@ibm-cloud/secrets-manager 2.0.1 → 2.0.2

package/secrets-manager/v2.d.ts

@@ -276,8 +276,8 @@ declare class SecretsManagerV2 extends BaseService {
      * metadata](#get-secret-metadata) operation.
      *
      * @param {Object} params - The parameters to send to the service.
-     * @param {string} params.secretType - The secret type. Supported types are arbitrary, certificates (imported, public,
-     * and private), IAM credentials, key-value, and user credentials.
+     * @param {string} params.secretType - The secret type. Supported types are arbitrary, imported_cert, public_cert,
+     * private_cert, iam_credentials, service_credentials, kv, and username_password.
      * @param {string} params.name - A human-readable name to assign to your secret. To protect your privacy, do not use
      * personal data, such as your name or location, as a name for your secret.
      * @param {string} params.secretGroupName - The name of your secret group.
@@ -929,8 +929,8 @@ declare namespace SecretsManagerV2 {
     }
     /** Parameters for the `getSecretByNameType` operation. */
     interface GetSecretByNameTypeParams {
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
         secretType: GetSecretByNameTypeConstants.SecretType | string;
         /** A human-readable name to assign to your secret. To protect your privacy, do not use personal data, such as
@@ -943,15 +943,16 @@ declare namespace SecretsManagerV2 {
     }
     /** Constants for the `getSecretByNameType` operation. */
     namespace GetSecretByNameTypeConstants {
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials. */
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
         enum SecretType {
             ARBITRARY = "arbitrary",
-            IMPORTED_CERT = "imported_cert",
-            PUBLIC_CERT = "public_cert",
             IAM_CREDENTIALS = "iam_credentials",
+            IMPORTED_CERT = "imported_cert",
             KV = "kv",
-            USERNAME_PASSWORD = "username_password",
-            PRIVATE_CERT = "private_cert"
+            PRIVATE_CERT = "private_cert",
+            PUBLIC_CERT = "public_cert",
+            SERVICE_CREDENTIALS = "service_credentials",
+            USERNAME_PASSWORD = "username_password"
         }
     }
     /** Parameters for the `createSecretVersion` operation. */
@@ -1378,7 +1379,19 @@ declare namespace SecretsManagerV2 {
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: CertificateIssuanceInfo.Constants.StateDescription | string;
+    }
+    namespace CertificateIssuanceInfo {
+        namespace Constants {
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
     }
     /** The date and time that the certificate validity period begins and ends. */
     interface CertificateValidity {
@@ -1437,6 +1450,13 @@ declare namespace SecretsManagerV2 {
     /** The details of your configuration. */
     interface ConfigurationPrototype {
     }
+    /** The Cloud Object Storage HMAC keys that are returned after you create a service credentials secret. */
+    interface CosHmacKeys {
+        /** The access key ID for Cloud Object Storage HMAC credentials. */
+        access_key_id?: string;
+        /** The secret access key ID for Cloud Object Storage HMAC credentials. */
+        secret_access_key?: string;
+    }
     /** The details of the Event Notifications registration. */
     interface NotificationsRegistration {
         /** A CRN that uniquely identifies an IBM Cloud resource. */
@@ -1544,7 +1564,16 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        secret_version_alias: string;
+        secret_version_alias: SecretLock.Constants.SecretVersionAlias | string;
+    }
+    namespace SecretLock {
+        namespace Constants {
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum SecretVersionAlias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
     }
     /** SecretLockPrototype. */
     interface SecretLockPrototype {
@@ -1569,15 +1598,30 @@ declare namespace SecretsManagerV2 {
         secret_id: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type?: string;
+        secret_type?: SecretLocks.Constants.SecretType | string;
         /** The human-readable name of your secret. */
         secret_name?: string;
         /** A collection of locks that are attached to a secret. */
         versions: SecretVersionLocks[];
     }
+    namespace SecretLocks {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Properties that describe a paginated collection of your secret locks. */
     interface SecretLocksPaginatedCollection {
         /** The total number of resources in a collection. */
@@ -1638,12 +1682,21 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        version_alias: string;
+        version_alias: SecretVersionLocks.Constants.VersionAlias | string;
         /** The names of all locks that are associated with this secret version. */
         locks: string[];
         /** Indicates whether the secret payload is available in this secret version. */
         payload_available?: boolean;
     }
+    namespace SecretVersionLocks {
+        namespace Constants {
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum VersionAlias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** Properties that describe a paginated collection of your secret version locks. */
     interface SecretVersionLocksPaginatedCollection {
         /** The total number of resources in a collection. */
@@ -1695,6 +1748,104 @@ declare namespace SecretsManagerV2 {
         /** A collection of secrets and their locks. */
         secrets_locks: SecretLocks[];
     }
+    /** The source service resource key data of the generated service credentials. */
+    interface ServiceCredentialsResourceKey {
+        /** The resource key CRN of the generated service credentials. */
+        crn?: string;
+        /** The resource key name of the generated service credentials. */
+        name?: string;
+    }
+    /** The properties of the service credentials secret payload. */
+    interface ServiceCredentialsSecretCredentials {
+        /** The API key that is generated for this secret.
+         *
+         *  After the secret reaches the end of its lease, the API key is deleted automatically. See the `time-to-live`
+         *  field to understand the duration of the lease.
+         */
+        apikey?: string;
+        /** The Cloud Object Storage HMAC keys that are returned after you create a service credentials secret. */
+        cos_hmac_keys?: CosHmacKeys;
+        /** The endpoints that are returned after you create a service credentials secret. */
+        endpoints?: string;
+        /** The IAM API key description for the generated service credentials. */
+        iam_apikey_description?: string;
+        /** The IAM API key id for the generated service credentials. */
+        iam_apikey_id?: string;
+        /** The IAM API key name for the generated service credentials. */
+        iam_apikey_name?: string;
+        /** The IAM role CRN assigned to the generated service credentials. */
+        iam_role_crn?: string;
+        /** The IAM Service ID CRN. */
+        iam_serviceid_crn?: string;
+        /** The resource instance CRN that is returned after you create a service credentials secret. */
+        resource_instance_id?: string;
+    }
+    /** The properties that are required to create the service credentials for the specified source service instance. */
+    interface ServiceCredentialsSecretSourceService {
+        /** The source service instance identifier. */
+        instance: ServiceCredentialsSourceServiceInstance;
+        /** Configuration options represented as key-value pairs. Service-defined options are used in the generation of
+         *  credentials for some services. For example, Cloud Object Storage accepts the optional boolean parameter HMAC for
+         *  creating specific kind of credentials.
+         */
+        parameters?: ServiceCredentialsSourceServiceParameters;
+        /** The service-specific custom role. CRN is accepted. The role is assigned as part of an access policy to any
+         *  auto-generated IAM service ID.  If you provide an existing service ID, it is added to the access policy for that
+         *  ID.  If a role is not provided, any new service IDs that are autogenerated, will not have an assigned access
+         *  policy and provided service IDs are not changed in any way.  Refer to the service documentation for supported
+         *  roles.
+         */
+        role?: ServiceCredentialsSourceServiceRole;
+        /** The source service IAM data is returned in case IAM credentials where created for this secret. */
+        iam?: ServiceCredentialsSourceServiceIam;
+        /** The source service resource key data of the generated service credentials. */
+        resource_key?: ServiceCredentialsResourceKey;
+    }
+    /** The source service IAM data is returned in case IAM credentials where created for this secret. */
+    interface ServiceCredentialsSourceServiceIam {
+        /** The IAM apikey metadata for the IAM credentials that were generated. */
+        apikey?: ServiceCredentialsSourceServiceIamApikey;
+        /** The IAM role for the generate service credentials. */
+        role?: ServiceCredentialsSourceServiceIamRole;
+        /** The IAM serviceid for the generated service credentials. */
+        serviceid?: ServiceCredentialsSourceServiceIamServiceid;
+    }
+    /** The IAM apikey metadata for the IAM credentials that were generated. */
+    interface ServiceCredentialsSourceServiceIamApikey {
+        /** The IAM API key description for the generated service credentials. */
+        description?: string;
+        /** The IAM API key id for the generated service credentials. */
+        id?: string;
+        /** The IAM API key name for the generated service credentials. */
+        name?: string;
+    }
+    /** The IAM role for the generate service credentials. */
+    interface ServiceCredentialsSourceServiceIamRole {
+        /** The IAM role CRN assigned to the generated service credentials. */
+        crn?: string;
+    }
+    /** The IAM serviceid for the generated service credentials. */
+    interface ServiceCredentialsSourceServiceIamServiceid {
+        /** The IAM Service ID CRN. */
+        crn?: string;
+    }
+    /** The source service instance identifier. */
+    interface ServiceCredentialsSourceServiceInstance {
+        /** A CRN that uniquely identifies a service credentials source. */
+        crn?: string;
+    }
+    /** Configuration options represented as key-value pairs. Service-defined options are used in the generation of credentials for some services. For example, Cloud Object Storage accepts the optional boolean parameter HMAC for creating specific kind of credentials. */
+    interface ServiceCredentialsSourceServiceParameters {
+        /** An optional platform defined option to reuse an existing IAM Service ID for the role assignment. */
+        serviceid_crn?: string;
+        /** ServiceCredentialsSourceServiceParameters accepts additional properties. */
+        [propName: string]: any;
+    }
+    /** The service-specific custom role. CRN is accepted. The role is assigned as part of an access policy to any auto-generated IAM service ID.  If you provide an existing service ID, it is added to the access policy for that ID.  If a role is not provided, any new service IDs that are autogenerated, will not have an assigned access policy and provided service IDs are not changed in any way.  Refer to the service documentation for supported roles. */
+    interface ServiceCredentialsSourceServiceRole {
+        /** The service role CRN. */
+        crn: string;
+    }
     /** The request body to specify the properties of the action to create a secret version. */
     interface VersionAction {
     }
@@ -1733,16 +1884,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ArbitrarySecret.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: ArbitrarySecret.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -1754,6 +1905,29 @@ declare namespace SecretsManagerV2 {
         /** The secret data that is assigned to an `arbitrary` secret. */
         payload?: string;
     }
+    namespace ArbitrarySecret {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** Properties of the metadata of your arbitrary secret.. */
     interface ArbitrarySecretMetadata extends SecretMetadata {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -1789,16 +1963,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ArbitrarySecretMetadata.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: ArbitrarySecretMetadata.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -1808,6 +1982,29 @@ declare namespace SecretsManagerV2 {
          */
         expiration_date?: string;
     }
+    namespace ArbitrarySecretMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** ArbitrarySecretMetadataPatch. */
     interface ArbitrarySecretMetadataPatch extends SecretMetadataPatch {
         /** A human-readable name to assign to your secret.
@@ -1863,15 +2060,30 @@ declare namespace SecretsManagerV2 {
         name: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ArbitrarySecretPrototype.Constants.SecretType | string;
         /** The secret data that is assigned to an `arbitrary` secret. */
         payload: string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
     }
+    namespace ArbitrarySecretPrototype {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Your arbitrary secret version. */
     interface ArbitrarySecretVersion extends SecretVersion {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -1888,10 +2100,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ArbitrarySecretVersion.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -1899,7 +2111,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: ArbitrarySecretVersion.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -1911,6 +2123,26 @@ declare namespace SecretsManagerV2 {
         /** The secret data that is assigned to an `arbitrary` secret. */
         payload?: string;
     }
+    namespace ArbitrarySecretVersion {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** Properties of the version metadata of your arbitrary secret. */
     interface ArbitrarySecretVersionMetadata extends SecretVersionMetadata {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -1927,10 +2159,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ArbitrarySecretVersionMetadata.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -1938,7 +2170,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: ArbitrarySecretVersionMetadata.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -1948,6 +2180,26 @@ declare namespace SecretsManagerV2 {
          */
         expiration_date?: string;
     }
+    namespace ArbitrarySecretVersionMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** ArbitrarySecretVersionPrototype. */
     interface ArbitrarySecretVersionPrototype extends SecretVersionPrototype {
         /** The secret data that is assigned to an `arbitrary` secret. */
@@ -1968,18 +2220,31 @@ declare namespace SecretsManagerV2 {
         /** The length of the secret rotation time interval. */
         interval?: number;
         /** The units for the secret rotation time interval. */
-        unit?: string;
+        unit?: CommonRotationPolicy.Constants.Unit | string;
+    }
+    namespace CommonRotationPolicy {
+        namespace Constants {
+            /** The units for the secret rotation time interval. */
+            enum Unit {
+                DAY = "day",
+                MONTH = "month"
+            }
+        }
     }
     /** Properties that describe a Classic Infrastructure DNS configuration. */
     interface IAMCredentialsConfiguration extends Configuration {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: IAMCredentialsConfiguration.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: IAMCredentialsConfiguration.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -1993,16 +2258,45 @@ declare namespace SecretsManagerV2 {
          */
         api_key?: string;
     }
+    namespace IAMCredentialsConfiguration {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Your IAMCredentials Configuration metadata properties. */
     interface IAMCredentialsConfigurationMetadata extends ConfigurationMetadata {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: IAMCredentialsConfigurationMetadata.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: IAMCredentialsConfigurationMetadata.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -2010,6 +2304,31 @@ declare namespace SecretsManagerV2 {
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
     }
+    namespace IAMCredentialsConfigurationMetadata {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** The configuration update of the IAM Credentials engine. */
     interface IAMCredentialsConfigurationPatch extends ConfigurationPatch {
         /** An IBM Cloud API key that can create and manage service IDs. The API key must be assigned the Editor
@@ -2026,11 +2345,29 @@ declare namespace SecretsManagerV2 {
          *  To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
          */
         name: string;
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: IAMCredentialsConfigurationPrototype.Constants.ConfigType | string;
         /** The API key that is used to set the iam_credentials engine. */
         api_key: string;
     }
+    namespace IAMCredentialsConfigurationPrototype {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+        }
+    }
     /** Your IAM credentials secret. */
     interface IAMCredentialsSecret extends Secret {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -2066,27 +2403,26 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: IAMCredentialsSecret.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: IAMCredentialsSecret.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
         versions_total: number;
-        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated.
-         *
-         *  For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
-         *  be either an integer that specifies the number of seconds, or the string representation of a duration, such as
-         *  `120m` or `24h`.
-         *
-         *  The minimum duration is 1 minute. The maximum is 90 days.
+        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
+         *  types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
+         *  value can be either an integer that specifies the number of seconds, or the string  representation of a
+         *  duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
+         *  duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
+         *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
          */
         ttl: string;
         /** Access Groups that you can use for an `iam_credentials` secret.
@@ -2131,11 +2467,35 @@ declare namespace SecretsManagerV2 {
         next_rotation_date?: string;
         /** The API key that is generated for this secret.
          *
-         *  After the secret reaches the end of its lease (see the `ttl` field), the API key is deleted automatically. If
-         *  you want to continue to use the same API key for future read operations, see the `reuse_api_key` field.
+         *  After the secret reaches the end of its lease, the API key is deleted automatically. See the `time-to-live`
+         *  field to understand the duration of the lease. If you want to continue to use the same API key for future read
+         *  operations, see the `reuse_api_key` field.
          */
         api_key?: string;
     }
+    namespace IAMCredentialsSecret {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** Properties of the metadata of your IAM credentials secret. */
     interface IAMCredentialsSecretMetadata extends SecretMetadata {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -2171,27 +2531,26 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: IAMCredentialsSecretMetadata.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: IAMCredentialsSecretMetadata.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
         versions_total: number;
-        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated.
-         *
-         *  For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
-         *  be either an integer that specifies the number of seconds, or the string representation of a duration, such as
-         *  `120m` or `24h`.
-         *
-         *  The minimum duration is 1 minute. The maximum is 90 days.
+        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
+         *  types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
+         *  value can be either an integer that specifies the number of seconds, or the string  representation of a
+         *  duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
+         *  duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
+         *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
          */
         ttl: string;
         /** Access Groups that you can use for an `iam_credentials` secret.
@@ -2235,6 +2594,29 @@ declare namespace SecretsManagerV2 {
          */
         next_rotation_date?: string;
     }
+    namespace IAMCredentialsSecretMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** IAMCredentialsSecretMetadataPatch. */
     interface IAMCredentialsSecretMetadataPatch extends SecretMetadataPatch {
         /** A human-readable name to assign to your secret.
@@ -2257,13 +2639,12 @@ declare namespace SecretsManagerV2 {
         labels?: string[];
         /** The secret metadata that a user can customize. */
         custom_metadata?: JsonObject;
-        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated.
-         *
-         *  For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
-         *  be either an integer that specifies the number of seconds, or the string representation of a duration, such as
-         *  `120m` or `24h`.
-         *
-         *  The minimum duration is 1 minute. The maximum is 90 days.
+        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
+         *  types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
+         *  value can be either an integer that specifies the number of seconds, or the string  representation of a
+         *  duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
+         *  duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
+         *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
          */
         ttl?: string;
         /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
@@ -2273,10 +2654,10 @@ declare namespace SecretsManagerV2 {
     }
     /** IAMCredentialsSecretPrototype. */
     interface IAMCredentialsSecretPrototype extends SecretPrototype {
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: IAMCredentialsSecretPrototype.Constants.SecretType | string;
         /** A human-readable name to assign to your secret.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -2297,13 +2678,12 @@ declare namespace SecretsManagerV2 {
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
         labels?: string[];
-        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated.
-         *
-         *  For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
-         *  be either an integer that specifies the number of seconds, or the string representation of a duration, such as
-         *  `120m` or `24h`.
-         *
-         *  The minimum duration is 1 minute. The maximum is 90 days.
+        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
+         *  types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
+         *  value can be either an integer that specifies the number of seconds, or the string  representation of a
+         *  duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
+         *  duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
+         *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
          */
         ttl: string;
         /** Access Groups that you can use for an `iam_credentials` secret.
@@ -2337,6 +2717,21 @@ declare namespace SecretsManagerV2 {
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
     }
+    namespace IAMCredentialsSecretPrototype {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** IAMCredentialsSecretRestoreFromVersionPrototype. */
     interface IAMCredentialsSecretRestoreFromVersionPrototype extends SecretVersionPrototype {
         /** A v4 UUID identifier, or `current` or `previous` secret version aliases. */
@@ -2362,10 +2757,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: IAMCredentialsSecretVersion.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -2373,7 +2768,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: IAMCredentialsSecretVersion.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -2392,11 +2787,32 @@ declare namespace SecretsManagerV2 {
         service_id?: string;
         /** The API key that is generated for this secret.
          *
-         *  After the secret reaches the end of its lease (see the `ttl` field), the API key is deleted automatically. If
-         *  you want to continue to use the same API key for future read operations, see the `reuse_api_key` field.
+         *  After the secret reaches the end of its lease, the API key is deleted automatically. See the `time-to-live`
+         *  field to understand the duration of the lease. If you want to continue to use the same API key for future read
+         *  operations, see the `reuse_api_key` field.
          */
         api_key?: string;
     }
+    namespace IAMCredentialsSecretVersion {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** Properties of the version metadata of your IAM credentials secret. */
     interface IAMCredentialsSecretVersionMetadata extends SecretVersionMetadata {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2413,10 +2829,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: IAMCredentialsSecretVersionMetadata.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -2424,7 +2840,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: IAMCredentialsSecretVersionMetadata.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -2442,6 +2858,26 @@ declare namespace SecretsManagerV2 {
          */
         service_id?: string;
     }
+    namespace IAMCredentialsSecretVersionMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** IAMCredentialsSecretVersionPrototype. */
     interface IAMCredentialsSecretVersionPrototype extends SecretVersionPrototype {
         /** The secret metadata that a user can customize. */
@@ -2484,16 +2920,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ImportedCertificate.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: ImportedCertificate.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -2537,6 +2973,29 @@ declare namespace SecretsManagerV2 {
          */
         private_key?: string;
     }
+    namespace ImportedCertificate {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** Properties of the secret metadata of your imported certificate. */
     interface ImportedCertificateMetadata extends SecretMetadata {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -2572,16 +3031,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ImportedCertificateMetadata.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: ImportedCertificateMetadata.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -2615,6 +3074,29 @@ declare namespace SecretsManagerV2 {
         /** The date and time that the certificate validity period begins and ends. */
         validity: CertificateValidity;
     }
+    namespace ImportedCertificateMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** ImportedCertificateMetadataPatch. */
     interface ImportedCertificateMetadataPatch extends SecretMetadataPatch {
         /** A human-readable name to assign to your secret.
@@ -2640,10 +3122,10 @@ declare namespace SecretsManagerV2 {
     }
     /** ImportedCertificatePrototype. */
     interface ImportedCertificatePrototype extends SecretPrototype {
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ImportedCertificatePrototype.Constants.SecretType | string;
         /** A human-readable name to assign to your secret.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -2679,6 +3161,21 @@ declare namespace SecretsManagerV2 {
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
     }
+    namespace ImportedCertificatePrototype {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Versions of your imported certificate. */
     interface ImportedCertificateVersion extends SecretVersion {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2695,10 +3192,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ImportedCertificateVersion.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -2706,7 +3203,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: ImportedCertificateVersion.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -2730,6 +3227,26 @@ declare namespace SecretsManagerV2 {
          */
         private_key?: string;
     }
+    namespace ImportedCertificateVersion {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** Properties of the version metadata of your imported certificate. */
     interface ImportedCertificateVersionMetadata extends SecretVersionMetadata {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2746,10 +3263,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: ImportedCertificateVersionMetadata.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -2757,7 +3274,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: ImportedCertificateVersionMetadata.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -2771,6 +3288,26 @@ declare namespace SecretsManagerV2 {
         /** The date and time that the certificate validity period begins and ends. */
         validity: CertificateValidity;
     }
+    namespace ImportedCertificateVersionMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** ImportedCertificateVersionPrototype. */
     interface ImportedCertificateVersionPrototype extends SecretVersionPrototype {
         /** Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters. */
@@ -2823,16 +3360,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: KVSecret.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: KVSecret.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -2840,6 +3377,29 @@ declare namespace SecretsManagerV2 {
         /** The payload data of a key-value secret. */
         data: JsonObject;
     }
+    namespace KVSecret {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** Properties of the metadata of your key-value secret metadata. */
     interface KVSecretMetadata extends SecretMetadata {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -2875,21 +3435,44 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: KVSecretMetadata.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: KVSecretMetadata.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
         versions_total: number;
     }
+    namespace KVSecretMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** KVSecretMetadataPatch. */
     interface KVSecretMetadataPatch extends SecretMetadataPatch {
         /** A human-readable name to assign to your secret.
@@ -2915,10 +3498,10 @@ declare namespace SecretsManagerV2 {
     }
     /** KVSecretPrototype. */
     interface KVSecretPrototype extends SecretPrototype {
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: KVSecretPrototype.Constants.SecretType | string;
         /** A human-readable name to assign to your secret.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -2946,6 +3529,21 @@ declare namespace SecretsManagerV2 {
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
     }
+    namespace KVSecretPrototype {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Your key-value secret version. */
     interface KVSecretVersion extends SecretVersion {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2962,10 +3560,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: KVSecretVersion.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -2973,7 +3571,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: KVSecretVersion.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -2981,6 +3579,26 @@ declare namespace SecretsManagerV2 {
         /** The payload data of a key-value secret. */
         data: JsonObject;
     }
+    namespace KVSecretVersion {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** Properties of the version metadata of your key-value secret. */
     interface KVSecretVersionMetadata extends SecretVersionMetadata {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2997,10 +3615,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: KVSecretVersionMetadata.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -3008,12 +3626,32 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: KVSecretVersionMetadata.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
         secret_id: string;
     }
+    namespace KVSecretVersionMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** KVSecretVersionPrototype. */
     interface KVSecretVersionPrototype extends SecretVersionPrototype {
         /** The payload data of a key-value secret. */
@@ -3058,16 +3696,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificate.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: PrivateCertificate.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -3125,58 +3763,171 @@ declare namespace SecretsManagerV2 {
         /** The chain of certificate authorities that are associated with the certificate. */
         ca_chain?: string[];
     }
+    namespace PrivateCertificate {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** The response body of the action to revoke the private certificate. */
     interface PrivateCertificateActionRevoke extends SecretAction {
         /** The type of secret action. */
-        action_type: string;
+        action_type: PrivateCertificateActionRevoke.Constants.ActionType | string;
         /** The timestamp of the certificate revocation. */
         revocation_time_seconds?: number;
     }
+    namespace PrivateCertificateActionRevoke {
+        namespace Constants {
+            /** The type of secret action. */
+            enum ActionType {
+                PUBLIC_CERT_ACTION_VALIDATE_DNS_CHALLENGE = "public_cert_action_validate_dns_challenge",
+                PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
+            }
+        }
+    }
     /** The request body to specify the properties of the action to revoke the private certificate. */
     interface PrivateCertificateActionRevokePrototype extends SecretActionPrototype {
         /** The type of secret action. */
-        action_type: string;
+        action_type: PrivateCertificateActionRevokePrototype.Constants.ActionType | string;
+    }
+    namespace PrivateCertificateActionRevokePrototype {
+        namespace Constants {
+            /** The type of secret action. */
+            enum ActionType {
+                PUBLIC_CERT_ACTION_VALIDATE_DNS_CHALLENGE = "public_cert_action_validate_dns_challenge",
+                PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
+            }
+        }
     }
     /** The response body to specify the properties of the action to revoke the private certificate. */
     interface PrivateCertificateConfigurationActionRevoke extends ConfigurationAction {
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionRevoke.Constants.ActionType | string;
         /** The timestamp of the certificate revocation. */
         revocation_time_seconds?: number;
     }
+    namespace PrivateCertificateConfigurationActionRevoke {
+        namespace Constants {
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
+    }
     /** The request body to specify the properties of the action to revoke the private certificate configuration. */
     interface PrivateCertificateConfigurationActionRevokePrototype extends ConfigurationActionPrototype {
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionRevokePrototype.Constants.ActionType | string;
+    }
+    namespace PrivateCertificateConfigurationActionRevokePrototype {
+        namespace Constants {
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
     }
     /** The response body of the action to rotate the CRL of an intermediate certificate authority for the private certificate configuration. */
     interface PrivateCertificateConfigurationActionRotateCRL extends ConfigurationAction {
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionRotateCRL.Constants.ActionType | string;
         /** This field indicates whether the request to rotate the CRL for the private certificate configuration was
          *  successful.
          */
         success: boolean;
     }
+    namespace PrivateCertificateConfigurationActionRotateCRL {
+        namespace Constants {
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
+    }
     /** The request body of the action to rotate the CRL of an intermediate certificate authority for the private certificate configuration. */
     interface PrivateCertificateConfigurationActionRotateCRLPrototype extends ConfigurationActionPrototype {
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionRotateCRLPrototype.Constants.ActionType | string;
+    }
+    namespace PrivateCertificateConfigurationActionRotateCRLPrototype {
+        namespace Constants {
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
     }
     /** The response body of the action to set a signed intermediate certificate authority for the private certificate configuration. */
     interface PrivateCertificateConfigurationActionSetSigned extends ConfigurationAction {
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionSetSigned.Constants.ActionType | string;
         /** Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters. */
         certificate: string;
     }
+    namespace PrivateCertificateConfigurationActionSetSigned {
+        namespace Constants {
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
+    }
     /** The request body of the action to set a signed intermediate certificate authority for the private certificate consideration. */
     interface PrivateCertificateConfigurationActionSetSignedPrototype extends ConfigurationActionPrototype {
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionSetSignedPrototype.Constants.ActionType | string;
         /** Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters. */
         certificate: string;
     }
+    namespace PrivateCertificateConfigurationActionSetSignedPrototype {
+        namespace Constants {
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
+    }
     /** The response body of the action to sign the CSR for the private certificate configuration. */
     interface PrivateCertificateConfigurationActionSignCSR extends ConfigurationAction {
         /** The Common Name (CN) represents the server name that is protected by the SSL certificate. */
@@ -3204,7 +3955,7 @@ declare namespace SecretsManagerV2 {
          */
         ttl?: string;
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificateConfigurationActionSignCSR.Constants.Format | string;
         /** The maximum path length to encode in the generated certificate. `-1` means no limit.
          *
          *  If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3255,12 +4006,29 @@ declare namespace SecretsManagerV2 {
          */
         serial_number?: string;
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionSignCSR.Constants.ActionType | string;
         /** The certificate signing request. */
         csr: string;
         /** The data that is associated with the root certificate authority. */
         data?: PrivateCertificateConfigurationCACertificate;
     }
+    namespace PrivateCertificateConfigurationActionSignCSR {
+        namespace Constants {
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
+    }
     /** The request body to specify the properties of the action to sign a CSR for the private certificate configuration. */
     interface PrivateCertificateConfigurationActionSignCSRPrototype extends ConfigurationActionPrototype {
         /** The Common Name (CN) represents the server name that is protected by the SSL certificate. */
@@ -3288,7 +4056,7 @@ declare namespace SecretsManagerV2 {
          */
         ttl?: string;
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificateConfigurationActionSignCSRPrototype.Constants.Format | string;
         /** The maximum path length to encode in the generated certificate. `-1` means no limit.
          *
          *  If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3339,10 +4107,27 @@ declare namespace SecretsManagerV2 {
          */
         serial_number?: string;
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionSignCSRPrototype.Constants.ActionType | string;
         /** The certificate signing request. */
         csr: string;
     }
+    namespace PrivateCertificateConfigurationActionSignCSRPrototype {
+        namespace Constants {
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
+    }
     /** The response body of the action to sign the intermediate certificate authority for the private certificate configuration. */
     interface PrivateCertificateConfigurationActionSignIntermediate extends ConfigurationAction {
         /** The Common Name (CN) represents the server name that is protected by the SSL certificate. */
@@ -3370,7 +4155,7 @@ declare namespace SecretsManagerV2 {
          */
         ttl?: string;
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificateConfigurationActionSignIntermediate.Constants.Format | string;
         /** The maximum path length to encode in the generated certificate. `-1` means no limit.
          *
          *  If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3421,10 +4206,27 @@ declare namespace SecretsManagerV2 {
          */
         serial_number?: string;
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionSignIntermediate.Constants.ActionType | string;
         /** The unique name of your configuration. */
         intermediate_certificate_authority: string;
     }
+    namespace PrivateCertificateConfigurationActionSignIntermediate {
+        namespace Constants {
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
+    }
     /** The request body to specify the properties of the action to sign an intermediate certificate authority for the private certificate configuration. */
     interface PrivateCertificateConfigurationActionSignIntermediatePrototype extends ConfigurationActionPrototype {
         /** The Common Name (CN) represents the server name that is protected by the SSL certificate. */
@@ -3452,7 +4254,7 @@ declare namespace SecretsManagerV2 {
          */
         ttl?: string;
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificateConfigurationActionSignIntermediatePrototype.Constants.Format | string;
         /** The maximum path length to encode in the generated certificate. `-1` means no limit.
          *
          *  If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3503,10 +4305,27 @@ declare namespace SecretsManagerV2 {
          */
         serial_number?: string;
         /** The type of configuration action. */
-        action_type: string;
+        action_type: PrivateCertificateConfigurationActionSignIntermediatePrototype.Constants.ActionType | string;
         /** The unique name of your configuration. */
         intermediate_certificate_authority: string;
     }
+    namespace PrivateCertificateConfigurationActionSignIntermediatePrototype {
+        namespace Constants {
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The type of configuration action. */
+            enum ActionType {
+                PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
+                PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
+                PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
+            }
+        }
+    }
     /** The data that is associated with the root certificate authority. */
     interface PrivateCertificateConfigurationCACertificate extends PrivateCertificateCAData {
         /** Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters. */
@@ -3520,14 +4339,18 @@ declare namespace SecretsManagerV2 {
     }
     /** The configuration of the root certificate authority. */
     interface PrivateCertificateConfigurationIntermediateCA extends Configuration {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationIntermediateCA.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateConfigurationIntermediateCA.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -3547,7 +4370,7 @@ declare namespace SecretsManagerV2 {
         /** The distinguished name that identifies the entity that signed and issued the certificate. */
         issuer?: string;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationIntermediateCA.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3559,12 +4382,12 @@ declare namespace SecretsManagerV2 {
          *  You can choose between internal or externally signed options. For more information, see the
          *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities).
          */
-        signing_method: string;
+        signing_method: PrivateCertificateConfigurationIntermediateCA.Constants.SigningMethod | string;
         /** The status of the certificate authority. The status of a root certificate authority is either `configured`
          *  or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,
          *  `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.
          */
-        status?: string;
+        status?: PrivateCertificateConfigurationIntermediateCA.Constants.Status | string;
         /** The maximum time-to-live (TTL) for certificates that are created by this CA in seconds. */
         max_ttl_seconds?: number;
         /** The time until the certificate revocation list (CRL) expires, in seconds. */
@@ -3596,9 +4419,9 @@ declare namespace SecretsManagerV2 {
          */
         other_sans?: string[];
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificateConfigurationIntermediateCA.Constants.Format | string;
         /** The format of the generated private key. */
-        private_key_format?: string;
+        private_key_format?: PrivateCertificateConfigurationIntermediateCA.Constants.PrivateKeyFormat | string;
         /** This parameter controls whether the common name is excluded from Subject Alternative Names (SANs).
          *
          *  If the common name is set to `true`, it is not included in DNS, or email SANs if they apply. This field can be
@@ -3624,6 +4447,60 @@ declare namespace SecretsManagerV2 {
         /** The configuration data of your Private Certificate. */
         data?: PrivateCertificateCAData;
     }
+    namespace PrivateCertificateConfigurationIntermediateCA {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+            /** The signing method to use with this certificate authority to generate private certificates. You can choose between internal or externally signed options. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities). */
+            enum SigningMethod {
+                INTERNAL = "internal",
+                EXTERNAL = "external"
+            }
+            /** The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. */
+            enum Status {
+                SIGNING_REQUIRED = "signing_required",
+                SIGNED_CERTIFICATE_REQUIRED = "signed_certificate_required",
+                CERTIFICATE_TEMPLATE_REQUIRED = "certificate_template_required",
+                CONFIGURED = "configured",
+                EXPIRED = "expired",
+                REVOKED = "revoked"
+            }
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The format of the generated private key. */
+            enum PrivateKeyFormat {
+                DER = "der",
+                PKCS8 = "pkcs8"
+            }
+        }
+    }
     /** The data that is associated with the intermediate certificate authority. */
     interface PrivateCertificateConfigurationIntermediateCACSR extends PrivateCertificateCAData {
         /** The certificate signing request. */
@@ -3633,20 +4510,33 @@ declare namespace SecretsManagerV2 {
          */
         private_key?: string;
         /** The type of private key to generate. */
-        private_key_type?: string;
+        private_key_type?: PrivateCertificateConfigurationIntermediateCACSR.Constants.PrivateKeyType | string;
         /** The certificate expiration time. */
         expiration?: number;
     }
+    namespace PrivateCertificateConfigurationIntermediateCACSR {
+        namespace Constants {
+            /** The type of private key to generate. */
+            enum PrivateKeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+        }
+    }
     /** The configuration of the metadata properties of the intermediate certificate authority. */
     interface PrivateCertificateConfigurationIntermediateCAMetadata extends ConfigurationMetadata {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -3666,7 +4556,7 @@ declare namespace SecretsManagerV2 {
         /** The distinguished name that identifies the entity that signed and issued the certificate. */
         issuer?: string;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3678,12 +4568,56 @@ declare namespace SecretsManagerV2 {
          *  You can choose between internal or externally signed options. For more information, see the
          *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities).
          */
-        signing_method: string;
+        signing_method: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.SigningMethod | string;
         /** The status of the certificate authority. The status of a root certificate authority is either `configured`
          *  or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,
          *  `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.
          */
-        status?: string;
+        status?: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.Status | string;
+    }
+    namespace PrivateCertificateConfigurationIntermediateCAMetadata {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+            /** The signing method to use with this certificate authority to generate private certificates. You can choose between internal or externally signed options. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities). */
+            enum SigningMethod {
+                INTERNAL = "internal",
+                EXTERNAL = "external"
+            }
+            /** The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. */
+            enum Status {
+                SIGNING_REQUIRED = "signing_required",
+                SIGNED_CERTIFICATE_REQUIRED = "signed_certificate_required",
+                CERTIFICATE_TEMPLATE_REQUIRED = "certificate_template_required",
+                CONFIGURED = "configured",
+                EXPIRED = "expired",
+                REVOKED = "revoked"
+            }
+        }
     }
     /** The configuration patch of the intermediate certificate authority. */
     interface PrivateCertificateConfigurationIntermediateCAPatch extends ConfigurationPatch {
@@ -3720,8 +4654,12 @@ declare namespace SecretsManagerV2 {
     }
     /** The configuration of the intermediate certificate authority. */
     interface PrivateCertificateConfigurationIntermediateCAPrototype extends ConfigurationPrototype {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.ConfigType | string;
         /** A human-readable unique name to assign to your configuration.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -3740,7 +4678,7 @@ declare namespace SecretsManagerV2 {
          *  You can choose between internal or externally signed options. For more information, see the
          *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities).
          */
-        signing_method: string;
+        signing_method: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.SigningMethod | string;
         /** The distinguished name that identifies the entity that signed and issued the certificate. */
         issuer?: string;
         /** The time until the certificate revocation list (CRL) expires.
@@ -3784,11 +4722,11 @@ declare namespace SecretsManagerV2 {
          */
         other_sans?: string[];
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.Format | string;
         /** The format of the generated private key. */
-        private_key_format?: string;
+        private_key_format?: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.PrivateKeyFormat | string;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3823,16 +4761,54 @@ declare namespace SecretsManagerV2 {
          */
         serial_number?: string;
     }
+    namespace PrivateCertificateConfigurationIntermediateCAPrototype {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The signing method to use with this certificate authority to generate private certificates. You can choose between internal or externally signed options. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities). */
+            enum SigningMethod {
+                INTERNAL = "internal",
+                EXTERNAL = "external"
+            }
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The format of the generated private key. */
+            enum PrivateKeyFormat {
+                DER = "der",
+                PKCS8 = "pkcs8"
+            }
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+        }
+    }
     /** The root certificate authority . */
     interface PrivateCertificateConfigurationRootCA extends Configuration {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationRootCA.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateConfigurationRootCA.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -3850,7 +4826,7 @@ declare namespace SecretsManagerV2 {
          */
         expiration_date?: string;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationRootCA.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3861,7 +4837,7 @@ declare namespace SecretsManagerV2 {
          *  or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,
          *  `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.
          */
-        status?: string;
+        status?: PrivateCertificateConfigurationRootCA.Constants.Status | string;
         /** The maximum time-to-live (TTL) for certificates that are created by this CA in seconds. */
         max_ttl_seconds?: number;
         /** The time until the certificate revocation list (CRL) expires, in seconds. */
@@ -3895,9 +4871,9 @@ declare namespace SecretsManagerV2 {
         /** he requested TTL, after which the certificate expires. */
         ttl_seconds?: number;
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificateConfigurationRootCA.Constants.Format | string;
         /** The format of the generated private key. */
-        private_key_format?: string;
+        private_key_format?: PrivateCertificateConfigurationRootCA.Constants.PrivateKeyFormat | string;
         /** The maximum path length to encode in the generated certificate. `-1` means no limit.
          *
          *  If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3933,16 +4909,69 @@ declare namespace SecretsManagerV2 {
         /** The configuration data of your Private Certificate. */
         data?: PrivateCertificateCAData;
     }
+    namespace PrivateCertificateConfigurationRootCA {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+            /** The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. */
+            enum Status {
+                SIGNING_REQUIRED = "signing_required",
+                SIGNED_CERTIFICATE_REQUIRED = "signed_certificate_required",
+                CERTIFICATE_TEMPLATE_REQUIRED = "certificate_template_required",
+                CONFIGURED = "configured",
+                EXPIRED = "expired",
+                REVOKED = "revoked"
+            }
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The format of the generated private key. */
+            enum PrivateKeyFormat {
+                DER = "der",
+                PKCS8 = "pkcs8"
+            }
+        }
+    }
     /** The configuration of the metadata properties of the root certificate authority. */
     interface PrivateCertificateConfigurationRootCAMetadata extends ConfigurationMetadata {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationRootCAMetadata.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateConfigurationRootCAMetadata.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -3960,7 +4989,7 @@ declare namespace SecretsManagerV2 {
          */
         expiration_date?: string;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationRootCAMetadata.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3971,7 +5000,46 @@ declare namespace SecretsManagerV2 {
          *  or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,
          *  `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.
          */
-        status?: string;
+        status?: PrivateCertificateConfigurationRootCAMetadata.Constants.Status | string;
+    }
+    namespace PrivateCertificateConfigurationRootCAMetadata {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+            /** The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. */
+            enum Status {
+                SIGNING_REQUIRED = "signing_required",
+                SIGNED_CERTIFICATE_REQUIRED = "signed_certificate_required",
+                CERTIFICATE_TEMPLATE_REQUIRED = "certificate_template_required",
+                CONFIGURED = "configured",
+                EXPIRED = "expired",
+                REVOKED = "revoked"
+            }
+        }
     }
     /** The configuration of the metadata patch for the root certificate authority. */
     interface PrivateCertificateConfigurationRootCAPatch extends ConfigurationPatch {
@@ -4008,8 +5076,12 @@ declare namespace SecretsManagerV2 {
     }
     /** The configuration of the root certificate authority. */
     interface PrivateCertificateConfigurationRootCAPrototype extends ConfigurationPrototype {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationRootCAPrototype.Constants.ConfigType | string;
         /** A human-readable unique name to assign to your configuration.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -4071,11 +5143,11 @@ declare namespace SecretsManagerV2 {
          */
         ttl?: string;
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificateConfigurationRootCAPrototype.Constants.Format | string;
         /** The format of the generated private key. */
-        private_key_format?: string;
+        private_key_format?: PrivateCertificateConfigurationRootCAPrototype.Constants.PrivateKeyFormat | string;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationRootCAPrototype.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -4120,16 +5192,49 @@ declare namespace SecretsManagerV2 {
          */
         serial_number?: string;
     }
+    namespace PrivateCertificateConfigurationRootCAPrototype {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The format of the generated private key. */
+            enum PrivateKeyFormat {
+                DER = "der",
+                PKCS8 = "pkcs8"
+            }
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+        }
+    }
     /** The configuration of the private certificate template. */
     interface PrivateCertificateConfigurationTemplate extends Configuration {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationTemplate.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateConfigurationTemplate.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -4214,7 +5319,7 @@ declare namespace SecretsManagerV2 {
         /** This field indicates whether private certificates are flagged for email protection use. */
         email_protection_flag?: boolean;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationTemplate.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -4285,16 +5390,50 @@ declare namespace SecretsManagerV2 {
         /** The duration in seconds by which to backdate the `not_before` property of an issued private certificate. */
         not_before_duration_seconds?: number;
     }
+    namespace PrivateCertificateConfigurationTemplate {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+        }
+    }
     /** The metadata properties of the configuration of the private certificate template. */
     interface PrivateCertificateConfigurationTemplateMetadata extends ConfigurationMetadata {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationTemplateMetadata.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateConfigurationTemplateMetadata.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -4304,6 +5443,31 @@ declare namespace SecretsManagerV2 {
         /** The name of the intermediate certificate authority. */
         certificate_authority: string;
     }
+    namespace PrivateCertificateConfigurationTemplateMetadata {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Properties that describe a certificate template. You can use a certificate template to control the parameters that are applied to your issued private certificates. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-certificate-templates). */
     interface PrivateCertificateConfigurationTemplatePatch extends ConfigurationPatch {
         /** This field scopes the creation of private certificates to only the secret groups that you specify.
@@ -4393,7 +5557,7 @@ declare namespace SecretsManagerV2 {
         /** This field indicates whether private certificates are flagged for email protection use. */
         email_protection_flag?: boolean;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationTemplatePatch.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -4468,10 +5632,23 @@ declare namespace SecretsManagerV2 {
          */
         not_before_duration?: string;
     }
+    namespace PrivateCertificateConfigurationTemplatePatch {
+        namespace Constants {
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+        }
+    }
     /** Properties that describe a certificate template. You can use a certificate template to control the parameters that are applied to your issued private certificates. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-certificate-templates). */
     interface PrivateCertificateConfigurationTemplatePrototype extends ConfigurationPrototype {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PrivateCertificateConfigurationTemplatePrototype.Constants.ConfigType | string;
         /** A human-readable unique name to assign to your configuration.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -4572,7 +5749,7 @@ declare namespace SecretsManagerV2 {
         /** This field indicates whether private certificates are flagged for email protection use. */
         email_protection_flag?: boolean;
         /** The type of private key to generate. */
-        key_type?: string;
+        key_type?: PrivateCertificateConfigurationTemplatePrototype.Constants.KeyType | string;
         /** The number of bits to use to generate the private key.
          *
          *  Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -4647,6 +5824,25 @@ declare namespace SecretsManagerV2 {
          */
         not_before_duration?: string;
     }
+    namespace PrivateCertificateConfigurationTemplatePrototype {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The type of private key to generate. */
+            enum KeyType {
+                RSA = "rsa",
+                EC = "ec"
+            }
+        }
+    }
     /** Properties of the metadata of your private certificate. */
     interface PrivateCertificateMetadata extends SecretMetadata {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -4682,16 +5878,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateMetadata.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: PrivateCertificateMetadata.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -4739,6 +5935,29 @@ declare namespace SecretsManagerV2 {
         /** The date and time that the certificate was revoked. The date format follows `RFC 3339`. */
         revocation_time_rfc3339?: string;
     }
+    namespace PrivateCertificateMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** PrivateCertificateMetadataPatch. */
     interface PrivateCertificateMetadataPatch extends SecretMetadataPatch {
         /** A human-readable name to assign to your secret.
@@ -4768,10 +5987,10 @@ declare namespace SecretsManagerV2 {
     }
     /** PrivateCertificatePrototype. */
     interface PrivateCertificatePrototype extends SecretPrototype {
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificatePrototype.Constants.SecretType | string;
         /** A human-readable name to assign to your secret.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -4815,9 +6034,9 @@ declare namespace SecretsManagerV2 {
         /** The certificate signing request. */
         csr?: string;
         /** The format of the returned data. */
-        format?: string;
+        format?: PrivateCertificatePrototype.Constants.Format | string;
         /** The format of the generated private key. */
-        private_key_format?: string;
+        private_key_format?: PrivateCertificatePrototype.Constants.PrivateKeyFormat | string;
         /** This parameter controls whether the common name is excluded from Subject Alternative Names (SANs).
          *
          *  If the common name is set to `true`, it is not included in DNS, or email SANs if they apply. This field can be
@@ -4839,6 +6058,31 @@ declare namespace SecretsManagerV2 {
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
     }
+    namespace PrivateCertificatePrototype {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** The format of the returned data. */
+            enum Format {
+                PEM = "pem",
+                PEM_BUNDLE = "pem_bundle"
+            }
+            /** The format of the generated private key. */
+            enum PrivateKeyFormat {
+                DER = "der",
+                PKCS8 = "pkcs8"
+            }
+        }
+    }
     /** Your private certificate version. */
     interface PrivateCertificateVersion extends SecretVersion {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -4855,10 +6099,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateVersion.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -4866,7 +6110,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: PrivateCertificateVersion.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -4890,17 +6134,53 @@ declare namespace SecretsManagerV2 {
         /** The chain of certificate authorities that are associated with the certificate. */
         ca_chain?: string[];
     }
+    namespace PrivateCertificateVersion {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** The response body to specify the properties of the action to revoke the private certificate. */
     interface PrivateCertificateVersionActionRevoke extends VersionAction {
         /** The type of secret version action. */
-        action_type: string;
+        action_type: PrivateCertificateVersionActionRevoke.Constants.ActionType | string;
         /** The timestamp of the certificate revocation. */
         revocation_time_seconds?: number;
     }
+    namespace PrivateCertificateVersionActionRevoke {
+        namespace Constants {
+            /** The type of secret version action. */
+            enum ActionType {
+                PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
+            }
+        }
+    }
     /** The request body to specify the properties of the action to revoke the private certificate. */
     interface PrivateCertificateVersionActionRevokePrototype extends SecretVersionActionPrototype {
         /** The type of secret version action. */
-        action_type: string;
+        action_type: PrivateCertificateVersionActionRevokePrototype.Constants.ActionType | string;
+    }
+    namespace PrivateCertificateVersionActionRevokePrototype {
+        namespace Constants {
+            /** The type of secret version action. */
+            enum ActionType {
+                PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
+            }
+        }
     }
     /** Properties of the version metadata of your private certificate. */
     interface PrivateCertificateVersionMetadata extends SecretVersionMetadata {
@@ -4918,10 +6198,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PrivateCertificateVersionMetadata.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -4929,7 +6209,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: PrivateCertificateVersionMetadata.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -4943,6 +6223,26 @@ declare namespace SecretsManagerV2 {
         /** The date and time that the certificate validity period begins and ends. */
         validity: CertificateValidity;
     }
+    namespace PrivateCertificateVersionMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** PrivateCertificateVersionPrototype. */
     interface PrivateCertificateVersionPrototype extends SecretVersionPrototype {
         /** The secret metadata that a user can customize. */
@@ -4987,16 +6287,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificate.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: PublicCertificate.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -5052,26 +6352,71 @@ declare namespace SecretsManagerV2 {
          */
         private_key?: string;
     }
+    namespace PublicCertificate {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** The response body of the action to validate manual DNS challenges for the public certificate. */
     interface PublicCertificateActionValidateManualDNS extends SecretAction {
         /** The type of secret action. */
-        action_type: string;
+        action_type: PublicCertificateActionValidateManualDNS.Constants.ActionType | string;
+    }
+    namespace PublicCertificateActionValidateManualDNS {
+        namespace Constants {
+            /** The type of secret action. */
+            enum ActionType {
+                PUBLIC_CERT_ACTION_VALIDATE_DNS_CHALLENGE = "public_cert_action_validate_dns_challenge",
+                PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
+            }
+        }
     }
     /** The request body to specify the properties of the action to validate manual DNS challenges for the public certificate. */
     interface PublicCertificateActionValidateManualDNSPrototype extends SecretActionPrototype {
         /** The type of secret action. */
-        action_type: string;
+        action_type: PublicCertificateActionValidateManualDNSPrototype.Constants.ActionType | string;
+    }
+    namespace PublicCertificateActionValidateManualDNSPrototype {
+        namespace Constants {
+            /** The type of secret action. */
+            enum ActionType {
+                PUBLIC_CERT_ACTION_VALIDATE_DNS_CHALLENGE = "public_cert_action_validate_dns_challenge",
+                PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
+            }
+        }
     }
     /** Properties that describe a Let's Encrypt CA configuration. */
     interface PublicCertificateConfigurationCALetsEncrypt extends Configuration {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationCALetsEncrypt.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateConfigurationCALetsEncrypt.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5079,7 +6424,7 @@ declare namespace SecretsManagerV2 {
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The configuration of the Let's Encrypt CA environment. */
-        lets_encrypt_environment: string;
+        lets_encrypt_environment: PublicCertificateConfigurationCALetsEncrypt.Constants.LetsEncryptEnvironment | string;
         /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
          *  Name. If no match, the default offered chain will be used.
          */
@@ -5089,16 +6434,50 @@ declare namespace SecretsManagerV2 {
          */
         lets_encrypt_private_key: string;
     }
+    namespace PublicCertificateConfigurationCALetsEncrypt {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** The configuration of the Let's Encrypt CA environment. */
+            enum LetsEncryptEnvironment {
+                PRODUCTION = "production",
+                STAGING = "staging"
+            }
+        }
+    }
     /** Your Let's Encrypt CA metadata properties. */
     interface PublicCertificateConfigurationCALetsEncryptMetadata extends ConfigurationMetadata {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationCALetsEncryptMetadata.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateConfigurationCALetsEncryptMetadata.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5106,16 +6485,46 @@ declare namespace SecretsManagerV2 {
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The configuration of the Let's Encrypt CA environment. */
-        lets_encrypt_environment: string;
+        lets_encrypt_environment: PublicCertificateConfigurationCALetsEncryptMetadata.Constants.LetsEncryptEnvironment | string;
         /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
          *  Name. If no match, the default offered chain will be used.
          */
         lets_encrypt_preferred_chain?: string;
     }
+    namespace PublicCertificateConfigurationCALetsEncryptMetadata {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** The configuration of the Let's Encrypt CA environment. */
+            enum LetsEncryptEnvironment {
+                PRODUCTION = "production",
+                STAGING = "staging"
+            }
+        }
+    }
     /** The configuration update of the Let's Encrypt Certificate Authority. */
     interface PublicCertificateConfigurationCALetsEncryptPatch extends ConfigurationPatch {
         /** The configuration of the Let's Encrypt CA environment. */
-        lets_encrypt_environment: string;
+        lets_encrypt_environment: PublicCertificateConfigurationCALetsEncryptPatch.Constants.LetsEncryptEnvironment | string;
         /** The PEM-encoded private key of your Let's Encrypt account. The data must be formatted on a single line with
          *  embedded newline characters.
          */
@@ -5125,17 +6534,30 @@ declare namespace SecretsManagerV2 {
          */
         lets_encrypt_preferred_chain?: string;
     }
+    namespace PublicCertificateConfigurationCALetsEncryptPatch {
+        namespace Constants {
+            /** The configuration of the Let's Encrypt CA environment. */
+            enum LetsEncryptEnvironment {
+                PRODUCTION = "production",
+                STAGING = "staging"
+            }
+        }
+    }
     /** The properties of the Let's Encrypt CA configuration. */
     interface PublicCertificateConfigurationCALetsEncryptPrototype extends ConfigurationPrototype {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationCALetsEncryptPrototype.Constants.ConfigType | string;
         /** A human-readable unique name to assign to your configuration.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
          */
         name: string;
         /** The configuration of the Let's Encrypt CA environment. */
-        lets_encrypt_environment: string;
+        lets_encrypt_environment: PublicCertificateConfigurationCALetsEncryptPrototype.Constants.LetsEncryptEnvironment | string;
         /** The PEM-encoded private key of your Let's Encrypt account. The data must be formatted on a single line with
          *  embedded newline characters.
          */
@@ -5145,16 +6567,39 @@ declare namespace SecretsManagerV2 {
          */
         lets_encrypt_preferred_chain?: string;
     }
+    namespace PublicCertificateConfigurationCALetsEncryptPrototype {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The configuration of the Let's Encrypt CA environment. */
+            enum LetsEncryptEnvironment {
+                PRODUCTION = "production",
+                STAGING = "staging"
+            }
+        }
+    }
     /** Properties that describe a Classic Infrastructure DNS configuration. */
     interface PublicCertificateConfigurationDNSClassicInfrastructure extends Configuration {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationDNSClassicInfrastructure.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateConfigurationDNSClassicInfrastructure.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5174,16 +6619,45 @@ declare namespace SecretsManagerV2 {
          */
         classic_infrastructure_password: string;
     }
+    namespace PublicCertificateConfigurationDNSClassicInfrastructure {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Your Classic Infrastructure DNS metadata properties. */
     interface PublicCertificateConfigurationDNSClassicInfrastructureMetadata extends ConfigurationMetadata {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationDNSClassicInfrastructureMetadata.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateConfigurationDNSClassicInfrastructureMetadata.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5191,6 +6665,31 @@ declare namespace SecretsManagerV2 {
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
     }
+    namespace PublicCertificateConfigurationDNSClassicInfrastructureMetadata {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Properties that describe the configuration update of an IBM Cloud classic infrastructure (SoftLayer). */
     interface PublicCertificateConfigurationDNSClassicInfrastructurePatch extends ConfigurationPatch {
         /** The username that is associated with your classic infrastructure account.
@@ -5208,8 +6707,12 @@ declare namespace SecretsManagerV2 {
     }
     /** PublicCertificateConfigurationDNSClassicInfrastructurePrototype. */
     interface PublicCertificateConfigurationDNSClassicInfrastructurePrototype extends ConfigurationPrototype {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationDNSClassicInfrastructurePrototype.Constants.ConfigType | string;
         /** A human-readable unique name to assign to your configuration.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -5228,16 +6731,34 @@ declare namespace SecretsManagerV2 {
          */
         classic_infrastructure_password: string;
     }
+    namespace PublicCertificateConfigurationDNSClassicInfrastructurePrototype {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+        }
+    }
     /** Properties that describe a Cloud Internet Services DNS configuration. */
     interface PublicCertificateConfigurationDNSCloudInternetServices extends Configuration {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationDNSCloudInternetServices.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateConfigurationDNSCloudInternetServices.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5259,16 +6780,45 @@ declare namespace SecretsManagerV2 {
         /** A CRN that uniquely identifies an IBM Cloud resource. */
         cloud_internet_services_crn: string;
     }
+    namespace PublicCertificateConfigurationDNSCloudInternetServices {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Your Cloud Internet Services DNS metadata properties. */
     interface PublicCertificateConfigurationDNSCloudInternetServicesMetadata extends ConfigurationMetadata {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationDNSCloudInternetServicesMetadata.Constants.ConfigType | string;
         /** The unique name of your configuration. */
         name: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateConfigurationDNSCloudInternetServicesMetadata.Constants.SecretType | string;
         /** The unique identifier that is associated with the entity that created the secret. */
         created_by: string;
         /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5276,6 +6826,31 @@ declare namespace SecretsManagerV2 {
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
     }
+    namespace PublicCertificateConfigurationDNSCloudInternetServicesMetadata {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** The configuration update of the Cloud Internet Services DNS. */
     interface PublicCertificateConfigurationDNSCloudInternetServicesPatch extends ConfigurationPatch {
         /** An IBM Cloud API key that can to list domains in your Cloud Internet Services instance.
@@ -5295,8 +6870,12 @@ declare namespace SecretsManagerV2 {
     }
     /** Specify the properties for Cloud Internet Services DNS configuration. */
     interface PublicCertificateConfigurationDNSCloudInternetServicesPrototype extends ConfigurationPrototype {
-        /** The configuration type. */
-        config_type: string;
+        /** The configuration type. Can be one of: iam_credentials_configuration,
+         *  public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
+         *  public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
+         *  private_cert_configuration_intermediate_ca, private_cert_configuration_template.
+         */
+        config_type: PublicCertificateConfigurationDNSCloudInternetServicesPrototype.Constants.ConfigType | string;
         /** A human-readable unique name to assign to your configuration.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -5317,6 +6896,20 @@ declare namespace SecretsManagerV2 {
         /** A CRN that uniquely identifies an IBM Cloud resource. */
         cloud_internet_services_crn: string;
     }
+    namespace PublicCertificateConfigurationDNSCloudInternetServicesPrototype {
+        namespace Constants {
+            /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
+            enum ConfigType {
+                PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
+                PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
+                IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
+                PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
+                PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
+                PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
+            }
+        }
+    }
     /** Properties of the metadata of your public certificate. */
     interface PublicCertificateMetadata extends SecretMetadata {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -5352,16 +6945,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateMetadata.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: PublicCertificateMetadata.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -5407,6 +7000,29 @@ declare namespace SecretsManagerV2 {
         /** The name of the DNS provider configuration. */
         dns?: string;
     }
+    namespace PublicCertificateMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** PublicCertificateMetadataPatch. */
     interface PublicCertificateMetadataPatch extends SecretMetadataPatch {
         /** A human-readable name to assign to your secret.
@@ -5436,10 +7052,10 @@ declare namespace SecretsManagerV2 {
     }
     /** PublicCertificatePrototype. */
     interface PublicCertificatePrototype extends SecretPrototype {
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificatePrototype.Constants.SecretType | string;
         /** A human-readable name to assign to your secret.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -5491,6 +7107,21 @@ declare namespace SecretsManagerV2 {
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
     }
+    namespace PublicCertificatePrototype {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** This field indicates whether Secrets Manager rotates your secrets automatically. For public certificates, if `auto_rotate` is set to `true`, the service reorders your certificate for 31 days, before it expires. */
     interface PublicCertificateRotationPolicy extends RotationPolicy {
         /** This field indicates whether Secrets Manager rotates your secret automatically.
@@ -5523,10 +7154,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateVersion.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -5534,7 +7165,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: PublicCertificateVersion.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -5558,6 +7189,26 @@ declare namespace SecretsManagerV2 {
          */
         private_key?: string;
     }
+    namespace PublicCertificateVersion {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** Properties of the version metadata of your public certificate. */
     interface PublicCertificateVersionMetadata extends SecretVersionMetadata {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -5574,10 +7225,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: PublicCertificateVersionMetadata.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -5585,7 +7236,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: PublicCertificateVersionMetadata.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -5599,6 +7250,26 @@ declare namespace SecretsManagerV2 {
         /** The date and time that the certificate validity period begins and ends. */
         validity?: CertificateValidity;
     }
+    namespace PublicCertificateVersionMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** PublicCertificateVersionPrototype. */
     interface PublicCertificateVersionPrototype extends SecretVersionPrototype {
         /** Defines the rotation object that is used to manually rotate public certificates. */
@@ -5608,6 +7279,422 @@ declare namespace SecretsManagerV2 {
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
     }
+    /** Your service credentials secret. */
+    interface ServiceCredentialsSecret extends Secret {
+        /** The unique identifier that is associated with the entity that created the secret. */
+        created_by: string;
+        /** The date when the resource was created. The date format follows `RFC 3339`. */
+        created_at: string;
+        /** A CRN that uniquely identifies an IBM Cloud resource. */
+        crn: string;
+        /** The secret metadata that a user can customize. */
+        custom_metadata?: JsonObject;
+        /** An extended description of your secret.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a description for your
+         *  secret group.
+         */
+        description?: string;
+        /** This field indicates whether the secret data that is associated with a secret version was retrieved in a
+         *  call to the service API.
+         */
+        downloaded?: boolean;
+        /** A v4 UUID identifier. */
+        id: string;
+        /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
+         *
+         *  Label can be between 2-30 characters, including spaces.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
+         */
+        labels?: string[];
+        /** The number of locks of the secret. */
+        locks_total?: number;
+        /** The human-readable name of your secret. */
+        name?: string;
+        /** A v4 UUID identifier, or `default` secret group. */
+        secret_group_id: string;
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
+         */
+        secret_type: ServiceCredentialsSecret.Constants.SecretType | string;
+        /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
+         *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
+         */
+        state?: number;
+        /** A text representation of the secret state. */
+        state_description?: ServiceCredentialsSecret.Constants.StateDescription | string;
+        /** The date when a resource was modified. The date format follows `RFC 3339`. */
+        updated_at: string;
+        /** The number of versions of your secret. */
+        versions_total: number;
+        /** The date that the secret is scheduled for automatic rotation.
+         *
+         *  The service automatically creates a new version of the secret on its next rotation date. This field exists only
+         *  for secrets that can be auto-rotated and an existing rotation policy.
+         */
+        next_rotation_date?: string;
+        /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
+         *  username_password, private_cert, public_cert, iam_credentials.
+         */
+        rotation?: RotationPolicy;
+        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
+         *  types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
+         *  value can be either an integer that specifies the number of seconds, or the string  representation of a
+         *  duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
+         *  duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
+         *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
+         */
+        ttl?: string;
+        /** The properties that are required to create the service credentials for the specified source service
+         *  instance.
+         */
+        source_service: ServiceCredentialsSecretSourceService;
+        /** The properties of the service credentials secret payload. */
+        credentials: ServiceCredentialsSecretCredentials;
+    }
+    namespace ServiceCredentialsSecret {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
+    /** The metadata properties for your service credentials secret. */
+    interface ServiceCredentialsSecretMetadata extends SecretMetadata {
+        /** The unique identifier that is associated with the entity that created the secret. */
+        created_by: string;
+        /** The date when the resource was created. The date format follows `RFC 3339`. */
+        created_at: string;
+        /** A CRN that uniquely identifies an IBM Cloud resource. */
+        crn: string;
+        /** The secret metadata that a user can customize. */
+        custom_metadata?: JsonObject;
+        /** An extended description of your secret.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a description for your
+         *  secret group.
+         */
+        description?: string;
+        /** This field indicates whether the secret data that is associated with a secret version was retrieved in a
+         *  call to the service API.
+         */
+        downloaded?: boolean;
+        /** A v4 UUID identifier. */
+        id: string;
+        /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
+         *
+         *  Label can be between 2-30 characters, including spaces.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
+         */
+        labels?: string[];
+        /** The number of locks of the secret. */
+        locks_total?: number;
+        /** The human-readable name of your secret. */
+        name?: string;
+        /** A v4 UUID identifier, or `default` secret group. */
+        secret_group_id: string;
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
+         */
+        secret_type: ServiceCredentialsSecretMetadata.Constants.SecretType | string;
+        /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
+         *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
+         */
+        state?: number;
+        /** A text representation of the secret state. */
+        state_description?: ServiceCredentialsSecretMetadata.Constants.StateDescription | string;
+        /** The date when a resource was modified. The date format follows `RFC 3339`. */
+        updated_at: string;
+        /** The number of versions of your secret. */
+        versions_total: number;
+        /** The date that the secret is scheduled for automatic rotation.
+         *
+         *  The service automatically creates a new version of the secret on its next rotation date. This field exists only
+         *  for secrets that can be auto-rotated and an existing rotation policy.
+         */
+        next_rotation_date?: string;
+        /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
+         *  username_password, private_cert, public_cert, iam_credentials.
+         */
+        rotation?: RotationPolicy;
+        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
+         *  types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
+         *  value can be either an integer that specifies the number of seconds, or the string  representation of a
+         *  duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
+         *  duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
+         *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
+         */
+        ttl?: string;
+        /** The properties that are required to create the service credentials for the specified source service
+         *  instance.
+         */
+        source_service: ServiceCredentialsSecretSourceService;
+    }
+    namespace ServiceCredentialsSecretMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
+    /** ServiceCredentialsSecretMetadataPatch. */
+    interface ServiceCredentialsSecretMetadataPatch extends SecretMetadataPatch {
+        /** The secret metadata that a user can customize. */
+        custom_metadata?: JsonObject;
+        /** An extended description of your secret.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a description for your
+         *  secret group.
+         */
+        description?: string;
+        /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
+         *
+         *  Label can be between 2-30 characters, including spaces.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
+         */
+        labels?: string[];
+        /** A human-readable name to assign to your secret.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
+         */
+        name?: string;
+        /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
+         *  username_password, private_cert, public_cert, iam_credentials.
+         */
+        rotation?: RotationPolicy;
+        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
+         *  types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
+         *  value can be either an integer that specifies the number of seconds, or the string  representation of a
+         *  duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
+         *  duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
+         *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
+         */
+        ttl?: string;
+    }
+    /** ServiceCredentialsSecretPrototype. */
+    interface ServiceCredentialsSecretPrototype extends SecretPrototype {
+        /** The secret metadata that a user can customize. */
+        custom_metadata?: JsonObject;
+        /** An extended description of your secret.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a description for your
+         *  secret group.
+         */
+        description?: string;
+        /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
+         *
+         *  Label can be between 2-30 characters, including spaces.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
+         */
+        labels?: string[];
+        /** A human-readable name to assign to your secret.
+         *
+         *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
+         */
+        name: string;
+        /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
+         *  username_password, private_cert, public_cert, iam_credentials.
+         */
+        rotation?: RotationPolicy;
+        /** A v4 UUID identifier, or `default` secret group. */
+        secret_group_id?: string;
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
+         */
+        secret_type: ServiceCredentialsSecretPrototype.Constants.SecretType | string;
+        /** The properties that are required to create the service credentials for the specified source service
+         *  instance.
+         */
+        source_service: ServiceCredentialsSecretSourceService;
+        /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
+         *  types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
+         *  value can be either an integer that specifies the number of seconds, or the string  representation of a
+         *  duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
+         *  duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
+         *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
+         */
+        ttl?: string;
+        /** The secret version metadata that a user can customize. */
+        version_custom_metadata?: JsonObject;
+    }
+    namespace ServiceCredentialsSecretPrototype {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
+    /** Your service credentials secret version. */
+    interface ServiceCredentialsSecretVersion extends SecretVersion {
+        /** Indicates whether the version of the secret was created by automatic rotation. */
+        auto_rotated?: boolean;
+        /** The unique identifier that is associated with the entity that created the secret. */
+        created_by: string;
+        /** The date when the resource was created. The date format follows `RFC 3339`. */
+        created_at: string;
+        /** This field indicates whether the secret data that is associated with a secret version was retrieved in a
+         *  call to the service API.
+         */
+        downloaded?: boolean;
+        /** A v4 UUID identifier. */
+        id: string;
+        /** The human-readable name of your secret. */
+        secret_name?: string;
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
+         */
+        secret_type: ServiceCredentialsSecretVersion.Constants.SecretType | string;
+        /** A v4 UUID identifier, or `default` secret group. */
+        secret_group_id: string;
+        /** Indicates whether the secret payload is available in this secret version. */
+        payload_available: boolean;
+        /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
+         *  is used for version `n-1`.
+         */
+        alias?: ServiceCredentialsSecretVersion.Constants.Alias | string;
+        /** The secret version metadata that a user can customize. */
+        version_custom_metadata?: JsonObject;
+        /** A v4 UUID identifier. */
+        secret_id: string;
+        /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
+         *  types: Arbitrary, username_password.
+         */
+        expiration_date?: string;
+        /** The source service resource key data of the generated service credentials. */
+        resource_key?: ServiceCredentialsResourceKey;
+        /** The properties of the service credentials secret payload. */
+        credentials: ServiceCredentialsSecretCredentials;
+    }
+    namespace ServiceCredentialsSecretVersion {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
+    /** The version metadata properties for your service credentials secret. */
+    interface ServiceCredentialsSecretVersionMetadata extends SecretVersionMetadata {
+        /** Indicates whether the version of the secret was created by automatic rotation. */
+        auto_rotated?: boolean;
+        /** The unique identifier that is associated with the entity that created the secret. */
+        created_by: string;
+        /** The date when the resource was created. The date format follows `RFC 3339`. */
+        created_at: string;
+        /** This field indicates whether the secret data that is associated with a secret version was retrieved in a
+         *  call to the service API.
+         */
+        downloaded?: boolean;
+        /** A v4 UUID identifier. */
+        id: string;
+        /** The human-readable name of your secret. */
+        secret_name?: string;
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
+         */
+        secret_type: ServiceCredentialsSecretVersionMetadata.Constants.SecretType | string;
+        /** A v4 UUID identifier, or `default` secret group. */
+        secret_group_id: string;
+        /** Indicates whether the secret payload is available in this secret version. */
+        payload_available: boolean;
+        /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
+         *  is used for version `n-1`.
+         */
+        alias?: ServiceCredentialsSecretVersionMetadata.Constants.Alias | string;
+        /** The secret version metadata that a user can customize. */
+        version_custom_metadata?: JsonObject;
+        /** A v4 UUID identifier. */
+        secret_id: string;
+        /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
+         *  types: Arbitrary, username_password.
+         */
+        expiration_date?: string;
+        /** The source service resource key data of the generated service credentials. */
+        resource_key?: ServiceCredentialsResourceKey;
+    }
+    namespace ServiceCredentialsSecretVersionMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
+    /** ServiceCredentialsSecretVersionPrototype. */
+    interface ServiceCredentialsSecretVersionPrototype extends SecretVersionPrototype {
+        /** The secret metadata that a user can customize. */
+        custom_metadata?: JsonObject;
+        /** The secret version metadata that a user can customize. */
+        version_custom_metadata?: JsonObject;
+    }
     /** Your user credentials secret. */
     interface UsernamePasswordSecret extends Secret {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -5643,16 +7730,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: UsernamePasswordSecret.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: UsernamePasswordSecret.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -5676,6 +7763,29 @@ declare namespace SecretsManagerV2 {
         /** The password that is assigned to an `username_password` secret. */
         password: string;
     }
+    namespace UsernamePasswordSecret {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** Properties of the metadata of your user credentials secret. */
     interface UsernamePasswordSecretMetadata extends SecretMetadata {
         /** The unique identifier that is associated with the entity that created the secret. */
@@ -5711,16 +7821,16 @@ declare namespace SecretsManagerV2 {
         name?: string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: UsernamePasswordSecretMetadata.Constants.SecretType | string;
         /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
          *  `Pre-activation = 0`, `Active = 1`,  `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
          */
         state?: number;
         /** A text representation of the secret state. */
-        state_description?: string;
+        state_description?: UsernamePasswordSecretMetadata.Constants.StateDescription | string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
         /** The number of versions of your secret. */
@@ -5740,6 +7850,29 @@ declare namespace SecretsManagerV2 {
          */
         next_rotation_date?: string;
     }
+    namespace UsernamePasswordSecretMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A text representation of the secret state. */
+            enum StateDescription {
+                PRE_ACTIVATION = "pre_activation",
+                ACTIVE = "active",
+                SUSPENDED = "suspended",
+                DEACTIVATED = "deactivated",
+                DESTROYED = "destroyed"
+            }
+        }
+    }
     /** UsernamePasswordSecretMetadataPatch. */
     interface UsernamePasswordSecretMetadataPatch extends SecretMetadataPatch {
         /** A human-readable name to assign to your secret.
@@ -5773,10 +7906,10 @@ declare namespace SecretsManagerV2 {
     }
     /** UsernamePasswordSecretPrototype. */
     interface UsernamePasswordSecretPrototype extends SecretPrototype {
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: UsernamePasswordSecretPrototype.Constants.SecretType | string;
         /** A human-readable name to assign to your secret.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -5814,6 +7947,21 @@ declare namespace SecretsManagerV2 {
          */
         rotation?: RotationPolicy;
     }
+    namespace UsernamePasswordSecretPrototype {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+        }
+    }
     /** Your user credentials secret version. */
     interface UsernamePasswordSecretVersion extends SecretVersion {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -5830,10 +7978,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: UsernamePasswordSecretVersion.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -5841,7 +7989,7 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: UsernamePasswordSecretVersion.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
@@ -5851,6 +7999,26 @@ declare namespace SecretsManagerV2 {
         /** The password that is assigned to an `username_password` secret. */
         password: string;
     }
+    namespace UsernamePasswordSecretVersion {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** Properties of the version metadata of your user credentials secret. */
     interface UsernamePasswordSecretVersionMetadata extends SecretVersionMetadata {
         /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -5867,10 +8035,10 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** The human-readable name of your secret. */
         secret_name?: string;
-        /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
-         *  credentials, key-value, and user credentials.
+        /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
+         *  service_credentials, kv, and username_password.
          */
-        secret_type: string;
+        secret_type: UsernamePasswordSecretVersionMetadata.Constants.SecretType | string;
         /** A v4 UUID identifier, or `default` secret group. */
         secret_group_id: string;
         /** Indicates whether the secret payload is available in this secret version. */
@@ -5878,12 +8046,32 @@ declare namespace SecretsManagerV2 {
         /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
          *  is used for version `n-1`.
          */
-        alias?: string;
+        alias?: UsernamePasswordSecretVersionMetadata.Constants.Alias | string;
         /** The secret version metadata that a user can customize. */
         version_custom_metadata?: JsonObject;
         /** A v4 UUID identifier. */
         secret_id: string;
     }
+    namespace UsernamePasswordSecretVersionMetadata {
+        namespace Constants {
+            /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
+            enum SecretType {
+                ARBITRARY = "arbitrary",
+                IAM_CREDENTIALS = "iam_credentials",
+                IMPORTED_CERT = "imported_cert",
+                KV = "kv",
+                PRIVATE_CERT = "private_cert",
+                PUBLIC_CERT = "public_cert",
+                SERVICE_CREDENTIALS = "service_credentials",
+                USERNAME_PASSWORD = "username_password"
+            }
+            /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
+            enum Alias {
+                CURRENT = "current",
+                PREVIOUS = "previous"
+            }
+        }
+    }
     /** UsernamePasswordSecretVersionPrototype. */
     interface UsernamePasswordSecretVersionPrototype extends SecretVersionPrototype {
         /** The password that is assigned to an `username_password` secret. */