Package com.ibm.cloud.secrets_manager_sdk.secrets_manager.v2

Class SecretsManager

  • public class SecretsManager
extends com.ibm.cloud.sdk.core.service.BaseService
    With IBM Cloud® Secrets Manager, you can create, lease, and centrally manage secrets that are used in IBM Cloud services or your custom-built applications. API Version: 2.0.0 See: https://cloud.ibm.com/docs/secrets-manager

    • Field Detail

      • DEFAULT_SERVICE_NAME

        public static final String DEFAULT_SERVICE_NAME
        Default service name used when configuring the `SecretsManager` client.
        See Also:
        Constant Field Values

      • PARAMETERIZED_SERVICE_URL

        public static final String PARAMETERIZED_SERVICE_URL
        The parameterized service endpoint URL.
        See Also:
        Constant Field Values

    • Constructor Detail

      • SecretsManager

        public SecretsManager​(String serviceName,
                      com.ibm.cloud.sdk.core.security.Authenticator authenticator)
        Constructs an instance of the `SecretsManager` client. The specified service name and authenticator are used to configure the client instance.
        Parameters:
        serviceName - the service name to be used when configuring the client instance
        authenticator - the Authenticator instance to be configured for this client

    • Method Detail

      • newInstance

        public static SecretsManager newInstance()
        Class method which constructs an instance of the `SecretsManager` client. The default service name is used to configure the client instance.
        Returns:
        an instance of the `SecretsManager` client using external configuration

      • newInstance

        public static SecretsManager newInstance​(String serviceName)
        Class method which constructs an instance of the `SecretsManager` client. The specified service name is used to configure the client instance.
        Parameters:
        serviceName - the service name to be used when configuring the client instance
        Returns:
        an instance of the `SecretsManager` client using external configuration

      • constructServiceUrl

        public static String constructServiceUrl​(Map<String,​String> providedUrlVariables)
        Constructs a service URL by formatting the parameterized service URL. The parameterized service URL is: 'https://{instance_id}.{region}.secrets-manager.appdomain.cloud' The default variable values are: - 'instance_id': 'provide-here-your-smgr-instanceuuid' - 'region': 'us-south'
        Parameters:
        providedUrlVariables - map from variable names to desired values. If a variable is not provided in this map, the default variable value will be used instead.
        Returns:
        the formatted URL with all variable placeholders replaced by values.

      • createSecretGroup

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretGroup> createSecretGroup​(CreateSecretGroupOptions createSecretGroupOptions)
        Create a new secret group. Create a secret group that you can use to organize secrets and control who can access them. A successful request returns the ID value of the secret group, along with other properties. To learn more about secret groups, check out the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-secret-groups).
        Parameters:
        createSecretGroupOptions - the CreateSecretGroupOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretGroup

      • listSecretGroups

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretGroupCollection> listSecretGroups()
        List secret groups. List the secret groups that are available in your Secrets Manager instance.
        Returns:
        a ServiceCall with a result of type SecretGroupCollection

      • getSecretGroup

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretGroup> getSecretGroup​(GetSecretGroupOptions getSecretGroupOptions)
        Get a secret group. Get the properties of an existing secret group by specifying the ID of the group.
        Parameters:
        getSecretGroupOptions - the GetSecretGroupOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretGroup

      • updateSecretGroup

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretGroup> updateSecretGroup​(UpdateSecretGroupOptions updateSecretGroupOptions)
        Update a secret group. Update the properties of an existing secret group, such as its name or description.
        Parameters:
        updateSecretGroupOptions - the UpdateSecretGroupOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretGroup

      • deleteSecretGroup

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> deleteSecretGroup​(DeleteSecretGroupOptions deleteSecretGroupOptions)
        Delete a secret group. Delete a secret group by specifying the ID of the secret group. **Note:** To delete a secret group, it must be empty. If you need to remove a secret group that contains secrets, you must first delete the secrets that are associated with the group.
        Parameters:
        deleteSecretGroupOptions - the DeleteSecretGroupOptions containing the options for the call
        Returns:
        a ServiceCall with a void result

      • createSecret

        public com.ibm.cloud.sdk.core.http.ServiceCall<Secret> createSecret​(CreateSecretOptions createSecretOptions)
        Create a new secret. Create a secret or import an existing value that you can use to access or authenticate to a protected resource. Use this operation to either generate or import an existing secret, such as a TLS certificate, that you can manage in your Secrets Manager service instance. A successful request stores the secret in your dedicated instance, based on the secret type and data that you specify. The response returns the ID value of the secret, along with other metadata. To learn more about the types of secrets that you can create with Secrets Manager, check out the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-what-is-secret).
        Parameters:
        createSecretOptions - the CreateSecretOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type Secret

      • getSecret

        public com.ibm.cloud.sdk.core.http.ServiceCall<Secret> getSecret​(GetSecretOptions getSecretOptions)
        Get a secret. Get a secret and its details by specifying the ID of the secret. A successful request returns the secret data that is associated with your secret, along with other metadata. To view only the details of a specified secret without retrieving its value, use the Get secret metadata operation.
        Parameters:
        getSecretOptions - the GetSecretOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type Secret

      • deleteSecret

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> deleteSecret​(DeleteSecretOptions deleteSecretOptions)
        Delete a secret. Delete a secret by specifying the ID of the secret.
        Parameters:
        deleteSecretOptions - the DeleteSecretOptions containing the options for the call
        Returns:
        a ServiceCall with a void result

      • getSecretMetadata

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretMetadata> getSecretMetadata​(GetSecretMetadataOptions getSecretMetadataOptions)
        Get the metadata of a secret. Get the metadata of a secret by specifying the ID of the secret.
        Parameters:
        getSecretMetadataOptions - the GetSecretMetadataOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretMetadata

      • updateSecretMetadata

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretMetadata> updateSecretMetadata​(UpdateSecretMetadataOptions updateSecretMetadataOptions)
        Update the metadata of a secret. Update the metadata of a secret, such as its name or description.
        Parameters:
        updateSecretMetadataOptions - the UpdateSecretMetadataOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretMetadata

      • createSecretAction

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretAction> createSecretAction​(CreateSecretActionOptions createSecretActionOptions)
        Create a secret action. Create a secret action. This operation supports the following actions:.
        Parameters:
        createSecretActionOptions - the CreateSecretActionOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretAction

      • getSecretByNameType

        public com.ibm.cloud.sdk.core.http.ServiceCall<Secret> getSecretByNameType​(GetSecretByNameTypeOptions getSecretByNameTypeOptions)
        Get a secret by name. Get a secret and its details by specifying the Name and Type of the secret. A successful request returns the secret data that is associated with your secret, along with other metadata. To view only the details of a specified secret without retrieving its value, use the Get secret metadata operation.
        Parameters:
        getSecretByNameTypeOptions - the GetSecretByNameTypeOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type Secret

      • getSecretVersion

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretVersion> getSecretVersion​(GetSecretVersionOptions getSecretVersionOptions)
        Get a version of a secret. Get a version of a secret by specifying the ID of the version. You can use the `current` or `previous` aliases to refer to the current or previous secret version. A successful request returns the secret data that is associated with the specified version of your secret, along with other metadata.
        Parameters:
        getSecretVersionOptions - the GetSecretVersionOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretVersion

      • deleteSecretVersionData

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> deleteSecretVersionData​(DeleteSecretVersionDataOptions deleteSecretVersionDataOptions)
        Delete the data of a secret version. Delete the data of a secret version by specifying its version ID. This operation is available for the following secret types: `iam_credentials`: current version only `custom_credentials`: both current and previous versions.
        Parameters:
        deleteSecretVersionDataOptions - the DeleteSecretVersionDataOptions containing the options for the call
        Returns:
        a ServiceCall with a void result

      • getSecretVersionMetadata

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretVersionMetadata> getSecretVersionMetadata​(GetSecretVersionMetadataOptions getSecretVersionMetadataOptions)
        Get the metadata of a secret version. Get the metadata of a secret version by specifying the ID of the version. You can use the `current` or `previous` aliases to refer to the current or previous secret version. A successful request returns the metadata that is associated with the specified version of your secret.
        Parameters:
        getSecretVersionMetadataOptions - the GetSecretVersionMetadataOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretVersionMetadata

      • createSecretVersionAction

        public com.ibm.cloud.sdk.core.http.ServiceCall<VersionAction> createSecretVersionAction​(CreateSecretVersionActionOptions createSecretVersionActionOptions)
        Create a version action. Create a secret version action. This operation supports the following actions: - `private_cert_action_revoke_certificate`: Revoke a version of a private certificate.
        Parameters:
        createSecretVersionActionOptions - the CreateSecretVersionActionOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type VersionAction

      • getSecretTask

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretTask> getSecretTask​(GetSecretTaskOptions getSecretTaskOptions)
        Get a secret's task. Get a task of a secret and its details by specifying the ID of the task. A successful request returns the task that is associated with your secret. Supported secret types: `custom_credentials`.
        Parameters:
        getSecretTaskOptions - the GetSecretTaskOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretTask

      • replaceSecretTask

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretTask> replaceSecretTask​(ReplaceSecretTaskOptions replaceSecretTaskOptions)
        Update a secret's task. A callback endpoint for updating a task with results. Supported secret types: `custom_credentials`.
        Parameters:
        replaceSecretTaskOptions - the ReplaceSecretTaskOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretTask

      • deleteSecretTask

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> deleteSecretTask​(DeleteSecretTaskOptions deleteSecretTaskOptions)
        Delete a task. Delete a task by specifying the ID of the secret. Supported secret types: `custom_credentials`.
        Parameters:
        deleteSecretTaskOptions - the DeleteSecretTaskOptions containing the options for the call
        Returns:
        a ServiceCall with a void result

      • createSecretLocksBulk

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretLocks> createSecretLocksBulk​(CreateSecretLocksBulkOptions createSecretLocksBulkOptions)
        Create secret locks. Create a lock on the current version of a secret. A lock can be used to prevent a secret from being deleted or modified while it's in use by your applications. A successful request attaches a new lock to your secret, or replaces a lock of the same name if it already exists. Additionally, you can use this operation to clear any matching locks on a secret by using one of the following optional lock modes: - `remove_previous`: Removes any other locks with matching names if they are found in the previous version of the secret.\n - `remove_previous_and_delete`: Carries out the same function as `remove_previous`, but also permanently deletes the data of the previous secret version if it doesn't have any locks.
        Parameters:
        createSecretLocksBulkOptions - the CreateSecretLocksBulkOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretLocks

      • deleteSecretLocksBulk

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretLocks> deleteSecretLocksBulk​(DeleteSecretLocksBulkOptions deleteSecretLocksBulkOptions)
        Delete secret locks. Delete all the locks or a subset of the locks that are associated with a version of a secret. To delete only a subset of the locks, add a query param with a comma to separate the list of lock names: Example: `?name=lock-example-1,lock-example-2`. **Note:** A secret is considered unlocked and able to be deleted only after you remove all of its locks. To determine whether a secret contains locks, check the `locks_total` field that is returned as part of the metadata of your secret.
        Parameters:
        deleteSecretLocksBulkOptions - the DeleteSecretLocksBulkOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretLocks

      • createSecretVersionLocksBulk

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretLocks> createSecretVersionLocksBulk​(CreateSecretVersionLocksBulkOptions createSecretVersionLocksBulkOptions)
        Create secret version locks. Create a lock on the specified version of a secret. A lock can be used to prevent a secret from being deleted or modified while it's in use by your applications. A successful request attaches a new lock to your secret, or replaces a lock of the same name if it already exists. Additionally, you can use this operation to clear any matching locks on a secret by using one of the following optional lock modes: - `remove_previous`: Removes any other locks with matching names if they are found in the previous version of the secret. - `remove_previous_and_delete`: Carries out the same function as `remove_previous`, but also permanently deletes the data of the previous secret version if it doesn't have any locks.
        Parameters:
        createSecretVersionLocksBulkOptions - the CreateSecretVersionLocksBulkOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretLocks

      • deleteSecretVersionLocksBulk

        public com.ibm.cloud.sdk.core.http.ServiceCall<SecretLocks> deleteSecretVersionLocksBulk​(DeleteSecretVersionLocksBulkOptions deleteSecretVersionLocksBulkOptions)
        Delete locks on a secret version. Delete all the locks or a subset of the locks that are associated with the specified version of a secret. To delete only a subset of the locks, add a query param with a comma to separate the list of lock names: Example: `?name=lock-example-1,lock-example-2`. **Note:** A secret is considered unlocked and able to be deleted only after all of its locks are removed. To determine whether a secret contains locks, check the `locks_total` field that is returned as part of the metadata of your secret.
        Parameters:
        deleteSecretVersionLocksBulkOptions - the DeleteSecretVersionLocksBulkOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type SecretLocks

      • createConfiguration

        public com.ibm.cloud.sdk.core.http.ServiceCall<Configuration> createConfiguration​(CreateConfigurationOptions createConfigurationOptions)
        Create a new configuration. Add a configuration to the specified secret type. Use this operation to define the configurations that are required to create public certificates (`public_cert`), private certificates (`private_cert`), IAM credentials secrets (`iam_credentials`) and custom credentials secrets (`custom_credentials`). You can add multiple configurations for your instance as follows: - A single configuration for IAM credentials. - Up to 10 CA configurations for public certificates. - Up to 10 DNS configurations for public certificates. - Up to 10 Root CA configurations for private certificates. - Up to 10 Intermediate CA configurations for private certificates. - Up to 10 Certificate Template configurations for private certificates.
        Parameters:
        createConfigurationOptions - the CreateConfigurationOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type Configuration

      • getConfiguration

        public com.ibm.cloud.sdk.core.http.ServiceCall<Configuration> getConfiguration​(GetConfigurationOptions getConfigurationOptions)
        Get a configuration. Get a configuration by specifying its name. A successful request returns the details of your configuration.
        Parameters:
        getConfigurationOptions - the GetConfigurationOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type Configuration

      • deleteConfiguration

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> deleteConfiguration​(DeleteConfigurationOptions deleteConfigurationOptions)
        Delete a configuration. Delete a configuration by specifying its name.
        Parameters:
        deleteConfigurationOptions - the DeleteConfigurationOptions containing the options for the call
        Returns:
        a ServiceCall with a void result

      • createConfigurationAction

        public com.ibm.cloud.sdk.core.http.ServiceCall<ConfigurationAction> createConfigurationAction​(CreateConfigurationActionOptions createConfigurationActionOptions)
        Create a configuration action. Create a configuration action. This operation supports the following actions: - `private_cert_configuration_action_sign_intermediate`: Sign an intermediate certificate authority. - `private_cert_configuration_action_sign_csr`: Sign a certificate signing request. - `private_cert_configuration_action_set_signed`: Set a signed intermediate certificate authority. - `private_cert_configuration_action_revoke_ca_certificate`: Revoke an internally signed intermediate certificate authority certificate. - `private_cert_configuration_action_rotate_crl`: Rotate the certificate revocation list (CRL) of an intermediate certificate authority. - `private_cert_configuration_action_rotate_intermediate`: Rotate an internally signed intermediate certificate authority certificate.
        Parameters:
        createConfigurationActionOptions - the CreateConfigurationActionOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type ConfigurationAction

      • createNotificationsRegistration

        public com.ibm.cloud.sdk.core.http.ServiceCall<NotificationsRegistration> createNotificationsRegistration​(CreateNotificationsRegistrationOptions createNotificationsRegistrationOptions)
        Register with Event Notifications instance. Create a registration between a Secrets Manager instance and [Event Notifications](https://cloud.ibm.com/apidocs/event-notifications). A successful request adds Secrets Manager as a source that you can reference from your Event Notifications instance. For more information about enabling notifications for Secrets Manager, check out the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-event-notifications).
        Parameters:
        createNotificationsRegistrationOptions - the CreateNotificationsRegistrationOptions containing the options for the call
        Returns:
        a ServiceCall with a result of type NotificationsRegistration

      • getNotificationsRegistration

        public com.ibm.cloud.sdk.core.http.ServiceCall<NotificationsRegistration> getNotificationsRegistration()
        Get Event Notifications registration details. Get the details of the registration between your Secrets Manager instance and Event Notifications.
        Returns:
        a ServiceCall with a result of type NotificationsRegistration

      • deleteNotificationsRegistration

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> deleteNotificationsRegistration​(DeleteNotificationsRegistrationOptions deleteNotificationsRegistrationOptions)
        Unregister from Event Notifications instance. Delete the registration between your Secrets Manager instance and Event Notifications. A successful request removes your Secrets Manager instance as a source in Event Notifications.
        Parameters:
        deleteNotificationsRegistrationOptions - the DeleteNotificationsRegistrationOptions containing the options for the call
        Returns:
        a ServiceCall with a void result

      • deleteNotificationsRegistration

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> deleteNotificationsRegistration()
        Unregister from Event Notifications instance. Delete the registration between your Secrets Manager instance and Event Notifications. A successful request removes your Secrets Manager instance as a source in Event Notifications.
        Returns:
        a ServiceCall with a void result

      • getNotificationsRegistrationTest

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> getNotificationsRegistrationTest​(GetNotificationsRegistrationTestOptions getNotificationsRegistrationTestOptions)
        Send a test event for Event Notifications registrations. Send a test event from a Secrets Manager instance to a configured [Event Notifications](https://cloud.ibm.com/apidocs/event-notifications) instance. A successful request sends a test event to the Event Notifications instance. For more information about enabling notifications for Secrets Manager, check out the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-event-notifications).
        Parameters:
        getNotificationsRegistrationTestOptions - the GetNotificationsRegistrationTestOptions containing the options for the call
        Returns:
        a ServiceCall with a void result

      • getNotificationsRegistrationTest

        public com.ibm.cloud.sdk.core.http.ServiceCall<Void> getNotificationsRegistrationTest()
        Send a test event for Event Notifications registrations. Send a test event from a Secrets Manager instance to a configured [Event Notifications](https://cloud.ibm.com/apidocs/event-notifications) instance. A successful request sends a test event to the Event Notifications instance. For more information about enabling notifications for Secrets Manager, check out the [docs](https://cloud.ibm.com/docs/secrets-manager?topic=secrets-manager-event-notifications).
        Returns:
        a ServiceCall with a void result