
          */
         search?: string;
         /** Sort a list of secrets by the specified field.
          *
          *  **Usage:** To sort a list of secrets by their creation date, use
-         *  `../secrets/{secret-type}?sort_by=creation_date`.
+         *  `../secrets/{secret_type}?sort_by=creation_date`.
          */
         sortBy?: ListAllSecretsConstants.SortBy | string;
         /** Filter secrets by groups.
@@ -727,14 +935,14 @@ declare namespace SecretsManagerV1 {
          *  secrets that are in the default secret group, use the `default` keyword.
          *
          *  **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group,
-         *  use `../secrets?groups={secret_group_ID},default`.
+         *  use `..?groups={secret_group_ID},default`.
          */
         groups?: string[];
         headers?: OutgoingHttpHeaders;
     }
     /** Constants for the `listAllSecrets` operation. */
     namespace ListAllSecretsConstants {
-        /** Sort a list of secrets by the specified field. **Usage:** To sort a list of secrets by their creation date, use `../secrets/{secret-type}?sort_by=creation_date`. */
+        /** Sort a list of secrets by the specified field. **Usage:** To sort a list of secrets by their creation date, use `../secrets/{secret_type}?sort_by=creation_date`. */
         enum SortBy {
             ID = "id",
             CREATION_DATE = "creation_date",
@@ -968,6 +1176,262 @@ declare namespace SecretsManagerV1 {
             KV = "kv"
         }
     }
+    /** Parameters for the `getLocks` operation. */
+    interface GetLocksParams {
+        /** The secret type. */
+        secretType: GetLocksConstants.SecretType | string;
+        /** The v4 UUID that uniquely identifies the secret. */
+        id: string;
+        /** The number of secrets with locks to retrieve. By default, list operations return the first 25 items. To
+         *  retrieve a different set of items, use `limit` with `offset` to page through your available resources.
+         *
+         *  **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+         *  `..?limit=5`.
+         */
+        limit?: number;
+        /** The number of secrets to skip. By specifying `offset`, you retrieve a subset of items that starts with the
+         *  `offset` value. Use `offset` with `limit` to page through your available resources.
+         *
+         *  **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+         *  `..?offset=25&limit=25`.
+         */
+        offset?: number;
+        /** Filter locks that contain the specified string in the field "name".
+         *
+         *  **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+         *  `..?search=text`.
+         */
+        search?: string;
+        headers?: OutgoingHttpHeaders;
+    }
+    /** Constants for the `getLocks` operation. */
+    namespace GetLocksConstants {
+        /** The secret type. */
+        enum SecretType {
+            ARBITRARY = "arbitrary",
+            IAM_CREDENTIALS = "iam_credentials",
+            IMPORTED_CERT = "imported_cert",
+            PUBLIC_CERT = "public_cert",
+            PRIVATE_CERT = "private_cert",
+            USERNAME_PASSWORD = "username_password",
+            KV = "kv"
+        }
+    }
+    /** Parameters for the `lockSecret` operation. */
+    interface LockSecretParams {
+        /** The secret type. */
+        secretType: LockSecretConstants.SecretType | string;
+        /** The v4 UUID that uniquely identifies the secret. */
+        id: string;
+        /** The lock data to be attached to a secret version. */
+        locks?: LockSecretBodyLocksItem[];
+        /** An optional lock mode. At lock creation, you can set one of the following modes to clear any matching locks
+         *  on a secret version.
+         *
+         *  - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the
+         *  secret.
+         *  - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version
+         *  if it doesn't have any locks.
+         */
+        mode?: LockSecretConstants.Mode | string;
+        headers?: OutgoingHttpHeaders;
+    }
+    /** Constants for the `lockSecret` operation. */
+    namespace LockSecretConstants {
+        /** The secret type. */
+        enum SecretType {
+            ARBITRARY = "arbitrary",
+            IAM_CREDENTIALS = "iam_credentials",
+            IMPORTED_CERT = "imported_cert",
+            PUBLIC_CERT = "public_cert",
+            PRIVATE_CERT = "private_cert",
+            USERNAME_PASSWORD = "username_password",
+            KV = "kv"
+        }
+        /** An optional lock mode. At lock creation, you can set one of the following modes to clear any matching locks on a secret version. - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret. - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if it doesn't have any locks. */
+        enum Mode {
+            EXCLUSIVE = "exclusive",
+            EXCLUSIVE_DELETE = "exclusive_delete"
+        }
+    }
+    /** Parameters for the `unlockSecret` operation. */
+    interface UnlockSecretParams {
+        /** The secret type. */
+        secretType: UnlockSecretConstants.SecretType | string;
+        /** The v4 UUID that uniquely identifies the secret. */
+        id: string;
+        /** A comma-separated list of locks to delete. */
+        locks?: string[];
+        headers?: OutgoingHttpHeaders;
+    }
+    /** Constants for the `unlockSecret` operation. */
+    namespace UnlockSecretConstants {
+        /** The secret type. */
+        enum SecretType {
+            ARBITRARY = "arbitrary",
+            IAM_CREDENTIALS = "iam_credentials",
+            IMPORTED_CERT = "imported_cert",
+            PUBLIC_CERT = "public_cert",
+            PRIVATE_CERT = "private_cert",
+            USERNAME_PASSWORD = "username_password",
+            KV = "kv"
+        }
+    }
+    /** Parameters for the `getSecretVersionLocks` operation. */
+    interface GetSecretVersionLocksParams {
+        /** The secret type. */
+        secretType: GetSecretVersionLocksConstants.SecretType | string;
+        /** The v4 UUID that uniquely identifies the secret. */
+        id: string;
+        /** The v4 UUID that uniquely identifies the secret version. You can also use `previous` to retrieve the
+         *  previous version.
+         *
+         *  **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and
+         *  check the response details.
+         */
+        versionId: string;
+        /** The number of secrets with locks to retrieve. By default, list operations return the first 25 items. To
+         *  retrieve a different set of items, use `limit` with `offset` to page through your available resources.
+         *
+         *  **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+         *  `..?limit=5`.
+         */
+        limit?: number;
+        /** The number of secrets to skip. By specifying `offset`, you retrieve a subset of items that starts with the
+         *  `offset` value. Use `offset` with `limit` to page through your available resources.
+         *
+         *  **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+         *  `..?offset=25&limit=25`.
+         */
+        offset?: number;
+        /** Filter locks that contain the specified string in the field "name".
+         *
+         *  **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+         *  `..?search=text`.
+         */
+        search?: string;
+        headers?: OutgoingHttpHeaders;
+    }
+    /** Constants for the `getSecretVersionLocks` operation. */
+    namespace GetSecretVersionLocksConstants {
+        /** The secret type. */
+        enum SecretType {
+            ARBITRARY = "arbitrary",
+            IAM_CREDENTIALS = "iam_credentials",
+            IMPORTED_CERT = "imported_cert",
+            PUBLIC_CERT = "public_cert",
+            PRIVATE_CERT = "private_cert",
+            USERNAME_PASSWORD = "username_password",
+            KV = "kv"
+        }
+    }
+    /** Parameters for the `lockSecretVersion` operation. */
+    interface LockSecretVersionParams {
+        /** The secret type. */
+        secretType: LockSecretVersionConstants.SecretType | string;
+        /** The v4 UUID that uniquely identifies the secret. */
+        id: string;
+        /** The v4 UUID that uniquely identifies the secret version. You can also use `previous` to retrieve the
+         *  previous version.
+         *
+         *  **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and
+         *  check the response details.
+         */
+        versionId: string;
+        /** The lock data to be attached to a secret version. */
+        locks?: LockSecretBodyLocksItem[];
+        /** An optional lock mode. At lock creation, you can set one of the following modes to clear any matching locks
+         *  on a secret version.
+         *
+         *  - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the
+         *  secret.
+         *  - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version
+         *  if it doesn't have any locks.
+         */
+        mode?: LockSecretVersionConstants.Mode | string;
+        headers?: OutgoingHttpHeaders;
+    }
+    /** Constants for the `lockSecretVersion` operation. */
+    namespace LockSecretVersionConstants {
+        /** The secret type. */
+        enum SecretType {
+            ARBITRARY = "arbitrary",
+            IAM_CREDENTIALS = "iam_credentials",
+            IMPORTED_CERT = "imported_cert",
+            PUBLIC_CERT = "public_cert",
+            PRIVATE_CERT = "private_cert",
+            USERNAME_PASSWORD = "username_password",
+            KV = "kv"
+        }
+        /** An optional lock mode. At lock creation, you can set one of the following modes to clear any matching locks on a secret version. - `exclusive`: Removes any other locks with matching names if they are found in the previous version of the secret. - `exclusive_delete`: Same as `exclusive`, but also permanently deletes the data of the previous secret version if it doesn't have any locks. */
+        enum Mode {
+            EXCLUSIVE = "exclusive",
+            EXCLUSIVE_DELETE = "exclusive_delete"
+        }
+    }
+    /** Parameters for the `unlockSecretVersion` operation. */
+    interface UnlockSecretVersionParams {
+        /** The secret type. */
+        secretType: UnlockSecretVersionConstants.SecretType | string;
+        /** The v4 UUID that uniquely identifies the secret. */
+        id: string;
+        /** The v4 UUID that uniquely identifies the secret version. You can also use `previous` to retrieve the
+         *  previous version.
+         *
+         *  **Note:** To find the version ID of a secret, use the [Get secret metadata](#get-secret-metadata) method and
+         *  check the response details.
+         */
+        versionId: string;
+        /** A comma-separated list of locks to delete. */
+        locks?: string[];
+        headers?: OutgoingHttpHeaders;
+    }
+    /** Constants for the `unlockSecretVersion` operation. */
+    namespace UnlockSecretVersionConstants {
+        /** The secret type. */
+        enum SecretType {
+            ARBITRARY = "arbitrary",
+            IAM_CREDENTIALS = "iam_credentials",
+            IMPORTED_CERT = "imported_cert",
+            PUBLIC_CERT = "public_cert",
+            PRIVATE_CERT = "private_cert",
+            USERNAME_PASSWORD = "username_password",
+            KV = "kv"
+        }
+    }
+    /** Parameters for the `listInstanceSecretsLocks` operation. */
+    interface ListInstanceSecretsLocksParams {
+        /** The number of secrets with locks to retrieve. By default, list operations return the first 25 items. To
+         *  retrieve a different set of items, use `limit` with `offset` to page through your available resources.
+         *
+         *  **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5 with locks, use
+         *  `..?limit=5`.
+         */
+        limit?: number;
+        /** The number of secrets to skip. By specifying `offset`, you retrieve a subset of items that starts with the
+         *  `offset` value. Use `offset` with `limit` to page through your available resources.
+         *
+         *  **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use
+         *  `..?offset=25&limit=25`.
+         */
+        offset?: number;
+        /** Filter locks that contain the specified string in the field "name".
+         *
+         *  **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use
+         *  `..?search=text`.
+         */
+        search?: string;
+        /** Filter secrets by groups.
+         *
+         *  You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter
+         *  secrets that are in the default secret group, use the `default` keyword.
+         *
+         *  **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group,
+         *  use `..?groups={secret_group_ID},default`.
+         */
+        groups?: string[];
+        headers?: OutgoingHttpHeaders;
+    }
     /** Parameters for the `putPolicy` operation. */
     interface PutPolicyParams {
         /** The secret type. */
@@ -1368,6 +1832,13 @@ declare namespace SecretsManagerV1 {
     /** GetConfigResourcesItem. */
     interface GetConfigResourcesItem {
     }
+    /** Properties that describe the locks that are associated with an instance. */
+    interface GetInstanceLocks {
+        /** The metadata that describes the resource array. */
+        metadata: CollectionMetadata;
+        /** A collection of resources. */
+        resources: InstanceSecretsLocks[];
+    }
     /** Properties that describe an existing registration with Event Notifications. */
     interface GetNotificationsSettings {
         /** The metadata that describes the resource array. */
@@ -1382,6 +1853,13 @@ declare namespace SecretsManagerV1 {
         /** A collection of resources. */
         resources: SecretResource[];
     }
+    /** Properties that describe the lock of a secret or a secret version. */
+    interface GetSecretLocks {
+        /** The metadata that describes the resource array. */
+        metadata: CollectionMetadata;
+        /** A collection of resources. */
+        resources: SecretsLocks[];
+    }
     /** GetSecretPolicies. */
     interface GetSecretPolicies {
     }
@@ -1406,6 +1884,22 @@ declare namespace SecretsManagerV1 {
         /** A collection of resources. */
         resources: ConfigElementDef[];
     }
+    /** Properties that describe the locks that are associated with an instance. */
+    interface InstanceSecretsLocks {
+        /** The unique ID of the secret. */
+        secret_id?: string;
+        /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
+         *
+         *  If you omit this parameter, your secret is assigned to the `default` secret group.
+         */
+        secret_group_id?: string;
+        /** The secret type. */
+        secret_type?: string;
+        /** A collection of locks that are attached to a secret version. */
+        versions?: SecretLockVersion[];
+        /** InstanceSecretsLocks accepts additional properties. */
+        [propName: string]: any;
+    }
     /** Intermediate certificate authorities configuration. */
     interface IntermediateCertificateAuthoritiesConfigItem {
         /** The human-readable name to assign to your configuration. */
@@ -1444,6 +1938,13 @@ declare namespace SecretsManagerV1 {
         /** The name that was assigned to the DNS provider configuration. */
         dns?: string;
     }
+    /** Properties that describe the locks of a secret or a secret version. */
+    interface ListSecretLocks {
+        /** The metadata that describes the resource array. */
+        metadata: CollectionMetadata;
+        /** A collection of resources. */
+        resources: SecretLockData[];
+    }
     /** Properties that describe a list of versions of a secret. */
     interface ListSecretVersions {
         /** The metadata that describes the resource array. */
@@ -1458,6 +1959,23 @@ declare namespace SecretsManagerV1 {
         /** A collection of resources. */
         resources?: SecretResource[];
     }
+    /** LockSecretBodyLocksItem. */
+    interface LockSecretBodyLocksItem {
+        /** A human-readable name to assign to the lock. The lock name must be unique per secret version.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret
+         *  lock.
+         */
+        name: string;
+        /** An extended description of the lock.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a description for your
+         *  secret lock.
+         */
+        description: string;
+        /** Optional information to associate with a lock, such as resources CRNs to be used by automation. */
+        attributes: JsonObject;
+    }
     /** The Event Notifications details. */
     interface NotificationsSettings {
         /** The Cloud Resource Name (CRN) of the connected Event Notifications instance. */
@@ -1555,6 +2073,56 @@ declare namespace SecretsManagerV1 {
         /** SecretGroupResource accepts additional properties. */
         [propName: string]: any;
     }
+    /** Properties that describe a lock. */
+    interface SecretLockData {
+        /** A human-readable name to assign to the secret lock.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a name for the secret lock.
+         */
+        name?: string;
+        /** An extended description of the secret lock.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a description for the
+         *  secret lock.
+         */
+        description?: string;
+        /** The date the secret lock was created. The date format follows RFC 3339. */
+        creation_date?: string;
+        /** The unique identifier for the entity that created the secret lock. */
+        created_by?: string;
+        /** The information that is associated with a lock, such as resources CRNs to be used by automation. */
+        attributes?: JsonObject;
+        /** The v4 UUID that uniquely identifies the secret version. */
+        secret_version_id?: string;
+        /** The v4 UUID that uniquely identifies the secret. */
+        secret_id?: string;
+        /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
+         *
+         *  If you omit this parameter, your secret is assigned to the `default` secret group.
+         */
+        secret_group_id?: string;
+        /** Updates when the actual secret is modified. The date format follows RFC 3339. */
+        last_update_date?: string;
+        /** A representation for the 2 last secret versions. Could be "current" for version (n) or "previous" for
+         *  version (n-1).
+         */
+        secret_version_alias?: string;
+    }
+    /** Properties that describe the secret locks. */
+    interface SecretLockVersion {
+        /** The v4 UUID that uniquely identifies the lock. */
+        id?: string;
+        /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
+         *  is used for version `n-1`.
+         */
+        alias?: string;
+        /** The names of all locks that are associated with this secret. */
+        locks?: string[];
+        /** Indicates whether the payload for the secret version is stored and available. */
+        payload_available?: boolean;
+        /** SecretLockVersion accepts additional properties. */
+        [propName: string]: any;
+    }
     /** SecretMetadata. */
     interface SecretMetadata {
     }
@@ -1586,6 +2154,20 @@ declare namespace SecretsManagerV1 {
     /** SecretVersionMetadata. */
     interface SecretVersionMetadata {
     }
+    /** Properties that describe the secret locks. */
+    interface SecretsLocks {
+        /** The unique ID of the secret. */
+        secret_id?: string;
+        /** The v4 UUID that uniquely identifies the secret group to assign to this secret.
+         *
+         *  If you omit this parameter, your secret is assigned to the `default` secret group.
+         */
+        secret_group_id?: string;
+        /** A collection of locks that are attached to a secret version. */
+        versions?: SecretLockVersion[];
+        /** SecretsLocks accepts additional properties. */
+        [propName: string]: any;
+    }
     /** Properties that are returned with a successful `sign` action. */
     interface SignActionResultData {
         /** The PEM-encoded certificate. */
@@ -1664,8 +2246,10 @@ declare namespace SecretsManagerV1 {
         created_by?: string;
         /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
         last_update_date?: string;
-        /** The number of versions the secret has. */
+        /** The number of versions that are associated with a secret. */
         versions_total?: number;
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The date the secret material expires. The date format follows RFC 3339.
          *
          *  You can set an expiration date on supported secret types at their creation. If you create a secret without
@@ -1727,6 +2311,8 @@ declare namespace SecretsManagerV1 {
          *  see [Get secret version metadata](#get-secret-version-metadata).
          */
         versions?: JsonObject[];
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The date the secret material expires. The date format follows RFC 3339.
          *
          *  You can set an expiration date on supported secret types at their creation. If you create a secret without
@@ -1755,6 +2341,8 @@ declare namespace SecretsManagerV1 {
         creation_date?: string;
         /** The unique identifier for the entity that created the secret version. */
         created_by?: string;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
         /** The data that is associated with the secret version.
          *
          *  The data object contains the field `payload`.
@@ -1792,6 +2380,8 @@ declare namespace SecretsManagerV1 {
          *  service API.
          */
         downloaded?: boolean;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
     }
     /** Metadata properties that describe a certificate secret. */
     interface CertificateSecretMetadata extends SecretMetadata {
@@ -1838,8 +2428,10 @@ declare namespace SecretsManagerV1 {
         created_by?: string;
         /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
         last_update_date?: string;
-        /** The number of versions the secret has. */
+        /** The number of versions that are associated with a secret. */
         versions_total?: number;
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
         serial_number?: string;
         /** The identifier for the cryptographic algorithm that was used by the issuing certificate authority to sign
@@ -1914,6 +2506,8 @@ declare namespace SecretsManagerV1 {
          *  see [Get secret version metadata](#get-secret-version-metadata).
          */
         versions?: JsonObject[];
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The contents of your certificate. The data must be formatted on a single line with embedded newline
          *  characters.
          */
@@ -1972,6 +2566,8 @@ declare namespace SecretsManagerV1 {
         creation_date?: string;
         /** The unique identifier for the entity that created the secret version. */
         created_by?: string;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
         validity?: CertificateValidity;
         /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
         serial_number?: string;
@@ -2021,6 +2617,8 @@ declare namespace SecretsManagerV1 {
          *  service API.
          */
         downloaded?: boolean;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
         /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
         serial_number?: string;
         /** The date that the certificate expires. The date format follows RFC 3339. */
@@ -2338,8 +2936,10 @@ declare namespace SecretsManagerV1 {
         created_by?: string;
         /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
         last_update_date?: string;
-        /** The number of versions the secret has. */
+        /** The number of versions that are associated with a secret. */
         versions_total?: number;
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The time-to-live (TTL) or lease duration that is assigned to the secret. For `iam_credentials` secrets, the
          *  TTL defines for how long each generated API key remains valid.
          */
@@ -2417,6 +3017,8 @@ declare namespace SecretsManagerV1 {
          *  see [Get secret version metadata](#get-secret-version-metadata).
          */
         versions?: JsonObject[];
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The time-to-live (TTL) or lease duration to assign to generated credentials.
          *
          *  For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
@@ -2478,6 +3080,8 @@ declare namespace SecretsManagerV1 {
         creation_date?: string;
         /** The unique identifier for the entity that created the secret version. */
         created_by?: string;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
         /** The data that is associated with the secret version. The data object contains the following fields:
          *
          *  - `api_key`: The API key that is generated for this secret.
@@ -2517,6 +3121,8 @@ declare namespace SecretsManagerV1 {
          *  service API.
          */
         downloaded?: boolean;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
     }
     /** Intermediate certificate authorities configuration. */
     interface IntermediateCertificateAuthoritiesConfig extends GetConfigElementsResourcesItem {
@@ -2682,8 +3288,10 @@ declare namespace SecretsManagerV1 {
         created_by?: string;
         /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
         last_update_date?: string;
-        /** The number of versions the secret has. */
+        /** The number of versions that are associated with a secret. */
         versions_total?: number;
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
     }
     /** Properties that describe a secret. */
     interface KvSecretResource extends SecretResource {
@@ -2735,6 +3343,8 @@ declare namespace SecretsManagerV1 {
          *  see [Get secret version metadata](#get-secret-version-metadata).
          */
         versions?: JsonObject[];
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The date the secret material expires. The date format follows RFC 3339.
          *
          *  You can set an expiration date on supported secret types at their creation. If you create a secret without
@@ -2815,8 +3425,10 @@ declare namespace SecretsManagerV1 {
         created_by?: string;
         /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
         last_update_date?: string;
-        /** The number of versions the secret has. */
+        /** The number of versions that are associated with a secret. */
         versions_total?: number;
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The name of the certificate template. */
         certificate_template?: string;
         /** The intermediate certificate authority that signed this certificate. */
@@ -2894,6 +3506,8 @@ declare namespace SecretsManagerV1 {
          *  see [Get secret version metadata](#get-secret-version-metadata).
          */
         versions?: JsonObject[];
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The name of the certificate template. */
         certificate_template: string;
         /** The intermediate certificate authority that signed this certificate. */
@@ -2972,6 +3586,8 @@ declare namespace SecretsManagerV1 {
         creation_date?: string;
         /** The unique identifier for the entity that created the secret version. */
         created_by?: string;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
         validity?: CertificateValidity;
         /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
         serial_number?: string;
@@ -3045,6 +3661,8 @@ declare namespace SecretsManagerV1 {
          *  service API.
          */
         downloaded?: boolean;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
         /** The unique serial number that was assigned to the certificate by the issuing certificate authority. */
         serial_number?: string;
         /** The date that the certificate expires. The date format follows RFC 3339. */
@@ -3115,8 +3733,10 @@ declare namespace SecretsManagerV1 {
         created_by?: string;
         /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
         last_update_date?: string;
-        /** The number of versions the secret has. */
+        /** The number of versions that are associated with a secret. */
         versions_total?: number;
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The distinguished name that identifies the entity that signed and issued the certificate. */
         issuer?: string;
         /** Determines whether your issued certificate is bundled with intermediate certificates.
@@ -3197,6 +3817,8 @@ declare namespace SecretsManagerV1 {
          *  see [Get secret version metadata](#get-secret-version-metadata).
          */
         versions?: JsonObject[];
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The distinguished name that identifies the entity that signed and issued the certificate. */
         issuer?: string;
         /** Determines whether your issued certificate is bundled with intermediate certificates.
@@ -3797,8 +4419,10 @@ declare namespace SecretsManagerV1 {
         created_by?: string;
         /** Updates when any part of the secret metadata is modified. The date format follows RFC 3339. */
         last_update_date?: string;
-        /** The number of versions the secret has. */
+        /** The number of versions that are associated with a secret. */
         versions_total?: number;
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The date the secret material expires. The date format follows RFC 3339.
          *
          *  You can set an expiration date on supported secret types at their creation. If you create a secret without
@@ -3860,6 +4484,8 @@ declare namespace SecretsManagerV1 {
          *  see [Get secret version metadata](#get-secret-version-metadata).
          */
         versions?: JsonObject[];
+        /** The number of locks that are associated with a secret. */
+        locks_total?: number;
         /** The username to assign to this secret. */
         username?: string;
         /** The password to assign to this secret. */
@@ -3897,6 +4523,8 @@ declare namespace SecretsManagerV1 {
         creation_date?: string;
         /** The unique identifier for the entity that created the secret version. */
         created_by?: string;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
         /** Indicates whether the version of the secret was created by automatic rotation. */
         auto_rotated?: boolean;
         /** The data that is associated with the secret version. The data object contains the following fields:
@@ -3939,6 +4567,8 @@ declare namespace SecretsManagerV1 {
          *  service API.
          */
         downloaded?: boolean;
+        /** The number of locks that are associated with a secret version. */
+        locks_total?: number;
         /** Indicates whether the version of the secret was created by automatic rotation. */
         auto_rotated?: boolean;
     }