@ibm-cloud/secrets-manager

/** * (C) Copyright IBM Corp. 2025. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /// <reference types="node" /> import { IncomingHttpHeaders, OutgoingHttpHeaders } from 'http'; import { AbortSignal, BaseService, UserOptions } from 'ibm-cloud-sdk-core'; /** * With IBM Cloud® Secrets Manager, you can create, lease, and centrally manage secrets that are used in IBM Cloud * services or your custom-built applications. * * API Version: 2.0.0 * See: https://cloud.ibm.com/docs/secrets-manager */ declare class SecretsManagerV2 extends BaseService { static DEFAULT_SERVICE_URL: string; static DEFAULT_SERVICE_NAME: string; static PARAMETERIZED_SERVICE_URL: string; private static defaultUrlVariables; /** * Constructs a service URL by formatting the parameterized service URL. * * The parameterized service URL is: * 'https://{instance_id}.{region}.secrets-manager.appdomain.cloud' * * The default variable values are: * - 'instance_id': 'provide-here-your-smgr-instanceuuid' * - 'region': 'us-south' * * @param {Map<string, string>} | null providedUrlVariables Map from variable names to desired values. * If a variable is not provided in this map, * the default variable value will be used instead. * @returns {string} The formatted URL with all variable placeholders replaced by values. */ static constructServiceUrl(providedUrlVariables: Map<string, string> | null): string; /************************* * Factory method ************************/ /** * Constructs an instance of SecretsManagerV2 with passed in options and external configuration. * * @param {UserOptions} [options] - The parameters to send to the service. * @param {string} [options.serviceName] - The name of the service to configure * @param {Authenticator} [options.authenticator] - The Authenticator object used to authenticate requests to the service * @param {string} [options.serviceUrl] - The base URL for the service * @returns {SecretsManagerV2} */ static newInstance(options: UserOptions): SecretsManagerV2; /** * Construct a SecretsManagerV2 object. * * @param {Object} options - Options for the service. * @param {string} [options.serviceUrl] - The base URL for the service * @param {OutgoingHttpHeaders} [options.headers] - Default headers that shall be included with every request to the service. * @param {Authenticator} options.authenticator - The Authenticator object used to authenticate requests to the service * @constructor * @returns {SecretsManagerV2} */ constructor(options: UserOptions); /************************* * secretGroups ************************/ /** * Create a new secret group. * * Create a secret group that you can use to organize secrets and control who can access them. * * A successful request returns the ID value of the secret group, along with other properties. To learn more about * secret groups, check out the * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-groups). * * @param {Object} params - The parameters to send to the service. * @param {string} params.name - The name of your secret group. * @param {string} [params.description] - An extended description of your secret group. * * To protect your privacy, do not use personal data, such as your name or location, as a description for your secret * group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretGroup>>} */ createSecretGroup(params: SecretsManagerV2.CreateSecretGroupParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretGroup>>; /** * List secret groups. * * List the secret groups that are available in your Secrets Manager instance. * * @param {Object} [params] - The parameters to send to the service. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretGroupCollection>>} */ listSecretGroups(params?: SecretsManagerV2.ListSecretGroupsParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretGroupCollection>>; /** * Get a secret group. * * Get the properties of an existing secret group by specifying the ID of the group. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretGroup>>} */ getSecretGroup(params: SecretsManagerV2.GetSecretGroupParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretGroup>>; /** * Update a secret group. * * Update the properties of an existing secret group, such as its name or description. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret group. * @param {string} [params.name] - The name of your secret group. * @param {string} [params.description] - An extended description of your secret group. * * To protect your privacy, do not use personal data, such as your name or location, as a description for your secret * group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretGroup>>} */ updateSecretGroup(params: SecretsManagerV2.UpdateSecretGroupParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretGroup>>; /** * Delete a secret group. * * Delete a secret group by specifying the ID of the secret group. * * **Note:** To delete a secret group, it must be empty. If you need to remove a secret group that contains secrets, * you must first delete the secrets that are associated with the group. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>} */ deleteSecretGroup(params: SecretsManagerV2.DeleteSecretGroupParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>; /************************* * secrets ************************/ /** * Create a new secret. * * Create a secret or import an existing value that you can use to access or authenticate to a protected resource. * * Use this operation to either generate or import an existing secret, such as a TLS certificate, that you can manage * in your Secrets Manager service instance. A successful request stores the secret in your dedicated instance, based * on the secret type and data that you specify. The response returns the ID value of the secret, along with other * metadata. * * To learn more about the types of secrets that you can create with Secrets Manager, check out the * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-what-is-secret). * * @param {Object} params - The parameters to send to the service. * @param {SecretPrototype} params.secretPrototype - * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.Secret>>} */ createSecret(params: SecretsManagerV2.CreateSecretParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.Secret>>; /** * List secrets. * * List the secrets that are available in your Secrets Manager instance. * * @param {Object} [params] - The parameters to send to the service. * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources. * * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use * `..?offset=25&limit=25`. * @param {number} [params.limit] - The number of secrets to retrieve. By default, list operations return the first * 200 items. To retrieve a different set of items, use `limit` with `offset` to page through your available * resources. Maximum limit allowed is 1000 secrets. * * **Usage:** If you want to retrieve only the first 25 secrets in your instance, use * `..?limit=25`. * @param {string} [params.sort] - Sort a collection of secrets by the specified field in ascending order. To sort in * descending order use the `-` character * * * **Available values:** id | created_at | updated_at | expiration_date | secret_type | name * * **Usage:** To sort a list of secrets by their creation date, use * `../secrets?sort=created_at`. * @param {string} [params.search] - Obtain a collection of secrets that contain the specified string in one or more * of the fields: `id`, `name`, `description`, * `labels`, `secret_type`. * * **Usage:** If you want to list only the secrets that contain the string `text`, use * `../secrets?search=text`. * @param {string[]} [params.groups] - Filter secrets by groups. * * You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets * that are in the default secret group, use the `default` keyword. * * **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group, * use `..?groups={secret_group_ID},default`. * @param {string[]} [params.secretTypes] - Filter secrets by types. * * You can apply multiple filters by using a comma-separated list of secret types. * * **Usage:** To retrieve a list of imported certificates and public certificates use * `..?secret_types=imported_cert,public_cert`. * @param {string[]} [params.matchAllLabels] - Filter secrets by labels. * * You can use a comma-separated list of labels to filter secrets that include all of the labels in the list. * * **Usage:** To retrieve a list of secrets that include both the label "dev" and the label "us-south" in their list * of labels, use `..?labels=dev,us-south`. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretMetadataPaginatedCollection>>} */ listSecrets(params?: SecretsManagerV2.ListSecretsParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretMetadataPaginatedCollection>>; /** * Get a secret. * * Get a secret and its details by specifying the ID of the secret. * * A successful request returns the secret data that is associated with your secret, along with other metadata. To * view only the details of a specified secret without retrieving its value, use the Get secret metadata operation. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.Secret>>} */ getSecret(params: SecretsManagerV2.GetSecretParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.Secret>>; /** * Delete a secret. * * Delete a secret by specifying the ID of the secret. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret. * @param {boolean} [params.forceDelete] - Set to `true` to force delete the secret. Available only for custom * credentials secret type. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>} */ deleteSecret(params: SecretsManagerV2.DeleteSecretParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>; /** * Get the metadata of a secret. * * Get the metadata of a secret by specifying the ID of the secret. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretMetadata>>} */ getSecretMetadata(params: SecretsManagerV2.GetSecretMetadataParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretMetadata>>; /** * Update the metadata of a secret. * * Update the metadata of a secret, such as its name or description. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret. * @param {SecretMetadataPatch} params.secretMetadataPatch - * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretMetadata>>} */ updateSecretMetadata(params: SecretsManagerV2.UpdateSecretMetadataParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretMetadata>>; /** * Create a secret action. * * Create a secret action. This operation supports the following actions:. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret. * @param {SecretActionPrototype} params.secretActionPrototype - * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretAction>>} */ createSecretAction(params: SecretsManagerV2.CreateSecretActionParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretAction>>; /** * Get a secret by name. * * Get a secret and its details by specifying the Name and Type of the secret. * * A successful request returns the secret data that is associated with your secret, along with other metadata. To * view only the details of a specified secret without retrieving its value, use the Get secret metadata operation. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretType - The secret type. Supported types are arbitrary, imported_cert, public_cert, * private_cert, iam_credentials, service_credentials, kv, and username_password. * @param {string} params.name - A human-readable name to assign to your secret. To protect your privacy, do not use * personal data, such as your name or location, as a name for your secret. * @param {string} params.secretGroupName - The name of your secret group. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.Secret>>} */ getSecretByNameType(params: SecretsManagerV2.GetSecretByNameTypeParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.Secret>>; /************************* * secretVersions ************************/ /** * Create a new secret version. * * Create a new secret version. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {SecretVersionPrototype} params.secretVersionPrototype - * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersion>>} */ createSecretVersion(params: SecretsManagerV2.CreateSecretVersionParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersion>>; /** * List versions of a secret. * * List the versions of a secret. * * A successful request returns the list of versions of a secret, along with the metadata of each version. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersionMetadataCollection>>} */ listSecretVersions(params: SecretsManagerV2.ListSecretVersionsParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersionMetadataCollection>>; /** * Get a version of a secret. * * Get a version of a secret by specifying the ID of the version. You can use the `current` or `previous` aliases to * refer to the current or previous secret version. * * A successful request returns the secret data that is associated with the specified version of your secret, along * with other metadata. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The UUID that uniquely identifies your secret version. You can use the `current` or * `previous` aliases to refer to the current or previous secret version. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersion>>} */ getSecretVersion(params: SecretsManagerV2.GetSecretVersionParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersion>>; /** * Delete the data of a secret version. * * Delete the data of a secret version by specifying its version ID. * * This operation is available for the following secret types: * * `iam_credentials`: current version only * * `custom_credentials`: both current and previous versions. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The UUID that uniquely identifies your secret version. You can use the `current` or * `previous` aliases to refer to the current or previous secret version. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>} */ deleteSecretVersionData(params: SecretsManagerV2.DeleteSecretVersionDataParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>; /** * Get the metadata of a secret version. * * Get the metadata of a secret version by specifying the ID of the version. You can use the `current` or `previous` * aliases to refer to the current or previous secret version. * * A successful request returns the metadata that is associated with the specified version of your secret. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The UUID that uniquely identifies your secret version. You can use the `current` or * `previous` aliases to refer to the current or previous secret version. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersionMetadata>>} */ getSecretVersionMetadata(params: SecretsManagerV2.GetSecretVersionMetadataParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersionMetadata>>; /** * Update the metadata of a secret version. * * Update the custom metadata of a secret version. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The UUID that uniquely identifies your secret version. You can use the `current` or * `previous` aliases to refer to the current or previous secret version. * @param {JsonObject} [params.versionCustomMetadata] - The secret version metadata that a user can customize. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersionMetadata>>} */ updateSecretVersionMetadata(params: SecretsManagerV2.UpdateSecretVersionMetadataParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersionMetadata>>; /** * Create a version action. * * Create a secret version action. This operation supports the following actions: * * - `private_cert_action_revoke_certificate`: Revoke a version of a private certificate. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The UUID that uniquely identifies your secret version. You can use the `current` or * `previous` aliases to refer to the current or previous secret version. * @param {SecretVersionActionPrototype} params.secretVersionActionPrototype - * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.VersionAction>>} */ createSecretVersionAction(params: SecretsManagerV2.CreateSecretVersionActionParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.VersionAction>>; /************************* * secretTasks ************************/ /** * List secret tasks. * * List secret tasks. * * Supported secret types: `custom_credentials`. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretTaskCollection>>} */ listSecretTasks(params: SecretsManagerV2.ListSecretTasksParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretTaskCollection>>; /** * Get a secret's task. * * Get a task of a secret and its details by specifying the ID of the task. * * A successful request returns the task that is associated with your secret. * * Supported secret types: `custom_credentials`. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The ID that uniquely identifies your task. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretTask>>} */ getSecretTask(params: SecretsManagerV2.GetSecretTaskParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretTask>>; /** * Update a secret's task. * * A callback endpoint for updating a task with results. * * Supported secret types: `custom_credentials`. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The ID that uniquely identifies your task. * @param {SecretTaskPrototype} params.taskPut - * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretTask>>} */ replaceSecretTask(params: SecretsManagerV2.ReplaceSecretTaskParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretTask>>; /** * Delete a task. * * Delete a task by specifying the ID of the secret. * * Supported secret types: `custom_credentials`. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The ID that uniquely identifies your task. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>} */ deleteSecretTask(params: SecretsManagerV2.DeleteSecretTaskParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>; /************************* * secretLocks ************************/ /** * List secrets and their locks. * * List the secrets and their locks in your Secrets Manager instance. * * @param {Object} [params] - The parameters to send to the service. * @param {number} [params.offset] - The number of secrets to skip. By specifying `offset`, you retrieve a subset of * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources. * * **Usage:** If you have 100 secrets in your instance, and you want to retrieve secrets 26 through 50, use * `..?offset=25&limit=25`. * @param {number} [params.limit] - The number of secrets to retrieve. By default, list operations return the first * 200 items. To retrieve a different set of items, use `limit` with `offset` to page through your available * resources. Maximum limit allowed is 1000 secrets. * * **Usage:** If you want to retrieve only the first 25 secrets in your instance, use * `..?limit=25`. * @param {string} [params.search] - Filter locks that contain the specified string in the field "name". * * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use * `..?search=text`. * @param {string[]} [params.groups] - Filter secrets by groups. * * You can apply multiple filters by using a comma-separated list of secret group IDs. If you need to filter secrets * that are in the default secret group, use the `default` keyword. * * **Usage:** To retrieve a list of secrets that are associated with an existing secret group or the default group, * use `..?groups={secret_group_ID},default`. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretsLocksPaginatedCollection>>} */ listSecretsLocks(params?: SecretsManagerV2.ListSecretsLocksParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretsLocksPaginatedCollection>>; /** * List secret locks. * * List the locks that are associated with a specified secret. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret. * @param {number} [params.offset] - The number of locks to skip. By specifying `offset`, you retrieve a subset of * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources. * * **Usage:** If you have 100 locks on your secret, and you want to retrieve locks 26 through 50, use * `..?offset=25&limit=25`. * @param {number} [params.limit] - The number of locks with associated secret to retrieve. By default, list * operations return the first 25 items. To retrieve a different set of items, use `limit` with `offset` to page * through your available resources. * * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5, use * `..?limit=5`. * @param {string} [params.sort] - Sort a collection of locks by the specified field in ascending order. To sort in * descending order use the `-` character * * **Available values:** created_at | updated_at | name * * **Usage:** To sort a list of locks by their creation date, use * `../locks?sort=created_at`. * @param {string} [params.search] - Filter locks that contain the specified string in the field "name". * * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use * `..?search=text`. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocksPaginatedCollection>>} */ listSecretLocks(params: SecretsManagerV2.ListSecretLocksParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocksPaginatedCollection>>; /** * Create secret locks. * * Create a lock on the current version of a secret. * * A lock can be used to prevent a secret from being deleted or modified while it's in use by your applications. A * successful request attaches a new lock to your secret, or replaces a lock of the same name if it already exists. * Additionally, you can use this operation to clear any matching locks on a secret by using one of the following * optional lock modes: * * - `remove_previous`: Removes any other locks with matching names if they are found in the previous version of the * secret.\n * - `remove_previous_and_delete`: Carries out the same function as `remove_previous`, but also permanently deletes * the data of the previous secret version if it doesn't have any locks. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret. * @param {SecretLockPrototype[]} params.locks - The locks data to be attached to a secret version. * @param {string} [params.mode] - An optional lock mode. When you create a lock, you can set one of the following * modes to clear any matching locks on a secret version. * - `remove_previous`: Removes any other locks with matching names if they are found in the previous version of the * secret. - `remove_previous_and_delete`: Completes the same action as `remove_previous`, but also permanently * deletes the data of the previous secret version if it doesn't have any locks. Not supported for custom credentials * secret type. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocks>>} */ createSecretLocksBulk(params: SecretsManagerV2.CreateSecretLocksBulkParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocks>>; /** * Delete secret locks. * * Delete all the locks or a subset of the locks that are associated with a version of a secret. * * To delete only a subset of the locks, add a query param with a comma to separate the list of lock names: * * Example: `?name=lock-example-1,lock-example-2`. * * **Note:** A secret is considered unlocked and able to be deleted only after you remove all of its locks. To * determine whether a secret contains locks, check the `locks_total` field that is returned as part of the metadata * of your secret. * * @param {Object} params - The parameters to send to the service. * @param {string} params.id - The UUID that uniquely identifies your secret. * @param {string[]} [params.name] - Specify the names of the secret locks to be deleted. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocks>>} */ deleteSecretLocksBulk(params: SecretsManagerV2.DeleteSecretLocksBulkParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocks>>; /** * List secret version locks. * * List the locks that are associated with a specified secret version. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The UUID that uniquely identifies your secret version. You can use the `current` or * `previous` aliases to refer to the current or previous secret version. * @param {number} [params.offset] - The number of locks to skip. By specifying `offset`, you retrieve a subset of * items that starts with the `offset` value. Use `offset` with `limit` to page through your available resources. * * **Usage:** If you have 100 locks on your secret, and you want to retrieve locks 26 through 50, use * `..?offset=25&limit=25`. * @param {number} [params.limit] - The number of locks with associated secret to retrieve. By default, list * operations return the first 25 items. To retrieve a different set of items, use `limit` with `offset` to page * through your available resources. * * **Usage:** If you have 20 secrets in your instance, and you want to retrieve only the first 5, use * `..?limit=5`. * @param {string} [params.sort] - Sort a collection of locks by the specified field in ascending order. To sort in * descending order use the `-` character * * **Available values:** created_at | updated_at | name * * **Usage:** To sort a list of locks by their creation date, use * `../locks?sort=created_at`. * @param {string} [params.search] - Filter locks that contain the specified string in the field "name". * * **Usage:** If you want to list only the locks that contain the string "text" in the field "name", use * `..?search=text`. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersionLocksPaginatedCollection>>} */ listSecretVersionLocks(params: SecretsManagerV2.ListSecretVersionLocksParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretVersionLocksPaginatedCollection>>; /** * Create secret version locks. * * Create a lock on the specified version of a secret. * * A lock can be used to prevent a secret from being deleted or modified while it's in use by your applications. A * successful request attaches a new lock to your secret, or replaces a lock of the same name if it already exists. * Additionally, you can use this operation to clear any matching locks on a secret by using one of the following * optional lock modes: * * - `remove_previous`: Removes any other locks with matching names if they are found in the previous version of the * secret. * - `remove_previous_and_delete`: Carries out the same function as `remove_previous`, but also permanently deletes * the data of the previous secret version if it doesn't have any locks. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The UUID that uniquely identifies your secret version. You can use the `current` or * `previous` aliases to refer to the current or previous secret version. * @param {SecretLockPrototype[]} params.locks - The locks data to be attached to a secret version. * @param {string} [params.mode] - An optional lock mode. When you create a lock, you can set one of the following * modes to clear any matching locks on a secret version. * - `remove_previous`: Removes any other locks with matching names if they are found in the previous version of the * secret. - `remove_previous_and_delete`: Completes the same action as `remove_previous`, but also permanently * deletes the data of the previous secret version if it doesn't have any locks. Not supported for custom credentials * secret type. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocks>>} */ createSecretVersionLocksBulk(params: SecretsManagerV2.CreateSecretVersionLocksBulkParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocks>>; /** * Delete locks on a secret version. * * Delete all the locks or a subset of the locks that are associated with the specified version of a secret. * * To delete only a subset of the locks, add a query param with a comma to separate the list of lock names: * * Example: `?name=lock-example-1,lock-example-2`. * * **Note:** A secret is considered unlocked and able to be deleted only after all of its locks are removed. To * determine whether a secret contains locks, check the `locks_total` field that is returned as part of the metadata * of your secret. * * @param {Object} params - The parameters to send to the service. * @param {string} params.secretId - The UUID that uniquely identifies your secret. * @param {string} params.id - The UUID that uniquely identifies your secret version. You can use the `current` or * `previous` aliases to refer to the current or previous secret version. * @param {string[]} [params.name] - Specify the names of the secret locks to be deleted. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocks>>} */ deleteSecretVersionLocksBulk(params: SecretsManagerV2.DeleteSecretVersionLocksBulkParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.SecretLocks>>; /************************* * configurations ************************/ /** * Create a new configuration. * * Add a configuration to the specified secret type. * * Use this operation to define the configurations that are required to create public certificates (`public_cert`), * private certificates (`private_cert`), IAM credentials secrets (`iam_credentials`) and custom credentials secrets * (`custom_credentials`). * * You can add multiple configurations for your instance as follows: * * - A single configuration for IAM credentials. * - Up to 10 CA configurations for public certificates. * - Up to 10 DNS configurations for public certificates. * - Up to 10 Root CA configurations for private certificates. * - Up to 10 Intermediate CA configurations for private certificates. * - Up to 10 Certificate Template configurations for private certificates. * * @param {Object} params - The parameters to send to the service. * @param {ConfigurationPrototype} params.configurationPrototype - * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.Configuration>>} */ createConfiguration(params: SecretsManagerV2.CreateConfigurationParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.Configuration>>; /** * List configurations. * * List the configurations that are available in your Secrets Manager instance. * * @param {Object} [params] - The parameters to send to the service. * @param {number} [params.offset] - The number of configurations to skip. By specifying `offset`, you retrieve a * subset of items that starts with the `offset` value. Use `offset` with `limit` to page through your available * resources. * * **Usage:** If you have 100 configurations in your instance, and you want to retrieve configurations 26 through 50, * use * `..?offset=25&limit=25`. * @param {number} [params.limit] - The number of configurations to retrieve. By default, list operations return the * first 200 items. To retrieve a different set of items, use `limit` with `offset` to page through your available * resources. Maximum limit allowed is 1000 secrets. * * **Usage:** If you want to retrieve only the first 25 configurations in your instance, use * `..?limit=25`. * @param {string} [params.sort] - Sort a collection of configurations by the specified field in ascending order. To * sort in descending order use the `-` character * * * **Available values:** config_type | secret_type | name * * **Usage:** To sort a list of configurations by their creation date, use * `../configurations?sort=config_type`. * @param {string} [params.search] - Obtain a collection of configurations that contain the specified string in one or * more of the fields: `name`, `config_type`, `secret_type`. * * **Usage:** If you want to list only the configurations that contain the string `text`, use * `../configurations?search=text`. * @param {string[]} [params.secretTypes] - Filter configurations by secret types, iam_credentials, public_cert or * private_cert. * * You can apply multiple filters by using a comma-separated list of secret types. * * **Usage:** To retrieve a list of configurations that are associated with all secret types, use * `..?secret_types=iam_credentials,public_cert,private_cert,custom_credentials`. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.ConfigurationMetadataPaginatedCollection>>} */ listConfigurations(params?: SecretsManagerV2.ListConfigurationsParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.ConfigurationMetadataPaginatedCollection>>; /** * Get a configuration. * * Get a configuration by specifying its name. * * A successful request returns the details of your configuration. * * @param {Object} params - The parameters to send to the service. * @param {string} params.name - The name that uniquely identifies a configuration. * @param {string} [params.xSmAcceptConfigurationType] - The configuration type of this configuration - use this * header to resolve 300 error responses. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.Configuration>>} */ getConfiguration(params: SecretsManagerV2.GetConfigurationParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.Configuration>>; /** * Update configuration. * * Update a configuration. * * @param {Object} params - The parameters to send to the service. * @param {string} params.name - The name that uniquely identifies a configuration. * @param {ConfigurationPatch} params.configurationPatch - * @param {string} [params.xSmAcceptConfigurationType] - The configuration type of this configuration - use this * header to resolve 300 error responses. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.Configuration>>} */ updateConfiguration(params: SecretsManagerV2.UpdateConfigurationParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.Configuration>>; /** * Delete a configuration. * * Delete a configuration by specifying its name. * * @param {Object} params - The parameters to send to the service. * @param {string} params.name - The name that uniquely identifies a configuration. * @param {string} [params.xSmAcceptConfigurationType] - The configuration type of this configuration - use this * header to resolve 300 error responses. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>} */ deleteConfiguration(params: SecretsManagerV2.DeleteConfigurationParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>; /** * Create a configuration action. * * Create a configuration action. This operation supports the following actions: * * - `private_cert_configuration_action_sign_intermediate`: Sign an intermediate certificate authority. * - `private_cert_configuration_action_sign_csr`: Sign a certificate signing request. * - `private_cert_configuration_action_set_signed`: Set a signed intermediate certificate authority. * - `private_cert_configuration_action_revoke_ca_certificate`: Revoke an internally signed intermediate certificate * authority certificate. * - `private_cert_configuration_action_rotate_crl`: Rotate the certificate revocation list (CRL) of an intermediate * certificate authority. * - `private_cert_configuration_action_rotate_intermediate`: Rotate an internally signed intermediate certificate * authority certificate. * * @param {Object} params - The parameters to send to the service. * @param {string} params.name - The name that uniquely identifies a configuration. * @param {ConfigurationActionPrototype} params.configActionPrototype - * @param {string} [params.xSmAcceptConfigurationType] - The configuration type of this configuration - use this * header to resolve 300 error responses. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.ConfigurationAction>>} */ createConfigurationAction(params: SecretsManagerV2.CreateConfigurationActionParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.ConfigurationAction>>; /************************* * notifications ************************/ /** * Register with Event Notifications instance. * * Create a registration between a Secrets Manager instance and [Event * Notifications](https://cloud.ibm.com/apidocs/event-notifications). * * A successful request adds Secrets Manager as a source that you can reference from your Event Notifications * instance. For more information about enabling notifications for Secrets Manager, check out the * [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-event-notifications). * * @param {Object} params - The parameters to send to the service. * @param {string} params.eventNotificationsInstanceCrn - A CRN that uniquely identifies an IBM Cloud resource. * @param {string} params.eventNotificationsSourceName - The name that is displayed as a source that is in your Event * Notifications instance. * @param {string} [params.eventNotificationsSourceDescription] - An optional description for the source that is in * your Event Notifications instance. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.NotificationsRegistration>>} */ createNotificationsRegistration(params: SecretsManagerV2.CreateNotificationsRegistrationParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.NotificationsRegistration>>; /** * Get Event Notifications registration details. * * Get the details of the registration between your Secrets Manager instance and Event Notifications. * * @param {Object} [params] - The parameters to send to the service. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.NotificationsRegistration>>} */ getNotificationsRegistration(params?: SecretsManagerV2.GetNotificationsRegistrationParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.NotificationsRegistration>>; /** * Unregister from Event Notifications instance. * * Delete the registration between your Secrets Manager instance and Event Notifications. * * A successful request removes your Secrets Manager instance as a source in Event Notifications. * * @param {Object} [params] - The parameters to send to the service. * @param {OutgoingHttpHeaders} [params.headers] - Custom request headers * @returns {Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>} */ deleteNotificationsRegistration(params?: SecretsManagerV2.DeleteNotificationsRegistrationParams): Promise<SecretsManagerV2.Response<SecretsManagerV2.EmptyObject>>; /** * Send a test event for Event Notifications registrations. * * Send a test event from a Secrets Manager instance to a configured [Event * Notifications](https://cloud.ibm.com/apidocs/event-notifications) instance. *