@ibm-cloud/secrets-manager 2.0.2 → 2.0.4

package/secrets-manager/v2.d.ts

@@ -1,5 +1,5 @@
 /**
- * (C) Copyright IBM Corp. 2023.
+ * (C) Copyright IBM Corp. 2024.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -53,7 +53,7 @@ declare class SecretsManagerV2 extends BaseService {
      * @param {UserOptions} [options] - The parameters to send to the service.
      * @param {string} [options.serviceName] - The name of the service to configure
      * @param {Authenticator} [options.authenticator] - The Authenticator object used to authenticate requests to the service
-     * @param {string} [options.serviceUrl] - The URL for the service
+     * @param {string} [options.serviceUrl] - The base URL for the service
      * @returns {SecretsManagerV2}
      */
     static newInstance(options: UserOptions): SecretsManagerV2;
@@ -61,7 +61,7 @@ declare class SecretsManagerV2 extends BaseService {
      * Construct a SecretsManagerV2 object.
      *
      * @param {Object} options - Options for the service.
-     * @param {string} [options.serviceUrl] - The base url to use when contacting the service. The base url may differ between IBM Cloud regions.
+     * @param {string} [options.serviceUrl] - The base URL for the service
      * @param {OutgoingHttpHeaders} [options.headers] - Default headers that shall be included with every request to the service.
      * @param {Authenticator} options.authenticator - The Authenticator object used to authenticate requests to the service
      * @constructor
@@ -201,6 +201,18 @@ declare class SecretsManagerV2 extends BaseService {
      *
      * **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group,
      * use `..?groups={secret_group_ID},default`.
+     * @param {string[]} [params.secretTypes] - Filter secrets by types.
+     *
+     * You can apply multiple filters by using a comma-separated list of secret types.
+     *
+     * **Usage:** To retrieve a list of imported certificates and public certificates use
+     * `..?secret_types=imported_cert,public_cert`.
+     * @param {string[]} [params.matchAllLabels] - Filter secrets by labels.
+     *
+     * You can use a comma-separated list of labels to filter secrets that include all of the labels in the list.
+     *
+     * **Usage:** To retrieve a list of secrets that include both the label "dev" and the label "us-south" in their list
+     * of labels, use `..?labels=dev,us-south`.
      * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers
      * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretMetadataPaginatedCollection>>}
      */
@@ -893,8 +905,38 @@ declare namespace SecretsManagerV2 {
          *  use `..?groups={secret_group_ID},default`.
          */
         groups?: string[];
+        /** Filter secrets by types.
+         *
+         *  You can apply multiple filters by using a comma-separated list of secret types.
+         *
+         *  **Usage:** To retrieve a list of imported certificates and public certificates use
+         *  `..?secret_types=imported_cert,public_cert`.
+         */
+        secretTypes?: ListSecretsConstants.SecretTypes[] | string[];
+        /** Filter secrets by labels.
+         *
+         *  You can use a comma-separated list of labels to filter secrets that include all of the labels in the list.
+         *
+         *  **Usage:** To retrieve a list of secrets that include both the label "dev" and the label "us-south" in their
+         *  list of labels, use `..?labels=dev,us-south`.
+         */
+        matchAllLabels?: string[];
         headers?: OutgoingHttpHeaders;
     }
+    /** Constants for the `listSecrets` operation. */
+    namespace ListSecretsConstants {
+        /** Filter secrets by types. You can apply multiple filters by using a comma-separated list of secret types. **Usage:** To retrieve a list of imported certificates and public certificates use `..?secret_types=imported_cert,public_cert`. */
+        enum SecretTypes {
+            ARBITRARY = "arbitrary",
+            IAM_CREDENTIALS = "iam_credentials",
+            IMPORTED_CERT = "imported_cert",
+            KV = "kv",
+            PRIVATE_CERT = "private_cert",
+            PUBLIC_CERT = "public_cert",
+            SERVICE_CREDENTIALS = "service_credentials",
+            USERNAME_PASSWORD = "username_password"
+        }
+    }
     /** Parameters for the `getSecret` operation. */
     interface GetSecretParams {
         /** The v4 UUID that uniquely identifies your secret. */
@@ -1450,13 +1492,6 @@ declare namespace SecretsManagerV2 {
     /** The details of your configuration. */
     interface ConfigurationPrototype {
     }
-    /** The Cloud Object Storage HMAC keys that are returned after you create a service credentials secret. */
-    interface CosHmacKeys {
-        /** The access key ID for Cloud Object Storage HMAC credentials. */
-        access_key_id?: string;
-        /** The secret access key ID for Cloud Object Storage HMAC credentials. */
-        secret_access_key?: string;
-    }
     /** The details of the Event Notifications registration. */
     interface NotificationsRegistration {
         /** A CRN that uniquely identifies an IBM Cloud resource. */
@@ -1482,6 +1517,39 @@ declare namespace SecretsManagerV2 {
         /** A URL that points to a page in a collection. */
         href: string;
     }
+    /** Policy for auto-generated passwords. */
+    interface PasswordGenerationPolicy {
+        /** The length of auto-generated passwords. */
+        length?: number;
+        /** Include digits in auto-generated passwords. */
+        include_digits?: boolean;
+        /** Include symbols in auto-generated passwords. */
+        include_symbols?: boolean;
+        /** Include uppercase letters in auto-generated passwords. */
+        include_uppercase?: boolean;
+    }
+    /** Policy patch for auto-generated passwords. Policy properties that are included in the patch are updated. Properties that are not included in the patch remain unchanged. */
+    interface PasswordGenerationPolicyPatch {
+        /** The length of auto-generated passwords. */
+        length?: number;
+        /** Include digits in auto-generated passwords. */
+        include_digits?: boolean;
+        /** Include symbols in auto-generated passwords. */
+        include_symbols?: boolean;
+        /** Include uppercase letters in auto-generated passwords. */
+        include_uppercase?: boolean;
+    }
+    /** Policy for auto-generated passwords. */
+    interface PasswordGenerationPolicyRO {
+        /** The length of auto-generated passwords. */
+        length?: number;
+        /** Include digits in auto-generated passwords. */
+        include_digits?: boolean;
+        /** Include symbols in auto-generated passwords. */
+        include_symbols?: boolean;
+        /** Include uppercase letters in auto-generated passwords. */
+        include_uppercase?: boolean;
+    }
     /** The configuration data of your Private Certificate. */
     interface PrivateCertificateCAData {
     }
@@ -1763,10 +1831,6 @@ declare namespace SecretsManagerV2 {
          *  field to understand the duration of the lease.
          */
         apikey?: string;
-        /** The Cloud Object Storage HMAC keys that are returned after you create a service credentials secret. */
-        cos_hmac_keys?: CosHmacKeys;
-        /** The endpoints that are returned after you create a service credentials secret. */
-        endpoints?: string;
         /** The IAM API key description for the generated service credentials. */
         iam_apikey_description?: string;
         /** The IAM API key id for the generated service credentials. */
@@ -1777,8 +1841,8 @@ declare namespace SecretsManagerV2 {
         iam_role_crn?: string;
         /** The IAM Service ID CRN. */
         iam_serviceid_crn?: string;
-        /** The resource instance CRN that is returned after you create a service credentials secret. */
-        resource_instance_id?: string;
+        /** ServiceCredentialsSecretCredentials accepts additional properties. */
+        [propName: string]: any;
     }
     /** The properties that are required to create the service credentials for the specified source service instance. */
     interface ServiceCredentialsSecretSourceService {
@@ -1796,6 +1860,23 @@ declare namespace SecretsManagerV2 {
          *  roles.
          */
         role?: ServiceCredentialsSourceServiceRole;
+    }
+    /** The properties of the resource key that was created for this source service instance. */
+    interface ServiceCredentialsSecretSourceServiceRO {
+        /** The source service instance identifier. */
+        instance: ServiceCredentialsSourceServiceInstance;
+        /** Configuration options represented as key-value pairs. Service-defined options are used in the generation of
+         *  credentials for some services. For example, Cloud Object Storage accepts the optional boolean parameter HMAC for
+         *  creating specific kind of credentials.
+         */
+        parameters?: ServiceCredentialsSourceServiceParameters;
+        /** The service-specific custom role. CRN is accepted. The role is assigned as part of an access policy to any
+         *  auto-generated IAM service ID.  If you provide an existing service ID, it is added to the access policy for that
+         *  ID.  If a role is not provided, any new service IDs that are autogenerated, will not have an assigned access
+         *  policy and provided service IDs are not changed in any way.  Refer to the service documentation for supported
+         *  roles.
+         */
+        role?: ServiceCredentialsSourceServiceRole;
         /** The source service IAM data is returned in case IAM credentials where created for this secret. */
         iam?: ServiceCredentialsSourceServiceIam;
         /** The source service resource key data of the generated service credentials. */
@@ -1873,7 +1954,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -1952,7 +2033,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -2020,7 +2101,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -2048,7 +2129,7 @@ declare namespace SecretsManagerV2 {
         expiration_date?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -2392,7 +2473,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -2465,6 +2546,10 @@ declare namespace SecretsManagerV2 {
          *  for secrets that can be auto-rotated and an existing rotation policy.
          */
         next_rotation_date?: string;
+        /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
+         *  types: Arbitrary, username_password.
+         */
+        expiration_date?: string;
         /** The API key that is generated for this secret.
          *
          *  After the secret reaches the end of its lease, the API key is deleted automatically. See the `time-to-live`
@@ -2520,7 +2605,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -2593,6 +2678,10 @@ declare namespace SecretsManagerV2 {
          *  for secrets that can be auto-rotated and an existing rotation policy.
          */
         next_rotation_date?: string;
+        /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
+         *  types: Arbitrary, username_password.
+         */
+        expiration_date?: string;
     }
     namespace IAMCredentialsSecretMetadata {
         namespace Constants {
@@ -2632,7 +2721,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -2673,7 +2762,7 @@ declare namespace SecretsManagerV2 {
         secret_group_id?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -2909,7 +2998,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -3020,7 +3109,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -3112,7 +3201,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -3141,7 +3230,7 @@ declare namespace SecretsManagerV2 {
         secret_group_id?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -3349,7 +3438,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -3424,7 +3513,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -3488,7 +3577,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -3517,7 +3606,7 @@ declare namespace SecretsManagerV2 {
         secret_group_id?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -3685,7 +3774,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -4207,7 +4296,7 @@ declare namespace SecretsManagerV2 {
         serial_number?: string;
         /** The type of configuration action. */
         action_type: PrivateCertificateConfigurationActionSignIntermediate.Constants.ActionType | string;
-        /** The unique name of your configuration. */
+        /** The name of the intermediate certificate authority configuration. */
         intermediate_certificate_authority: string;
     }
     namespace PrivateCertificateConfigurationActionSignIntermediate {
@@ -4306,7 +4395,7 @@ declare namespace SecretsManagerV2 {
         serial_number?: string;
         /** The type of configuration action. */
         action_type: PrivateCertificateConfigurationActionSignIntermediatePrototype.Constants.ActionType | string;
-        /** The unique name of your configuration. */
+        /** The name of the intermediate certificate authority configuration. */
         intermediate_certificate_authority: string;
     }
     namespace PrivateCertificateConfigurationActionSignIntermediatePrototype {
@@ -5867,7 +5956,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -5973,7 +6062,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -6006,7 +6095,7 @@ declare namespace SecretsManagerV2 {
         secret_group_id?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -6276,7 +6365,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -6425,8 +6514,8 @@ declare namespace SecretsManagerV2 {
         updated_at: string;
         /** The configuration of the Let's Encrypt CA environment. */
         lets_encrypt_environment: PublicCertificateConfigurationCALetsEncrypt.Constants.LetsEncryptEnvironment | string;
-        /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
-         *  Name. If no match, the default offered chain will be used.
+        /** This field supports only the chains that Let's Encrypt provides. Keep empty to use the default or supply a
+         *  valid Let's Encrypt-provided value. For a list of supported chains, see: https://letsencrypt.org/certificates/.
          */
         lets_encrypt_preferred_chain?: string;
         /** The PEM-encoded private key of your Let's Encrypt account. The data must be formatted on a single line with
@@ -6486,8 +6575,8 @@ declare namespace SecretsManagerV2 {
         updated_at: string;
         /** The configuration of the Let's Encrypt CA environment. */
         lets_encrypt_environment: PublicCertificateConfigurationCALetsEncryptMetadata.Constants.LetsEncryptEnvironment | string;
-        /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
-         *  Name. If no match, the default offered chain will be used.
+        /** This field supports only the chains that Let's Encrypt provides. Keep empty to use the default or supply a
+         *  valid Let's Encrypt-provided value. For a list of supported chains, see: https://letsencrypt.org/certificates/.
          */
         lets_encrypt_preferred_chain?: string;
     }
@@ -6529,8 +6618,8 @@ declare namespace SecretsManagerV2 {
          *  embedded newline characters.
          */
         lets_encrypt_private_key?: string;
-        /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
-         *  Name. If no match, the default offered chain will be used.
+        /** This field supports only the chains that Let's Encrypt provides. Keep empty to use the default or supply a
+         *  valid Let's Encrypt-provided value. For a list of supported chains, see: https://letsencrypt.org/certificates/.
          */
         lets_encrypt_preferred_chain?: string;
     }
@@ -6562,8 +6651,8 @@ declare namespace SecretsManagerV2 {
          *  embedded newline characters.
          */
         lets_encrypt_private_key: string;
-        /** If the CA offers multiple certificate chains, prefer the chain with an issuer matching this Subject Common
-         *  Name. If no match, the default offered chain will be used.
+        /** This field supports only the chains that Let's Encrypt provides. Keep empty to use the default or supply a
+         *  valid Let's Encrypt-provided value. For a list of supported chains, see: https://letsencrypt.org/certificates/.
          */
         lets_encrypt_preferred_chain?: string;
     }
@@ -6765,16 +6854,22 @@ declare namespace SecretsManagerV2 {
         created_at: string;
         /** The date when a resource was modified. The date format follows `RFC 3339`. */
         updated_at: string;
-        /** An IBM Cloud API key that can to list domains in your Cloud Internet Services instance.
+        /** An IBM Cloud API key that can list domains in your Cloud Internet Services instance and add DNS records.
          *
          *  To grant Secrets Manager the ability to view the Cloud Internet Services instance and all of its domains, the
-         *  API key must be assigned the Reader service role on Internet Services (`internet-svcs`).
+         *  API key must be assigned the Reader service role on Internet Services (`internet-svcs`). In order to add DNS
+         *  records you need to assign the Manager role.
          *
-         *  If you need to manage specific domains, you can assign the Manager role. For production environments, it is
-         *  recommended that you assign the Reader access role, and then use the
+         *  If you want to manage specific domains, you can assign the Manager role for this specific domain.  For
+         *  production environments, it is recommended that you assign the Reader access role, and then use the
          *  [IAM Policy Management API](https://cloud.ibm.com/apidocs/iam-policy-management#create-policy) to control
-         *  specific domains. For more information, see the
-         *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-specific-domains).
+         *  specific domains.
+         *
+         *  If an IBM Cloud API key value is empty Secrets Manager tries to access your Cloud Internet Services instance
+         *  with service-to-service authorization.
+         *
+         *  For more information, see the
+         *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-cis).
          */
         cloud_internet_services_apikey?: string;
         /** A CRN that uniquely identifies an IBM Cloud resource. */
@@ -6853,16 +6948,22 @@ declare namespace SecretsManagerV2 {
     }
     /** The configuration update of the Cloud Internet Services DNS. */
     interface PublicCertificateConfigurationDNSCloudInternetServicesPatch extends ConfigurationPatch {
-        /** An IBM Cloud API key that can to list domains in your Cloud Internet Services instance.
+        /** An IBM Cloud API key that can list domains in your Cloud Internet Services instance and add DNS records.
          *
          *  To grant Secrets Manager the ability to view the Cloud Internet Services instance and all of its domains, the
-         *  API key must be assigned the Reader service role on Internet Services (`internet-svcs`).
+         *  API key must be assigned the Reader service role on Internet Services (`internet-svcs`). In order to add DNS
+         *  records you need to assign the Manager role.
          *
-         *  If you need to manage specific domains, you can assign the Manager role. For production environments, it is
-         *  recommended that you assign the Reader access role, and then use the
+         *  If you want to manage specific domains, you can assign the Manager role for this specific domain.  For
+         *  production environments, it is recommended that you assign the Reader access role, and then use the
          *  [IAM Policy Management API](https://cloud.ibm.com/apidocs/iam-policy-management#create-policy) to control
-         *  specific domains. For more information, see the
-         *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-specific-domains).
+         *  specific domains.
+         *
+         *  If an IBM Cloud API key value is empty Secrets Manager tries to access your Cloud Internet Services instance
+         *  with service-to-service authorization.
+         *
+         *  For more information, see the
+         *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-cis).
          */
         cloud_internet_services_apikey: string;
         /** A CRN that uniquely identifies an IBM Cloud resource. */
@@ -6881,16 +6982,22 @@ declare namespace SecretsManagerV2 {
          *  To protect your privacy, do not use personal data, such as your name or location, as an name for your secret.
          */
         name: string;
-        /** An IBM Cloud API key that can to list domains in your Cloud Internet Services instance.
+        /** An IBM Cloud API key that can list domains in your Cloud Internet Services instance and add DNS records.
          *
          *  To grant Secrets Manager the ability to view the Cloud Internet Services instance and all of its domains, the
-         *  API key must be assigned the Reader service role on Internet Services (`internet-svcs`).
+         *  API key must be assigned the Reader service role on Internet Services (`internet-svcs`). In order to add DNS
+         *  records you need to assign the Manager role.
          *
-         *  If you need to manage specific domains, you can assign the Manager role. For production environments, it is
-         *  recommended that you assign the Reader access role, and then use the
+         *  If you want to manage specific domains, you can assign the Manager role for this specific domain.  For
+         *  production environments, it is recommended that you assign the Reader access role, and then use the
          *  [IAM Policy Management API](https://cloud.ibm.com/apidocs/iam-policy-management#create-policy) to control
-         *  specific domains. For more information, see the
-         *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-specific-domains).
+         *  specific domains.
+         *
+         *  If an IBM Cloud API key value is empty Secrets Manager tries to access your Cloud Internet Services instance
+         *  with service-to-service authorization.
+         *
+         *  For more information, see the
+         *  [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-prepare-order-certificates#authorize-cis).
          */
         cloud_internet_services_apikey?: string;
         /** A CRN that uniquely identifies an IBM Cloud resource. */
@@ -6934,7 +7041,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7038,7 +7145,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7071,7 +7178,7 @@ declare namespace SecretsManagerV2 {
         secret_group_id?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7303,7 +7410,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7346,10 +7453,12 @@ declare namespace SecretsManagerV2 {
          *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
          */
         ttl?: string;
-        /** The properties that are required to create the service credentials for the specified source service
-         *  instance.
+        /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
+         *  types: Arbitrary, username_password.
          */
-        source_service: ServiceCredentialsSecretSourceService;
+        expiration_date?: string;
+        /** The properties of the resource key that was created for this source service instance. */
+        source_service: ServiceCredentialsSecretSourceServiceRO;
         /** The properties of the service credentials secret payload. */
         credentials: ServiceCredentialsSecretCredentials;
     }
@@ -7400,7 +7509,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7443,10 +7552,12 @@ declare namespace SecretsManagerV2 {
          *  optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0.
          */
         ttl?: string;
-        /** The properties that are required to create the service credentials for the specified source service
-         *  instance.
+        /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
+         *  types: Arbitrary, username_password.
          */
-        source_service: ServiceCredentialsSecretSourceService;
+        expiration_date?: string;
+        /** The properties of the resource key that was created for this source service instance. */
+        source_service: ServiceCredentialsSecretSourceServiceRO;
     }
     namespace ServiceCredentialsSecretMetadata {
         namespace Constants {
@@ -7483,7 +7594,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7518,7 +7629,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7719,7 +7830,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7758,6 +7869,8 @@ declare namespace SecretsManagerV2 {
          *  for secrets that can be auto-rotated and an existing rotation policy.
          */
         next_rotation_date?: string;
+        /** Policy for auto-generated passwords. */
+        password_generation_policy?: PasswordGenerationPolicyRO;
         /** The username that is assigned to an `username_password` secret. */
         username: string;
         /** The password that is assigned to an `username_password` secret. */
@@ -7810,7 +7923,7 @@ declare namespace SecretsManagerV2 {
         id: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7849,6 +7962,8 @@ declare namespace SecretsManagerV2 {
          *  for secrets that can be auto-rotated and an existing rotation policy.
          */
         next_rotation_date?: string;
+        /** Policy for auto-generated passwords. */
+        password_generation_policy?: PasswordGenerationPolicyRO;
     }
     namespace UsernamePasswordSecretMetadata {
         namespace Constants {
@@ -7888,7 +8003,7 @@ declare namespace SecretsManagerV2 {
         description?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
@@ -7903,6 +8018,10 @@ declare namespace SecretsManagerV2 {
          *  types: Arbitrary, username_password.
          */
         expiration_date?: string;
+        /** Policy patch for auto-generated passwords. Policy properties that are included in the patch are updated.
+         *  Properties that are not included in the patch remain unchanged.
+         */
+        password_generation_policy?: PasswordGenerationPolicyPatch;
     }
     /** UsernamePasswordSecretPrototype. */
     interface UsernamePasswordSecretPrototype extends SecretPrototype {
@@ -7925,15 +8044,17 @@ declare namespace SecretsManagerV2 {
         secret_group_id?: string;
         /** Labels that you can use to search secrets in your instance. Only 30 labels can be created.
          *
-         *  Label can be between 2-30 characters, including spaces.
+         *  Label can be between 2-64 characters, including spaces.
          *
          *  To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
          */
         labels?: string[];
         /** The username that is assigned to an `username_password` secret. */
         username: string;
-        /** The password that is assigned to an `username_password` secret. */
-        password: string;
+        /** The password that is assigned to an `username_password` secret. If you omit this parameter, Secrets Manager
+         *  generates a new random password for your secret.
+         */
+        password?: string;
         /** The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret
          *  types: Arbitrary, username_password.
          */
@@ -7946,6 +8067,8 @@ declare namespace SecretsManagerV2 {
          *  username_password, private_cert, public_cert, iam_credentials.
          */
         rotation?: RotationPolicy;
+        /** Policy for auto-generated passwords. */
+        password_generation_policy?: PasswordGenerationPolicy;
     }
     namespace UsernamePasswordSecretPrototype {
         namespace Constants {
@@ -8074,7 +8197,9 @@ declare namespace SecretsManagerV2 {
     }
     /** UsernamePasswordSecretVersionPrototype. */
     interface UsernamePasswordSecretVersionPrototype extends SecretVersionPrototype {
-        /** The password that is assigned to an `username_password` secret. */
+        /** The password that is assigned to an `username_password` secret. If you omit this parameter, Secrets Manager
+         *  generates a new random password for your secret.
+         */
         password?: string;
         /** The secret metadata that a user can customize. */
         custom_metadata?: JsonObject;