@ibm-cloud/secrets-manager 2.0.1 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/README.md +1 -2
  3. package/examples/secrets-manager.v2.test.js +2 -2
  4. package/package.json +3 -3
  5. package/secrets-manager/v2.d.ts +2605 -350
  6. package/secrets-manager/v2.js +2029 -10
  7. package/secrets-manager/v2.js.map +1 -1
  8. package/secrets-manager/v1.d.ts +0 -4805
  9. package/secrets-manager/v1.js +0 -2495
  10. package/secrets-manager/v1.js.map +0 -1
package/secrets-manager/v2.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  /**
2
- * (C) Copyright IBM Corp. 2023.
2
+ * (C) Copyright IBM Corp. 2024.
3
3
  *
4
4
  * Licensed under the Apache License, Version 2.0 (the "License");
5
5
  * you may not use this file except in compliance with the License.
@@ -53,7 +53,7 @@ declare class SecretsManagerV2 extends BaseService {
53
53
  * @param {UserOptions} [options] - The parameters to send to the service.
54
54
  * @param {string} [options.serviceName] - The name of the service to configure
55
55
  * @param {Authenticator} [options.authenticator] - The Authenticator object used to authenticate requests to the service
56
- * @param {string} [options.serviceUrl] - The URL for the service
56
+ * @param {string} [options.serviceUrl] - The base URL for the service
57
57
  * @returns {SecretsManagerV2}
58
58
  */
59
59
  static newInstance(options: UserOptions): SecretsManagerV2;
@@ -61,7 +61,7 @@ declare class SecretsManagerV2 extends BaseService {
61
61
  * Construct a SecretsManagerV2 object.
62
62
  *
63
63
  * @param {Object} options - Options for the service.
64
- * @param {string} [options.serviceUrl] - The base url to use when contacting the service. The base url may differ between IBM Cloud regions.
64
+ * @param {string} [options.serviceUrl] - The base URL for the service
65
65
  * @param {OutgoingHttpHeaders} [options.headers] - Default headers that shall be included with every request to the service.
66
66
  * @param {Authenticator} options.authenticator - The Authenticator object used to authenticate requests to the service
67
67
  * @constructor
@@ -276,8 +276,8 @@ declare class SecretsManagerV2 extends BaseService {
276
276
  * metadata](#get-secret-metadata) operation.
277
277
  *
278
278
  * @param {Object} params - The parameters to send to the service.
279
- * @param {string} params.secretType - The secret type. Supported types are arbitrary, certificates (imported, public,
280
- * and private), IAM credentials, key-value, and user credentials.
279
+ * @param {string} params.secretType - The secret type. Supported types are arbitrary, imported_cert, public_cert,
280
+ * private_cert, iam_credentials, service_credentials, kv, and username_password.
281
281
  * @param {string} params.name - A human-readable name to assign to your secret. To protect your privacy, do not use
282
282
  * personal data, such as your name or location, as a name for your secret.
283
283
  * @param {string} params.secretGroupName - The name of your secret group.
@@ -929,8 +929,8 @@ declare namespace SecretsManagerV2 {
929
929
  }
930
930
  /** Parameters for the `getSecretByNameType` operation. */
931
931
  interface GetSecretByNameTypeParams {
932
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
933
- * credentials, key-value, and user credentials.
932
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
933
+ * service_credentials, kv, and username_password.
934
934
  */
935
935
  secretType: GetSecretByNameTypeConstants.SecretType | string;
936
936
  /** A human-readable name to assign to your secret. To protect your privacy, do not use personal data, such as
@@ -943,15 +943,16 @@ declare namespace SecretsManagerV2 {
943
943
  }
944
944
  /** Constants for the `getSecretByNameType` operation. */
945
945
  namespace GetSecretByNameTypeConstants {
946
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM credentials, key-value, and user credentials. */
946
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
947
947
  enum SecretType {
948
948
  ARBITRARY = "arbitrary",
949
- IMPORTED_CERT = "imported_cert",
950
- PUBLIC_CERT = "public_cert",
951
949
  IAM_CREDENTIALS = "iam_credentials",
950
+ IMPORTED_CERT = "imported_cert",
952
951
  KV = "kv",
953
- USERNAME_PASSWORD = "username_password",
954
- PRIVATE_CERT = "private_cert"
952
+ PRIVATE_CERT = "private_cert",
953
+ PUBLIC_CERT = "public_cert",
954
+ SERVICE_CREDENTIALS = "service_credentials",
955
+ USERNAME_PASSWORD = "username_password"
955
956
  }
956
957
  }
957
958
  /** Parameters for the `createSecretVersion` operation. */
@@ -1378,7 +1379,19 @@ declare namespace SecretsManagerV2 {
1378
1379
  */
1379
1380
  state?: number;
1380
1381
  /** A text representation of the secret state. */
1381
- state_description?: string;
1382
+ state_description?: CertificateIssuanceInfo.Constants.StateDescription | string;
1383
+ }
1384
+ namespace CertificateIssuanceInfo {
1385
+ namespace Constants {
1386
+ /** A text representation of the secret state. */
1387
+ enum StateDescription {
1388
+ PRE_ACTIVATION = "pre_activation",
1389
+ ACTIVE = "active",
1390
+ SUSPENDED = "suspended",
1391
+ DEACTIVATED = "deactivated",
1392
+ DESTROYED = "destroyed"
1393
+ }
1394
+ }
1382
1395
  }
1383
1396
  /** The date and time that the certificate validity period begins and ends. */
1384
1397
  interface CertificateValidity {
@@ -1462,6 +1475,39 @@ declare namespace SecretsManagerV2 {
1462
1475
  /** A URL that points to a page in a collection. */
1463
1476
  href: string;
1464
1477
  }
1478
+ /** Policy for auto-generated passwords. */
1479
+ interface PasswordGenerationPolicy {
1480
+ /** The length of auto-generated passwords. */
1481
+ length?: number;
1482
+ /** Include digits in auto-generated passwords. */
1483
+ include_digits?: boolean;
1484
+ /** Include symbols in auto-generated passwords. */
1485
+ include_symbols?: boolean;
1486
+ /** Include uppercase letters in auto-generated passwords. */
1487
+ include_uppercase?: boolean;
1488
+ }
1489
+ /** Policy patch for auto-generated passwords. Policy properties that are included in the patch are updated. Properties that are not included in the patch remain unchanged. */
1490
+ interface PasswordGenerationPolicyPatch {
1491
+ /** The length of auto-generated passwords. */
1492
+ length?: number;
1493
+ /** Include digits in auto-generated passwords. */
1494
+ include_digits?: boolean;
1495
+ /** Include symbols in auto-generated passwords. */
1496
+ include_symbols?: boolean;
1497
+ /** Include uppercase letters in auto-generated passwords. */
1498
+ include_uppercase?: boolean;
1499
+ }
1500
+ /** Policy for auto-generated passwords. */
1501
+ interface PasswordGenerationPolicyRO {
1502
+ /** The length of auto-generated passwords. */
1503
+ length?: number;
1504
+ /** Include digits in auto-generated passwords. */
1505
+ include_digits?: boolean;
1506
+ /** Include symbols in auto-generated passwords. */
1507
+ include_symbols?: boolean;
1508
+ /** Include uppercase letters in auto-generated passwords. */
1509
+ include_uppercase?: boolean;
1510
+ }
1465
1511
  /** The configuration data of your Private Certificate. */
1466
1512
  interface PrivateCertificateCAData {
1467
1513
  }
@@ -1544,7 +1590,16 @@ declare namespace SecretsManagerV2 {
1544
1590
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
1545
1591
  * is used for version `n-1`.
1546
1592
  */
1547
- secret_version_alias: string;
1593
+ secret_version_alias: SecretLock.Constants.SecretVersionAlias | string;
1594
+ }
1595
+ namespace SecretLock {
1596
+ namespace Constants {
1597
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
1598
+ enum SecretVersionAlias {
1599
+ CURRENT = "current",
1600
+ PREVIOUS = "previous"
1601
+ }
1602
+ }
1548
1603
  }
1549
1604
  /** SecretLockPrototype. */
1550
1605
  interface SecretLockPrototype {
@@ -1569,15 +1624,30 @@ declare namespace SecretsManagerV2 {
1569
1624
  secret_id: string;
1570
1625
  /** A v4 UUID identifier, or `default` secret group. */
1571
1626
  secret_group_id: string;
1572
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
1573
- * credentials, key-value, and user credentials.
1627
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
1628
+ * service_credentials, kv, and username_password.
1574
1629
  */
1575
- secret_type?: string;
1630
+ secret_type?: SecretLocks.Constants.SecretType | string;
1576
1631
  /** The human-readable name of your secret. */
1577
1632
  secret_name?: string;
1578
1633
  /** A collection of locks that are attached to a secret. */
1579
1634
  versions: SecretVersionLocks[];
1580
1635
  }
1636
+ namespace SecretLocks {
1637
+ namespace Constants {
1638
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
1639
+ enum SecretType {
1640
+ ARBITRARY = "arbitrary",
1641
+ IAM_CREDENTIALS = "iam_credentials",
1642
+ IMPORTED_CERT = "imported_cert",
1643
+ KV = "kv",
1644
+ PRIVATE_CERT = "private_cert",
1645
+ PUBLIC_CERT = "public_cert",
1646
+ SERVICE_CREDENTIALS = "service_credentials",
1647
+ USERNAME_PASSWORD = "username_password"
1648
+ }
1649
+ }
1650
+ }
1581
1651
  /** Properties that describe a paginated collection of your secret locks. */
1582
1652
  interface SecretLocksPaginatedCollection {
1583
1653
  /** The total number of resources in a collection. */
@@ -1638,12 +1708,21 @@ declare namespace SecretsManagerV2 {
1638
1708
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
1639
1709
  * is used for version `n-1`.
1640
1710
  */
1641
- version_alias: string;
1711
+ version_alias: SecretVersionLocks.Constants.VersionAlias | string;
1642
1712
  /** The names of all locks that are associated with this secret version. */
1643
1713
  locks: string[];
1644
1714
  /** Indicates whether the secret payload is available in this secret version. */
1645
1715
  payload_available?: boolean;
1646
1716
  }
1717
+ namespace SecretVersionLocks {
1718
+ namespace Constants {
1719
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
1720
+ enum VersionAlias {
1721
+ CURRENT = "current",
1722
+ PREVIOUS = "previous"
1723
+ }
1724
+ }
1725
+ }
1647
1726
  /** Properties that describe a paginated collection of your secret version locks. */
1648
1727
  interface SecretVersionLocksPaginatedCollection {
1649
1728
  /** The total number of resources in a collection. */
@@ -1695,6 +1774,117 @@ declare namespace SecretsManagerV2 {
1695
1774
  /** A collection of secrets and their locks. */
1696
1775
  secrets_locks: SecretLocks[];
1697
1776
  }
1777
+ /** The source service resource key data of the generated service credentials. */
1778
+ interface ServiceCredentialsResourceKey {
1779
+ /** The resource key CRN of the generated service credentials. */
1780
+ crn?: string;
1781
+ /** The resource key name of the generated service credentials. */
1782
+ name?: string;
1783
+ }
1784
+ /** The properties of the service credentials secret payload. */
1785
+ interface ServiceCredentialsSecretCredentials {
1786
+ /** The API key that is generated for this secret.
1787
+ *
1788
+ * After the secret reaches the end of its lease, the API key is deleted automatically. See the `time-to-live`
1789
+ * field to understand the duration of the lease.
1790
+ */
1791
+ apikey?: string;
1792
+ /** The IAM API key description for the generated service credentials. */
1793
+ iam_apikey_description?: string;
1794
+ /** The IAM API key id for the generated service credentials. */
1795
+ iam_apikey_id?: string;
1796
+ /** The IAM API key name for the generated service credentials. */
1797
+ iam_apikey_name?: string;
1798
+ /** The IAM role CRN assigned to the generated service credentials. */
1799
+ iam_role_crn?: string;
1800
+ /** The IAM Service ID CRN. */
1801
+ iam_serviceid_crn?: string;
1802
+ /** ServiceCredentialsSecretCredentials accepts additional properties. */
1803
+ [propName: string]: any;
1804
+ }
1805
+ /** The properties that are required to create the service credentials for the specified source service instance. */
1806
+ interface ServiceCredentialsSecretSourceService {
1807
+ /** The source service instance identifier. */
1808
+ instance: ServiceCredentialsSourceServiceInstance;
1809
+ /** Configuration options represented as key-value pairs. Service-defined options are used in the generation of
1810
+ * credentials for some services. For example, Cloud Object Storage accepts the optional boolean parameter HMAC for
1811
+ * creating specific kind of credentials.
1812
+ */
1813
+ parameters?: ServiceCredentialsSourceServiceParameters;
1814
+ /** The service-specific custom role. CRN is accepted. The role is assigned as part of an access policy to any
1815
+ * auto-generated IAM service ID. If you provide an existing service ID, it is added to the access policy for that
1816
+ * ID. If a role is not provided, any new service IDs that are autogenerated, will not have an assigned access
1817
+ * policy and provided service IDs are not changed in any way. Refer to the service documentation for supported
1818
+ * roles.
1819
+ */
1820
+ role?: ServiceCredentialsSourceServiceRole;
1821
+ }
1822
+ /** The properties of the resource key that was created for this source service instance. */
1823
+ interface ServiceCredentialsSecretSourceServiceRO {
1824
+ /** The source service instance identifier. */
1825
+ instance: ServiceCredentialsSourceServiceInstance;
1826
+ /** Configuration options represented as key-value pairs. Service-defined options are used in the generation of
1827
+ * credentials for some services. For example, Cloud Object Storage accepts the optional boolean parameter HMAC for
1828
+ * creating specific kind of credentials.
1829
+ */
1830
+ parameters?: ServiceCredentialsSourceServiceParameters;
1831
+ /** The service-specific custom role. CRN is accepted. The role is assigned as part of an access policy to any
1832
+ * auto-generated IAM service ID. If you provide an existing service ID, it is added to the access policy for that
1833
+ * ID. If a role is not provided, any new service IDs that are autogenerated, will not have an assigned access
1834
+ * policy and provided service IDs are not changed in any way. Refer to the service documentation for supported
1835
+ * roles.
1836
+ */
1837
+ role?: ServiceCredentialsSourceServiceRole;
1838
+ /** The source service IAM data is returned in case IAM credentials where created for this secret. */
1839
+ iam?: ServiceCredentialsSourceServiceIam;
1840
+ /** The source service resource key data of the generated service credentials. */
1841
+ resource_key?: ServiceCredentialsResourceKey;
1842
+ }
1843
+ /** The source service IAM data is returned in case IAM credentials where created for this secret. */
1844
+ interface ServiceCredentialsSourceServiceIam {
1845
+ /** The IAM apikey metadata for the IAM credentials that were generated. */
1846
+ apikey?: ServiceCredentialsSourceServiceIamApikey;
1847
+ /** The IAM role for the generate service credentials. */
1848
+ role?: ServiceCredentialsSourceServiceIamRole;
1849
+ /** The IAM serviceid for the generated service credentials. */
1850
+ serviceid?: ServiceCredentialsSourceServiceIamServiceid;
1851
+ }
1852
+ /** The IAM apikey metadata for the IAM credentials that were generated. */
1853
+ interface ServiceCredentialsSourceServiceIamApikey {
1854
+ /** The IAM API key description for the generated service credentials. */
1855
+ description?: string;
1856
+ /** The IAM API key id for the generated service credentials. */
1857
+ id?: string;
1858
+ /** The IAM API key name for the generated service credentials. */
1859
+ name?: string;
1860
+ }
1861
+ /** The IAM role for the generate service credentials. */
1862
+ interface ServiceCredentialsSourceServiceIamRole {
1863
+ /** The IAM role CRN assigned to the generated service credentials. */
1864
+ crn?: string;
1865
+ }
1866
+ /** The IAM serviceid for the generated service credentials. */
1867
+ interface ServiceCredentialsSourceServiceIamServiceid {
1868
+ /** The IAM Service ID CRN. */
1869
+ crn?: string;
1870
+ }
1871
+ /** The source service instance identifier. */
1872
+ interface ServiceCredentialsSourceServiceInstance {
1873
+ /** A CRN that uniquely identifies a service credentials source. */
1874
+ crn?: string;
1875
+ }
1876
+ /** Configuration options represented as key-value pairs. Service-defined options are used in the generation of credentials for some services. For example, Cloud Object Storage accepts the optional boolean parameter HMAC for creating specific kind of credentials. */
1877
+ interface ServiceCredentialsSourceServiceParameters {
1878
+ /** An optional platform defined option to reuse an existing IAM Service ID for the role assignment. */
1879
+ serviceid_crn?: string;
1880
+ /** ServiceCredentialsSourceServiceParameters accepts additional properties. */
1881
+ [propName: string]: any;
1882
+ }
1883
+ /** The service-specific custom role. CRN is accepted. The role is assigned as part of an access policy to any auto-generated IAM service ID. If you provide an existing service ID, it is added to the access policy for that ID. If a role is not provided, any new service IDs that are autogenerated, will not have an assigned access policy and provided service IDs are not changed in any way. Refer to the service documentation for supported roles. */
1884
+ interface ServiceCredentialsSourceServiceRole {
1885
+ /** The service role CRN. */
1886
+ crn: string;
1887
+ }
1698
1888
  /** The request body to specify the properties of the action to create a secret version. */
1699
1889
  interface VersionAction {
1700
1890
  }
@@ -1733,16 +1923,16 @@ declare namespace SecretsManagerV2 {
1733
1923
  name?: string;
1734
1924
  /** A v4 UUID identifier, or `default` secret group. */
1735
1925
  secret_group_id: string;
1736
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
1737
- * credentials, key-value, and user credentials.
1926
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
1927
+ * service_credentials, kv, and username_password.
1738
1928
  */
1739
- secret_type: string;
1929
+ secret_type: ArbitrarySecret.Constants.SecretType | string;
1740
1930
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
1741
1931
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
1742
1932
  */
1743
1933
  state?: number;
1744
1934
  /** A text representation of the secret state. */
1745
- state_description?: string;
1935
+ state_description?: ArbitrarySecret.Constants.StateDescription | string;
1746
1936
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
1747
1937
  updated_at: string;
1748
1938
  /** The number of versions of your secret. */
@@ -1754,6 +1944,29 @@ declare namespace SecretsManagerV2 {
1754
1944
  /** The secret data that is assigned to an `arbitrary` secret. */
1755
1945
  payload?: string;
1756
1946
  }
1947
+ namespace ArbitrarySecret {
1948
+ namespace Constants {
1949
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
1950
+ enum SecretType {
1951
+ ARBITRARY = "arbitrary",
1952
+ IAM_CREDENTIALS = "iam_credentials",
1953
+ IMPORTED_CERT = "imported_cert",
1954
+ KV = "kv",
1955
+ PRIVATE_CERT = "private_cert",
1956
+ PUBLIC_CERT = "public_cert",
1957
+ SERVICE_CREDENTIALS = "service_credentials",
1958
+ USERNAME_PASSWORD = "username_password"
1959
+ }
1960
+ /** A text representation of the secret state. */
1961
+ enum StateDescription {
1962
+ PRE_ACTIVATION = "pre_activation",
1963
+ ACTIVE = "active",
1964
+ SUSPENDED = "suspended",
1965
+ DEACTIVATED = "deactivated",
1966
+ DESTROYED = "destroyed"
1967
+ }
1968
+ }
1969
+ }
1757
1970
  /** Properties of the metadata of your arbitrary secret.. */
1758
1971
  interface ArbitrarySecretMetadata extends SecretMetadata {
1759
1972
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -1789,16 +2002,16 @@ declare namespace SecretsManagerV2 {
1789
2002
  name?: string;
1790
2003
  /** A v4 UUID identifier, or `default` secret group. */
1791
2004
  secret_group_id: string;
1792
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
1793
- * credentials, key-value, and user credentials.
2005
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2006
+ * service_credentials, kv, and username_password.
1794
2007
  */
1795
- secret_type: string;
2008
+ secret_type: ArbitrarySecretMetadata.Constants.SecretType | string;
1796
2009
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
1797
2010
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
1798
2011
  */
1799
2012
  state?: number;
1800
2013
  /** A text representation of the secret state. */
1801
- state_description?: string;
2014
+ state_description?: ArbitrarySecretMetadata.Constants.StateDescription | string;
1802
2015
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
1803
2016
  updated_at: string;
1804
2017
  /** The number of versions of your secret. */
@@ -1808,6 +2021,29 @@ declare namespace SecretsManagerV2 {
1808
2021
  */
1809
2022
  expiration_date?: string;
1810
2023
  }
2024
+ namespace ArbitrarySecretMetadata {
2025
+ namespace Constants {
2026
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2027
+ enum SecretType {
2028
+ ARBITRARY = "arbitrary",
2029
+ IAM_CREDENTIALS = "iam_credentials",
2030
+ IMPORTED_CERT = "imported_cert",
2031
+ KV = "kv",
2032
+ PRIVATE_CERT = "private_cert",
2033
+ PUBLIC_CERT = "public_cert",
2034
+ SERVICE_CREDENTIALS = "service_credentials",
2035
+ USERNAME_PASSWORD = "username_password"
2036
+ }
2037
+ /** A text representation of the secret state. */
2038
+ enum StateDescription {
2039
+ PRE_ACTIVATION = "pre_activation",
2040
+ ACTIVE = "active",
2041
+ SUSPENDED = "suspended",
2042
+ DEACTIVATED = "deactivated",
2043
+ DESTROYED = "destroyed"
2044
+ }
2045
+ }
2046
+ }
1811
2047
  /** ArbitrarySecretMetadataPatch. */
1812
2048
  interface ArbitrarySecretMetadataPatch extends SecretMetadataPatch {
1813
2049
  /** A human-readable name to assign to your secret.
@@ -1863,15 +2099,30 @@ declare namespace SecretsManagerV2 {
1863
2099
  name: string;
1864
2100
  /** A v4 UUID identifier, or `default` secret group. */
1865
2101
  secret_group_id?: string;
1866
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
1867
- * credentials, key-value, and user credentials.
2102
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2103
+ * service_credentials, kv, and username_password.
1868
2104
  */
1869
- secret_type: string;
2105
+ secret_type: ArbitrarySecretPrototype.Constants.SecretType | string;
1870
2106
  /** The secret data that is assigned to an `arbitrary` secret. */
1871
2107
  payload: string;
1872
2108
  /** The secret version metadata that a user can customize. */
1873
2109
  version_custom_metadata?: JsonObject;
1874
2110
  }
2111
+ namespace ArbitrarySecretPrototype {
2112
+ namespace Constants {
2113
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2114
+ enum SecretType {
2115
+ ARBITRARY = "arbitrary",
2116
+ IAM_CREDENTIALS = "iam_credentials",
2117
+ IMPORTED_CERT = "imported_cert",
2118
+ KV = "kv",
2119
+ PRIVATE_CERT = "private_cert",
2120
+ PUBLIC_CERT = "public_cert",
2121
+ SERVICE_CREDENTIALS = "service_credentials",
2122
+ USERNAME_PASSWORD = "username_password"
2123
+ }
2124
+ }
2125
+ }
1875
2126
  /** Your arbitrary secret version. */
1876
2127
  interface ArbitrarySecretVersion extends SecretVersion {
1877
2128
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -1888,10 +2139,10 @@ declare namespace SecretsManagerV2 {
1888
2139
  id: string;
1889
2140
  /** The human-readable name of your secret. */
1890
2141
  secret_name?: string;
1891
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
1892
- * credentials, key-value, and user credentials.
2142
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2143
+ * service_credentials, kv, and username_password.
1893
2144
  */
1894
- secret_type: string;
2145
+ secret_type: ArbitrarySecretVersion.Constants.SecretType | string;
1895
2146
  /** A v4 UUID identifier, or `default` secret group. */
1896
2147
  secret_group_id: string;
1897
2148
  /** Indicates whether the secret payload is available in this secret version. */
@@ -1899,7 +2150,7 @@ declare namespace SecretsManagerV2 {
1899
2150
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
1900
2151
  * is used for version `n-1`.
1901
2152
  */
1902
- alias?: string;
2153
+ alias?: ArbitrarySecretVersion.Constants.Alias | string;
1903
2154
  /** The secret version metadata that a user can customize. */
1904
2155
  version_custom_metadata?: JsonObject;
1905
2156
  /** A v4 UUID identifier. */
@@ -1911,6 +2162,26 @@ declare namespace SecretsManagerV2 {
1911
2162
  /** The secret data that is assigned to an `arbitrary` secret. */
1912
2163
  payload?: string;
1913
2164
  }
2165
+ namespace ArbitrarySecretVersion {
2166
+ namespace Constants {
2167
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2168
+ enum SecretType {
2169
+ ARBITRARY = "arbitrary",
2170
+ IAM_CREDENTIALS = "iam_credentials",
2171
+ IMPORTED_CERT = "imported_cert",
2172
+ KV = "kv",
2173
+ PRIVATE_CERT = "private_cert",
2174
+ PUBLIC_CERT = "public_cert",
2175
+ SERVICE_CREDENTIALS = "service_credentials",
2176
+ USERNAME_PASSWORD = "username_password"
2177
+ }
2178
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
2179
+ enum Alias {
2180
+ CURRENT = "current",
2181
+ PREVIOUS = "previous"
2182
+ }
2183
+ }
2184
+ }
1914
2185
  /** Properties of the version metadata of your arbitrary secret. */
1915
2186
  interface ArbitrarySecretVersionMetadata extends SecretVersionMetadata {
1916
2187
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -1927,10 +2198,10 @@ declare namespace SecretsManagerV2 {
1927
2198
  id: string;
1928
2199
  /** The human-readable name of your secret. */
1929
2200
  secret_name?: string;
1930
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
1931
- * credentials, key-value, and user credentials.
2201
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2202
+ * service_credentials, kv, and username_password.
1932
2203
  */
1933
- secret_type: string;
2204
+ secret_type: ArbitrarySecretVersionMetadata.Constants.SecretType | string;
1934
2205
  /** A v4 UUID identifier, or `default` secret group. */
1935
2206
  secret_group_id: string;
1936
2207
  /** Indicates whether the secret payload is available in this secret version. */
@@ -1938,7 +2209,7 @@ declare namespace SecretsManagerV2 {
1938
2209
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
1939
2210
  * is used for version `n-1`.
1940
2211
  */
1941
- alias?: string;
2212
+ alias?: ArbitrarySecretVersionMetadata.Constants.Alias | string;
1942
2213
  /** The secret version metadata that a user can customize. */
1943
2214
  version_custom_metadata?: JsonObject;
1944
2215
  /** A v4 UUID identifier. */
@@ -1948,6 +2219,26 @@ declare namespace SecretsManagerV2 {
1948
2219
  */
1949
2220
  expiration_date?: string;
1950
2221
  }
2222
+ namespace ArbitrarySecretVersionMetadata {
2223
+ namespace Constants {
2224
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2225
+ enum SecretType {
2226
+ ARBITRARY = "arbitrary",
2227
+ IAM_CREDENTIALS = "iam_credentials",
2228
+ IMPORTED_CERT = "imported_cert",
2229
+ KV = "kv",
2230
+ PRIVATE_CERT = "private_cert",
2231
+ PUBLIC_CERT = "public_cert",
2232
+ SERVICE_CREDENTIALS = "service_credentials",
2233
+ USERNAME_PASSWORD = "username_password"
2234
+ }
2235
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
2236
+ enum Alias {
2237
+ CURRENT = "current",
2238
+ PREVIOUS = "previous"
2239
+ }
2240
+ }
2241
+ }
1951
2242
  /** ArbitrarySecretVersionPrototype. */
1952
2243
  interface ArbitrarySecretVersionPrototype extends SecretVersionPrototype {
1953
2244
  /** The secret data that is assigned to an `arbitrary` secret. */
@@ -1968,18 +2259,31 @@ declare namespace SecretsManagerV2 {
1968
2259
  /** The length of the secret rotation time interval. */
1969
2260
  interval?: number;
1970
2261
  /** The units for the secret rotation time interval. */
1971
- unit?: string;
2262
+ unit?: CommonRotationPolicy.Constants.Unit | string;
2263
+ }
2264
+ namespace CommonRotationPolicy {
2265
+ namespace Constants {
2266
+ /** The units for the secret rotation time interval. */
2267
+ enum Unit {
2268
+ DAY = "day",
2269
+ MONTH = "month"
2270
+ }
2271
+ }
1972
2272
  }
1973
2273
  /** Properties that describe a Classic Infrastructure DNS configuration. */
1974
2274
  interface IAMCredentialsConfiguration extends Configuration {
1975
- /** The configuration type. */
1976
- config_type: string;
2275
+ /** The configuration type. Can be one of: iam_credentials_configuration,
2276
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
2277
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
2278
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
2279
+ */
2280
+ config_type: IAMCredentialsConfiguration.Constants.ConfigType | string;
1977
2281
  /** The unique name of your configuration. */
1978
2282
  name: string;
1979
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
1980
- * credentials, key-value, and user credentials.
2283
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2284
+ * service_credentials, kv, and username_password.
1981
2285
  */
1982
- secret_type: string;
2286
+ secret_type: IAMCredentialsConfiguration.Constants.SecretType | string;
1983
2287
  /** The unique identifier that is associated with the entity that created the secret. */
1984
2288
  created_by: string;
1985
2289
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -1993,16 +2297,45 @@ declare namespace SecretsManagerV2 {
1993
2297
  */
1994
2298
  api_key?: string;
1995
2299
  }
2300
+ namespace IAMCredentialsConfiguration {
2301
+ namespace Constants {
2302
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
2303
+ enum ConfigType {
2304
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
2305
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
2306
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
2307
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
2308
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
2309
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
2310
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
2311
+ }
2312
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2313
+ enum SecretType {
2314
+ ARBITRARY = "arbitrary",
2315
+ IAM_CREDENTIALS = "iam_credentials",
2316
+ IMPORTED_CERT = "imported_cert",
2317
+ KV = "kv",
2318
+ PRIVATE_CERT = "private_cert",
2319
+ PUBLIC_CERT = "public_cert",
2320
+ SERVICE_CREDENTIALS = "service_credentials",
2321
+ USERNAME_PASSWORD = "username_password"
2322
+ }
2323
+ }
2324
+ }
1996
2325
  /** Your IAMCredentials Configuration metadata properties. */
1997
2326
  interface IAMCredentialsConfigurationMetadata extends ConfigurationMetadata {
1998
- /** The configuration type. */
1999
- config_type: string;
2327
+ /** The configuration type. Can be one of: iam_credentials_configuration,
2328
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
2329
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
2330
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
2331
+ */
2332
+ config_type: IAMCredentialsConfigurationMetadata.Constants.ConfigType | string;
2000
2333
  /** The unique name of your configuration. */
2001
2334
  name: string;
2002
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2003
- * credentials, key-value, and user credentials.
2335
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2336
+ * service_credentials, kv, and username_password.
2004
2337
  */
2005
- secret_type: string;
2338
+ secret_type: IAMCredentialsConfigurationMetadata.Constants.SecretType | string;
2006
2339
  /** The unique identifier that is associated with the entity that created the secret. */
2007
2340
  created_by: string;
2008
2341
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -2010,6 +2343,31 @@ declare namespace SecretsManagerV2 {
2010
2343
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
2011
2344
  updated_at: string;
2012
2345
  }
2346
+ namespace IAMCredentialsConfigurationMetadata {
2347
+ namespace Constants {
2348
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
2349
+ enum ConfigType {
2350
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
2351
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
2352
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
2353
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
2354
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
2355
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
2356
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
2357
+ }
2358
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2359
+ enum SecretType {
2360
+ ARBITRARY = "arbitrary",
2361
+ IAM_CREDENTIALS = "iam_credentials",
2362
+ IMPORTED_CERT = "imported_cert",
2363
+ KV = "kv",
2364
+ PRIVATE_CERT = "private_cert",
2365
+ PUBLIC_CERT = "public_cert",
2366
+ SERVICE_CREDENTIALS = "service_credentials",
2367
+ USERNAME_PASSWORD = "username_password"
2368
+ }
2369
+ }
2370
+ }
2013
2371
  /** The configuration update of the IAM Credentials engine. */
2014
2372
  interface IAMCredentialsConfigurationPatch extends ConfigurationPatch {
2015
2373
  /** An IBM Cloud API key that can create and manage service IDs. The API key must be assigned the Editor
@@ -2026,11 +2384,29 @@ declare namespace SecretsManagerV2 {
2026
2384
  * To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
2027
2385
  */
2028
2386
  name: string;
2029
- /** The configuration type. */
2030
- config_type: string;
2387
+ /** The configuration type. Can be one of: iam_credentials_configuration,
2388
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
2389
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
2390
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
2391
+ */
2392
+ config_type: IAMCredentialsConfigurationPrototype.Constants.ConfigType | string;
2031
2393
  /** The API key that is used to set the iam_credentials engine. */
2032
2394
  api_key: string;
2033
2395
  }
2396
+ namespace IAMCredentialsConfigurationPrototype {
2397
+ namespace Constants {
2398
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
2399
+ enum ConfigType {
2400
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
2401
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
2402
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
2403
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
2404
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
2405
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
2406
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
2407
+ }
2408
+ }
2409
+ }
2034
2410
  /** Your IAM credentials secret. */
2035
2411
  interface IAMCredentialsSecret extends Secret {
2036
2412
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -2066,27 +2442,26 @@ declare namespace SecretsManagerV2 {
2066
2442
  name?: string;
2067
2443
  /** A v4 UUID identifier, or `default` secret group. */
2068
2444
  secret_group_id: string;
2069
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2070
- * credentials, key-value, and user credentials.
2445
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2446
+ * service_credentials, kv, and username_password.
2071
2447
  */
2072
- secret_type: string;
2448
+ secret_type: IAMCredentialsSecret.Constants.SecretType | string;
2073
2449
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
2074
2450
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
2075
2451
  */
2076
2452
  state?: number;
2077
2453
  /** A text representation of the secret state. */
2078
- state_description?: string;
2454
+ state_description?: IAMCredentialsSecret.Constants.StateDescription | string;
2079
2455
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
2080
2456
  updated_at: string;
2081
2457
  /** The number of versions of your secret. */
2082
2458
  versions_total: number;
2083
- /** The time-to-live (TTL) or lease duration to assign to credentials that are generated.
2084
- *
2085
- * For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
2086
- * be either an integer that specifies the number of seconds, or the string representation of a duration, such as
2087
- * `120m` or `24h`.
2088
- *
2089
- * The minimum duration is 1 minute. The maximum is 90 days.
2459
+ /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
2460
+ * types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
2461
+ * value can be either an integer that specifies the number of seconds, or the string representation of a
2462
+ * duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
2463
+ * duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
2464
+ * optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
2090
2465
  */
2091
2466
  ttl: string;
2092
2467
  /** Access Groups that you can use for an `iam_credentials` secret.
@@ -2131,11 +2506,35 @@ declare namespace SecretsManagerV2 {
2131
2506
  next_rotation_date?: string;
2132
2507
  /** The API key that is generated for this secret.
2133
2508
  *
2134
- * After the secret reaches the end of its lease (see the `ttl` field), the API key is deleted automatically. If
2135
- * you want to continue to use the same API key for future read operations, see the `reuse_api_key` field.
2509
+ * After the secret reaches the end of its lease, the API key is deleted automatically. See the `time-to-live`
2510
+ * field to understand the duration of the lease. If you want to continue to use the same API key for future read
2511
+ * operations, see the `reuse_api_key` field.
2136
2512
  */
2137
2513
  api_key?: string;
2138
2514
  }
2515
+ namespace IAMCredentialsSecret {
2516
+ namespace Constants {
2517
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2518
+ enum SecretType {
2519
+ ARBITRARY = "arbitrary",
2520
+ IAM_CREDENTIALS = "iam_credentials",
2521
+ IMPORTED_CERT = "imported_cert",
2522
+ KV = "kv",
2523
+ PRIVATE_CERT = "private_cert",
2524
+ PUBLIC_CERT = "public_cert",
2525
+ SERVICE_CREDENTIALS = "service_credentials",
2526
+ USERNAME_PASSWORD = "username_password"
2527
+ }
2528
+ /** A text representation of the secret state. */
2529
+ enum StateDescription {
2530
+ PRE_ACTIVATION = "pre_activation",
2531
+ ACTIVE = "active",
2532
+ SUSPENDED = "suspended",
2533
+ DEACTIVATED = "deactivated",
2534
+ DESTROYED = "destroyed"
2535
+ }
2536
+ }
2537
+ }
2139
2538
  /** Properties of the metadata of your IAM credentials secret. */
2140
2539
  interface IAMCredentialsSecretMetadata extends SecretMetadata {
2141
2540
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -2171,27 +2570,26 @@ declare namespace SecretsManagerV2 {
2171
2570
  name?: string;
2172
2571
  /** A v4 UUID identifier, or `default` secret group. */
2173
2572
  secret_group_id: string;
2174
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2175
- * credentials, key-value, and user credentials.
2573
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2574
+ * service_credentials, kv, and username_password.
2176
2575
  */
2177
- secret_type: string;
2576
+ secret_type: IAMCredentialsSecretMetadata.Constants.SecretType | string;
2178
2577
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
2179
2578
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
2180
2579
  */
2181
2580
  state?: number;
2182
2581
  /** A text representation of the secret state. */
2183
- state_description?: string;
2582
+ state_description?: IAMCredentialsSecretMetadata.Constants.StateDescription | string;
2184
2583
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
2185
2584
  updated_at: string;
2186
2585
  /** The number of versions of your secret. */
2187
2586
  versions_total: number;
2188
- /** The time-to-live (TTL) or lease duration to assign to credentials that are generated.
2189
- *
2190
- * For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
2191
- * be either an integer that specifies the number of seconds, or the string representation of a duration, such as
2192
- * `120m` or `24h`.
2193
- *
2194
- * The minimum duration is 1 minute. The maximum is 90 days.
2587
+ /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
2588
+ * types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
2589
+ * value can be either an integer that specifies the number of seconds, or the string representation of a
2590
+ * duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
2591
+ * duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
2592
+ * optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
2195
2593
  */
2196
2594
  ttl: string;
2197
2595
  /** Access Groups that you can use for an `iam_credentials` secret.
@@ -2235,6 +2633,29 @@ declare namespace SecretsManagerV2 {
2235
2633
  */
2236
2634
  next_rotation_date?: string;
2237
2635
  }
2636
+ namespace IAMCredentialsSecretMetadata {
2637
+ namespace Constants {
2638
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2639
+ enum SecretType {
2640
+ ARBITRARY = "arbitrary",
2641
+ IAM_CREDENTIALS = "iam_credentials",
2642
+ IMPORTED_CERT = "imported_cert",
2643
+ KV = "kv",
2644
+ PRIVATE_CERT = "private_cert",
2645
+ PUBLIC_CERT = "public_cert",
2646
+ SERVICE_CREDENTIALS = "service_credentials",
2647
+ USERNAME_PASSWORD = "username_password"
2648
+ }
2649
+ /** A text representation of the secret state. */
2650
+ enum StateDescription {
2651
+ PRE_ACTIVATION = "pre_activation",
2652
+ ACTIVE = "active",
2653
+ SUSPENDED = "suspended",
2654
+ DEACTIVATED = "deactivated",
2655
+ DESTROYED = "destroyed"
2656
+ }
2657
+ }
2658
+ }
2238
2659
  /** IAMCredentialsSecretMetadataPatch. */
2239
2660
  interface IAMCredentialsSecretMetadataPatch extends SecretMetadataPatch {
2240
2661
  /** A human-readable name to assign to your secret.
@@ -2257,13 +2678,12 @@ declare namespace SecretsManagerV2 {
2257
2678
  labels?: string[];
2258
2679
  /** The secret metadata that a user can customize. */
2259
2680
  custom_metadata?: JsonObject;
2260
- /** The time-to-live (TTL) or lease duration to assign to credentials that are generated.
2261
- *
2262
- * For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
2263
- * be either an integer that specifies the number of seconds, or the string representation of a duration, such as
2264
- * `120m` or `24h`.
2265
- *
2266
- * The minimum duration is 1 minute. The maximum is 90 days.
2681
+ /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
2682
+ * types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
2683
+ * value can be either an integer that specifies the number of seconds, or the string representation of a
2684
+ * duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
2685
+ * duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
2686
+ * optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
2267
2687
  */
2268
2688
  ttl?: string;
2269
2689
  /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
@@ -2273,10 +2693,10 @@ declare namespace SecretsManagerV2 {
2273
2693
  }
2274
2694
  /** IAMCredentialsSecretPrototype. */
2275
2695
  interface IAMCredentialsSecretPrototype extends SecretPrototype {
2276
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2277
- * credentials, key-value, and user credentials.
2696
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2697
+ * service_credentials, kv, and username_password.
2278
2698
  */
2279
- secret_type: string;
2699
+ secret_type: IAMCredentialsSecretPrototype.Constants.SecretType | string;
2280
2700
  /** A human-readable name to assign to your secret.
2281
2701
  *
2282
2702
  * To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -2297,13 +2717,12 @@ declare namespace SecretsManagerV2 {
2297
2717
  * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
2298
2718
  */
2299
2719
  labels?: string[];
2300
- /** The time-to-live (TTL) or lease duration to assign to credentials that are generated.
2301
- *
2302
- * For `iam_credentials` secrets, the TTL defines for how long each generated API key remains valid. The value can
2303
- * be either an integer that specifies the number of seconds, or the string representation of a duration, such as
2304
- * `120m` or `24h`.
2305
- *
2306
- * The minimum duration is 1 minute. The maximum is 90 days.
2720
+ /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
2721
+ * types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
2722
+ * value can be either an integer that specifies the number of seconds, or the string representation of a
2723
+ * duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
2724
+ * duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
2725
+ * optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
2307
2726
  */
2308
2727
  ttl: string;
2309
2728
  /** Access Groups that you can use for an `iam_credentials` secret.
@@ -2337,6 +2756,21 @@ declare namespace SecretsManagerV2 {
2337
2756
  /** The secret version metadata that a user can customize. */
2338
2757
  version_custom_metadata?: JsonObject;
2339
2758
  }
2759
+ namespace IAMCredentialsSecretPrototype {
2760
+ namespace Constants {
2761
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2762
+ enum SecretType {
2763
+ ARBITRARY = "arbitrary",
2764
+ IAM_CREDENTIALS = "iam_credentials",
2765
+ IMPORTED_CERT = "imported_cert",
2766
+ KV = "kv",
2767
+ PRIVATE_CERT = "private_cert",
2768
+ PUBLIC_CERT = "public_cert",
2769
+ SERVICE_CREDENTIALS = "service_credentials",
2770
+ USERNAME_PASSWORD = "username_password"
2771
+ }
2772
+ }
2773
+ }
2340
2774
  /** IAMCredentialsSecretRestoreFromVersionPrototype. */
2341
2775
  interface IAMCredentialsSecretRestoreFromVersionPrototype extends SecretVersionPrototype {
2342
2776
  /** A v4 UUID identifier, or `current` or `previous` secret version aliases. */
@@ -2362,10 +2796,10 @@ declare namespace SecretsManagerV2 {
2362
2796
  id: string;
2363
2797
  /** The human-readable name of your secret. */
2364
2798
  secret_name?: string;
2365
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2366
- * credentials, key-value, and user credentials.
2799
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2800
+ * service_credentials, kv, and username_password.
2367
2801
  */
2368
- secret_type: string;
2802
+ secret_type: IAMCredentialsSecretVersion.Constants.SecretType | string;
2369
2803
  /** A v4 UUID identifier, or `default` secret group. */
2370
2804
  secret_group_id: string;
2371
2805
  /** Indicates whether the secret payload is available in this secret version. */
@@ -2373,7 +2807,7 @@ declare namespace SecretsManagerV2 {
2373
2807
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
2374
2808
  * is used for version `n-1`.
2375
2809
  */
2376
- alias?: string;
2810
+ alias?: IAMCredentialsSecretVersion.Constants.Alias | string;
2377
2811
  /** The secret version metadata that a user can customize. */
2378
2812
  version_custom_metadata?: JsonObject;
2379
2813
  /** A v4 UUID identifier. */
@@ -2392,11 +2826,32 @@ declare namespace SecretsManagerV2 {
2392
2826
  service_id?: string;
2393
2827
  /** The API key that is generated for this secret.
2394
2828
  *
2395
- * After the secret reaches the end of its lease (see the `ttl` field), the API key is deleted automatically. If
2396
- * you want to continue to use the same API key for future read operations, see the `reuse_api_key` field.
2829
+ * After the secret reaches the end of its lease, the API key is deleted automatically. See the `time-to-live`
2830
+ * field to understand the duration of the lease. If you want to continue to use the same API key for future read
2831
+ * operations, see the `reuse_api_key` field.
2397
2832
  */
2398
2833
  api_key?: string;
2399
2834
  }
2835
+ namespace IAMCredentialsSecretVersion {
2836
+ namespace Constants {
2837
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2838
+ enum SecretType {
2839
+ ARBITRARY = "arbitrary",
2840
+ IAM_CREDENTIALS = "iam_credentials",
2841
+ IMPORTED_CERT = "imported_cert",
2842
+ KV = "kv",
2843
+ PRIVATE_CERT = "private_cert",
2844
+ PUBLIC_CERT = "public_cert",
2845
+ SERVICE_CREDENTIALS = "service_credentials",
2846
+ USERNAME_PASSWORD = "username_password"
2847
+ }
2848
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
2849
+ enum Alias {
2850
+ CURRENT = "current",
2851
+ PREVIOUS = "previous"
2852
+ }
2853
+ }
2854
+ }
2400
2855
  /** Properties of the version metadata of your IAM credentials secret. */
2401
2856
  interface IAMCredentialsSecretVersionMetadata extends SecretVersionMetadata {
2402
2857
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2413,10 +2868,10 @@ declare namespace SecretsManagerV2 {
2413
2868
  id: string;
2414
2869
  /** The human-readable name of your secret. */
2415
2870
  secret_name?: string;
2416
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2417
- * credentials, key-value, and user credentials.
2871
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2872
+ * service_credentials, kv, and username_password.
2418
2873
  */
2419
- secret_type: string;
2874
+ secret_type: IAMCredentialsSecretVersionMetadata.Constants.SecretType | string;
2420
2875
  /** A v4 UUID identifier, or `default` secret group. */
2421
2876
  secret_group_id: string;
2422
2877
  /** Indicates whether the secret payload is available in this secret version. */
@@ -2424,7 +2879,7 @@ declare namespace SecretsManagerV2 {
2424
2879
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
2425
2880
  * is used for version `n-1`.
2426
2881
  */
2427
- alias?: string;
2882
+ alias?: IAMCredentialsSecretVersionMetadata.Constants.Alias | string;
2428
2883
  /** The secret version metadata that a user can customize. */
2429
2884
  version_custom_metadata?: JsonObject;
2430
2885
  /** A v4 UUID identifier. */
@@ -2442,6 +2897,26 @@ declare namespace SecretsManagerV2 {
2442
2897
  */
2443
2898
  service_id?: string;
2444
2899
  }
2900
+ namespace IAMCredentialsSecretVersionMetadata {
2901
+ namespace Constants {
2902
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
2903
+ enum SecretType {
2904
+ ARBITRARY = "arbitrary",
2905
+ IAM_CREDENTIALS = "iam_credentials",
2906
+ IMPORTED_CERT = "imported_cert",
2907
+ KV = "kv",
2908
+ PRIVATE_CERT = "private_cert",
2909
+ PUBLIC_CERT = "public_cert",
2910
+ SERVICE_CREDENTIALS = "service_credentials",
2911
+ USERNAME_PASSWORD = "username_password"
2912
+ }
2913
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
2914
+ enum Alias {
2915
+ CURRENT = "current",
2916
+ PREVIOUS = "previous"
2917
+ }
2918
+ }
2919
+ }
2445
2920
  /** IAMCredentialsSecretVersionPrototype. */
2446
2921
  interface IAMCredentialsSecretVersionPrototype extends SecretVersionPrototype {
2447
2922
  /** The secret metadata that a user can customize. */
@@ -2484,16 +2959,16 @@ declare namespace SecretsManagerV2 {
2484
2959
  name?: string;
2485
2960
  /** A v4 UUID identifier, or `default` secret group. */
2486
2961
  secret_group_id: string;
2487
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2488
- * credentials, key-value, and user credentials.
2962
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
2963
+ * service_credentials, kv, and username_password.
2489
2964
  */
2490
- secret_type: string;
2965
+ secret_type: ImportedCertificate.Constants.SecretType | string;
2491
2966
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
2492
2967
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
2493
2968
  */
2494
2969
  state?: number;
2495
2970
  /** A text representation of the secret state. */
2496
- state_description?: string;
2971
+ state_description?: ImportedCertificate.Constants.StateDescription | string;
2497
2972
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
2498
2973
  updated_at: string;
2499
2974
  /** The number of versions of your secret. */
@@ -2537,6 +3012,29 @@ declare namespace SecretsManagerV2 {
2537
3012
  */
2538
3013
  private_key?: string;
2539
3014
  }
3015
+ namespace ImportedCertificate {
3016
+ namespace Constants {
3017
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3018
+ enum SecretType {
3019
+ ARBITRARY = "arbitrary",
3020
+ IAM_CREDENTIALS = "iam_credentials",
3021
+ IMPORTED_CERT = "imported_cert",
3022
+ KV = "kv",
3023
+ PRIVATE_CERT = "private_cert",
3024
+ PUBLIC_CERT = "public_cert",
3025
+ SERVICE_CREDENTIALS = "service_credentials",
3026
+ USERNAME_PASSWORD = "username_password"
3027
+ }
3028
+ /** A text representation of the secret state. */
3029
+ enum StateDescription {
3030
+ PRE_ACTIVATION = "pre_activation",
3031
+ ACTIVE = "active",
3032
+ SUSPENDED = "suspended",
3033
+ DEACTIVATED = "deactivated",
3034
+ DESTROYED = "destroyed"
3035
+ }
3036
+ }
3037
+ }
2540
3038
  /** Properties of the secret metadata of your imported certificate. */
2541
3039
  interface ImportedCertificateMetadata extends SecretMetadata {
2542
3040
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -2572,16 +3070,16 @@ declare namespace SecretsManagerV2 {
2572
3070
  name?: string;
2573
3071
  /** A v4 UUID identifier, or `default` secret group. */
2574
3072
  secret_group_id: string;
2575
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2576
- * credentials, key-value, and user credentials.
3073
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3074
+ * service_credentials, kv, and username_password.
2577
3075
  */
2578
- secret_type: string;
3076
+ secret_type: ImportedCertificateMetadata.Constants.SecretType | string;
2579
3077
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
2580
3078
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
2581
3079
  */
2582
3080
  state?: number;
2583
3081
  /** A text representation of the secret state. */
2584
- state_description?: string;
3082
+ state_description?: ImportedCertificateMetadata.Constants.StateDescription | string;
2585
3083
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
2586
3084
  updated_at: string;
2587
3085
  /** The number of versions of your secret. */
@@ -2615,6 +3113,29 @@ declare namespace SecretsManagerV2 {
2615
3113
  /** The date and time that the certificate validity period begins and ends. */
2616
3114
  validity: CertificateValidity;
2617
3115
  }
3116
+ namespace ImportedCertificateMetadata {
3117
+ namespace Constants {
3118
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3119
+ enum SecretType {
3120
+ ARBITRARY = "arbitrary",
3121
+ IAM_CREDENTIALS = "iam_credentials",
3122
+ IMPORTED_CERT = "imported_cert",
3123
+ KV = "kv",
3124
+ PRIVATE_CERT = "private_cert",
3125
+ PUBLIC_CERT = "public_cert",
3126
+ SERVICE_CREDENTIALS = "service_credentials",
3127
+ USERNAME_PASSWORD = "username_password"
3128
+ }
3129
+ /** A text representation of the secret state. */
3130
+ enum StateDescription {
3131
+ PRE_ACTIVATION = "pre_activation",
3132
+ ACTIVE = "active",
3133
+ SUSPENDED = "suspended",
3134
+ DEACTIVATED = "deactivated",
3135
+ DESTROYED = "destroyed"
3136
+ }
3137
+ }
3138
+ }
2618
3139
  /** ImportedCertificateMetadataPatch. */
2619
3140
  interface ImportedCertificateMetadataPatch extends SecretMetadataPatch {
2620
3141
  /** A human-readable name to assign to your secret.
@@ -2640,10 +3161,10 @@ declare namespace SecretsManagerV2 {
2640
3161
  }
2641
3162
  /** ImportedCertificatePrototype. */
2642
3163
  interface ImportedCertificatePrototype extends SecretPrototype {
2643
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2644
- * credentials, key-value, and user credentials.
3164
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3165
+ * service_credentials, kv, and username_password.
2645
3166
  */
2646
- secret_type: string;
3167
+ secret_type: ImportedCertificatePrototype.Constants.SecretType | string;
2647
3168
  /** A human-readable name to assign to your secret.
2648
3169
  *
2649
3170
  * To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -2679,6 +3200,21 @@ declare namespace SecretsManagerV2 {
2679
3200
  /** The secret version metadata that a user can customize. */
2680
3201
  version_custom_metadata?: JsonObject;
2681
3202
  }
3203
+ namespace ImportedCertificatePrototype {
3204
+ namespace Constants {
3205
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3206
+ enum SecretType {
3207
+ ARBITRARY = "arbitrary",
3208
+ IAM_CREDENTIALS = "iam_credentials",
3209
+ IMPORTED_CERT = "imported_cert",
3210
+ KV = "kv",
3211
+ PRIVATE_CERT = "private_cert",
3212
+ PUBLIC_CERT = "public_cert",
3213
+ SERVICE_CREDENTIALS = "service_credentials",
3214
+ USERNAME_PASSWORD = "username_password"
3215
+ }
3216
+ }
3217
+ }
2682
3218
  /** Versions of your imported certificate. */
2683
3219
  interface ImportedCertificateVersion extends SecretVersion {
2684
3220
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2695,10 +3231,10 @@ declare namespace SecretsManagerV2 {
2695
3231
  id: string;
2696
3232
  /** The human-readable name of your secret. */
2697
3233
  secret_name?: string;
2698
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2699
- * credentials, key-value, and user credentials.
3234
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3235
+ * service_credentials, kv, and username_password.
2700
3236
  */
2701
- secret_type: string;
3237
+ secret_type: ImportedCertificateVersion.Constants.SecretType | string;
2702
3238
  /** A v4 UUID identifier, or `default` secret group. */
2703
3239
  secret_group_id: string;
2704
3240
  /** Indicates whether the secret payload is available in this secret version. */
@@ -2706,7 +3242,7 @@ declare namespace SecretsManagerV2 {
2706
3242
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
2707
3243
  * is used for version `n-1`.
2708
3244
  */
2709
- alias?: string;
3245
+ alias?: ImportedCertificateVersion.Constants.Alias | string;
2710
3246
  /** The secret version metadata that a user can customize. */
2711
3247
  version_custom_metadata?: JsonObject;
2712
3248
  /** A v4 UUID identifier. */
@@ -2730,6 +3266,26 @@ declare namespace SecretsManagerV2 {
2730
3266
  */
2731
3267
  private_key?: string;
2732
3268
  }
3269
+ namespace ImportedCertificateVersion {
3270
+ namespace Constants {
3271
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3272
+ enum SecretType {
3273
+ ARBITRARY = "arbitrary",
3274
+ IAM_CREDENTIALS = "iam_credentials",
3275
+ IMPORTED_CERT = "imported_cert",
3276
+ KV = "kv",
3277
+ PRIVATE_CERT = "private_cert",
3278
+ PUBLIC_CERT = "public_cert",
3279
+ SERVICE_CREDENTIALS = "service_credentials",
3280
+ USERNAME_PASSWORD = "username_password"
3281
+ }
3282
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
3283
+ enum Alias {
3284
+ CURRENT = "current",
3285
+ PREVIOUS = "previous"
3286
+ }
3287
+ }
3288
+ }
2733
3289
  /** Properties of the version metadata of your imported certificate. */
2734
3290
  interface ImportedCertificateVersionMetadata extends SecretVersionMetadata {
2735
3291
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2746,10 +3302,10 @@ declare namespace SecretsManagerV2 {
2746
3302
  id: string;
2747
3303
  /** The human-readable name of your secret. */
2748
3304
  secret_name?: string;
2749
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2750
- * credentials, key-value, and user credentials.
3305
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3306
+ * service_credentials, kv, and username_password.
2751
3307
  */
2752
- secret_type: string;
3308
+ secret_type: ImportedCertificateVersionMetadata.Constants.SecretType | string;
2753
3309
  /** A v4 UUID identifier, or `default` secret group. */
2754
3310
  secret_group_id: string;
2755
3311
  /** Indicates whether the secret payload is available in this secret version. */
@@ -2757,7 +3313,7 @@ declare namespace SecretsManagerV2 {
2757
3313
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
2758
3314
  * is used for version `n-1`.
2759
3315
  */
2760
- alias?: string;
3316
+ alias?: ImportedCertificateVersionMetadata.Constants.Alias | string;
2761
3317
  /** The secret version metadata that a user can customize. */
2762
3318
  version_custom_metadata?: JsonObject;
2763
3319
  /** A v4 UUID identifier. */
@@ -2771,6 +3327,26 @@ declare namespace SecretsManagerV2 {
2771
3327
  /** The date and time that the certificate validity period begins and ends. */
2772
3328
  validity: CertificateValidity;
2773
3329
  }
3330
+ namespace ImportedCertificateVersionMetadata {
3331
+ namespace Constants {
3332
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3333
+ enum SecretType {
3334
+ ARBITRARY = "arbitrary",
3335
+ IAM_CREDENTIALS = "iam_credentials",
3336
+ IMPORTED_CERT = "imported_cert",
3337
+ KV = "kv",
3338
+ PRIVATE_CERT = "private_cert",
3339
+ PUBLIC_CERT = "public_cert",
3340
+ SERVICE_CREDENTIALS = "service_credentials",
3341
+ USERNAME_PASSWORD = "username_password"
3342
+ }
3343
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
3344
+ enum Alias {
3345
+ CURRENT = "current",
3346
+ PREVIOUS = "previous"
3347
+ }
3348
+ }
3349
+ }
2774
3350
  /** ImportedCertificateVersionPrototype. */
2775
3351
  interface ImportedCertificateVersionPrototype extends SecretVersionPrototype {
2776
3352
  /** Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters. */
@@ -2823,16 +3399,16 @@ declare namespace SecretsManagerV2 {
2823
3399
  name?: string;
2824
3400
  /** A v4 UUID identifier, or `default` secret group. */
2825
3401
  secret_group_id: string;
2826
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2827
- * credentials, key-value, and user credentials.
3402
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3403
+ * service_credentials, kv, and username_password.
2828
3404
  */
2829
- secret_type: string;
3405
+ secret_type: KVSecret.Constants.SecretType | string;
2830
3406
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
2831
3407
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
2832
3408
  */
2833
3409
  state?: number;
2834
3410
  /** A text representation of the secret state. */
2835
- state_description?: string;
3411
+ state_description?: KVSecret.Constants.StateDescription | string;
2836
3412
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
2837
3413
  updated_at: string;
2838
3414
  /** The number of versions of your secret. */
@@ -2840,6 +3416,29 @@ declare namespace SecretsManagerV2 {
2840
3416
  /** The payload data of a key-value secret. */
2841
3417
  data: JsonObject;
2842
3418
  }
3419
+ namespace KVSecret {
3420
+ namespace Constants {
3421
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3422
+ enum SecretType {
3423
+ ARBITRARY = "arbitrary",
3424
+ IAM_CREDENTIALS = "iam_credentials",
3425
+ IMPORTED_CERT = "imported_cert",
3426
+ KV = "kv",
3427
+ PRIVATE_CERT = "private_cert",
3428
+ PUBLIC_CERT = "public_cert",
3429
+ SERVICE_CREDENTIALS = "service_credentials",
3430
+ USERNAME_PASSWORD = "username_password"
3431
+ }
3432
+ /** A text representation of the secret state. */
3433
+ enum StateDescription {
3434
+ PRE_ACTIVATION = "pre_activation",
3435
+ ACTIVE = "active",
3436
+ SUSPENDED = "suspended",
3437
+ DEACTIVATED = "deactivated",
3438
+ DESTROYED = "destroyed"
3439
+ }
3440
+ }
3441
+ }
2843
3442
  /** Properties of the metadata of your key-value secret metadata. */
2844
3443
  interface KVSecretMetadata extends SecretMetadata {
2845
3444
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -2875,21 +3474,44 @@ declare namespace SecretsManagerV2 {
2875
3474
  name?: string;
2876
3475
  /** A v4 UUID identifier, or `default` secret group. */
2877
3476
  secret_group_id: string;
2878
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2879
- * credentials, key-value, and user credentials.
3477
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3478
+ * service_credentials, kv, and username_password.
2880
3479
  */
2881
- secret_type: string;
3480
+ secret_type: KVSecretMetadata.Constants.SecretType | string;
2882
3481
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
2883
3482
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
2884
3483
  */
2885
3484
  state?: number;
2886
3485
  /** A text representation of the secret state. */
2887
- state_description?: string;
3486
+ state_description?: KVSecretMetadata.Constants.StateDescription | string;
2888
3487
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
2889
3488
  updated_at: string;
2890
3489
  /** The number of versions of your secret. */
2891
3490
  versions_total: number;
2892
3491
  }
3492
+ namespace KVSecretMetadata {
3493
+ namespace Constants {
3494
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3495
+ enum SecretType {
3496
+ ARBITRARY = "arbitrary",
3497
+ IAM_CREDENTIALS = "iam_credentials",
3498
+ IMPORTED_CERT = "imported_cert",
3499
+ KV = "kv",
3500
+ PRIVATE_CERT = "private_cert",
3501
+ PUBLIC_CERT = "public_cert",
3502
+ SERVICE_CREDENTIALS = "service_credentials",
3503
+ USERNAME_PASSWORD = "username_password"
3504
+ }
3505
+ /** A text representation of the secret state. */
3506
+ enum StateDescription {
3507
+ PRE_ACTIVATION = "pre_activation",
3508
+ ACTIVE = "active",
3509
+ SUSPENDED = "suspended",
3510
+ DEACTIVATED = "deactivated",
3511
+ DESTROYED = "destroyed"
3512
+ }
3513
+ }
3514
+ }
2893
3515
  /** KVSecretMetadataPatch. */
2894
3516
  interface KVSecretMetadataPatch extends SecretMetadataPatch {
2895
3517
  /** A human-readable name to assign to your secret.
@@ -2915,10 +3537,10 @@ declare namespace SecretsManagerV2 {
2915
3537
  }
2916
3538
  /** KVSecretPrototype. */
2917
3539
  interface KVSecretPrototype extends SecretPrototype {
2918
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2919
- * credentials, key-value, and user credentials.
3540
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3541
+ * service_credentials, kv, and username_password.
2920
3542
  */
2921
- secret_type: string;
3543
+ secret_type: KVSecretPrototype.Constants.SecretType | string;
2922
3544
  /** A human-readable name to assign to your secret.
2923
3545
  *
2924
3546
  * To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -2946,6 +3568,21 @@ declare namespace SecretsManagerV2 {
2946
3568
  /** The secret version metadata that a user can customize. */
2947
3569
  version_custom_metadata?: JsonObject;
2948
3570
  }
3571
+ namespace KVSecretPrototype {
3572
+ namespace Constants {
3573
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3574
+ enum SecretType {
3575
+ ARBITRARY = "arbitrary",
3576
+ IAM_CREDENTIALS = "iam_credentials",
3577
+ IMPORTED_CERT = "imported_cert",
3578
+ KV = "kv",
3579
+ PRIVATE_CERT = "private_cert",
3580
+ PUBLIC_CERT = "public_cert",
3581
+ SERVICE_CREDENTIALS = "service_credentials",
3582
+ USERNAME_PASSWORD = "username_password"
3583
+ }
3584
+ }
3585
+ }
2949
3586
  /** Your key-value secret version. */
2950
3587
  interface KVSecretVersion extends SecretVersion {
2951
3588
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2962,10 +3599,10 @@ declare namespace SecretsManagerV2 {
2962
3599
  id: string;
2963
3600
  /** The human-readable name of your secret. */
2964
3601
  secret_name?: string;
2965
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
2966
- * credentials, key-value, and user credentials.
3602
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3603
+ * service_credentials, kv, and username_password.
2967
3604
  */
2968
- secret_type: string;
3605
+ secret_type: KVSecretVersion.Constants.SecretType | string;
2969
3606
  /** A v4 UUID identifier, or `default` secret group. */
2970
3607
  secret_group_id: string;
2971
3608
  /** Indicates whether the secret payload is available in this secret version. */
@@ -2973,7 +3610,7 @@ declare namespace SecretsManagerV2 {
2973
3610
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
2974
3611
  * is used for version `n-1`.
2975
3612
  */
2976
- alias?: string;
3613
+ alias?: KVSecretVersion.Constants.Alias | string;
2977
3614
  /** The secret version metadata that a user can customize. */
2978
3615
  version_custom_metadata?: JsonObject;
2979
3616
  /** A v4 UUID identifier. */
@@ -2981,6 +3618,26 @@ declare namespace SecretsManagerV2 {
2981
3618
  /** The payload data of a key-value secret. */
2982
3619
  data: JsonObject;
2983
3620
  }
3621
+ namespace KVSecretVersion {
3622
+ namespace Constants {
3623
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3624
+ enum SecretType {
3625
+ ARBITRARY = "arbitrary",
3626
+ IAM_CREDENTIALS = "iam_credentials",
3627
+ IMPORTED_CERT = "imported_cert",
3628
+ KV = "kv",
3629
+ PRIVATE_CERT = "private_cert",
3630
+ PUBLIC_CERT = "public_cert",
3631
+ SERVICE_CREDENTIALS = "service_credentials",
3632
+ USERNAME_PASSWORD = "username_password"
3633
+ }
3634
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
3635
+ enum Alias {
3636
+ CURRENT = "current",
3637
+ PREVIOUS = "previous"
3638
+ }
3639
+ }
3640
+ }
2984
3641
  /** Properties of the version metadata of your key-value secret. */
2985
3642
  interface KVSecretVersionMetadata extends SecretVersionMetadata {
2986
3643
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -2997,10 +3654,10 @@ declare namespace SecretsManagerV2 {
2997
3654
  id: string;
2998
3655
  /** The human-readable name of your secret. */
2999
3656
  secret_name?: string;
3000
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
3001
- * credentials, key-value, and user credentials.
3657
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3658
+ * service_credentials, kv, and username_password.
3002
3659
  */
3003
- secret_type: string;
3660
+ secret_type: KVSecretVersionMetadata.Constants.SecretType | string;
3004
3661
  /** A v4 UUID identifier, or `default` secret group. */
3005
3662
  secret_group_id: string;
3006
3663
  /** Indicates whether the secret payload is available in this secret version. */
@@ -3008,12 +3665,32 @@ declare namespace SecretsManagerV2 {
3008
3665
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
3009
3666
  * is used for version `n-1`.
3010
3667
  */
3011
- alias?: string;
3668
+ alias?: KVSecretVersionMetadata.Constants.Alias | string;
3012
3669
  /** The secret version metadata that a user can customize. */
3013
3670
  version_custom_metadata?: JsonObject;
3014
3671
  /** A v4 UUID identifier. */
3015
3672
  secret_id: string;
3016
3673
  }
3674
+ namespace KVSecretVersionMetadata {
3675
+ namespace Constants {
3676
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3677
+ enum SecretType {
3678
+ ARBITRARY = "arbitrary",
3679
+ IAM_CREDENTIALS = "iam_credentials",
3680
+ IMPORTED_CERT = "imported_cert",
3681
+ KV = "kv",
3682
+ PRIVATE_CERT = "private_cert",
3683
+ PUBLIC_CERT = "public_cert",
3684
+ SERVICE_CREDENTIALS = "service_credentials",
3685
+ USERNAME_PASSWORD = "username_password"
3686
+ }
3687
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
3688
+ enum Alias {
3689
+ CURRENT = "current",
3690
+ PREVIOUS = "previous"
3691
+ }
3692
+ }
3693
+ }
3017
3694
  /** KVSecretVersionPrototype. */
3018
3695
  interface KVSecretVersionPrototype extends SecretVersionPrototype {
3019
3696
  /** The payload data of a key-value secret. */
@@ -3058,16 +3735,16 @@ declare namespace SecretsManagerV2 {
3058
3735
  name?: string;
3059
3736
  /** A v4 UUID identifier, or `default` secret group. */
3060
3737
  secret_group_id: string;
3061
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
3062
- * credentials, key-value, and user credentials.
3738
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
3739
+ * service_credentials, kv, and username_password.
3063
3740
  */
3064
- secret_type: string;
3741
+ secret_type: PrivateCertificate.Constants.SecretType | string;
3065
3742
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
3066
3743
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
3067
3744
  */
3068
3745
  state?: number;
3069
3746
  /** A text representation of the secret state. */
3070
- state_description?: string;
3747
+ state_description?: PrivateCertificate.Constants.StateDescription | string;
3071
3748
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
3072
3749
  updated_at: string;
3073
3750
  /** The number of versions of your secret. */
@@ -3125,58 +3802,171 @@ declare namespace SecretsManagerV2 {
3125
3802
  /** The chain of certificate authorities that are associated with the certificate. */
3126
3803
  ca_chain?: string[];
3127
3804
  }
3805
+ namespace PrivateCertificate {
3806
+ namespace Constants {
3807
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
3808
+ enum SecretType {
3809
+ ARBITRARY = "arbitrary",
3810
+ IAM_CREDENTIALS = "iam_credentials",
3811
+ IMPORTED_CERT = "imported_cert",
3812
+ KV = "kv",
3813
+ PRIVATE_CERT = "private_cert",
3814
+ PUBLIC_CERT = "public_cert",
3815
+ SERVICE_CREDENTIALS = "service_credentials",
3816
+ USERNAME_PASSWORD = "username_password"
3817
+ }
3818
+ /** A text representation of the secret state. */
3819
+ enum StateDescription {
3820
+ PRE_ACTIVATION = "pre_activation",
3821
+ ACTIVE = "active",
3822
+ SUSPENDED = "suspended",
3823
+ DEACTIVATED = "deactivated",
3824
+ DESTROYED = "destroyed"
3825
+ }
3826
+ }
3827
+ }
3128
3828
  /** The response body of the action to revoke the private certificate. */
3129
3829
  interface PrivateCertificateActionRevoke extends SecretAction {
3130
3830
  /** The type of secret action. */
3131
- action_type: string;
3831
+ action_type: PrivateCertificateActionRevoke.Constants.ActionType | string;
3132
3832
  /** The timestamp of the certificate revocation. */
3133
3833
  revocation_time_seconds?: number;
3134
3834
  }
3835
+ namespace PrivateCertificateActionRevoke {
3836
+ namespace Constants {
3837
+ /** The type of secret action. */
3838
+ enum ActionType {
3839
+ PUBLIC_CERT_ACTION_VALIDATE_DNS_CHALLENGE = "public_cert_action_validate_dns_challenge",
3840
+ PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
3841
+ }
3842
+ }
3843
+ }
3135
3844
  /** The request body to specify the properties of the action to revoke the private certificate. */
3136
3845
  interface PrivateCertificateActionRevokePrototype extends SecretActionPrototype {
3137
3846
  /** The type of secret action. */
3138
- action_type: string;
3847
+ action_type: PrivateCertificateActionRevokePrototype.Constants.ActionType | string;
3848
+ }
3849
+ namespace PrivateCertificateActionRevokePrototype {
3850
+ namespace Constants {
3851
+ /** The type of secret action. */
3852
+ enum ActionType {
3853
+ PUBLIC_CERT_ACTION_VALIDATE_DNS_CHALLENGE = "public_cert_action_validate_dns_challenge",
3854
+ PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
3855
+ }
3856
+ }
3139
3857
  }
3140
3858
  /** The response body to specify the properties of the action to revoke the private certificate. */
3141
3859
  interface PrivateCertificateConfigurationActionRevoke extends ConfigurationAction {
3142
3860
  /** The type of configuration action. */
3143
- action_type: string;
3861
+ action_type: PrivateCertificateConfigurationActionRevoke.Constants.ActionType | string;
3144
3862
  /** The timestamp of the certificate revocation. */
3145
3863
  revocation_time_seconds?: number;
3146
3864
  }
3865
+ namespace PrivateCertificateConfigurationActionRevoke {
3866
+ namespace Constants {
3867
+ /** The type of configuration action. */
3868
+ enum ActionType {
3869
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
3870
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
3871
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
3872
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
3873
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
3874
+ }
3875
+ }
3876
+ }
3147
3877
  /** The request body to specify the properties of the action to revoke the private certificate configuration. */
3148
3878
  interface PrivateCertificateConfigurationActionRevokePrototype extends ConfigurationActionPrototype {
3149
3879
  /** The type of configuration action. */
3150
- action_type: string;
3880
+ action_type: PrivateCertificateConfigurationActionRevokePrototype.Constants.ActionType | string;
3881
+ }
3882
+ namespace PrivateCertificateConfigurationActionRevokePrototype {
3883
+ namespace Constants {
3884
+ /** The type of configuration action. */
3885
+ enum ActionType {
3886
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
3887
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
3888
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
3889
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
3890
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
3891
+ }
3892
+ }
3151
3893
  }
3152
3894
  /** The response body of the action to rotate the CRL of an intermediate certificate authority for the private certificate configuration. */
3153
3895
  interface PrivateCertificateConfigurationActionRotateCRL extends ConfigurationAction {
3154
3896
  /** The type of configuration action. */
3155
- action_type: string;
3897
+ action_type: PrivateCertificateConfigurationActionRotateCRL.Constants.ActionType | string;
3156
3898
  /** This field indicates whether the request to rotate the CRL for the private certificate configuration was
3157
3899
  * successful.
3158
3900
  */
3159
3901
  success: boolean;
3160
3902
  }
3903
+ namespace PrivateCertificateConfigurationActionRotateCRL {
3904
+ namespace Constants {
3905
+ /** The type of configuration action. */
3906
+ enum ActionType {
3907
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
3908
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
3909
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
3910
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
3911
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
3912
+ }
3913
+ }
3914
+ }
3161
3915
  /** The request body of the action to rotate the CRL of an intermediate certificate authority for the private certificate configuration. */
3162
3916
  interface PrivateCertificateConfigurationActionRotateCRLPrototype extends ConfigurationActionPrototype {
3163
3917
  /** The type of configuration action. */
3164
- action_type: string;
3918
+ action_type: PrivateCertificateConfigurationActionRotateCRLPrototype.Constants.ActionType | string;
3919
+ }
3920
+ namespace PrivateCertificateConfigurationActionRotateCRLPrototype {
3921
+ namespace Constants {
3922
+ /** The type of configuration action. */
3923
+ enum ActionType {
3924
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
3925
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
3926
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
3927
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
3928
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
3929
+ }
3930
+ }
3165
3931
  }
3166
3932
  /** The response body of the action to set a signed intermediate certificate authority for the private certificate configuration. */
3167
3933
  interface PrivateCertificateConfigurationActionSetSigned extends ConfigurationAction {
3168
3934
  /** The type of configuration action. */
3169
- action_type: string;
3935
+ action_type: PrivateCertificateConfigurationActionSetSigned.Constants.ActionType | string;
3170
3936
  /** Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters. */
3171
3937
  certificate: string;
3172
3938
  }
3939
+ namespace PrivateCertificateConfigurationActionSetSigned {
3940
+ namespace Constants {
3941
+ /** The type of configuration action. */
3942
+ enum ActionType {
3943
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
3944
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
3945
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
3946
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
3947
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
3948
+ }
3949
+ }
3950
+ }
3173
3951
  /** The request body of the action to set a signed intermediate certificate authority for the private certificate consideration. */
3174
3952
  interface PrivateCertificateConfigurationActionSetSignedPrototype extends ConfigurationActionPrototype {
3175
3953
  /** The type of configuration action. */
3176
- action_type: string;
3954
+ action_type: PrivateCertificateConfigurationActionSetSignedPrototype.Constants.ActionType | string;
3177
3955
  /** Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters. */
3178
3956
  certificate: string;
3179
3957
  }
3958
+ namespace PrivateCertificateConfigurationActionSetSignedPrototype {
3959
+ namespace Constants {
3960
+ /** The type of configuration action. */
3961
+ enum ActionType {
3962
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
3963
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
3964
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
3965
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
3966
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
3967
+ }
3968
+ }
3969
+ }
3180
3970
  /** The response body of the action to sign the CSR for the private certificate configuration. */
3181
3971
  interface PrivateCertificateConfigurationActionSignCSR extends ConfigurationAction {
3182
3972
  /** The Common Name (CN) represents the server name that is protected by the SSL certificate. */
@@ -3204,7 +3994,7 @@ declare namespace SecretsManagerV2 {
3204
3994
  */
3205
3995
  ttl?: string;
3206
3996
  /** The format of the returned data. */
3207
- format?: string;
3997
+ format?: PrivateCertificateConfigurationActionSignCSR.Constants.Format | string;
3208
3998
  /** The maximum path length to encode in the generated certificate. `-1` means no limit.
3209
3999
  *
3210
4000
  * If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3255,12 +4045,29 @@ declare namespace SecretsManagerV2 {
3255
4045
  */
3256
4046
  serial_number?: string;
3257
4047
  /** The type of configuration action. */
3258
- action_type: string;
4048
+ action_type: PrivateCertificateConfigurationActionSignCSR.Constants.ActionType | string;
3259
4049
  /** The certificate signing request. */
3260
4050
  csr: string;
3261
4051
  /** The data that is associated with the root certificate authority. */
3262
4052
  data?: PrivateCertificateConfigurationCACertificate;
3263
4053
  }
4054
+ namespace PrivateCertificateConfigurationActionSignCSR {
4055
+ namespace Constants {
4056
+ /** The format of the returned data. */
4057
+ enum Format {
4058
+ PEM = "pem",
4059
+ PEM_BUNDLE = "pem_bundle"
4060
+ }
4061
+ /** The type of configuration action. */
4062
+ enum ActionType {
4063
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
4064
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
4065
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
4066
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
4067
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
4068
+ }
4069
+ }
4070
+ }
3264
4071
  /** The request body to specify the properties of the action to sign a CSR for the private certificate configuration. */
3265
4072
  interface PrivateCertificateConfigurationActionSignCSRPrototype extends ConfigurationActionPrototype {
3266
4073
  /** The Common Name (CN) represents the server name that is protected by the SSL certificate. */
@@ -3288,7 +4095,7 @@ declare namespace SecretsManagerV2 {
3288
4095
  */
3289
4096
  ttl?: string;
3290
4097
  /** The format of the returned data. */
3291
- format?: string;
4098
+ format?: PrivateCertificateConfigurationActionSignCSRPrototype.Constants.Format | string;
3292
4099
  /** The maximum path length to encode in the generated certificate. `-1` means no limit.
3293
4100
  *
3294
4101
  * If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3339,10 +4146,27 @@ declare namespace SecretsManagerV2 {
3339
4146
  */
3340
4147
  serial_number?: string;
3341
4148
  /** The type of configuration action. */
3342
- action_type: string;
4149
+ action_type: PrivateCertificateConfigurationActionSignCSRPrototype.Constants.ActionType | string;
3343
4150
  /** The certificate signing request. */
3344
4151
  csr: string;
3345
4152
  }
4153
+ namespace PrivateCertificateConfigurationActionSignCSRPrototype {
4154
+ namespace Constants {
4155
+ /** The format of the returned data. */
4156
+ enum Format {
4157
+ PEM = "pem",
4158
+ PEM_BUNDLE = "pem_bundle"
4159
+ }
4160
+ /** The type of configuration action. */
4161
+ enum ActionType {
4162
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
4163
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
4164
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
4165
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
4166
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
4167
+ }
4168
+ }
4169
+ }
3346
4170
  /** The response body of the action to sign the intermediate certificate authority for the private certificate configuration. */
3347
4171
  interface PrivateCertificateConfigurationActionSignIntermediate extends ConfigurationAction {
3348
4172
  /** The Common Name (CN) represents the server name that is protected by the SSL certificate. */
@@ -3370,7 +4194,7 @@ declare namespace SecretsManagerV2 {
3370
4194
  */
3371
4195
  ttl?: string;
3372
4196
  /** The format of the returned data. */
3373
- format?: string;
4197
+ format?: PrivateCertificateConfigurationActionSignIntermediate.Constants.Format | string;
3374
4198
  /** The maximum path length to encode in the generated certificate. `-1` means no limit.
3375
4199
  *
3376
4200
  * If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3421,10 +4245,27 @@ declare namespace SecretsManagerV2 {
3421
4245
  */
3422
4246
  serial_number?: string;
3423
4247
  /** The type of configuration action. */
3424
- action_type: string;
3425
- /** The unique name of your configuration. */
4248
+ action_type: PrivateCertificateConfigurationActionSignIntermediate.Constants.ActionType | string;
4249
+ /** The name of the intermediate certificate authority configuration. */
3426
4250
  intermediate_certificate_authority: string;
3427
4251
  }
4252
+ namespace PrivateCertificateConfigurationActionSignIntermediate {
4253
+ namespace Constants {
4254
+ /** The format of the returned data. */
4255
+ enum Format {
4256
+ PEM = "pem",
4257
+ PEM_BUNDLE = "pem_bundle"
4258
+ }
4259
+ /** The type of configuration action. */
4260
+ enum ActionType {
4261
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
4262
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
4263
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
4264
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
4265
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
4266
+ }
4267
+ }
4268
+ }
3428
4269
  /** The request body to specify the properties of the action to sign an intermediate certificate authority for the private certificate configuration. */
3429
4270
  interface PrivateCertificateConfigurationActionSignIntermediatePrototype extends ConfigurationActionPrototype {
3430
4271
  /** The Common Name (CN) represents the server name that is protected by the SSL certificate. */
@@ -3452,7 +4293,7 @@ declare namespace SecretsManagerV2 {
3452
4293
  */
3453
4294
  ttl?: string;
3454
4295
  /** The format of the returned data. */
3455
- format?: string;
4296
+ format?: PrivateCertificateConfigurationActionSignIntermediatePrototype.Constants.Format | string;
3456
4297
  /** The maximum path length to encode in the generated certificate. `-1` means no limit.
3457
4298
  *
3458
4299
  * If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3503,10 +4344,27 @@ declare namespace SecretsManagerV2 {
3503
4344
  */
3504
4345
  serial_number?: string;
3505
4346
  /** The type of configuration action. */
3506
- action_type: string;
3507
- /** The unique name of your configuration. */
4347
+ action_type: PrivateCertificateConfigurationActionSignIntermediatePrototype.Constants.ActionType | string;
4348
+ /** The name of the intermediate certificate authority configuration. */
3508
4349
  intermediate_certificate_authority: string;
3509
4350
  }
4351
+ namespace PrivateCertificateConfigurationActionSignIntermediatePrototype {
4352
+ namespace Constants {
4353
+ /** The format of the returned data. */
4354
+ enum Format {
4355
+ PEM = "pem",
4356
+ PEM_BUNDLE = "pem_bundle"
4357
+ }
4358
+ /** The type of configuration action. */
4359
+ enum ActionType {
4360
+ PRIVATE_CERT_CONFIGURATION_ACTION_ROTATE_CRL = "private_cert_configuration_action_rotate_crl",
4361
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_INTERMEDIATE = "private_cert_configuration_action_sign_intermediate",
4362
+ PRIVATE_CERT_CONFIGURATION_ACTION_SIGN_CSR = "private_cert_configuration_action_sign_csr",
4363
+ PRIVATE_CERT_CONFIGURATION_ACTION_SET_SIGNED = "private_cert_configuration_action_set_signed",
4364
+ PRIVATE_CERT_CONFIGURATION_ACTION_REVOKE_CA_CERTIFICATE = "private_cert_configuration_action_revoke_ca_certificate"
4365
+ }
4366
+ }
4367
+ }
3510
4368
  /** The data that is associated with the root certificate authority. */
3511
4369
  interface PrivateCertificateConfigurationCACertificate extends PrivateCertificateCAData {
3512
4370
  /** Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters. */
@@ -3520,14 +4378,18 @@ declare namespace SecretsManagerV2 {
3520
4378
  }
3521
4379
  /** The configuration of the root certificate authority. */
3522
4380
  interface PrivateCertificateConfigurationIntermediateCA extends Configuration {
3523
- /** The configuration type. */
3524
- config_type: string;
4381
+ /** The configuration type. Can be one of: iam_credentials_configuration,
4382
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
4383
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
4384
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
4385
+ */
4386
+ config_type: PrivateCertificateConfigurationIntermediateCA.Constants.ConfigType | string;
3525
4387
  /** The unique name of your configuration. */
3526
4388
  name: string;
3527
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
3528
- * credentials, key-value, and user credentials.
4389
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
4390
+ * service_credentials, kv, and username_password.
3529
4391
  */
3530
- secret_type: string;
4392
+ secret_type: PrivateCertificateConfigurationIntermediateCA.Constants.SecretType | string;
3531
4393
  /** The unique identifier that is associated with the entity that created the secret. */
3532
4394
  created_by: string;
3533
4395
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -3547,7 +4409,7 @@ declare namespace SecretsManagerV2 {
3547
4409
  /** The distinguished name that identifies the entity that signed and issued the certificate. */
3548
4410
  issuer?: string;
3549
4411
  /** The type of private key to generate. */
3550
- key_type?: string;
4412
+ key_type?: PrivateCertificateConfigurationIntermediateCA.Constants.KeyType | string;
3551
4413
  /** The number of bits to use to generate the private key.
3552
4414
  *
3553
4415
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3559,12 +4421,12 @@ declare namespace SecretsManagerV2 {
3559
4421
  * You can choose between internal or externally signed options. For more information, see the
3560
4422
  * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities).
3561
4423
  */
3562
- signing_method: string;
4424
+ signing_method: PrivateCertificateConfigurationIntermediateCA.Constants.SigningMethod | string;
3563
4425
  /** The status of the certificate authority. The status of a root certificate authority is either `configured`
3564
4426
  * or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,
3565
4427
  * `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.
3566
4428
  */
3567
- status?: string;
4429
+ status?: PrivateCertificateConfigurationIntermediateCA.Constants.Status | string;
3568
4430
  /** The maximum time-to-live (TTL) for certificates that are created by this CA in seconds. */
3569
4431
  max_ttl_seconds?: number;
3570
4432
  /** The time until the certificate revocation list (CRL) expires, in seconds. */
@@ -3596,9 +4458,9 @@ declare namespace SecretsManagerV2 {
3596
4458
  */
3597
4459
  other_sans?: string[];
3598
4460
  /** The format of the returned data. */
3599
- format?: string;
4461
+ format?: PrivateCertificateConfigurationIntermediateCA.Constants.Format | string;
3600
4462
  /** The format of the generated private key. */
3601
- private_key_format?: string;
4463
+ private_key_format?: PrivateCertificateConfigurationIntermediateCA.Constants.PrivateKeyFormat | string;
3602
4464
  /** This parameter controls whether the common name is excluded from Subject Alternative Names (SANs).
3603
4465
  *
3604
4466
  * If the common name is set to `true`, it is not included in DNS, or email SANs if they apply. This field can be
@@ -3624,6 +4486,60 @@ declare namespace SecretsManagerV2 {
3624
4486
  /** The configuration data of your Private Certificate. */
3625
4487
  data?: PrivateCertificateCAData;
3626
4488
  }
4489
+ namespace PrivateCertificateConfigurationIntermediateCA {
4490
+ namespace Constants {
4491
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
4492
+ enum ConfigType {
4493
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
4494
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
4495
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
4496
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
4497
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
4498
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
4499
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
4500
+ }
4501
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
4502
+ enum SecretType {
4503
+ ARBITRARY = "arbitrary",
4504
+ IAM_CREDENTIALS = "iam_credentials",
4505
+ IMPORTED_CERT = "imported_cert",
4506
+ KV = "kv",
4507
+ PRIVATE_CERT = "private_cert",
4508
+ PUBLIC_CERT = "public_cert",
4509
+ SERVICE_CREDENTIALS = "service_credentials",
4510
+ USERNAME_PASSWORD = "username_password"
4511
+ }
4512
+ /** The type of private key to generate. */
4513
+ enum KeyType {
4514
+ RSA = "rsa",
4515
+ EC = "ec"
4516
+ }
4517
+ /** The signing method to use with this certificate authority to generate private certificates. You can choose between internal or externally signed options. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities). */
4518
+ enum SigningMethod {
4519
+ INTERNAL = "internal",
4520
+ EXTERNAL = "external"
4521
+ }
4522
+ /** The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. */
4523
+ enum Status {
4524
+ SIGNING_REQUIRED = "signing_required",
4525
+ SIGNED_CERTIFICATE_REQUIRED = "signed_certificate_required",
4526
+ CERTIFICATE_TEMPLATE_REQUIRED = "certificate_template_required",
4527
+ CONFIGURED = "configured",
4528
+ EXPIRED = "expired",
4529
+ REVOKED = "revoked"
4530
+ }
4531
+ /** The format of the returned data. */
4532
+ enum Format {
4533
+ PEM = "pem",
4534
+ PEM_BUNDLE = "pem_bundle"
4535
+ }
4536
+ /** The format of the generated private key. */
4537
+ enum PrivateKeyFormat {
4538
+ DER = "der",
4539
+ PKCS8 = "pkcs8"
4540
+ }
4541
+ }
4542
+ }
3627
4543
  /** The data that is associated with the intermediate certificate authority. */
3628
4544
  interface PrivateCertificateConfigurationIntermediateCACSR extends PrivateCertificateCAData {
3629
4545
  /** The certificate signing request. */
@@ -3633,20 +4549,33 @@ declare namespace SecretsManagerV2 {
3633
4549
  */
3634
4550
  private_key?: string;
3635
4551
  /** The type of private key to generate. */
3636
- private_key_type?: string;
4552
+ private_key_type?: PrivateCertificateConfigurationIntermediateCACSR.Constants.PrivateKeyType | string;
3637
4553
  /** The certificate expiration time. */
3638
4554
  expiration?: number;
3639
4555
  }
4556
+ namespace PrivateCertificateConfigurationIntermediateCACSR {
4557
+ namespace Constants {
4558
+ /** The type of private key to generate. */
4559
+ enum PrivateKeyType {
4560
+ RSA = "rsa",
4561
+ EC = "ec"
4562
+ }
4563
+ }
4564
+ }
3640
4565
  /** The configuration of the metadata properties of the intermediate certificate authority. */
3641
4566
  interface PrivateCertificateConfigurationIntermediateCAMetadata extends ConfigurationMetadata {
3642
- /** The configuration type. */
3643
- config_type: string;
4567
+ /** The configuration type. Can be one of: iam_credentials_configuration,
4568
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
4569
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
4570
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
4571
+ */
4572
+ config_type: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.ConfigType | string;
3644
4573
  /** The unique name of your configuration. */
3645
4574
  name: string;
3646
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
3647
- * credentials, key-value, and user credentials.
4575
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
4576
+ * service_credentials, kv, and username_password.
3648
4577
  */
3649
- secret_type: string;
4578
+ secret_type: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.SecretType | string;
3650
4579
  /** The unique identifier that is associated with the entity that created the secret. */
3651
4580
  created_by: string;
3652
4581
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -3666,7 +4595,7 @@ declare namespace SecretsManagerV2 {
3666
4595
  /** The distinguished name that identifies the entity that signed and issued the certificate. */
3667
4596
  issuer?: string;
3668
4597
  /** The type of private key to generate. */
3669
- key_type?: string;
4598
+ key_type?: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.KeyType | string;
3670
4599
  /** The number of bits to use to generate the private key.
3671
4600
  *
3672
4601
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3678,12 +4607,56 @@ declare namespace SecretsManagerV2 {
3678
4607
  * You can choose between internal or externally signed options. For more information, see the
3679
4608
  * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities).
3680
4609
  */
3681
- signing_method: string;
4610
+ signing_method: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.SigningMethod | string;
3682
4611
  /** The status of the certificate authority. The status of a root certificate authority is either `configured`
3683
4612
  * or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,
3684
4613
  * `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.
3685
4614
  */
3686
- status?: string;
4615
+ status?: PrivateCertificateConfigurationIntermediateCAMetadata.Constants.Status | string;
4616
+ }
4617
+ namespace PrivateCertificateConfigurationIntermediateCAMetadata {
4618
+ namespace Constants {
4619
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
4620
+ enum ConfigType {
4621
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
4622
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
4623
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
4624
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
4625
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
4626
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
4627
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
4628
+ }
4629
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
4630
+ enum SecretType {
4631
+ ARBITRARY = "arbitrary",
4632
+ IAM_CREDENTIALS = "iam_credentials",
4633
+ IMPORTED_CERT = "imported_cert",
4634
+ KV = "kv",
4635
+ PRIVATE_CERT = "private_cert",
4636
+ PUBLIC_CERT = "public_cert",
4637
+ SERVICE_CREDENTIALS = "service_credentials",
4638
+ USERNAME_PASSWORD = "username_password"
4639
+ }
4640
+ /** The type of private key to generate. */
4641
+ enum KeyType {
4642
+ RSA = "rsa",
4643
+ EC = "ec"
4644
+ }
4645
+ /** The signing method to use with this certificate authority to generate private certificates. You can choose between internal or externally signed options. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities). */
4646
+ enum SigningMethod {
4647
+ INTERNAL = "internal",
4648
+ EXTERNAL = "external"
4649
+ }
4650
+ /** The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. */
4651
+ enum Status {
4652
+ SIGNING_REQUIRED = "signing_required",
4653
+ SIGNED_CERTIFICATE_REQUIRED = "signed_certificate_required",
4654
+ CERTIFICATE_TEMPLATE_REQUIRED = "certificate_template_required",
4655
+ CONFIGURED = "configured",
4656
+ EXPIRED = "expired",
4657
+ REVOKED = "revoked"
4658
+ }
4659
+ }
3687
4660
  }
3688
4661
  /** The configuration patch of the intermediate certificate authority. */
3689
4662
  interface PrivateCertificateConfigurationIntermediateCAPatch extends ConfigurationPatch {
@@ -3720,8 +4693,12 @@ declare namespace SecretsManagerV2 {
3720
4693
  }
3721
4694
  /** The configuration of the intermediate certificate authority. */
3722
4695
  interface PrivateCertificateConfigurationIntermediateCAPrototype extends ConfigurationPrototype {
3723
- /** The configuration type. */
3724
- config_type: string;
4696
+ /** The configuration type. Can be one of: iam_credentials_configuration,
4697
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
4698
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
4699
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
4700
+ */
4701
+ config_type: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.ConfigType | string;
3725
4702
  /** A human-readable unique name to assign to your configuration.
3726
4703
  *
3727
4704
  * To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -3740,7 +4717,7 @@ declare namespace SecretsManagerV2 {
3740
4717
  * You can choose between internal or externally signed options. For more information, see the
3741
4718
  * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities).
3742
4719
  */
3743
- signing_method: string;
4720
+ signing_method: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.SigningMethod | string;
3744
4721
  /** The distinguished name that identifies the entity that signed and issued the certificate. */
3745
4722
  issuer?: string;
3746
4723
  /** The time until the certificate revocation list (CRL) expires.
@@ -3784,11 +4761,11 @@ declare namespace SecretsManagerV2 {
3784
4761
  */
3785
4762
  other_sans?: string[];
3786
4763
  /** The format of the returned data. */
3787
- format?: string;
4764
+ format?: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.Format | string;
3788
4765
  /** The format of the generated private key. */
3789
- private_key_format?: string;
4766
+ private_key_format?: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.PrivateKeyFormat | string;
3790
4767
  /** The type of private key to generate. */
3791
- key_type?: string;
4768
+ key_type?: PrivateCertificateConfigurationIntermediateCAPrototype.Constants.KeyType | string;
3792
4769
  /** The number of bits to use to generate the private key.
3793
4770
  *
3794
4771
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3823,16 +4800,54 @@ declare namespace SecretsManagerV2 {
3823
4800
  */
3824
4801
  serial_number?: string;
3825
4802
  }
4803
+ namespace PrivateCertificateConfigurationIntermediateCAPrototype {
4804
+ namespace Constants {
4805
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
4806
+ enum ConfigType {
4807
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
4808
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
4809
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
4810
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
4811
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
4812
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
4813
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
4814
+ }
4815
+ /** The signing method to use with this certificate authority to generate private certificates. You can choose between internal or externally signed options. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-intermediate-certificate-authorities). */
4816
+ enum SigningMethod {
4817
+ INTERNAL = "internal",
4818
+ EXTERNAL = "external"
4819
+ }
4820
+ /** The format of the returned data. */
4821
+ enum Format {
4822
+ PEM = "pem",
4823
+ PEM_BUNDLE = "pem_bundle"
4824
+ }
4825
+ /** The format of the generated private key. */
4826
+ enum PrivateKeyFormat {
4827
+ DER = "der",
4828
+ PKCS8 = "pkcs8"
4829
+ }
4830
+ /** The type of private key to generate. */
4831
+ enum KeyType {
4832
+ RSA = "rsa",
4833
+ EC = "ec"
4834
+ }
4835
+ }
4836
+ }
3826
4837
  /** The root certificate authority . */
3827
4838
  interface PrivateCertificateConfigurationRootCA extends Configuration {
3828
- /** The configuration type. */
3829
- config_type: string;
4839
+ /** The configuration type. Can be one of: iam_credentials_configuration,
4840
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
4841
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
4842
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
4843
+ */
4844
+ config_type: PrivateCertificateConfigurationRootCA.Constants.ConfigType | string;
3830
4845
  /** The unique name of your configuration. */
3831
4846
  name: string;
3832
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
3833
- * credentials, key-value, and user credentials.
4847
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
4848
+ * service_credentials, kv, and username_password.
3834
4849
  */
3835
- secret_type: string;
4850
+ secret_type: PrivateCertificateConfigurationRootCA.Constants.SecretType | string;
3836
4851
  /** The unique identifier that is associated with the entity that created the secret. */
3837
4852
  created_by: string;
3838
4853
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -3850,7 +4865,7 @@ declare namespace SecretsManagerV2 {
3850
4865
  */
3851
4866
  expiration_date?: string;
3852
4867
  /** The type of private key to generate. */
3853
- key_type?: string;
4868
+ key_type?: PrivateCertificateConfigurationRootCA.Constants.KeyType | string;
3854
4869
  /** The number of bits to use to generate the private key.
3855
4870
  *
3856
4871
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3861,7 +4876,7 @@ declare namespace SecretsManagerV2 {
3861
4876
  * or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,
3862
4877
  * `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.
3863
4878
  */
3864
- status?: string;
4879
+ status?: PrivateCertificateConfigurationRootCA.Constants.Status | string;
3865
4880
  /** The maximum time-to-live (TTL) for certificates that are created by this CA in seconds. */
3866
4881
  max_ttl_seconds?: number;
3867
4882
  /** The time until the certificate revocation list (CRL) expires, in seconds. */
@@ -3895,9 +4910,9 @@ declare namespace SecretsManagerV2 {
3895
4910
  /** he requested TTL, after which the certificate expires. */
3896
4911
  ttl_seconds?: number;
3897
4912
  /** The format of the returned data. */
3898
- format?: string;
4913
+ format?: PrivateCertificateConfigurationRootCA.Constants.Format | string;
3899
4914
  /** The format of the generated private key. */
3900
- private_key_format?: string;
4915
+ private_key_format?: PrivateCertificateConfigurationRootCA.Constants.PrivateKeyFormat | string;
3901
4916
  /** The maximum path length to encode in the generated certificate. `-1` means no limit.
3902
4917
  *
3903
4918
  * If the signing certificate has a maximum path length set, the path length is set to one less than that of the
@@ -3933,16 +4948,69 @@ declare namespace SecretsManagerV2 {
3933
4948
  /** The configuration data of your Private Certificate. */
3934
4949
  data?: PrivateCertificateCAData;
3935
4950
  }
4951
+ namespace PrivateCertificateConfigurationRootCA {
4952
+ namespace Constants {
4953
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
4954
+ enum ConfigType {
4955
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
4956
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
4957
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
4958
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
4959
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
4960
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
4961
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
4962
+ }
4963
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
4964
+ enum SecretType {
4965
+ ARBITRARY = "arbitrary",
4966
+ IAM_CREDENTIALS = "iam_credentials",
4967
+ IMPORTED_CERT = "imported_cert",
4968
+ KV = "kv",
4969
+ PRIVATE_CERT = "private_cert",
4970
+ PUBLIC_CERT = "public_cert",
4971
+ SERVICE_CREDENTIALS = "service_credentials",
4972
+ USERNAME_PASSWORD = "username_password"
4973
+ }
4974
+ /** The type of private key to generate. */
4975
+ enum KeyType {
4976
+ RSA = "rsa",
4977
+ EC = "ec"
4978
+ }
4979
+ /** The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. */
4980
+ enum Status {
4981
+ SIGNING_REQUIRED = "signing_required",
4982
+ SIGNED_CERTIFICATE_REQUIRED = "signed_certificate_required",
4983
+ CERTIFICATE_TEMPLATE_REQUIRED = "certificate_template_required",
4984
+ CONFIGURED = "configured",
4985
+ EXPIRED = "expired",
4986
+ REVOKED = "revoked"
4987
+ }
4988
+ /** The format of the returned data. */
4989
+ enum Format {
4990
+ PEM = "pem",
4991
+ PEM_BUNDLE = "pem_bundle"
4992
+ }
4993
+ /** The format of the generated private key. */
4994
+ enum PrivateKeyFormat {
4995
+ DER = "der",
4996
+ PKCS8 = "pkcs8"
4997
+ }
4998
+ }
4999
+ }
3936
5000
  /** The configuration of the metadata properties of the root certificate authority. */
3937
5001
  interface PrivateCertificateConfigurationRootCAMetadata extends ConfigurationMetadata {
3938
- /** The configuration type. */
3939
- config_type: string;
5002
+ /** The configuration type. Can be one of: iam_credentials_configuration,
5003
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
5004
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
5005
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
5006
+ */
5007
+ config_type: PrivateCertificateConfigurationRootCAMetadata.Constants.ConfigType | string;
3940
5008
  /** The unique name of your configuration. */
3941
5009
  name: string;
3942
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
3943
- * credentials, key-value, and user credentials.
5010
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
5011
+ * service_credentials, kv, and username_password.
3944
5012
  */
3945
- secret_type: string;
5013
+ secret_type: PrivateCertificateConfigurationRootCAMetadata.Constants.SecretType | string;
3946
5014
  /** The unique identifier that is associated with the entity that created the secret. */
3947
5015
  created_by: string;
3948
5016
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -3960,7 +5028,7 @@ declare namespace SecretsManagerV2 {
3960
5028
  */
3961
5029
  expiration_date?: string;
3962
5030
  /** The type of private key to generate. */
3963
- key_type?: string;
5031
+ key_type?: PrivateCertificateConfigurationRootCAMetadata.Constants.KeyType | string;
3964
5032
  /** The number of bits to use to generate the private key.
3965
5033
  *
3966
5034
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -3971,7 +5039,46 @@ declare namespace SecretsManagerV2 {
3971
5039
  * or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`,
3972
5040
  * `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`.
3973
5041
  */
3974
- status?: string;
5042
+ status?: PrivateCertificateConfigurationRootCAMetadata.Constants.Status | string;
5043
+ }
5044
+ namespace PrivateCertificateConfigurationRootCAMetadata {
5045
+ namespace Constants {
5046
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
5047
+ enum ConfigType {
5048
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
5049
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
5050
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
5051
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
5052
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
5053
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
5054
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
5055
+ }
5056
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
5057
+ enum SecretType {
5058
+ ARBITRARY = "arbitrary",
5059
+ IAM_CREDENTIALS = "iam_credentials",
5060
+ IMPORTED_CERT = "imported_cert",
5061
+ KV = "kv",
5062
+ PRIVATE_CERT = "private_cert",
5063
+ PUBLIC_CERT = "public_cert",
5064
+ SERVICE_CREDENTIALS = "service_credentials",
5065
+ USERNAME_PASSWORD = "username_password"
5066
+ }
5067
+ /** The type of private key to generate. */
5068
+ enum KeyType {
5069
+ RSA = "rsa",
5070
+ EC = "ec"
5071
+ }
5072
+ /** The status of the certificate authority. The status of a root certificate authority is either `configured` or `expired`. For intermediate certificate authorities, possible statuses include `signing_required`, `signed_certificate_required`, `certificate_template_required`, `configured`, `expired` or `revoked`. */
5073
+ enum Status {
5074
+ SIGNING_REQUIRED = "signing_required",
5075
+ SIGNED_CERTIFICATE_REQUIRED = "signed_certificate_required",
5076
+ CERTIFICATE_TEMPLATE_REQUIRED = "certificate_template_required",
5077
+ CONFIGURED = "configured",
5078
+ EXPIRED = "expired",
5079
+ REVOKED = "revoked"
5080
+ }
5081
+ }
3975
5082
  }
3976
5083
  /** The configuration of the metadata patch for the root certificate authority. */
3977
5084
  interface PrivateCertificateConfigurationRootCAPatch extends ConfigurationPatch {
@@ -4008,8 +5115,12 @@ declare namespace SecretsManagerV2 {
4008
5115
  }
4009
5116
  /** The configuration of the root certificate authority. */
4010
5117
  interface PrivateCertificateConfigurationRootCAPrototype extends ConfigurationPrototype {
4011
- /** The configuration type. */
4012
- config_type: string;
5118
+ /** The configuration type. Can be one of: iam_credentials_configuration,
5119
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
5120
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
5121
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
5122
+ */
5123
+ config_type: PrivateCertificateConfigurationRootCAPrototype.Constants.ConfigType | string;
4013
5124
  /** A human-readable unique name to assign to your configuration.
4014
5125
  *
4015
5126
  * To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -4071,11 +5182,11 @@ declare namespace SecretsManagerV2 {
4071
5182
  */
4072
5183
  ttl?: string;
4073
5184
  /** The format of the returned data. */
4074
- format?: string;
5185
+ format?: PrivateCertificateConfigurationRootCAPrototype.Constants.Format | string;
4075
5186
  /** The format of the generated private key. */
4076
- private_key_format?: string;
5187
+ private_key_format?: PrivateCertificateConfigurationRootCAPrototype.Constants.PrivateKeyFormat | string;
4077
5188
  /** The type of private key to generate. */
4078
- key_type?: string;
5189
+ key_type?: PrivateCertificateConfigurationRootCAPrototype.Constants.KeyType | string;
4079
5190
  /** The number of bits to use to generate the private key.
4080
5191
  *
4081
5192
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -4120,16 +5231,49 @@ declare namespace SecretsManagerV2 {
4120
5231
  */
4121
5232
  serial_number?: string;
4122
5233
  }
5234
+ namespace PrivateCertificateConfigurationRootCAPrototype {
5235
+ namespace Constants {
5236
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
5237
+ enum ConfigType {
5238
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
5239
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
5240
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
5241
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
5242
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
5243
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
5244
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
5245
+ }
5246
+ /** The format of the returned data. */
5247
+ enum Format {
5248
+ PEM = "pem",
5249
+ PEM_BUNDLE = "pem_bundle"
5250
+ }
5251
+ /** The format of the generated private key. */
5252
+ enum PrivateKeyFormat {
5253
+ DER = "der",
5254
+ PKCS8 = "pkcs8"
5255
+ }
5256
+ /** The type of private key to generate. */
5257
+ enum KeyType {
5258
+ RSA = "rsa",
5259
+ EC = "ec"
5260
+ }
5261
+ }
5262
+ }
4123
5263
  /** The configuration of the private certificate template. */
4124
5264
  interface PrivateCertificateConfigurationTemplate extends Configuration {
4125
- /** The configuration type. */
4126
- config_type: string;
5265
+ /** The configuration type. Can be one of: iam_credentials_configuration,
5266
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
5267
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
5268
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
5269
+ */
5270
+ config_type: PrivateCertificateConfigurationTemplate.Constants.ConfigType | string;
4127
5271
  /** The unique name of your configuration. */
4128
5272
  name: string;
4129
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
4130
- * credentials, key-value, and user credentials.
5273
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
5274
+ * service_credentials, kv, and username_password.
4131
5275
  */
4132
- secret_type: string;
5276
+ secret_type: PrivateCertificateConfigurationTemplate.Constants.SecretType | string;
4133
5277
  /** The unique identifier that is associated with the entity that created the secret. */
4134
5278
  created_by: string;
4135
5279
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -4214,7 +5358,7 @@ declare namespace SecretsManagerV2 {
4214
5358
  /** This field indicates whether private certificates are flagged for email protection use. */
4215
5359
  email_protection_flag?: boolean;
4216
5360
  /** The type of private key to generate. */
4217
- key_type?: string;
5361
+ key_type?: PrivateCertificateConfigurationTemplate.Constants.KeyType | string;
4218
5362
  /** The number of bits to use to generate the private key.
4219
5363
  *
4220
5364
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -4285,16 +5429,50 @@ declare namespace SecretsManagerV2 {
4285
5429
  /** The duration in seconds by which to backdate the `not_before` property of an issued private certificate. */
4286
5430
  not_before_duration_seconds?: number;
4287
5431
  }
5432
+ namespace PrivateCertificateConfigurationTemplate {
5433
+ namespace Constants {
5434
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
5435
+ enum ConfigType {
5436
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
5437
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
5438
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
5439
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
5440
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
5441
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
5442
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
5443
+ }
5444
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
5445
+ enum SecretType {
5446
+ ARBITRARY = "arbitrary",
5447
+ IAM_CREDENTIALS = "iam_credentials",
5448
+ IMPORTED_CERT = "imported_cert",
5449
+ KV = "kv",
5450
+ PRIVATE_CERT = "private_cert",
5451
+ PUBLIC_CERT = "public_cert",
5452
+ SERVICE_CREDENTIALS = "service_credentials",
5453
+ USERNAME_PASSWORD = "username_password"
5454
+ }
5455
+ /** The type of private key to generate. */
5456
+ enum KeyType {
5457
+ RSA = "rsa",
5458
+ EC = "ec"
5459
+ }
5460
+ }
5461
+ }
4288
5462
  /** The metadata properties of the configuration of the private certificate template. */
4289
5463
  interface PrivateCertificateConfigurationTemplateMetadata extends ConfigurationMetadata {
4290
- /** The configuration type. */
4291
- config_type: string;
5464
+ /** The configuration type. Can be one of: iam_credentials_configuration,
5465
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
5466
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
5467
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
5468
+ */
5469
+ config_type: PrivateCertificateConfigurationTemplateMetadata.Constants.ConfigType | string;
4292
5470
  /** The unique name of your configuration. */
4293
5471
  name: string;
4294
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
4295
- * credentials, key-value, and user credentials.
5472
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
5473
+ * service_credentials, kv, and username_password.
4296
5474
  */
4297
- secret_type: string;
5475
+ secret_type: PrivateCertificateConfigurationTemplateMetadata.Constants.SecretType | string;
4298
5476
  /** The unique identifier that is associated with the entity that created the secret. */
4299
5477
  created_by: string;
4300
5478
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -4304,6 +5482,31 @@ declare namespace SecretsManagerV2 {
4304
5482
  /** The name of the intermediate certificate authority. */
4305
5483
  certificate_authority: string;
4306
5484
  }
5485
+ namespace PrivateCertificateConfigurationTemplateMetadata {
5486
+ namespace Constants {
5487
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
5488
+ enum ConfigType {
5489
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
5490
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
5491
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
5492
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
5493
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
5494
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
5495
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
5496
+ }
5497
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
5498
+ enum SecretType {
5499
+ ARBITRARY = "arbitrary",
5500
+ IAM_CREDENTIALS = "iam_credentials",
5501
+ IMPORTED_CERT = "imported_cert",
5502
+ KV = "kv",
5503
+ PRIVATE_CERT = "private_cert",
5504
+ PUBLIC_CERT = "public_cert",
5505
+ SERVICE_CREDENTIALS = "service_credentials",
5506
+ USERNAME_PASSWORD = "username_password"
5507
+ }
5508
+ }
5509
+ }
4307
5510
  /** Properties that describe a certificate template. You can use a certificate template to control the parameters that are applied to your issued private certificates. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-certificate-templates). */
4308
5511
  interface PrivateCertificateConfigurationTemplatePatch extends ConfigurationPatch {
4309
5512
  /** This field scopes the creation of private certificates to only the secret groups that you specify.
@@ -4393,7 +5596,7 @@ declare namespace SecretsManagerV2 {
4393
5596
  /** This field indicates whether private certificates are flagged for email protection use. */
4394
5597
  email_protection_flag?: boolean;
4395
5598
  /** The type of private key to generate. */
4396
- key_type?: string;
5599
+ key_type?: PrivateCertificateConfigurationTemplatePatch.Constants.KeyType | string;
4397
5600
  /** The number of bits to use to generate the private key.
4398
5601
  *
4399
5602
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -4468,10 +5671,23 @@ declare namespace SecretsManagerV2 {
4468
5671
  */
4469
5672
  not_before_duration?: string;
4470
5673
  }
5674
+ namespace PrivateCertificateConfigurationTemplatePatch {
5675
+ namespace Constants {
5676
+ /** The type of private key to generate. */
5677
+ enum KeyType {
5678
+ RSA = "rsa",
5679
+ EC = "ec"
5680
+ }
5681
+ }
5682
+ }
4471
5683
  /** Properties that describe a certificate template. You can use a certificate template to control the parameters that are applied to your issued private certificates. For more information, see the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-certificate-templates). */
4472
5684
  interface PrivateCertificateConfigurationTemplatePrototype extends ConfigurationPrototype {
4473
- /** The configuration type. */
4474
- config_type: string;
5685
+ /** The configuration type. Can be one of: iam_credentials_configuration,
5686
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
5687
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
5688
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
5689
+ */
5690
+ config_type: PrivateCertificateConfigurationTemplatePrototype.Constants.ConfigType | string;
4475
5691
  /** A human-readable unique name to assign to your configuration.
4476
5692
  *
4477
5693
  * To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -4572,7 +5788,7 @@ declare namespace SecretsManagerV2 {
4572
5788
  /** This field indicates whether private certificates are flagged for email protection use. */
4573
5789
  email_protection_flag?: boolean;
4574
5790
  /** The type of private key to generate. */
4575
- key_type?: string;
5791
+ key_type?: PrivateCertificateConfigurationTemplatePrototype.Constants.KeyType | string;
4576
5792
  /** The number of bits to use to generate the private key.
4577
5793
  *
4578
5794
  * Allowable values for RSA keys are: `2048` and `4096`. Allowable values for EC keys are: `224`, `256`, `384`, and
@@ -4647,6 +5863,25 @@ declare namespace SecretsManagerV2 {
4647
5863
  */
4648
5864
  not_before_duration?: string;
4649
5865
  }
5866
+ namespace PrivateCertificateConfigurationTemplatePrototype {
5867
+ namespace Constants {
5868
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
5869
+ enum ConfigType {
5870
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
5871
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
5872
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
5873
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
5874
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
5875
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
5876
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
5877
+ }
5878
+ /** The type of private key to generate. */
5879
+ enum KeyType {
5880
+ RSA = "rsa",
5881
+ EC = "ec"
5882
+ }
5883
+ }
5884
+ }
4650
5885
  /** Properties of the metadata of your private certificate. */
4651
5886
  interface PrivateCertificateMetadata extends SecretMetadata {
4652
5887
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -4682,16 +5917,16 @@ declare namespace SecretsManagerV2 {
4682
5917
  name?: string;
4683
5918
  /** A v4 UUID identifier, or `default` secret group. */
4684
5919
  secret_group_id: string;
4685
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
4686
- * credentials, key-value, and user credentials.
5920
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
5921
+ * service_credentials, kv, and username_password.
4687
5922
  */
4688
- secret_type: string;
5923
+ secret_type: PrivateCertificateMetadata.Constants.SecretType | string;
4689
5924
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
4690
5925
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
4691
5926
  */
4692
5927
  state?: number;
4693
5928
  /** A text representation of the secret state. */
4694
- state_description?: string;
5929
+ state_description?: PrivateCertificateMetadata.Constants.StateDescription | string;
4695
5930
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
4696
5931
  updated_at: string;
4697
5932
  /** The number of versions of your secret. */
@@ -4739,6 +5974,29 @@ declare namespace SecretsManagerV2 {
4739
5974
  /** The date and time that the certificate was revoked. The date format follows `RFC 3339`. */
4740
5975
  revocation_time_rfc3339?: string;
4741
5976
  }
5977
+ namespace PrivateCertificateMetadata {
5978
+ namespace Constants {
5979
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
5980
+ enum SecretType {
5981
+ ARBITRARY = "arbitrary",
5982
+ IAM_CREDENTIALS = "iam_credentials",
5983
+ IMPORTED_CERT = "imported_cert",
5984
+ KV = "kv",
5985
+ PRIVATE_CERT = "private_cert",
5986
+ PUBLIC_CERT = "public_cert",
5987
+ SERVICE_CREDENTIALS = "service_credentials",
5988
+ USERNAME_PASSWORD = "username_password"
5989
+ }
5990
+ /** A text representation of the secret state. */
5991
+ enum StateDescription {
5992
+ PRE_ACTIVATION = "pre_activation",
5993
+ ACTIVE = "active",
5994
+ SUSPENDED = "suspended",
5995
+ DEACTIVATED = "deactivated",
5996
+ DESTROYED = "destroyed"
5997
+ }
5998
+ }
5999
+ }
4742
6000
  /** PrivateCertificateMetadataPatch. */
4743
6001
  interface PrivateCertificateMetadataPatch extends SecretMetadataPatch {
4744
6002
  /** A human-readable name to assign to your secret.
@@ -4768,10 +6026,10 @@ declare namespace SecretsManagerV2 {
4768
6026
  }
4769
6027
  /** PrivateCertificatePrototype. */
4770
6028
  interface PrivateCertificatePrototype extends SecretPrototype {
4771
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
4772
- * credentials, key-value, and user credentials.
6029
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6030
+ * service_credentials, kv, and username_password.
4773
6031
  */
4774
- secret_type: string;
6032
+ secret_type: PrivateCertificatePrototype.Constants.SecretType | string;
4775
6033
  /** A human-readable name to assign to your secret.
4776
6034
  *
4777
6035
  * To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -4815,9 +6073,9 @@ declare namespace SecretsManagerV2 {
4815
6073
  /** The certificate signing request. */
4816
6074
  csr?: string;
4817
6075
  /** The format of the returned data. */
4818
- format?: string;
6076
+ format?: PrivateCertificatePrototype.Constants.Format | string;
4819
6077
  /** The format of the generated private key. */
4820
- private_key_format?: string;
6078
+ private_key_format?: PrivateCertificatePrototype.Constants.PrivateKeyFormat | string;
4821
6079
  /** This parameter controls whether the common name is excluded from Subject Alternative Names (SANs).
4822
6080
  *
4823
6081
  * If the common name is set to `true`, it is not included in DNS, or email SANs if they apply. This field can be
@@ -4839,6 +6097,31 @@ declare namespace SecretsManagerV2 {
4839
6097
  /** The secret version metadata that a user can customize. */
4840
6098
  version_custom_metadata?: JsonObject;
4841
6099
  }
6100
+ namespace PrivateCertificatePrototype {
6101
+ namespace Constants {
6102
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6103
+ enum SecretType {
6104
+ ARBITRARY = "arbitrary",
6105
+ IAM_CREDENTIALS = "iam_credentials",
6106
+ IMPORTED_CERT = "imported_cert",
6107
+ KV = "kv",
6108
+ PRIVATE_CERT = "private_cert",
6109
+ PUBLIC_CERT = "public_cert",
6110
+ SERVICE_CREDENTIALS = "service_credentials",
6111
+ USERNAME_PASSWORD = "username_password"
6112
+ }
6113
+ /** The format of the returned data. */
6114
+ enum Format {
6115
+ PEM = "pem",
6116
+ PEM_BUNDLE = "pem_bundle"
6117
+ }
6118
+ /** The format of the generated private key. */
6119
+ enum PrivateKeyFormat {
6120
+ DER = "der",
6121
+ PKCS8 = "pkcs8"
6122
+ }
6123
+ }
6124
+ }
4842
6125
  /** Your private certificate version. */
4843
6126
  interface PrivateCertificateVersion extends SecretVersion {
4844
6127
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -4855,10 +6138,10 @@ declare namespace SecretsManagerV2 {
4855
6138
  id: string;
4856
6139
  /** The human-readable name of your secret. */
4857
6140
  secret_name?: string;
4858
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
4859
- * credentials, key-value, and user credentials.
6141
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6142
+ * service_credentials, kv, and username_password.
4860
6143
  */
4861
- secret_type: string;
6144
+ secret_type: PrivateCertificateVersion.Constants.SecretType | string;
4862
6145
  /** A v4 UUID identifier, or `default` secret group. */
4863
6146
  secret_group_id: string;
4864
6147
  /** Indicates whether the secret payload is available in this secret version. */
@@ -4866,7 +6149,7 @@ declare namespace SecretsManagerV2 {
4866
6149
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
4867
6150
  * is used for version `n-1`.
4868
6151
  */
4869
- alias?: string;
6152
+ alias?: PrivateCertificateVersion.Constants.Alias | string;
4870
6153
  /** The secret version metadata that a user can customize. */
4871
6154
  version_custom_metadata?: JsonObject;
4872
6155
  /** A v4 UUID identifier. */
@@ -4890,17 +6173,53 @@ declare namespace SecretsManagerV2 {
4890
6173
  /** The chain of certificate authorities that are associated with the certificate. */
4891
6174
  ca_chain?: string[];
4892
6175
  }
6176
+ namespace PrivateCertificateVersion {
6177
+ namespace Constants {
6178
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6179
+ enum SecretType {
6180
+ ARBITRARY = "arbitrary",
6181
+ IAM_CREDENTIALS = "iam_credentials",
6182
+ IMPORTED_CERT = "imported_cert",
6183
+ KV = "kv",
6184
+ PRIVATE_CERT = "private_cert",
6185
+ PUBLIC_CERT = "public_cert",
6186
+ SERVICE_CREDENTIALS = "service_credentials",
6187
+ USERNAME_PASSWORD = "username_password"
6188
+ }
6189
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
6190
+ enum Alias {
6191
+ CURRENT = "current",
6192
+ PREVIOUS = "previous"
6193
+ }
6194
+ }
6195
+ }
4893
6196
  /** The response body to specify the properties of the action to revoke the private certificate. */
4894
6197
  interface PrivateCertificateVersionActionRevoke extends VersionAction {
4895
6198
  /** The type of secret version action. */
4896
- action_type: string;
6199
+ action_type: PrivateCertificateVersionActionRevoke.Constants.ActionType | string;
4897
6200
  /** The timestamp of the certificate revocation. */
4898
6201
  revocation_time_seconds?: number;
4899
6202
  }
6203
+ namespace PrivateCertificateVersionActionRevoke {
6204
+ namespace Constants {
6205
+ /** The type of secret version action. */
6206
+ enum ActionType {
6207
+ PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
6208
+ }
6209
+ }
6210
+ }
4900
6211
  /** The request body to specify the properties of the action to revoke the private certificate. */
4901
6212
  interface PrivateCertificateVersionActionRevokePrototype extends SecretVersionActionPrototype {
4902
6213
  /** The type of secret version action. */
4903
- action_type: string;
6214
+ action_type: PrivateCertificateVersionActionRevokePrototype.Constants.ActionType | string;
6215
+ }
6216
+ namespace PrivateCertificateVersionActionRevokePrototype {
6217
+ namespace Constants {
6218
+ /** The type of secret version action. */
6219
+ enum ActionType {
6220
+ PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
6221
+ }
6222
+ }
4904
6223
  }
4905
6224
  /** Properties of the version metadata of your private certificate. */
4906
6225
  interface PrivateCertificateVersionMetadata extends SecretVersionMetadata {
@@ -4918,10 +6237,10 @@ declare namespace SecretsManagerV2 {
4918
6237
  id: string;
4919
6238
  /** The human-readable name of your secret. */
4920
6239
  secret_name?: string;
4921
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
4922
- * credentials, key-value, and user credentials.
6240
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6241
+ * service_credentials, kv, and username_password.
4923
6242
  */
4924
- secret_type: string;
6243
+ secret_type: PrivateCertificateVersionMetadata.Constants.SecretType | string;
4925
6244
  /** A v4 UUID identifier, or `default` secret group. */
4926
6245
  secret_group_id: string;
4927
6246
  /** Indicates whether the secret payload is available in this secret version. */
@@ -4929,7 +6248,7 @@ declare namespace SecretsManagerV2 {
4929
6248
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
4930
6249
  * is used for version `n-1`.
4931
6250
  */
4932
- alias?: string;
6251
+ alias?: PrivateCertificateVersionMetadata.Constants.Alias | string;
4933
6252
  /** The secret version metadata that a user can customize. */
4934
6253
  version_custom_metadata?: JsonObject;
4935
6254
  /** A v4 UUID identifier. */
@@ -4943,6 +6262,26 @@ declare namespace SecretsManagerV2 {
4943
6262
  /** The date and time that the certificate validity period begins and ends. */
4944
6263
  validity: CertificateValidity;
4945
6264
  }
6265
+ namespace PrivateCertificateVersionMetadata {
6266
+ namespace Constants {
6267
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6268
+ enum SecretType {
6269
+ ARBITRARY = "arbitrary",
6270
+ IAM_CREDENTIALS = "iam_credentials",
6271
+ IMPORTED_CERT = "imported_cert",
6272
+ KV = "kv",
6273
+ PRIVATE_CERT = "private_cert",
6274
+ PUBLIC_CERT = "public_cert",
6275
+ SERVICE_CREDENTIALS = "service_credentials",
6276
+ USERNAME_PASSWORD = "username_password"
6277
+ }
6278
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
6279
+ enum Alias {
6280
+ CURRENT = "current",
6281
+ PREVIOUS = "previous"
6282
+ }
6283
+ }
6284
+ }
4946
6285
  /** PrivateCertificateVersionPrototype. */
4947
6286
  interface PrivateCertificateVersionPrototype extends SecretVersionPrototype {
4948
6287
  /** The secret metadata that a user can customize. */
@@ -4987,16 +6326,16 @@ declare namespace SecretsManagerV2 {
4987
6326
  name?: string;
4988
6327
  /** A v4 UUID identifier, or `default` secret group. */
4989
6328
  secret_group_id: string;
4990
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
4991
- * credentials, key-value, and user credentials.
6329
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6330
+ * service_credentials, kv, and username_password.
4992
6331
  */
4993
- secret_type: string;
6332
+ secret_type: PublicCertificate.Constants.SecretType | string;
4994
6333
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
4995
6334
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
4996
6335
  */
4997
6336
  state?: number;
4998
6337
  /** A text representation of the secret state. */
4999
- state_description?: string;
6338
+ state_description?: PublicCertificate.Constants.StateDescription | string;
5000
6339
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5001
6340
  updated_at: string;
5002
6341
  /** The number of versions of your secret. */
@@ -5052,26 +6391,71 @@ declare namespace SecretsManagerV2 {
5052
6391
  */
5053
6392
  private_key?: string;
5054
6393
  }
6394
+ namespace PublicCertificate {
6395
+ namespace Constants {
6396
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6397
+ enum SecretType {
6398
+ ARBITRARY = "arbitrary",
6399
+ IAM_CREDENTIALS = "iam_credentials",
6400
+ IMPORTED_CERT = "imported_cert",
6401
+ KV = "kv",
6402
+ PRIVATE_CERT = "private_cert",
6403
+ PUBLIC_CERT = "public_cert",
6404
+ SERVICE_CREDENTIALS = "service_credentials",
6405
+ USERNAME_PASSWORD = "username_password"
6406
+ }
6407
+ /** A text representation of the secret state. */
6408
+ enum StateDescription {
6409
+ PRE_ACTIVATION = "pre_activation",
6410
+ ACTIVE = "active",
6411
+ SUSPENDED = "suspended",
6412
+ DEACTIVATED = "deactivated",
6413
+ DESTROYED = "destroyed"
6414
+ }
6415
+ }
6416
+ }
5055
6417
  /** The response body of the action to validate manual DNS challenges for the public certificate. */
5056
6418
  interface PublicCertificateActionValidateManualDNS extends SecretAction {
5057
6419
  /** The type of secret action. */
5058
- action_type: string;
6420
+ action_type: PublicCertificateActionValidateManualDNS.Constants.ActionType | string;
6421
+ }
6422
+ namespace PublicCertificateActionValidateManualDNS {
6423
+ namespace Constants {
6424
+ /** The type of secret action. */
6425
+ enum ActionType {
6426
+ PUBLIC_CERT_ACTION_VALIDATE_DNS_CHALLENGE = "public_cert_action_validate_dns_challenge",
6427
+ PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
6428
+ }
6429
+ }
5059
6430
  }
5060
6431
  /** The request body to specify the properties of the action to validate manual DNS challenges for the public certificate. */
5061
6432
  interface PublicCertificateActionValidateManualDNSPrototype extends SecretActionPrototype {
5062
6433
  /** The type of secret action. */
5063
- action_type: string;
6434
+ action_type: PublicCertificateActionValidateManualDNSPrototype.Constants.ActionType | string;
6435
+ }
6436
+ namespace PublicCertificateActionValidateManualDNSPrototype {
6437
+ namespace Constants {
6438
+ /** The type of secret action. */
6439
+ enum ActionType {
6440
+ PUBLIC_CERT_ACTION_VALIDATE_DNS_CHALLENGE = "public_cert_action_validate_dns_challenge",
6441
+ PRIVATE_CERT_ACTION_REVOKE_CERTIFICATE = "private_cert_action_revoke_certificate"
6442
+ }
6443
+ }
5064
6444
  }
5065
6445
  /** Properties that describe a Let's Encrypt CA configuration. */
5066
6446
  interface PublicCertificateConfigurationCALetsEncrypt extends Configuration {
5067
- /** The configuration type. */
5068
- config_type: string;
6447
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6448
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6449
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6450
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6451
+ */
6452
+ config_type: PublicCertificateConfigurationCALetsEncrypt.Constants.ConfigType | string;
5069
6453
  /** The unique name of your configuration. */
5070
6454
  name: string;
5071
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5072
- * credentials, key-value, and user credentials.
6455
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6456
+ * service_credentials, kv, and username_password.
5073
6457
  */
5074
- secret_type: string;
6458
+ secret_type: PublicCertificateConfigurationCALetsEncrypt.Constants.SecretType | string;
5075
6459
  /** The unique identifier that is associated with the entity that created the secret. */
5076
6460
  created_by: string;
5077
6461
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5079,9 +6463,9 @@ declare namespace SecretsManagerV2 {
5079
6463
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5080
6464
  updated_at: string;
5081
6465
  /** The configuration of the Let's Encrypt CA environment. */
5082
- lets_encrypt_environment: string;
5083
- /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
5084
- * Name. If no match, the default offered chain will be used.
6466
+ lets_encrypt_environment: PublicCertificateConfigurationCALetsEncrypt.Constants.LetsEncryptEnvironment | string;
6467
+ /** This field supports only the chains that Let's Encrypt provides. Keep empty to use the default or supply a
6468
+ * valid Let's Encrypt-provided value. For a list of supported chains, see: https://letsencrypt.org/certificates/.
5085
6469
  */
5086
6470
  lets_encrypt_preferred_chain?: string;
5087
6471
  /** The PEM-encoded private key of your Let's Encrypt account. The data must be formatted on a single line with
@@ -5089,16 +6473,50 @@ declare namespace SecretsManagerV2 {
5089
6473
  */
5090
6474
  lets_encrypt_private_key: string;
5091
6475
  }
6476
+ namespace PublicCertificateConfigurationCALetsEncrypt {
6477
+ namespace Constants {
6478
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6479
+ enum ConfigType {
6480
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6481
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6482
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6483
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6484
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6485
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6486
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6487
+ }
6488
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6489
+ enum SecretType {
6490
+ ARBITRARY = "arbitrary",
6491
+ IAM_CREDENTIALS = "iam_credentials",
6492
+ IMPORTED_CERT = "imported_cert",
6493
+ KV = "kv",
6494
+ PRIVATE_CERT = "private_cert",
6495
+ PUBLIC_CERT = "public_cert",
6496
+ SERVICE_CREDENTIALS = "service_credentials",
6497
+ USERNAME_PASSWORD = "username_password"
6498
+ }
6499
+ /** The configuration of the Let's Encrypt CA environment. */
6500
+ enum LetsEncryptEnvironment {
6501
+ PRODUCTION = "production",
6502
+ STAGING = "staging"
6503
+ }
6504
+ }
6505
+ }
5092
6506
  /** Your Let's Encrypt CA metadata properties. */
5093
6507
  interface PublicCertificateConfigurationCALetsEncryptMetadata extends ConfigurationMetadata {
5094
- /** The configuration type. */
5095
- config_type: string;
6508
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6509
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6510
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6511
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6512
+ */
6513
+ config_type: PublicCertificateConfigurationCALetsEncryptMetadata.Constants.ConfigType | string;
5096
6514
  /** The unique name of your configuration. */
5097
6515
  name: string;
5098
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5099
- * credentials, key-value, and user credentials.
6516
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6517
+ * service_credentials, kv, and username_password.
5100
6518
  */
5101
- secret_type: string;
6519
+ secret_type: PublicCertificateConfigurationCALetsEncryptMetadata.Constants.SecretType | string;
5102
6520
  /** The unique identifier that is associated with the entity that created the secret. */
5103
6521
  created_by: string;
5104
6522
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5106,55 +6524,121 @@ declare namespace SecretsManagerV2 {
5106
6524
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5107
6525
  updated_at: string;
5108
6526
  /** The configuration of the Let's Encrypt CA environment. */
5109
- lets_encrypt_environment: string;
5110
- /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
5111
- * Name. If no match, the default offered chain will be used.
6527
+ lets_encrypt_environment: PublicCertificateConfigurationCALetsEncryptMetadata.Constants.LetsEncryptEnvironment | string;
6528
+ /** This field supports only the chains that Let's Encrypt provides. Keep empty to use the default or supply a
6529
+ * valid Let's Encrypt-provided value. For a list of supported chains, see: https://letsencrypt.org/certificates/.
5112
6530
  */
5113
6531
  lets_encrypt_preferred_chain?: string;
5114
6532
  }
6533
+ namespace PublicCertificateConfigurationCALetsEncryptMetadata {
6534
+ namespace Constants {
6535
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6536
+ enum ConfigType {
6537
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6538
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6539
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6540
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6541
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6542
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6543
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6544
+ }
6545
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6546
+ enum SecretType {
6547
+ ARBITRARY = "arbitrary",
6548
+ IAM_CREDENTIALS = "iam_credentials",
6549
+ IMPORTED_CERT = "imported_cert",
6550
+ KV = "kv",
6551
+ PRIVATE_CERT = "private_cert",
6552
+ PUBLIC_CERT = "public_cert",
6553
+ SERVICE_CREDENTIALS = "service_credentials",
6554
+ USERNAME_PASSWORD = "username_password"
6555
+ }
6556
+ /** The configuration of the Let's Encrypt CA environment. */
6557
+ enum LetsEncryptEnvironment {
6558
+ PRODUCTION = "production",
6559
+ STAGING = "staging"
6560
+ }
6561
+ }
6562
+ }
5115
6563
  /** The configuration update of the Let's Encrypt Certificate Authority. */
5116
6564
  interface PublicCertificateConfigurationCALetsEncryptPatch extends ConfigurationPatch {
5117
6565
  /** The configuration of the Let's Encrypt CA environment. */
5118
- lets_encrypt_environment: string;
6566
+ lets_encrypt_environment: PublicCertificateConfigurationCALetsEncryptPatch.Constants.LetsEncryptEnvironment | string;
5119
6567
  /** The PEM-encoded private key of your Let's Encrypt account. The data must be formatted on a single line with
5120
6568
  * embedded newline characters.
5121
6569
  */
5122
6570
  lets_encrypt_private_key?: string;
5123
- /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
5124
- * Name. If no match, the default offered chain will be used.
6571
+ /** This field supports only the chains that Let's Encrypt provides. Keep empty to use the default or supply a
6572
+ * valid Let's Encrypt-provided value. For a list of supported chains, see: https://letsencrypt.org/certificates/.
5125
6573
  */
5126
6574
  lets_encrypt_preferred_chain?: string;
5127
6575
  }
6576
+ namespace PublicCertificateConfigurationCALetsEncryptPatch {
6577
+ namespace Constants {
6578
+ /** The configuration of the Let's Encrypt CA environment. */
6579
+ enum LetsEncryptEnvironment {
6580
+ PRODUCTION = "production",
6581
+ STAGING = "staging"
6582
+ }
6583
+ }
6584
+ }
5128
6585
  /** The properties of the Let's Encrypt CA configuration. */
5129
6586
  interface PublicCertificateConfigurationCALetsEncryptPrototype extends ConfigurationPrototype {
5130
- /** The configuration type. */
5131
- config_type: string;
6587
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6588
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6589
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6590
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6591
+ */
6592
+ config_type: PublicCertificateConfigurationCALetsEncryptPrototype.Constants.ConfigType | string;
5132
6593
  /** A human-readable unique name to assign to your configuration.
5133
6594
  *
5134
6595
  * To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
5135
6596
  */
5136
6597
  name: string;
5137
6598
  /** The configuration of the Let's Encrypt CA environment. */
5138
- lets_encrypt_environment: string;
6599
+ lets_encrypt_environment: PublicCertificateConfigurationCALetsEncryptPrototype.Constants.LetsEncryptEnvironment | string;
5139
6600
  /** The PEM-encoded private key of your Let's Encrypt account. The data must be formatted on a single line with
5140
6601
  * embedded newline characters.
5141
6602
  */
5142
6603
  lets_encrypt_private_key: string;
5143
- /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
5144
- * Name. If no match, the default offered chain will be used.
6604
+ /** This field supports only the chains that Let's Encrypt provides. Keep empty to use the default or supply a
6605
+ * valid Let's Encrypt-provided value. For a list of supported chains, see: https://letsencrypt.org/certificates/.
5145
6606
  */
5146
6607
  lets_encrypt_preferred_chain?: string;
5147
6608
  }
6609
+ namespace PublicCertificateConfigurationCALetsEncryptPrototype {
6610
+ namespace Constants {
6611
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6612
+ enum ConfigType {
6613
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6614
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6615
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6616
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6617
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6618
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6619
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6620
+ }
6621
+ /** The configuration of the Let's Encrypt CA environment. */
6622
+ enum LetsEncryptEnvironment {
6623
+ PRODUCTION = "production",
6624
+ STAGING = "staging"
6625
+ }
6626
+ }
6627
+ }
5148
6628
  /** Properties that describe a Classic Infrastructure DNS configuration. */
5149
6629
  interface PublicCertificateConfigurationDNSClassicInfrastructure extends Configuration {
5150
- /** The configuration type. */
5151
- config_type: string;
6630
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6631
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6632
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6633
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6634
+ */
6635
+ config_type: PublicCertificateConfigurationDNSClassicInfrastructure.Constants.ConfigType | string;
5152
6636
  /** The unique name of your configuration. */
5153
6637
  name: string;
5154
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5155
- * credentials, key-value, and user credentials.
6638
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6639
+ * service_credentials, kv, and username_password.
5156
6640
  */
5157
- secret_type: string;
6641
+ secret_type: PublicCertificateConfigurationDNSClassicInfrastructure.Constants.SecretType | string;
5158
6642
  /** The unique identifier that is associated with the entity that created the secret. */
5159
6643
  created_by: string;
5160
6644
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5174,16 +6658,45 @@ declare namespace SecretsManagerV2 {
5174
6658
  */
5175
6659
  classic_infrastructure_password: string;
5176
6660
  }
6661
+ namespace PublicCertificateConfigurationDNSClassicInfrastructure {
6662
+ namespace Constants {
6663
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6664
+ enum ConfigType {
6665
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6666
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6667
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6668
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6669
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6670
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6671
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6672
+ }
6673
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6674
+ enum SecretType {
6675
+ ARBITRARY = "arbitrary",
6676
+ IAM_CREDENTIALS = "iam_credentials",
6677
+ IMPORTED_CERT = "imported_cert",
6678
+ KV = "kv",
6679
+ PRIVATE_CERT = "private_cert",
6680
+ PUBLIC_CERT = "public_cert",
6681
+ SERVICE_CREDENTIALS = "service_credentials",
6682
+ USERNAME_PASSWORD = "username_password"
6683
+ }
6684
+ }
6685
+ }
5177
6686
  /** Your Classic Infrastructure DNS metadata properties. */
5178
6687
  interface PublicCertificateConfigurationDNSClassicInfrastructureMetadata extends ConfigurationMetadata {
5179
- /** The configuration type. */
5180
- config_type: string;
6688
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6689
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6690
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6691
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6692
+ */
6693
+ config_type: PublicCertificateConfigurationDNSClassicInfrastructureMetadata.Constants.ConfigType | string;
5181
6694
  /** The unique name of your configuration. */
5182
6695
  name: string;
5183
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5184
- * credentials, key-value, and user credentials.
6696
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6697
+ * service_credentials, kv, and username_password.
5185
6698
  */
5186
- secret_type: string;
6699
+ secret_type: PublicCertificateConfigurationDNSClassicInfrastructureMetadata.Constants.SecretType | string;
5187
6700
  /** The unique identifier that is associated with the entity that created the secret. */
5188
6701
  created_by: string;
5189
6702
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5191,6 +6704,31 @@ declare namespace SecretsManagerV2 {
5191
6704
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5192
6705
  updated_at: string;
5193
6706
  }
6707
+ namespace PublicCertificateConfigurationDNSClassicInfrastructureMetadata {
6708
+ namespace Constants {
6709
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6710
+ enum ConfigType {
6711
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6712
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6713
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6714
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6715
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6716
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6717
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6718
+ }
6719
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6720
+ enum SecretType {
6721
+ ARBITRARY = "arbitrary",
6722
+ IAM_CREDENTIALS = "iam_credentials",
6723
+ IMPORTED_CERT = "imported_cert",
6724
+ KV = "kv",
6725
+ PRIVATE_CERT = "private_cert",
6726
+ PUBLIC_CERT = "public_cert",
6727
+ SERVICE_CREDENTIALS = "service_credentials",
6728
+ USERNAME_PASSWORD = "username_password"
6729
+ }
6730
+ }
6731
+ }
5194
6732
  /** Properties that describe the configuration update of an IBM Cloud classic infrastructure (SoftLayer). */
5195
6733
  interface PublicCertificateConfigurationDNSClassicInfrastructurePatch extends ConfigurationPatch {
5196
6734
  /** The username that is associated with your classic infrastructure account.
@@ -5208,8 +6746,12 @@ declare namespace SecretsManagerV2 {
5208
6746
  }
5209
6747
  /** PublicCertificateConfigurationDNSClassicInfrastructurePrototype. */
5210
6748
  interface PublicCertificateConfigurationDNSClassicInfrastructurePrototype extends ConfigurationPrototype {
5211
- /** The configuration type. */
5212
- config_type: string;
6749
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6750
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6751
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6752
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6753
+ */
6754
+ config_type: PublicCertificateConfigurationDNSClassicInfrastructurePrototype.Constants.ConfigType | string;
5213
6755
  /** A human-readable unique name to assign to your configuration.
5214
6756
  *
5215
6757
  * To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
@@ -5228,47 +6770,100 @@ declare namespace SecretsManagerV2 {
5228
6770
  */
5229
6771
  classic_infrastructure_password: string;
5230
6772
  }
6773
+ namespace PublicCertificateConfigurationDNSClassicInfrastructurePrototype {
6774
+ namespace Constants {
6775
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6776
+ enum ConfigType {
6777
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6778
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6779
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6780
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6781
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6782
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6783
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6784
+ }
6785
+ }
6786
+ }
5231
6787
  /** Properties that describe a Cloud Internet Services DNS configuration. */
5232
6788
  interface PublicCertificateConfigurationDNSCloudInternetServices extends Configuration {
5233
- /** The configuration type. */
5234
- config_type: string;
6789
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6790
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6791
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6792
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6793
+ */
6794
+ config_type: PublicCertificateConfigurationDNSCloudInternetServices.Constants.ConfigType | string;
5235
6795
  /** The unique name of your configuration. */
5236
6796
  name: string;
5237
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5238
- * credentials, key-value, and user credentials.
6797
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6798
+ * service_credentials, kv, and username_password.
5239
6799
  */
5240
- secret_type: string;
6800
+ secret_type: PublicCertificateConfigurationDNSCloudInternetServices.Constants.SecretType | string;
5241
6801
  /** The unique identifier that is associated with the entity that created the secret. */
5242
6802
  created_by: string;
5243
6803
  /** The date when the resource was created. The date format follows `RFC 3339`. */
5244
6804
  created_at: string;
5245
6805
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5246
6806
  updated_at: string;
5247
- /** An IBM Cloud API key that can to list domains in your Cloud Internet Services instance.
6807
+ /** An IBM Cloud API key that can list domains in your Cloud Internet Services instance and add DNS records.
5248
6808
  *
5249
6809
  * To grant Secrets Manager the ability to view the Cloud Internet Services instance and all of its domains, the
5250
- * API key must be assigned the Reader service role on Internet Services (`internet-svcs`).
6810
+ * API key must be assigned the Reader service role on Internet Services (`internet-svcs`). In order to add DNS
6811
+ * records you need to assign the Manager role.
5251
6812
  *
5252
- * If you need to manage specific domains, you can assign the Manager role. For production environments, it is
5253
- * recommended that you assign the Reader access role, and then use the
6813
+ * If you want to manage specific domains, you can assign the Manager role for this specific domain. For
6814
+ * production environments, it is recommended that you assign the Reader access role, and then use the
5254
6815
  * [IAM Policy Management API](https://cloud.ibm.com/apidocs/iam-policy-management#create-policy) to control
5255
- * specific domains. For more information, see the
5256
- * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-specific-domains).
6816
+ * specific domains.
6817
+ *
6818
+ * If an IBM Cloud API key value is empty Secrets Manager tries to access your Cloud Internet Services instance
6819
+ * with service-to-service authorization.
6820
+ *
6821
+ * For more information, see the
6822
+ * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-cis).
5257
6823
  */
5258
6824
  cloud_internet_services_apikey?: string;
5259
6825
  /** A CRN that uniquely identifies an IBM Cloud resource. */
5260
6826
  cloud_internet_services_crn: string;
5261
6827
  }
6828
+ namespace PublicCertificateConfigurationDNSCloudInternetServices {
6829
+ namespace Constants {
6830
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6831
+ enum ConfigType {
6832
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6833
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6834
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6835
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6836
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6837
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6838
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6839
+ }
6840
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6841
+ enum SecretType {
6842
+ ARBITRARY = "arbitrary",
6843
+ IAM_CREDENTIALS = "iam_credentials",
6844
+ IMPORTED_CERT = "imported_cert",
6845
+ KV = "kv",
6846
+ PRIVATE_CERT = "private_cert",
6847
+ PUBLIC_CERT = "public_cert",
6848
+ SERVICE_CREDENTIALS = "service_credentials",
6849
+ USERNAME_PASSWORD = "username_password"
6850
+ }
6851
+ }
6852
+ }
5262
6853
  /** Your Cloud Internet Services DNS metadata properties. */
5263
6854
  interface PublicCertificateConfigurationDNSCloudInternetServicesMetadata extends ConfigurationMetadata {
5264
- /** The configuration type. */
5265
- config_type: string;
6855
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6856
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6857
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6858
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6859
+ */
6860
+ config_type: PublicCertificateConfigurationDNSCloudInternetServicesMetadata.Constants.ConfigType | string;
5266
6861
  /** The unique name of your configuration. */
5267
6862
  name: string;
5268
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5269
- * credentials, key-value, and user credentials.
6863
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
6864
+ * service_credentials, kv, and username_password.
5270
6865
  */
5271
- secret_type: string;
6866
+ secret_type: PublicCertificateConfigurationDNSCloudInternetServicesMetadata.Constants.SecretType | string;
5272
6867
  /** The unique identifier that is associated with the entity that created the secret. */
5273
6868
  created_by: string;
5274
6869
  /** The date when the resource was created. The date format follows `RFC 3339`. */
@@ -5276,18 +6871,49 @@ declare namespace SecretsManagerV2 {
5276
6871
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5277
6872
  updated_at: string;
5278
6873
  }
6874
+ namespace PublicCertificateConfigurationDNSCloudInternetServicesMetadata {
6875
+ namespace Constants {
6876
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6877
+ enum ConfigType {
6878
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6879
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6880
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6881
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6882
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6883
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6884
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6885
+ }
6886
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
6887
+ enum SecretType {
6888
+ ARBITRARY = "arbitrary",
6889
+ IAM_CREDENTIALS = "iam_credentials",
6890
+ IMPORTED_CERT = "imported_cert",
6891
+ KV = "kv",
6892
+ PRIVATE_CERT = "private_cert",
6893
+ PUBLIC_CERT = "public_cert",
6894
+ SERVICE_CREDENTIALS = "service_credentials",
6895
+ USERNAME_PASSWORD = "username_password"
6896
+ }
6897
+ }
6898
+ }
5279
6899
  /** The configuration update of the Cloud Internet Services DNS. */
5280
6900
  interface PublicCertificateConfigurationDNSCloudInternetServicesPatch extends ConfigurationPatch {
5281
- /** An IBM Cloud API key that can to list domains in your Cloud Internet Services instance.
6901
+ /** An IBM Cloud API key that can list domains in your Cloud Internet Services instance and add DNS records.
5282
6902
  *
5283
6903
  * To grant Secrets Manager the ability to view the Cloud Internet Services instance and all of its domains, the
5284
- * API key must be assigned the Reader service role on Internet Services (`internet-svcs`).
6904
+ * API key must be assigned the Reader service role on Internet Services (`internet-svcs`). In order to add DNS
6905
+ * records you need to assign the Manager role.
5285
6906
  *
5286
- * If you need to manage specific domains, you can assign the Manager role. For production environments, it is
5287
- * recommended that you assign the Reader access role, and then use the
6907
+ * If you want to manage specific domains, you can assign the Manager role for this specific domain. For
6908
+ * production environments, it is recommended that you assign the Reader access role, and then use the
5288
6909
  * [IAM Policy Management API](https://cloud.ibm.com/apidocs/iam-policy-management#create-policy) to control
5289
- * specific domains. For more information, see the
5290
- * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-specific-domains).
6910
+ * specific domains.
6911
+ *
6912
+ * If an IBM Cloud API key value is empty Secrets Manager tries to access your Cloud Internet Services instance
6913
+ * with service-to-service authorization.
6914
+ *
6915
+ * For more information, see the
6916
+ * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-cis).
5291
6917
  */
5292
6918
  cloud_internet_services_apikey: string;
5293
6919
  /** A CRN that uniquely identifies an IBM Cloud resource. */
@@ -5295,28 +6921,52 @@ declare namespace SecretsManagerV2 {
5295
6921
  }
5296
6922
  /** Specify the properties for Cloud Internet Services DNS configuration. */
5297
6923
  interface PublicCertificateConfigurationDNSCloudInternetServicesPrototype extends ConfigurationPrototype {
5298
- /** The configuration type. */
5299
- config_type: string;
6924
+ /** The configuration type. Can be one of: iam_credentials_configuration,
6925
+ * public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure,
6926
+ * public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca,
6927
+ * private_cert_configuration_intermediate_ca, private_cert_configuration_template.
6928
+ */
6929
+ config_type: PublicCertificateConfigurationDNSCloudInternetServicesPrototype.Constants.ConfigType | string;
5300
6930
  /** A human-readable unique name to assign to your configuration.
5301
6931
  *
5302
6932
  * To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
5303
6933
  */
5304
6934
  name: string;
5305
- /** An IBM Cloud API key that can to list domains in your Cloud Internet Services instance.
6935
+ /** An IBM Cloud API key that can list domains in your Cloud Internet Services instance and add DNS records.
5306
6936
  *
5307
6937
  * To grant Secrets Manager the ability to view the Cloud Internet Services instance and all of its domains, the
5308
- * API key must be assigned the Reader service role on Internet Services (`internet-svcs`).
6938
+ * API key must be assigned the Reader service role on Internet Services (`internet-svcs`). In order to add DNS
6939
+ * records you need to assign the Manager role.
5309
6940
  *
5310
- * If you need to manage specific domains, you can assign the Manager role. For production environments, it is
5311
- * recommended that you assign the Reader access role, and then use the
6941
+ * If you want to manage specific domains, you can assign the Manager role for this specific domain. For
6942
+ * production environments, it is recommended that you assign the Reader access role, and then use the
5312
6943
  * [IAM Policy Management API](https://cloud.ibm.com/apidocs/iam-policy-management#create-policy) to control
5313
- * specific domains. For more information, see the
5314
- * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-specific-domains).
6944
+ * specific domains.
6945
+ *
6946
+ * If an IBM Cloud API key value is empty Secrets Manager tries to access your Cloud Internet Services instance
6947
+ * with service-to-service authorization.
6948
+ *
6949
+ * For more information, see the
6950
+ * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-cis).
5315
6951
  */
5316
6952
  cloud_internet_services_apikey?: string;
5317
6953
  /** A CRN that uniquely identifies an IBM Cloud resource. */
5318
6954
  cloud_internet_services_crn: string;
5319
6955
  }
6956
+ namespace PublicCertificateConfigurationDNSCloudInternetServicesPrototype {
6957
+ namespace Constants {
6958
+ /** The configuration type. Can be one of: iam_credentials_configuration, public_cert_configuration_ca_lets_encrypt, public_cert_configuration_dns_classic_infrastructure, public_cert_configuration_dns_cloud_internet_services, private_cert_configuration_root_ca, private_cert_configuration_intermediate_ca, private_cert_configuration_template. */
6959
+ enum ConfigType {
6960
+ PUBLIC_CERT_CONFIGURATION_CA_LETS_ENCRYPT = "public_cert_configuration_ca_lets_encrypt",
6961
+ PUBLIC_CERT_CONFIGURATION_DNS_CLASSIC_INFRASTRUCTURE = "public_cert_configuration_dns_classic_infrastructure",
6962
+ PUBLIC_CERT_CONFIGURATION_DNS_CLOUD_INTERNET_SERVICES = "public_cert_configuration_dns_cloud_internet_services",
6963
+ IAM_CREDENTIALS_CONFIGURATION = "iam_credentials_configuration",
6964
+ PRIVATE_CERT_CONFIGURATION_ROOT_CA = "private_cert_configuration_root_ca",
6965
+ PRIVATE_CERT_CONFIGURATION_INTERMEDIATE_CA = "private_cert_configuration_intermediate_ca",
6966
+ PRIVATE_CERT_CONFIGURATION_TEMPLATE = "private_cert_configuration_template"
6967
+ }
6968
+ }
6969
+ }
5320
6970
  /** Properties of the metadata of your public certificate. */
5321
6971
  interface PublicCertificateMetadata extends SecretMetadata {
5322
6972
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -5352,16 +7002,16 @@ declare namespace SecretsManagerV2 {
5352
7002
  name?: string;
5353
7003
  /** A v4 UUID identifier, or `default` secret group. */
5354
7004
  secret_group_id: string;
5355
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5356
- * credentials, key-value, and user credentials.
7005
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7006
+ * service_credentials, kv, and username_password.
5357
7007
  */
5358
- secret_type: string;
7008
+ secret_type: PublicCertificateMetadata.Constants.SecretType | string;
5359
7009
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
5360
7010
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
5361
7011
  */
5362
7012
  state?: number;
5363
7013
  /** A text representation of the secret state. */
5364
- state_description?: string;
7014
+ state_description?: PublicCertificateMetadata.Constants.StateDescription | string;
5365
7015
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5366
7016
  updated_at: string;
5367
7017
  /** The number of versions of your secret. */
@@ -5407,6 +7057,29 @@ declare namespace SecretsManagerV2 {
5407
7057
  /** The name of the DNS provider configuration. */
5408
7058
  dns?: string;
5409
7059
  }
7060
+ namespace PublicCertificateMetadata {
7061
+ namespace Constants {
7062
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7063
+ enum SecretType {
7064
+ ARBITRARY = "arbitrary",
7065
+ IAM_CREDENTIALS = "iam_credentials",
7066
+ IMPORTED_CERT = "imported_cert",
7067
+ KV = "kv",
7068
+ PRIVATE_CERT = "private_cert",
7069
+ PUBLIC_CERT = "public_cert",
7070
+ SERVICE_CREDENTIALS = "service_credentials",
7071
+ USERNAME_PASSWORD = "username_password"
7072
+ }
7073
+ /** A text representation of the secret state. */
7074
+ enum StateDescription {
7075
+ PRE_ACTIVATION = "pre_activation",
7076
+ ACTIVE = "active",
7077
+ SUSPENDED = "suspended",
7078
+ DEACTIVATED = "deactivated",
7079
+ DESTROYED = "destroyed"
7080
+ }
7081
+ }
7082
+ }
5410
7083
  /** PublicCertificateMetadataPatch. */
5411
7084
  interface PublicCertificateMetadataPatch extends SecretMetadataPatch {
5412
7085
  /** A human-readable name to assign to your secret.
@@ -5436,10 +7109,10 @@ declare namespace SecretsManagerV2 {
5436
7109
  }
5437
7110
  /** PublicCertificatePrototype. */
5438
7111
  interface PublicCertificatePrototype extends SecretPrototype {
5439
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5440
- * credentials, key-value, and user credentials.
7112
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7113
+ * service_credentials, kv, and username_password.
5441
7114
  */
5442
- secret_type: string;
7115
+ secret_type: PublicCertificatePrototype.Constants.SecretType | string;
5443
7116
  /** A human-readable name to assign to your secret.
5444
7117
  *
5445
7118
  * To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -5491,6 +7164,21 @@ declare namespace SecretsManagerV2 {
5491
7164
  /** The secret version metadata that a user can customize. */
5492
7165
  version_custom_metadata?: JsonObject;
5493
7166
  }
7167
+ namespace PublicCertificatePrototype {
7168
+ namespace Constants {
7169
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7170
+ enum SecretType {
7171
+ ARBITRARY = "arbitrary",
7172
+ IAM_CREDENTIALS = "iam_credentials",
7173
+ IMPORTED_CERT = "imported_cert",
7174
+ KV = "kv",
7175
+ PRIVATE_CERT = "private_cert",
7176
+ PUBLIC_CERT = "public_cert",
7177
+ SERVICE_CREDENTIALS = "service_credentials",
7178
+ USERNAME_PASSWORD = "username_password"
7179
+ }
7180
+ }
7181
+ }
5494
7182
  /** This field indicates whether Secrets Manager rotates your secrets automatically. For public certificates, if `auto_rotate` is set to `true`, the service reorders your certificate for 31 days, before it expires. */
5495
7183
  interface PublicCertificateRotationPolicy extends RotationPolicy {
5496
7184
  /** This field indicates whether Secrets Manager rotates your secret automatically.
@@ -5523,10 +7211,10 @@ declare namespace SecretsManagerV2 {
5523
7211
  id: string;
5524
7212
  /** The human-readable name of your secret. */
5525
7213
  secret_name?: string;
5526
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5527
- * credentials, key-value, and user credentials.
7214
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7215
+ * service_credentials, kv, and username_password.
5528
7216
  */
5529
- secret_type: string;
7217
+ secret_type: PublicCertificateVersion.Constants.SecretType | string;
5530
7218
  /** A v4 UUID identifier, or `default` secret group. */
5531
7219
  secret_group_id: string;
5532
7220
  /** Indicates whether the secret payload is available in this secret version. */
@@ -5534,7 +7222,7 @@ declare namespace SecretsManagerV2 {
5534
7222
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
5535
7223
  * is used for version `n-1`.
5536
7224
  */
5537
- alias?: string;
7225
+ alias?: PublicCertificateVersion.Constants.Alias | string;
5538
7226
  /** The secret version metadata that a user can customize. */
5539
7227
  version_custom_metadata?: JsonObject;
5540
7228
  /** A v4 UUID identifier. */
@@ -5558,6 +7246,26 @@ declare namespace SecretsManagerV2 {
5558
7246
  */
5559
7247
  private_key?: string;
5560
7248
  }
7249
+ namespace PublicCertificateVersion {
7250
+ namespace Constants {
7251
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7252
+ enum SecretType {
7253
+ ARBITRARY = "arbitrary",
7254
+ IAM_CREDENTIALS = "iam_credentials",
7255
+ IMPORTED_CERT = "imported_cert",
7256
+ KV = "kv",
7257
+ PRIVATE_CERT = "private_cert",
7258
+ PUBLIC_CERT = "public_cert",
7259
+ SERVICE_CREDENTIALS = "service_credentials",
7260
+ USERNAME_PASSWORD = "username_password"
7261
+ }
7262
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
7263
+ enum Alias {
7264
+ CURRENT = "current",
7265
+ PREVIOUS = "previous"
7266
+ }
7267
+ }
7268
+ }
5561
7269
  /** Properties of the version metadata of your public certificate. */
5562
7270
  interface PublicCertificateVersionMetadata extends SecretVersionMetadata {
5563
7271
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -5574,10 +7282,10 @@ declare namespace SecretsManagerV2 {
5574
7282
  id: string;
5575
7283
  /** The human-readable name of your secret. */
5576
7284
  secret_name?: string;
5577
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5578
- * credentials, key-value, and user credentials.
7285
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7286
+ * service_credentials, kv, and username_password.
5579
7287
  */
5580
- secret_type: string;
7288
+ secret_type: PublicCertificateVersionMetadata.Constants.SecretType | string;
5581
7289
  /** A v4 UUID identifier, or `default` secret group. */
5582
7290
  secret_group_id: string;
5583
7291
  /** Indicates whether the secret payload is available in this secret version. */
@@ -5585,7 +7293,7 @@ declare namespace SecretsManagerV2 {
5585
7293
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
5586
7294
  * is used for version `n-1`.
5587
7295
  */
5588
- alias?: string;
7296
+ alias?: PublicCertificateVersionMetadata.Constants.Alias | string;
5589
7297
  /** The secret version metadata that a user can customize. */
5590
7298
  version_custom_metadata?: JsonObject;
5591
7299
  /** A v4 UUID identifier. */
@@ -5599,6 +7307,26 @@ declare namespace SecretsManagerV2 {
5599
7307
  /** The date and time that the certificate validity period begins and ends. */
5600
7308
  validity?: CertificateValidity;
5601
7309
  }
7310
+ namespace PublicCertificateVersionMetadata {
7311
+ namespace Constants {
7312
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7313
+ enum SecretType {
7314
+ ARBITRARY = "arbitrary",
7315
+ IAM_CREDENTIALS = "iam_credentials",
7316
+ IMPORTED_CERT = "imported_cert",
7317
+ KV = "kv",
7318
+ PRIVATE_CERT = "private_cert",
7319
+ PUBLIC_CERT = "public_cert",
7320
+ SERVICE_CREDENTIALS = "service_credentials",
7321
+ USERNAME_PASSWORD = "username_password"
7322
+ }
7323
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
7324
+ enum Alias {
7325
+ CURRENT = "current",
7326
+ PREVIOUS = "previous"
7327
+ }
7328
+ }
7329
+ }
5602
7330
  /** PublicCertificateVersionPrototype. */
5603
7331
  interface PublicCertificateVersionPrototype extends SecretVersionPrototype {
5604
7332
  /** Defines the rotation object that is used to manually rotate public certificates. */
@@ -5608,6 +7336,418 @@ declare namespace SecretsManagerV2 {
5608
7336
  /** The secret version metadata that a user can customize. */
5609
7337
  version_custom_metadata?: JsonObject;
5610
7338
  }
7339
+ /** Your service credentials secret. */
7340
+ interface ServiceCredentialsSecret extends Secret {
7341
+ /** The unique identifier that is associated with the entity that created the secret. */
7342
+ created_by: string;
7343
+ /** The date when the resource was created. The date format follows `RFC 3339`. */
7344
+ created_at: string;
7345
+ /** A CRN that uniquely identifies an IBM Cloud resource. */
7346
+ crn: string;
7347
+ /** The secret metadata that a user can customize. */
7348
+ custom_metadata?: JsonObject;
7349
+ /** An extended description of your secret.
7350
+ *
7351
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
7352
+ * secret group.
7353
+ */
7354
+ description?: string;
7355
+ /** This field indicates whether the secret data that is associated with a secret version was retrieved in a
7356
+ * call to the service API.
7357
+ */
7358
+ downloaded?: boolean;
7359
+ /** A v4 UUID identifier. */
7360
+ id: string;
7361
+ /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
7362
+ *
7363
+ * Label can be between 2-30 characters, including spaces.
7364
+ *
7365
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
7366
+ */
7367
+ labels?: string[];
7368
+ /** The number of locks of the secret. */
7369
+ locks_total?: number;
7370
+ /** The human-readable name of your secret. */
7371
+ name?: string;
7372
+ /** A v4 UUID identifier, or `default` secret group. */
7373
+ secret_group_id: string;
7374
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7375
+ * service_credentials, kv, and username_password.
7376
+ */
7377
+ secret_type: ServiceCredentialsSecret.Constants.SecretType | string;
7378
+ /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
7379
+ * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
7380
+ */
7381
+ state?: number;
7382
+ /** A text representation of the secret state. */
7383
+ state_description?: ServiceCredentialsSecret.Constants.StateDescription | string;
7384
+ /** The date when a resource was modified. The date format follows `RFC 3339`. */
7385
+ updated_at: string;
7386
+ /** The number of versions of your secret. */
7387
+ versions_total: number;
7388
+ /** The date that the secret is scheduled for automatic rotation.
7389
+ *
7390
+ * The service automatically creates a new version of the secret on its next rotation date. This field exists only
7391
+ * for secrets that can be auto-rotated and an existing rotation policy.
7392
+ */
7393
+ next_rotation_date?: string;
7394
+ /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
7395
+ * username_password, private_cert, public_cert, iam_credentials.
7396
+ */
7397
+ rotation?: RotationPolicy;
7398
+ /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
7399
+ * types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
7400
+ * value can be either an integer that specifies the number of seconds, or the string representation of a
7401
+ * duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
7402
+ * duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
7403
+ * optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
7404
+ */
7405
+ ttl?: string;
7406
+ /** The properties of the resource key that was created for this source service instance. */
7407
+ source_service: ServiceCredentialsSecretSourceServiceRO;
7408
+ /** The properties of the service credentials secret payload. */
7409
+ credentials: ServiceCredentialsSecretCredentials;
7410
+ }
7411
+ namespace ServiceCredentialsSecret {
7412
+ namespace Constants {
7413
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7414
+ enum SecretType {
7415
+ ARBITRARY = "arbitrary",
7416
+ IAM_CREDENTIALS = "iam_credentials",
7417
+ IMPORTED_CERT = "imported_cert",
7418
+ KV = "kv",
7419
+ PRIVATE_CERT = "private_cert",
7420
+ PUBLIC_CERT = "public_cert",
7421
+ SERVICE_CREDENTIALS = "service_credentials",
7422
+ USERNAME_PASSWORD = "username_password"
7423
+ }
7424
+ /** A text representation of the secret state. */
7425
+ enum StateDescription {
7426
+ PRE_ACTIVATION = "pre_activation",
7427
+ ACTIVE = "active",
7428
+ SUSPENDED = "suspended",
7429
+ DEACTIVATED = "deactivated",
7430
+ DESTROYED = "destroyed"
7431
+ }
7432
+ }
7433
+ }
7434
+ /** The metadata properties for your service credentials secret. */
7435
+ interface ServiceCredentialsSecretMetadata extends SecretMetadata {
7436
+ /** The unique identifier that is associated with the entity that created the secret. */
7437
+ created_by: string;
7438
+ /** The date when the resource was created. The date format follows `RFC 3339`. */
7439
+ created_at: string;
7440
+ /** A CRN that uniquely identifies an IBM Cloud resource. */
7441
+ crn: string;
7442
+ /** The secret metadata that a user can customize. */
7443
+ custom_metadata?: JsonObject;
7444
+ /** An extended description of your secret.
7445
+ *
7446
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
7447
+ * secret group.
7448
+ */
7449
+ description?: string;
7450
+ /** This field indicates whether the secret data that is associated with a secret version was retrieved in a
7451
+ * call to the service API.
7452
+ */
7453
+ downloaded?: boolean;
7454
+ /** A v4 UUID identifier. */
7455
+ id: string;
7456
+ /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
7457
+ *
7458
+ * Label can be between 2-30 characters, including spaces.
7459
+ *
7460
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
7461
+ */
7462
+ labels?: string[];
7463
+ /** The number of locks of the secret. */
7464
+ locks_total?: number;
7465
+ /** The human-readable name of your secret. */
7466
+ name?: string;
7467
+ /** A v4 UUID identifier, or `default` secret group. */
7468
+ secret_group_id: string;
7469
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7470
+ * service_credentials, kv, and username_password.
7471
+ */
7472
+ secret_type: ServiceCredentialsSecretMetadata.Constants.SecretType | string;
7473
+ /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
7474
+ * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
7475
+ */
7476
+ state?: number;
7477
+ /** A text representation of the secret state. */
7478
+ state_description?: ServiceCredentialsSecretMetadata.Constants.StateDescription | string;
7479
+ /** The date when a resource was modified. The date format follows `RFC 3339`. */
7480
+ updated_at: string;
7481
+ /** The number of versions of your secret. */
7482
+ versions_total: number;
7483
+ /** The date that the secret is scheduled for automatic rotation.
7484
+ *
7485
+ * The service automatically creates a new version of the secret on its next rotation date. This field exists only
7486
+ * for secrets that can be auto-rotated and an existing rotation policy.
7487
+ */
7488
+ next_rotation_date?: string;
7489
+ /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
7490
+ * username_password, private_cert, public_cert, iam_credentials.
7491
+ */
7492
+ rotation?: RotationPolicy;
7493
+ /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
7494
+ * types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
7495
+ * value can be either an integer that specifies the number of seconds, or the string representation of a
7496
+ * duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
7497
+ * duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
7498
+ * optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
7499
+ */
7500
+ ttl?: string;
7501
+ /** The properties of the resource key that was created for this source service instance. */
7502
+ source_service: ServiceCredentialsSecretSourceServiceRO;
7503
+ }
7504
+ namespace ServiceCredentialsSecretMetadata {
7505
+ namespace Constants {
7506
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7507
+ enum SecretType {
7508
+ ARBITRARY = "arbitrary",
7509
+ IAM_CREDENTIALS = "iam_credentials",
7510
+ IMPORTED_CERT = "imported_cert",
7511
+ KV = "kv",
7512
+ PRIVATE_CERT = "private_cert",
7513
+ PUBLIC_CERT = "public_cert",
7514
+ SERVICE_CREDENTIALS = "service_credentials",
7515
+ USERNAME_PASSWORD = "username_password"
7516
+ }
7517
+ /** A text representation of the secret state. */
7518
+ enum StateDescription {
7519
+ PRE_ACTIVATION = "pre_activation",
7520
+ ACTIVE = "active",
7521
+ SUSPENDED = "suspended",
7522
+ DEACTIVATED = "deactivated",
7523
+ DESTROYED = "destroyed"
7524
+ }
7525
+ }
7526
+ }
7527
+ /** ServiceCredentialsSecretMetadataPatch. */
7528
+ interface ServiceCredentialsSecretMetadataPatch extends SecretMetadataPatch {
7529
+ /** The secret metadata that a user can customize. */
7530
+ custom_metadata?: JsonObject;
7531
+ /** An extended description of your secret.
7532
+ *
7533
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
7534
+ * secret group.
7535
+ */
7536
+ description?: string;
7537
+ /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
7538
+ *
7539
+ * Label can be between 2-30 characters, including spaces.
7540
+ *
7541
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
7542
+ */
7543
+ labels?: string[];
7544
+ /** A human-readable name to assign to your secret.
7545
+ *
7546
+ * To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
7547
+ */
7548
+ name?: string;
7549
+ /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
7550
+ * username_password, private_cert, public_cert, iam_credentials.
7551
+ */
7552
+ rotation?: RotationPolicy;
7553
+ /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
7554
+ * types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
7555
+ * value can be either an integer that specifies the number of seconds, or the string representation of a
7556
+ * duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
7557
+ * duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
7558
+ * optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
7559
+ */
7560
+ ttl?: string;
7561
+ }
7562
+ /** ServiceCredentialsSecretPrototype. */
7563
+ interface ServiceCredentialsSecretPrototype extends SecretPrototype {
7564
+ /** The secret metadata that a user can customize. */
7565
+ custom_metadata?: JsonObject;
7566
+ /** An extended description of your secret.
7567
+ *
7568
+ * To protect your privacy, do not use personal data, such as your name or location, as a description for your
7569
+ * secret group.
7570
+ */
7571
+ description?: string;
7572
+ /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
7573
+ *
7574
+ * Label can be between 2-30 characters, including spaces.
7575
+ *
7576
+ * To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
7577
+ */
7578
+ labels?: string[];
7579
+ /** A human-readable name to assign to your secret.
7580
+ *
7581
+ * To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
7582
+ */
7583
+ name: string;
7584
+ /** This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types:
7585
+ * username_password, private_cert, public_cert, iam_credentials.
7586
+ */
7587
+ rotation?: RotationPolicy;
7588
+ /** A v4 UUID identifier, or `default` secret group. */
7589
+ secret_group_id?: string;
7590
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7591
+ * service_credentials, kv, and username_password.
7592
+ */
7593
+ secret_type: ServiceCredentialsSecretPrototype.Constants.SecretType | string;
7594
+ /** The properties that are required to create the service credentials for the specified source service
7595
+ * instance.
7596
+ */
7597
+ source_service: ServiceCredentialsSecretSourceService;
7598
+ /** The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret
7599
+ * types: iam_credentials, service_credentials. The TTL defines how long generated credentials remain valid. The
7600
+ * value can be either an integer that specifies the number of seconds, or the string representation of a
7601
+ * duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum
7602
+ * duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is
7603
+ * optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
7604
+ */
7605
+ ttl?: string;
7606
+ /** The secret version metadata that a user can customize. */
7607
+ version_custom_metadata?: JsonObject;
7608
+ }
7609
+ namespace ServiceCredentialsSecretPrototype {
7610
+ namespace Constants {
7611
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7612
+ enum SecretType {
7613
+ ARBITRARY = "arbitrary",
7614
+ IAM_CREDENTIALS = "iam_credentials",
7615
+ IMPORTED_CERT = "imported_cert",
7616
+ KV = "kv",
7617
+ PRIVATE_CERT = "private_cert",
7618
+ PUBLIC_CERT = "public_cert",
7619
+ SERVICE_CREDENTIALS = "service_credentials",
7620
+ USERNAME_PASSWORD = "username_password"
7621
+ }
7622
+ }
7623
+ }
7624
+ /** Your service credentials secret version. */
7625
+ interface ServiceCredentialsSecretVersion extends SecretVersion {
7626
+ /** Indicates whether the version of the secret was created by automatic rotation. */
7627
+ auto_rotated?: boolean;
7628
+ /** The unique identifier that is associated with the entity that created the secret. */
7629
+ created_by: string;
7630
+ /** The date when the resource was created. The date format follows `RFC 3339`. */
7631
+ created_at: string;
7632
+ /** This field indicates whether the secret data that is associated with a secret version was retrieved in a
7633
+ * call to the service API.
7634
+ */
7635
+ downloaded?: boolean;
7636
+ /** A v4 UUID identifier. */
7637
+ id: string;
7638
+ /** The human-readable name of your secret. */
7639
+ secret_name?: string;
7640
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7641
+ * service_credentials, kv, and username_password.
7642
+ */
7643
+ secret_type: ServiceCredentialsSecretVersion.Constants.SecretType | string;
7644
+ /** A v4 UUID identifier, or `default` secret group. */
7645
+ secret_group_id: string;
7646
+ /** Indicates whether the secret payload is available in this secret version. */
7647
+ payload_available: boolean;
7648
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
7649
+ * is used for version `n-1`.
7650
+ */
7651
+ alias?: ServiceCredentialsSecretVersion.Constants.Alias | string;
7652
+ /** The secret version metadata that a user can customize. */
7653
+ version_custom_metadata?: JsonObject;
7654
+ /** A v4 UUID identifier. */
7655
+ secret_id: string;
7656
+ /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
7657
+ * types: Arbitrary, username_password.
7658
+ */
7659
+ expiration_date?: string;
7660
+ /** The source service resource key data of the generated service credentials. */
7661
+ resource_key?: ServiceCredentialsResourceKey;
7662
+ /** The properties of the service credentials secret payload. */
7663
+ credentials: ServiceCredentialsSecretCredentials;
7664
+ }
7665
+ namespace ServiceCredentialsSecretVersion {
7666
+ namespace Constants {
7667
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7668
+ enum SecretType {
7669
+ ARBITRARY = "arbitrary",
7670
+ IAM_CREDENTIALS = "iam_credentials",
7671
+ IMPORTED_CERT = "imported_cert",
7672
+ KV = "kv",
7673
+ PRIVATE_CERT = "private_cert",
7674
+ PUBLIC_CERT = "public_cert",
7675
+ SERVICE_CREDENTIALS = "service_credentials",
7676
+ USERNAME_PASSWORD = "username_password"
7677
+ }
7678
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
7679
+ enum Alias {
7680
+ CURRENT = "current",
7681
+ PREVIOUS = "previous"
7682
+ }
7683
+ }
7684
+ }
7685
+ /** The version metadata properties for your service credentials secret. */
7686
+ interface ServiceCredentialsSecretVersionMetadata extends SecretVersionMetadata {
7687
+ /** Indicates whether the version of the secret was created by automatic rotation. */
7688
+ auto_rotated?: boolean;
7689
+ /** The unique identifier that is associated with the entity that created the secret. */
7690
+ created_by: string;
7691
+ /** The date when the resource was created. The date format follows `RFC 3339`. */
7692
+ created_at: string;
7693
+ /** This field indicates whether the secret data that is associated with a secret version was retrieved in a
7694
+ * call to the service API.
7695
+ */
7696
+ downloaded?: boolean;
7697
+ /** A v4 UUID identifier. */
7698
+ id: string;
7699
+ /** The human-readable name of your secret. */
7700
+ secret_name?: string;
7701
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7702
+ * service_credentials, kv, and username_password.
7703
+ */
7704
+ secret_type: ServiceCredentialsSecretVersionMetadata.Constants.SecretType | string;
7705
+ /** A v4 UUID identifier, or `default` secret group. */
7706
+ secret_group_id: string;
7707
+ /** Indicates whether the secret payload is available in this secret version. */
7708
+ payload_available: boolean;
7709
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
7710
+ * is used for version `n-1`.
7711
+ */
7712
+ alias?: ServiceCredentialsSecretVersionMetadata.Constants.Alias | string;
7713
+ /** The secret version metadata that a user can customize. */
7714
+ version_custom_metadata?: JsonObject;
7715
+ /** A v4 UUID identifier. */
7716
+ secret_id: string;
7717
+ /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
7718
+ * types: Arbitrary, username_password.
7719
+ */
7720
+ expiration_date?: string;
7721
+ /** The source service resource key data of the generated service credentials. */
7722
+ resource_key?: ServiceCredentialsResourceKey;
7723
+ }
7724
+ namespace ServiceCredentialsSecretVersionMetadata {
7725
+ namespace Constants {
7726
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7727
+ enum SecretType {
7728
+ ARBITRARY = "arbitrary",
7729
+ IAM_CREDENTIALS = "iam_credentials",
7730
+ IMPORTED_CERT = "imported_cert",
7731
+ KV = "kv",
7732
+ PRIVATE_CERT = "private_cert",
7733
+ PUBLIC_CERT = "public_cert",
7734
+ SERVICE_CREDENTIALS = "service_credentials",
7735
+ USERNAME_PASSWORD = "username_password"
7736
+ }
7737
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
7738
+ enum Alias {
7739
+ CURRENT = "current",
7740
+ PREVIOUS = "previous"
7741
+ }
7742
+ }
7743
+ }
7744
+ /** ServiceCredentialsSecretVersionPrototype. */
7745
+ interface ServiceCredentialsSecretVersionPrototype extends SecretVersionPrototype {
7746
+ /** The secret metadata that a user can customize. */
7747
+ custom_metadata?: JsonObject;
7748
+ /** The secret version metadata that a user can customize. */
7749
+ version_custom_metadata?: JsonObject;
7750
+ }
5611
7751
  /** Your user credentials secret. */
5612
7752
  interface UsernamePasswordSecret extends Secret {
5613
7753
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -5643,16 +7783,16 @@ declare namespace SecretsManagerV2 {
5643
7783
  name?: string;
5644
7784
  /** A v4 UUID identifier, or `default` secret group. */
5645
7785
  secret_group_id: string;
5646
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5647
- * credentials, key-value, and user credentials.
7786
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7787
+ * service_credentials, kv, and username_password.
5648
7788
  */
5649
- secret_type: string;
7789
+ secret_type: UsernamePasswordSecret.Constants.SecretType | string;
5650
7790
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
5651
7791
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
5652
7792
  */
5653
7793
  state?: number;
5654
7794
  /** A text representation of the secret state. */
5655
- state_description?: string;
7795
+ state_description?: UsernamePasswordSecret.Constants.StateDescription | string;
5656
7796
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5657
7797
  updated_at: string;
5658
7798
  /** The number of versions of your secret. */
@@ -5671,11 +7811,36 @@ declare namespace SecretsManagerV2 {
5671
7811
  * for secrets that can be auto-rotated and an existing rotation policy.
5672
7812
  */
5673
7813
  next_rotation_date?: string;
7814
+ /** Policy for auto-generated passwords. */
7815
+ password_generation_policy?: PasswordGenerationPolicyRO;
5674
7816
  /** The username that is assigned to an `username_password` secret. */
5675
7817
  username: string;
5676
7818
  /** The password that is assigned to an `username_password` secret. */
5677
7819
  password: string;
5678
7820
  }
7821
+ namespace UsernamePasswordSecret {
7822
+ namespace Constants {
7823
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7824
+ enum SecretType {
7825
+ ARBITRARY = "arbitrary",
7826
+ IAM_CREDENTIALS = "iam_credentials",
7827
+ IMPORTED_CERT = "imported_cert",
7828
+ KV = "kv",
7829
+ PRIVATE_CERT = "private_cert",
7830
+ PUBLIC_CERT = "public_cert",
7831
+ SERVICE_CREDENTIALS = "service_credentials",
7832
+ USERNAME_PASSWORD = "username_password"
7833
+ }
7834
+ /** A text representation of the secret state. */
7835
+ enum StateDescription {
7836
+ PRE_ACTIVATION = "pre_activation",
7837
+ ACTIVE = "active",
7838
+ SUSPENDED = "suspended",
7839
+ DEACTIVATED = "deactivated",
7840
+ DESTROYED = "destroyed"
7841
+ }
7842
+ }
7843
+ }
5679
7844
  /** Properties of the metadata of your user credentials secret. */
5680
7845
  interface UsernamePasswordSecretMetadata extends SecretMetadata {
5681
7846
  /** The unique identifier that is associated with the entity that created the secret. */
@@ -5711,16 +7876,16 @@ declare namespace SecretsManagerV2 {
5711
7876
  name?: string;
5712
7877
  /** A v4 UUID identifier, or `default` secret group. */
5713
7878
  secret_group_id: string;
5714
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5715
- * credentials, key-value, and user credentials.
7879
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7880
+ * service_credentials, kv, and username_password.
5716
7881
  */
5717
- secret_type: string;
7882
+ secret_type: UsernamePasswordSecretMetadata.Constants.SecretType | string;
5718
7883
  /** The secret state that is based on `NIST SP 800-57`. States are integers and correspond to the
5719
7884
  * `Pre-activation = 0`, `Active = 1`, `Suspended = 2`, `Deactivated = 3`, and `Destroyed = 5` values.
5720
7885
  */
5721
7886
  state?: number;
5722
7887
  /** A text representation of the secret state. */
5723
- state_description?: string;
7888
+ state_description?: UsernamePasswordSecretMetadata.Constants.StateDescription | string;
5724
7889
  /** The date when a resource was modified. The date format follows `RFC 3339`. */
5725
7890
  updated_at: string;
5726
7891
  /** The number of versions of your secret. */
@@ -5739,6 +7904,31 @@ declare namespace SecretsManagerV2 {
5739
7904
  * for secrets that can be auto-rotated and an existing rotation policy.
5740
7905
  */
5741
7906
  next_rotation_date?: string;
7907
+ /** Policy for auto-generated passwords. */
7908
+ password_generation_policy?: PasswordGenerationPolicyRO;
7909
+ }
7910
+ namespace UsernamePasswordSecretMetadata {
7911
+ namespace Constants {
7912
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
7913
+ enum SecretType {
7914
+ ARBITRARY = "arbitrary",
7915
+ IAM_CREDENTIALS = "iam_credentials",
7916
+ IMPORTED_CERT = "imported_cert",
7917
+ KV = "kv",
7918
+ PRIVATE_CERT = "private_cert",
7919
+ PUBLIC_CERT = "public_cert",
7920
+ SERVICE_CREDENTIALS = "service_credentials",
7921
+ USERNAME_PASSWORD = "username_password"
7922
+ }
7923
+ /** A text representation of the secret state. */
7924
+ enum StateDescription {
7925
+ PRE_ACTIVATION = "pre_activation",
7926
+ ACTIVE = "active",
7927
+ SUSPENDED = "suspended",
7928
+ DEACTIVATED = "deactivated",
7929
+ DESTROYED = "destroyed"
7930
+ }
7931
+ }
5742
7932
  }
5743
7933
  /** UsernamePasswordSecretMetadataPatch. */
5744
7934
  interface UsernamePasswordSecretMetadataPatch extends SecretMetadataPatch {
@@ -5770,13 +7960,17 @@ declare namespace SecretsManagerV2 {
5770
7960
  * types: Arbitrary, username_password.
5771
7961
  */
5772
7962
  expiration_date?: string;
7963
+ /** Policy patch for auto-generated passwords. Policy properties that are included in the patch are updated.
7964
+ * Properties that are not included in the patch remain unchanged.
7965
+ */
7966
+ password_generation_policy?: PasswordGenerationPolicyPatch;
5773
7967
  }
5774
7968
  /** UsernamePasswordSecretPrototype. */
5775
7969
  interface UsernamePasswordSecretPrototype extends SecretPrototype {
5776
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5777
- * credentials, key-value, and user credentials.
7970
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
7971
+ * service_credentials, kv, and username_password.
5778
7972
  */
5779
- secret_type: string;
7973
+ secret_type: UsernamePasswordSecretPrototype.Constants.SecretType | string;
5780
7974
  /** A human-readable name to assign to your secret.
5781
7975
  *
5782
7976
  * To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
@@ -5799,8 +7993,10 @@ declare namespace SecretsManagerV2 {
5799
7993
  labels?: string[];
5800
7994
  /** The username that is assigned to an `username_password` secret. */
5801
7995
  username: string;
5802
- /** The password that is assigned to an `username_password` secret. */
5803
- password: string;
7996
+ /** The password that is assigned to an `username_password` secret. If you omit this parameter, Secrets Manager
7997
+ * generates a new random password for your secret.
7998
+ */
7999
+ password?: string;
5804
8000
  /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
5805
8001
  * types: Arbitrary, username_password.
5806
8002
  */
@@ -5813,6 +8009,23 @@ declare namespace SecretsManagerV2 {
5813
8009
  * username_password, private_cert, public_cert, iam_credentials.
5814
8010
  */
5815
8011
  rotation?: RotationPolicy;
8012
+ /** Policy for auto-generated passwords. */
8013
+ password_generation_policy?: PasswordGenerationPolicy;
8014
+ }
8015
+ namespace UsernamePasswordSecretPrototype {
8016
+ namespace Constants {
8017
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
8018
+ enum SecretType {
8019
+ ARBITRARY = "arbitrary",
8020
+ IAM_CREDENTIALS = "iam_credentials",
8021
+ IMPORTED_CERT = "imported_cert",
8022
+ KV = "kv",
8023
+ PRIVATE_CERT = "private_cert",
8024
+ PUBLIC_CERT = "public_cert",
8025
+ SERVICE_CREDENTIALS = "service_credentials",
8026
+ USERNAME_PASSWORD = "username_password"
8027
+ }
8028
+ }
5816
8029
  }
5817
8030
  /** Your user credentials secret version. */
5818
8031
  interface UsernamePasswordSecretVersion extends SecretVersion {
@@ -5830,10 +8043,10 @@ declare namespace SecretsManagerV2 {
5830
8043
  id: string;
5831
8044
  /** The human-readable name of your secret. */
5832
8045
  secret_name?: string;
5833
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5834
- * credentials, key-value, and user credentials.
8046
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
8047
+ * service_credentials, kv, and username_password.
5835
8048
  */
5836
- secret_type: string;
8049
+ secret_type: UsernamePasswordSecretVersion.Constants.SecretType | string;
5837
8050
  /** A v4 UUID identifier, or `default` secret group. */
5838
8051
  secret_group_id: string;
5839
8052
  /** Indicates whether the secret payload is available in this secret version. */
@@ -5841,7 +8054,7 @@ declare namespace SecretsManagerV2 {
5841
8054
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
5842
8055
  * is used for version `n-1`.
5843
8056
  */
5844
- alias?: string;
8057
+ alias?: UsernamePasswordSecretVersion.Constants.Alias | string;
5845
8058
  /** The secret version metadata that a user can customize. */
5846
8059
  version_custom_metadata?: JsonObject;
5847
8060
  /** A v4 UUID identifier. */
@@ -5851,6 +8064,26 @@ declare namespace SecretsManagerV2 {
5851
8064
  /** The password that is assigned to an `username_password` secret. */
5852
8065
  password: string;
5853
8066
  }
8067
+ namespace UsernamePasswordSecretVersion {
8068
+ namespace Constants {
8069
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
8070
+ enum SecretType {
8071
+ ARBITRARY = "arbitrary",
8072
+ IAM_CREDENTIALS = "iam_credentials",
8073
+ IMPORTED_CERT = "imported_cert",
8074
+ KV = "kv",
8075
+ PRIVATE_CERT = "private_cert",
8076
+ PUBLIC_CERT = "public_cert",
8077
+ SERVICE_CREDENTIALS = "service_credentials",
8078
+ USERNAME_PASSWORD = "username_password"
8079
+ }
8080
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
8081
+ enum Alias {
8082
+ CURRENT = "current",
8083
+ PREVIOUS = "previous"
8084
+ }
8085
+ }
8086
+ }
5854
8087
  /** Properties of the version metadata of your user credentials secret. */
5855
8088
  interface UsernamePasswordSecretVersionMetadata extends SecretVersionMetadata {
5856
8089
  /** Indicates whether the version of the secret was created by automatic rotation. */
@@ -5867,10 +8100,10 @@ declare namespace SecretsManagerV2 {
5867
8100
  id: string;
5868
8101
  /** The human-readable name of your secret. */
5869
8102
  secret_name?: string;
5870
- /** The secret type. Supported types are arbitrary, certificates (imported, public, and private), IAM
5871
- * credentials, key-value, and user credentials.
8103
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials,
8104
+ * service_credentials, kv, and username_password.
5872
8105
  */
5873
- secret_type: string;
8106
+ secret_type: UsernamePasswordSecretVersionMetadata.Constants.SecretType | string;
5874
8107
  /** A v4 UUID identifier, or `default` secret group. */
5875
8108
  secret_group_id: string;
5876
8109
  /** Indicates whether the secret payload is available in this secret version. */
@@ -5878,15 +8111,37 @@ declare namespace SecretsManagerV2 {
5878
8111
  /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous'
5879
8112
  * is used for version `n-1`.
5880
8113
  */
5881
- alias?: string;
8114
+ alias?: UsernamePasswordSecretVersionMetadata.Constants.Alias | string;
5882
8115
  /** The secret version metadata that a user can customize. */
5883
8116
  version_custom_metadata?: JsonObject;
5884
8117
  /** A v4 UUID identifier. */
5885
8118
  secret_id: string;
5886
8119
  }
8120
+ namespace UsernamePasswordSecretVersionMetadata {
8121
+ namespace Constants {
8122
+ /** The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password. */
8123
+ enum SecretType {
8124
+ ARBITRARY = "arbitrary",
8125
+ IAM_CREDENTIALS = "iam_credentials",
8126
+ IMPORTED_CERT = "imported_cert",
8127
+ KV = "kv",
8128
+ PRIVATE_CERT = "private_cert",
8129
+ PUBLIC_CERT = "public_cert",
8130
+ SERVICE_CREDENTIALS = "service_credentials",
8131
+ USERNAME_PASSWORD = "username_password"
8132
+ }
8133
+ /** A human-readable alias that describes the secret version. 'Current' is used for version `n` and 'previous' is used for version `n-1`. */
8134
+ enum Alias {
8135
+ CURRENT = "current",
8136
+ PREVIOUS = "previous"
8137
+ }
8138
+ }
8139
+ }
5887
8140
  /** UsernamePasswordSecretVersionPrototype. */
5888
8141
  interface UsernamePasswordSecretVersionPrototype extends SecretVersionPrototype {
5889
- /** The password that is assigned to an `username_password` secret. */
8142
+ /** The password that is assigned to an `username_password` secret. If you omit this parameter, Secrets Manager
8143
+ * generates a new random password for your secret.
8144
+ */
5890
8145
  password?: string;
5891
8146
  /** The secret metadata that a user can customize. */
5892
8147
  custom_metadata?: JsonObject;