Package com.ibm.cloud.secrets_manager_sdk.secrets_manager.v2.model

Class SecretPrototype

    • Method Detail

      • customMetadata

        public Map<String,​Object> customMetadata()
        Gets the customMetadata. The secret metadata that a user can customize.
        Returns:
        the customMetadata

      • description

        public String description()
        Gets the description. An extended description of your secret. To protect your privacy, do not use personal data, such as your name or location, as a description for your secret group.
        Returns:
        the description

      • expirationDate

        public Date expirationDate()
        Gets the expirationDate. The date when the secret material expires. The date format follows the `RFC 3339` format. Supported secret types: Arbitrary, username_password.
        Returns:
        the expirationDate

      • labels

        public List<String> labels()
        Gets the labels. Labels that you can use to search secrets in your instance. Only 30 labels can be created. Label can be between 2-64 characters, including spaces. To protect your privacy, do not use personal data, such as your name or location, as a label for your secret.
        Returns:
        the labels

      • name

        public String name()
        Gets the name. A human-readable name to assign to your secret. To protect your privacy, do not use personal data, such as your name or location, as a name for your secret.
        Returns:
        the name

      • secretGroupId

        public String secretGroupId()
        Gets the secretGroupId. A UUID identifier, or `default` secret group.
        Returns:
        the secretGroupId

      • secretType

        public String secretType()
        Gets the secretType. The secret type. Supported types are arbitrary, imported_cert, public_cert, private_cert, iam_credentials, service_credentials, kv, and username_password.
        Returns:
        the secretType

      • payload

        public String payload()
        Gets the payload. The secret data that is assigned to an `arbitrary` secret.
        Returns:
        the payload

      • versionCustomMetadata

        public Map<String,​Object> versionCustomMetadata()
        Gets the versionCustomMetadata. The secret version metadata that a user can customize.
        Returns:
        the versionCustomMetadata

      • ttl

        public String ttl()
        Gets the ttl. The time-to-live (TTL) or lease duration to assign to credentials that are generated. Supported secret types: iam_credentials, service_credentials, custom_credentials. The TTL defines how long generated credentials remain valid. The value can be either an integer that specifies the number of seconds, or the string representation of a duration, such as `1440m` or `24h`. For the iam_credentials secret type, the TTL field is mandatory. The minimum duration is 1 minute. The maximum is 90 days. For the service_credentials secret type, the TTL field is optional. If it is set the minimum duration is 1 day. The maximum is 90 days. By default, the TTL is set to 0. After the TTL is modified, it will be applied only on the next secret rotation. For the custom_credentials secret type, the TTL field is optional. The minimum duration is 1 day. The maximum is 90 days.
        Returns:
        the ttl

      • accessGroups

        public List<String> accessGroups()
        Gets the accessGroups. Access Groups that you can use for an `iam_credentials` secret. Up to 10 Access Groups can be used for each secret.
        Returns:
        the accessGroups

      • serviceId

        public String serviceId()
        Gets the serviceId. The service ID under which the API key (see the `api_key` field) is created. If you omit this parameter, Secrets Manager generates a new service ID for your secret at its creation, and adds it to the access groups that you assign. Optionally, you can use this field to provide your own service ID if you prefer to manage its access directly or retain the service ID after your secret expires, is rotated, or deleted. If you provide a service ID, do not include the `access_groups` parameter.
        Returns:
        the serviceId

      • accountId

        public String accountId()
        Gets the accountId. The ID of the account in which the IAM credentials are created. Use this field only if the target account is not the same as the account of the Secrets Manager instance. Otherwise, the field can be omitted.
        Returns:
        the accountId

      • reuseApiKey

        public Boolean reuseApiKey()
        Gets the reuseApiKey. (IAM credentials) This parameter indicates whether to reuse the service ID and API key for future read operations. If it is set to `true`, the service reuses the current credentials. If it is set to `false`, a new service ID and API key are generated each time that the secret is read or accessed.
        Returns:
        the reuseApiKey

      • rotation

        public RotationPolicy rotation()
        Gets the rotation. This field indicates whether Secrets Manager rotates your secrets automatically. Supported secret types: username_password, private_cert, public_cert, iam_credentials, custom_credentials.
        Returns:
        the rotation

      • certificate

        public String certificate()
        Gets the certificate. Your PEM-encoded certificate. The data must be formatted on a single line with embedded newline characters.
        Returns:
        the certificate

      • intermediate

        public String intermediate()
        Gets the intermediate. The PEM-encoded intermediate certificate that is associated with the root certificate. The data must be formatted on a single line with embedded newline characters.
        Returns:
        the intermediate

      • privateKey

        public String privateKey()
        Gets the privateKey. The PEM-encoded private key that is associated with the certificate. The data must be formatted on a single line with embedded newline characters.
        Returns:
        the privateKey

      • managedCsr

        public ImportedCertificateManagedCsr managedCsr()
        Gets the managedCsr. The data specified to create the CSR and the private key.
        Returns:
        the managedCsr

      • data

        public Map<String,​Object> data()
        Gets the data. The payload data of a key-value secret.
        Returns:
        the data

      • certificateTemplate

        public String certificateTemplate()
        Gets the certificateTemplate. The name of the certificate template.
        Returns:
        the certificateTemplate

      • commonName

        public String commonName()
        Gets the commonName. The Common Name (CN) represents the server name that is protected by the SSL certificate.
        Returns:
        the commonName

      • altNames

        public List<String> altNames()
        Gets the altNames. With the Subject Alternative Name field, you can specify additional hostnames to be protected by a single SSL certificate.
        Returns:
        the altNames

      • ipSans

        public String ipSans()
        Gets the ipSans. The IP Subject Alternative Names to define for the CA certificate, in a comma-delimited list.
        Returns:
        the ipSans

      • uriSans

        public String uriSans()
        Gets the uriSans. The URI Subject Alternative Names to define for the CA certificate, in a comma-delimited list.
        Returns:
        the uriSans

      • otherSans

        public List<String> otherSans()
        Gets the otherSans. The custom Object Identifier (OID) or UTF8-string Subject Alternative Names to define for the CA certificate. The alternative names must match the values that are specified in the `allowed_other_sans` field in the associated certificate template. The format is the same as OpenSSL: `<oid>:<type>:<value>` where the current valid type is `UTF8`.
        Returns:
        the otherSans

      • csr

        public String csr()
        Gets the csr. The certificate signing request.
        Returns:
        the csr

      • format

        public String format()
        Gets the format. The format of the returned data.
        Returns:
        the format

      • privateKeyFormat

        public String privateKeyFormat()
        Gets the privateKeyFormat. The format of the generated private key.
        Returns:
        the privateKeyFormat

      • excludeCnFromSans

        public Boolean excludeCnFromSans()
        Gets the excludeCnFromSans. This parameter controls whether the common name is excluded from Subject Alternative Names (SANs). If the common name is set to `true`, it is not included in DNS, or email SANs if they apply. This field can be useful if the common name is a human-readable identifier, instead of a hostname or an email address.
        Returns:
        the excludeCnFromSans

      • keyAlgorithm

        public String keyAlgorithm()
        Gets the keyAlgorithm. The identifier for the cryptographic algorithm that is used to generate the public key that is associated with the certificate. The algorithm that you select determines the encryption algorithm (`RSA` or `ECDSA`) and key size to be used to generate keys and sign certificates. For longer living certificates, it is recommended to use longer keys to provide more encryption protection. Allowed values: `RSA2048`, `RSA4096`, `ECDSA256`, and `ECDSA384`.
        Returns:
        the keyAlgorithm

      • ca

        public String ca()
        Gets the ca. The name of the certificate authority configuration.
        Returns:
        the ca

      • dns

        public String dns()
        Gets the dns. The name of the DNS provider configuration.
        Returns:
        the dns

      • bundleCerts

        public Boolean bundleCerts()
        Gets the bundleCerts. This field indicates whether your issued certificate is bundled with intermediate certificates. Set to `false` for the certificate file to contain only the issued certificate.
        Returns:
        the bundleCerts

      • sourceService

        public ServiceCredentialsSecretSourceService sourceService()
        Gets the sourceService. The properties that are required to create the service credentials for the specified source service instance.
        Returns:
        the sourceService

      • username

        public String username()
        Gets the username. The username that is assigned to an `username_password` secret.
        Returns:
        the username

      • password

        public String password()
        Gets the password. The password that is assigned to an `username_password` secret. If you omit this parameter, Secrets Manager generates a new random password for your secret.
        Returns:
        the password

      • passwordGenerationPolicy

        public PasswordGenerationPolicy passwordGenerationPolicy()
        Gets the passwordGenerationPolicy. Policy for auto-generated passwords.
        Returns:
        the passwordGenerationPolicy

      • configuration

        public String configuration()
        Gets the configuration. The name of the custom credentials configuration.
        Returns:
        the configuration

      • parameters

        public Map<String,​Object> parameters()
        Gets the parameters. The parameters that are passed to custom credentials engine. Allowed types are 'string', 'integer' and 'boolean'.
        Returns:
        the parameters