akeyless 2.17.0 → 2.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -4
- data/docs/AccountGeneralSettings.md +3 -1
- data/docs/CreateAuthMethodK8S.md +2 -2
- data/docs/CreateAuthMethodLDAP.md +3 -1
- data/docs/CreateAuthMethodLDAPOutput.md +3 -1
- data/docs/CreatePKICertIssuer.md +5 -5
- data/docs/CreateSSHCertIssuer.md +1 -1
- data/docs/GatewayCreateK8SAuthConfig.md +2 -2
- data/docs/GatewayRevokeTmpUsers.md +4 -2
- data/docs/GatewayUpdateK8SAuthConfig.md +2 -2
- data/docs/GatewayUpdateLdapAuthConfig.md +2 -2
- data/docs/Item.md +2 -0
- data/docs/KubernetesAccessRules.md +2 -0
- data/docs/LDAPAccessRules.md +2 -0
- data/docs/RuleAssigner.md +20 -0
- data/docs/UpdateAccountSettings.md +11 -1
- data/docs/UpdateAuthMethodK8S.md +2 -2
- data/docs/UpdateAuthMethodLDAP.md +3 -1
- data/docs/UpdateAuthMethodLDAPOutput.md +18 -0
- data/docs/V2Api.md +4 -67
- data/lib/akeyless/api/v2_api.rb +3 -67
- data/lib/akeyless/models/account_general_settings.rb +13 -4
- data/lib/akeyless/models/create_auth_method_k8_s.rb +2 -2
- data/lib/akeyless/models/create_auth_method_ldap.rb +14 -2
- data/lib/akeyless/models/create_auth_method_ldap_output.rb +13 -4
- data/lib/akeyless/models/create_pki_cert_issuer.rb +5 -5
- data/lib/akeyless/models/create_ssh_cert_issuer.rb +1 -1
- data/lib/akeyless/models/gateway_create_k8_s_auth_config.rb +2 -2
- data/lib/akeyless/models/gateway_revoke_tmp_users.rb +14 -2
- data/lib/akeyless/models/gateway_update_k8_s_auth_config.rb +2 -2
- data/lib/akeyless/models/gateway_update_ldap_auth_config.rb +2 -2
- data/lib/akeyless/models/item.rb +10 -1
- data/lib/akeyless/models/kubernetes_access_rules.rb +11 -1
- data/lib/akeyless/models/ldap_access_rules.rb +11 -1
- data/lib/akeyless/models/rule_assigner.rb +228 -0
- data/lib/akeyless/models/update_account_settings.rb +54 -4
- data/lib/akeyless/models/update_auth_method_k8_s.rb +2 -4
- data/lib/akeyless/models/update_auth_method_ldap.rb +12 -2
- data/lib/akeyless/models/update_auth_method_ldap_output.rb +219 -0
- data/lib/akeyless/version.rb +1 -1
- data/lib/akeyless.rb +2 -2
- data/spec/models/rule_assigner_spec.rb +40 -0
- data/spec/models/update_auth_method_ldap_output_spec.rb +34 -0
- metadata +512 -504
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 256570f25ae7fd5412f270acc5ce72a8fc7e5510e65319166366de2cb4eeb470
|
4
|
+
data.tar.gz: '0339c97c8a1115d8e7c4483bfdbc76c5b6b450d02f0648b7e87b8994469d6dd6'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7d87c2a2c1e5a2e0d75fbdd3260cea74d78d99b4535023af18d8fa7769ff281debd6bf67e130ce22ac92dc9b7fe0bf5bf0a6aa438da4fa8281e38002996e933f
|
7
|
+
data.tar.gz: 96f4266b8435555eccad1e1d51b27726fed515ed2c6a4eed720710e7997b45b75d7190ad214102eb67e55ab3096830e29b62013bcdd3aaa2884b038c4810a544
|
data/README.md
CHANGED
@@ -7,7 +7,7 @@ The purpose of this application is to provide access to Akeyless API.
|
|
7
7
|
This SDK is automatically generated by the [OpenAPI Generator](https://openapi-generator.tech) project:
|
8
8
|
|
9
9
|
- API version: 2.0
|
10
|
-
- Package version: 2.
|
10
|
+
- Package version: 2.18.0
|
11
11
|
- Build package: org.openapitools.codegen.languages.RubyClientCodegen
|
12
12
|
For more information, please visit [http://akeyless.io](http://akeyless.io)
|
13
13
|
|
@@ -120,7 +120,6 @@ Class | Method | HTTP request | Description
|
|
120
120
|
*Akeyless::V2Api* | [**describe_sub_claims**](docs/V2Api.md#describe_sub_claims) | **POST** /describe-sub-claims |
|
121
121
|
*Akeyless::V2Api* | [**detokenize**](docs/V2Api.md#detokenize) | **POST** /detokenize |
|
122
122
|
*Akeyless::V2Api* | [**encrypt**](docs/V2Api.md#encrypt) | **POST** /encrypt |
|
123
|
-
*Akeyless::V2Api* | [**encrypt_pkcs1**](docs/V2Api.md#encrypt_pkcs1) | **POST** /encrypt-pkcs1 |
|
124
123
|
*Akeyless::V2Api* | [**encrypt_with_classic_key**](docs/V2Api.md#encrypt_with_classic_key) | **POST** /encrypt-with-classic-key |
|
125
124
|
*Akeyless::V2Api* | [**gateway_create_k8_s_auth_config**](docs/V2Api.md#gateway_create_k8_s_auth_config) | **POST** /gateway-create-k8s-auth-config |
|
126
125
|
*Akeyless::V2Api* | [**gateway_create_migration**](docs/V2Api.md#gateway_create_migration) | **POST** /gateway-create-migration |
|
@@ -451,8 +450,6 @@ Class | Method | HTTP request | Description
|
|
451
450
|
- [Akeyless::EncryptFile](docs/EncryptFile.md)
|
452
451
|
- [Akeyless::EncryptFileOutput](docs/EncryptFileOutput.md)
|
453
452
|
- [Akeyless::EncryptOutput](docs/EncryptOutput.md)
|
454
|
-
- [Akeyless::EncryptPKCS1](docs/EncryptPKCS1.md)
|
455
|
-
- [Akeyless::EncryptPKCS1Output](docs/EncryptPKCS1Output.md)
|
456
453
|
- [Akeyless::EncryptWithClassicKey](docs/EncryptWithClassicKey.md)
|
457
454
|
- [Akeyless::EncryptWithClassicKeyOutput](docs/EncryptWithClassicKeyOutput.md)
|
458
455
|
- [Akeyless::ExternalKMSKeyId](docs/ExternalKMSKeyId.md)
|
@@ -716,6 +713,7 @@ Class | Method | HTTP request | Description
|
|
716
713
|
- [Akeyless::RotatedSecretOutput](docs/RotatedSecretOutput.md)
|
717
714
|
- [Akeyless::Rotator](docs/Rotator.md)
|
718
715
|
- [Akeyless::RotatorsConfigPart](docs/RotatorsConfigPart.md)
|
716
|
+
- [Akeyless::RuleAssigner](docs/RuleAssigner.md)
|
719
717
|
- [Akeyless::Rules](docs/Rules.md)
|
720
718
|
- [Akeyless::SAMLAccessRules](docs/SAMLAccessRules.md)
|
721
719
|
- [Akeyless::SAMLAttribute](docs/SAMLAttribute.md)
|
@@ -775,6 +773,7 @@ Class | Method | HTTP request | Description
|
|
775
773
|
- [Akeyless::UpdateAuthMethodK8S](docs/UpdateAuthMethodK8S.md)
|
776
774
|
- [Akeyless::UpdateAuthMethodK8SOutput](docs/UpdateAuthMethodK8SOutput.md)
|
777
775
|
- [Akeyless::UpdateAuthMethodLDAP](docs/UpdateAuthMethodLDAP.md)
|
776
|
+
- [Akeyless::UpdateAuthMethodLDAPOutput](docs/UpdateAuthMethodLDAPOutput.md)
|
778
777
|
- [Akeyless::UpdateAuthMethodOAuth2](docs/UpdateAuthMethodOAuth2.md)
|
779
778
|
- [Akeyless::UpdateAuthMethodOIDC](docs/UpdateAuthMethodOIDC.md)
|
780
779
|
- [Akeyless::UpdateAuthMethodOutput](docs/UpdateAuthMethodOutput.md)
|
@@ -5,6 +5,7 @@
|
|
5
5
|
| Name | Type | Description | Notes |
|
6
6
|
| ---- | ---- | ----------- | ----- |
|
7
7
|
| **data_protection_section** | [**DataProtectionSection**](DataProtectionSection.md) | | [optional] |
|
8
|
+
| **password_policy** | [**PasswordPolicyInfo**](PasswordPolicyInfo.md) | | [optional] |
|
8
9
|
|
9
10
|
## Example
|
10
11
|
|
@@ -12,7 +13,8 @@
|
|
12
13
|
require 'akeyless'
|
13
14
|
|
14
15
|
instance = Akeyless::AccountGeneralSettings.new(
|
15
|
-
data_protection_section: null
|
16
|
+
data_protection_section: null,
|
17
|
+
password_policy: null
|
16
18
|
)
|
17
19
|
```
|
18
20
|
|
data/docs/CreateAuthMethodK8S.md
CHANGED
@@ -11,11 +11,11 @@
|
|
11
11
|
| **bound_pod_names** | **Array<String>** | A list of pod names that the access is restricted to | [optional] |
|
12
12
|
| **bound_sa_names** | **Array<String>** | A list of service account names that the access is restricted to | [optional] |
|
13
13
|
| **force_sub_claims** | **Boolean** | if true: enforce role-association must include sub claims | [optional] |
|
14
|
-
| **gen_key** | **String** |
|
14
|
+
| **gen_key** | **String** | Automatically generate key-pair for K8S configuration. If set to false, a public key needs to be provided | [optional][default to 'true'] |
|
15
15
|
| **gw_bound_ips** | **Array<String>** | A CIDR whitelist with the GW IPs that the access is restricted to | [optional] |
|
16
16
|
| **jwt_ttl** | **Integer** | Jwt TTL | [optional] |
|
17
17
|
| **name** | **String** | Auth Method name | |
|
18
|
-
| **public_key** | **String** | Base64-encoded public key
|
18
|
+
| **public_key** | **String** | Base64-encoded or PEM formatted public key data for K8S authentication method is required [RSA2048] | [optional] |
|
19
19
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
20
20
|
| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
|
21
21
|
|
@@ -7,10 +7,11 @@
|
|
7
7
|
| **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
|
8
8
|
| **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
|
9
9
|
| **force_sub_claims** | **Boolean** | if true: enforce role-association must include sub claims | [optional] |
|
10
|
+
| **gen_key** | **String** | Automatically generate key-pair for LDAP configuration. If set to false, a public key needs to be provided | [optional][default to 'true'] |
|
10
11
|
| **gw_bound_ips** | **Array<String>** | A CIDR whitelist with the GW IPs that the access is restricted to | [optional] |
|
11
12
|
| **jwt_ttl** | **Integer** | Jwt TTL | [optional] |
|
12
13
|
| **name** | **String** | Auth Method name | |
|
13
|
-
| **public_key_data** | **String** | A public key generated for LDAP authentication method on Akeyless in base64 format [RSA2048] | [optional] |
|
14
|
+
| **public_key_data** | **String** | A public key generated for LDAP authentication method on Akeyless in base64 or PEM format [RSA2048] | [optional] |
|
14
15
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
15
16
|
| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
|
16
17
|
| **unique_identifier** | **String** | A unique identifier (ID) value should be configured for OAuth2, LDAP and SAML authentication method types and is usually a value such as the email, username, or upn for example. Whenever a user logs in with a token, these authentication types issue a \"sub claim\" that contains details uniquely identifying that user. This sub claim includes a key containing the ID value that you configured, and is used to distinguish between different users from within the same organization. | [optional] |
|
@@ -24,6 +25,7 @@ instance = Akeyless::CreateAuthMethodLDAP.new(
|
|
24
25
|
access_expires: null,
|
25
26
|
bound_ips: null,
|
26
27
|
force_sub_claims: null,
|
28
|
+
gen_key: null,
|
27
29
|
gw_bound_ips: null,
|
28
30
|
jwt_ttl: null,
|
29
31
|
name: null,
|
@@ -5,6 +5,7 @@
|
|
5
5
|
| Name | Type | Description | Notes |
|
6
6
|
| ---- | ---- | ----------- | ----- |
|
7
7
|
| **access_id** | **String** | | [optional] |
|
8
|
+
| **prv_key** | **String** | | [optional] |
|
8
9
|
|
9
10
|
## Example
|
10
11
|
|
@@ -12,7 +13,8 @@
|
|
12
13
|
require 'akeyless'
|
13
14
|
|
14
15
|
instance = Akeyless::CreateAuthMethodLDAPOutput.new(
|
15
|
-
access_id: null
|
16
|
+
access_id: null,
|
17
|
+
prv_key: null
|
16
18
|
)
|
17
19
|
```
|
18
20
|
|
data/docs/CreatePKICertIssuer.md
CHANGED
@@ -10,21 +10,21 @@
|
|
10
10
|
| **allowed_uri_sans** | **String** | A list of the allowed URIs that clients can request to be included in the certificate as part of the URI Subject Alternative Names (in a comma-delimited list) | [optional] |
|
11
11
|
| **client_flag** | **Boolean** | If set, certificates will be flagged for client auth use | [optional] |
|
12
12
|
| **code_signing_flag** | **Boolean** | If set, certificates will be flagged for code signing use | [optional] |
|
13
|
-
| **country** | **String** | A comma-separated list of
|
13
|
+
| **country** | **String** | A comma-separated list of countries that will be set in the issued certificate | [optional] |
|
14
14
|
| **delete_protection** | **String** | Protection from accidental deletion of this item | [optional] |
|
15
15
|
| **key_usage** | **String** | key-usage | [optional][default to 'DigitalSignature,KeyAgreement,KeyEncipherment'] |
|
16
|
-
| **locality** | **String** | A comma-separated list of
|
16
|
+
| **locality** | **String** | A comma-separated list of localities that will be set in the issued certificate | [optional] |
|
17
17
|
| **metadata** | **String** | A metadata about the issuer | [optional] |
|
18
18
|
| **name** | **String** | PKI certificate issuer name | |
|
19
19
|
| **not_enforce_hostnames** | **Boolean** | If set, any names are allowed for CN and SANs in the certificate and not only a valid host name | [optional] |
|
20
20
|
| **not_require_cn** | **Boolean** | If set, clients can request certificates without a CN | [optional] |
|
21
21
|
| **organizational_units** | **String** | A comma-separated list of organizational units (OU) that will be set in the issued certificate | [optional] |
|
22
22
|
| **organizations** | **String** | A comma-separated list of organizations (O) that will be set in the issued certificate | [optional] |
|
23
|
-
| **postal_code** | **String** | A comma-separated list of
|
24
|
-
| **province** | **String** | A comma-separated list of
|
23
|
+
| **postal_code** | **String** | A comma-separated list of postal codes that will be set in the issued certificate | [optional] |
|
24
|
+
| **province** | **String** | A comma-separated list of provinces that will be set in the issued certificate | [optional] |
|
25
25
|
| **server_flag** | **Boolean** | If set, certificates will be flagged for server auth use | [optional] |
|
26
26
|
| **signer_key_name** | **String** | A key to sign the certificate with | |
|
27
|
-
| **street_address** | **String** | A comma-separated list of
|
27
|
+
| **street_address** | **String** | A comma-separated list of street addresses that will be set in the issued certificate | [optional] |
|
28
28
|
| **tag** | **Array<String>** | List of the tags attached to this key | [optional] |
|
29
29
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
30
30
|
| **ttl** | **Integer** | he requested Time To Live for the certificate, in seconds | |
|
data/docs/CreateSSHCertIssuer.md
CHANGED
@@ -19,7 +19,7 @@
|
|
19
19
|
| **signer_key_name** | **String** | A key to sign the certificate with | |
|
20
20
|
| **tag** | **Array<String>** | List of the tags attached to this key | [optional] |
|
21
21
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
22
|
-
| **ttl** | **Integer** |
|
22
|
+
| **ttl** | **Integer** | The requested Time To Live for the certificate, in seconds | |
|
23
23
|
| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
|
24
24
|
|
25
25
|
## Example
|
@@ -7,13 +7,13 @@
|
|
7
7
|
| **access_id** | **String** | The access ID of the Kubernetes auth method | |
|
8
8
|
| **cluster_api_type** | **String** | Cluster access type. options: [native_k8s, rancher] | [optional][default to 'native_k8s'] |
|
9
9
|
| **config_encryption_key_name** | **String** | Config encryption key | [optional] |
|
10
|
-
| **k8s_ca_cert** | **String** | The CA
|
10
|
+
| **k8s_ca_cert** | **String** | The CA Certificate (base64 encoded) to use to call into the kubernetes API server | [optional] |
|
11
11
|
| **k8s_host** | **String** | The URL of the kubernetes API server | |
|
12
12
|
| **k8s_issuer** | **String** | The Kubernetes JWT issuer name. If not set, kubernetes/serviceaccount will use as an issuer. | [optional] |
|
13
13
|
| **name** | **String** | K8S Auth config name | |
|
14
14
|
| **rancher_api_key** | **String** | The api key used to access the TokenReview API to validate other JWTs (relevant for \"rancher\" only) | [optional] |
|
15
15
|
| **rancher_cluster_id** | **String** | The cluster id as define in rancher (relevant for \"rancher\" only) | [optional] |
|
16
|
-
| **signing_key** | **String** | The private key (
|
16
|
+
| **signing_key** | **String** | The private key (base64 encoded) associated with the public key defined in the Kubernetes auth | |
|
17
17
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
18
18
|
| **token_exp** | **Integer** | Time in seconds of expiration of the Akeyless Kube Auth Method token | [optional][default to 300] |
|
19
19
|
| **token_reviewer_jwt** | **String** | A Kubernetes service account JWT used to access the TokenReview API to validate other JWTs (relevant for \"native_k8s\" only). If not set, the JWT submitted in the authentication process will be used to access the Kubernetes TokenReview API. | [optional] |
|
@@ -4,10 +4,11 @@
|
|
4
4
|
|
5
5
|
| Name | Type | Description | Notes |
|
6
6
|
| ---- | ---- | ----------- | ----- |
|
7
|
-
| **host** | **String** |
|
7
|
+
| **host** | **String** | Deprecated: has no effect | [optional] |
|
8
8
|
| **name** | **String** | Producer Name | |
|
9
|
+
| **revoke_all** | **Boolean** | Revoke All Temp Creds | [optional] |
|
9
10
|
| **soft_delete** | **Boolean** | Soft Delete | [optional] |
|
10
|
-
| **tmp_creds_id** | **String** | Tmp Creds ID |
|
11
|
+
| **tmp_creds_id** | **String** | Tmp Creds ID | [default to 'demo_default_tmp_creds_id_for_sdk_bc'] |
|
11
12
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
12
13
|
| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
|
13
14
|
|
@@ -19,6 +20,7 @@ require 'akeyless'
|
|
19
20
|
instance = Akeyless::GatewayRevokeTmpUsers.new(
|
20
21
|
host: null,
|
21
22
|
name: null,
|
23
|
+
revoke_all: null,
|
22
24
|
soft_delete: null,
|
23
25
|
tmp_creds_id: null,
|
24
26
|
token: null,
|
@@ -7,14 +7,14 @@
|
|
7
7
|
| **access_id** | **String** | The access ID of the Kubernetes auth method | |
|
8
8
|
| **cluster_api_type** | **String** | Cluster access type. options: [native_k8s, rancher] | [optional][default to 'native_k8s'] |
|
9
9
|
| **config_encryption_key_name** | **String** | Config encryption key | [optional] |
|
10
|
-
| **k8s_ca_cert** | **String** | The CA
|
10
|
+
| **k8s_ca_cert** | **String** | The CA Certificate (base64 encoded) to use to call into the kubernetes API server | [optional] |
|
11
11
|
| **k8s_host** | **String** | The URL of the kubernetes API server | |
|
12
12
|
| **k8s_issuer** | **String** | The Kubernetes JWT issuer name. If not set, kubernetes/serviceaccount will use as an issuer. | [optional] |
|
13
13
|
| **name** | **String** | K8S Auth config name | |
|
14
14
|
| **new_name** | **String** | K8S Auth config new name | |
|
15
15
|
| **rancher_api_key** | **String** | The api key used to access the TokenReview API to validate other JWTs (relevant for \"rancher\" only) | [optional] |
|
16
16
|
| **rancher_cluster_id** | **String** | The cluster id as define in rancher (relevant for \"rancher\" only) | [optional] |
|
17
|
-
| **signing_key** | **String** | The private key (
|
17
|
+
| **signing_key** | **String** | The private key (base64 encoded) associated with the public key defined in the Kubernetes auth | |
|
18
18
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
19
19
|
| **token_exp** | **Integer** | Time in seconds of expiration of the Akeyless Kube Auth Method token | [optional][default to 300] |
|
20
20
|
| **token_reviewer_jwt** | **String** | A Kubernetes service account JWT used to access the TokenReview API to validate other JWTs (relevant for \"native_k8s\" only). If not set, the JWT submitted in the authentication process will be used to access the Kubernetes TokenReview API. | [optional] |
|
@@ -10,11 +10,11 @@
|
|
10
10
|
| **group_attr** | **String** | Group Attr | [optional] |
|
11
11
|
| **group_dn** | **String** | Group Dn | [optional] |
|
12
12
|
| **group_filter** | **String** | Group Filter | [optional] |
|
13
|
-
| **ldap_ca_cert** | **String** |
|
13
|
+
| **ldap_ca_cert** | **String** | LDAP CA Certificate (base64 encoded) | [optional] |
|
14
14
|
| **ldap_enable** | **String** | Enable Ldap | [optional] |
|
15
15
|
| **ldap_url** | **String** | LDAP Server URL, e.g. ldap://planetexpress.com:389 | [optional] |
|
16
16
|
| **ldap_anonymous_search** | **Boolean** | Ldap Anonymous Search | [optional] |
|
17
|
-
| **signing_key_data** | **String** | The private key (
|
17
|
+
| **signing_key_data** | **String** | The private key (base64 encoded), associated with the public key defined in the Ldap auth | [optional] |
|
18
18
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
19
19
|
| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
|
20
20
|
| **user_attribute** | **String** | User Attribute | [optional] |
|
data/docs/Item.md
CHANGED
@@ -32,6 +32,7 @@
|
|
32
32
|
| **protection_key_type** | **String** | | [optional] |
|
33
33
|
| **public_value** | **String** | | [optional] |
|
34
34
|
| **rotation_interval** | **Integer** | | [optional] |
|
35
|
+
| **shared_by** | [**RuleAssigner**](RuleAssigner.md) | | [optional] |
|
35
36
|
| **target_versions** | [**Array<TargetItemVersion>**](TargetItemVersion.md) | | [optional] |
|
36
37
|
| **with_customer_fragment** | **Boolean** | | [optional] |
|
37
38
|
|
@@ -69,6 +70,7 @@ instance = Akeyless::Item.new(
|
|
69
70
|
protection_key_type: null,
|
70
71
|
public_value: null,
|
71
72
|
rotation_interval: null,
|
73
|
+
shared_by: null,
|
72
74
|
target_versions: null,
|
73
75
|
with_customer_fragment: null
|
74
76
|
)
|
@@ -9,6 +9,7 @@
|
|
9
9
|
| **bound_namespaces** | **Array<String>** | A list of namespaces that the authentication is restricted to. | [optional] |
|
10
10
|
| **bound_pod_names** | **Array<String>** | A list of pods names that the authentication is restricted to. | [optional] |
|
11
11
|
| **bound_service_account_names** | **Array<String>** | A list of service account names that the authentication is restricted to. | [optional] |
|
12
|
+
| **gen_key_pair** | **String** | Generate public/private key (the private key is required for the K8S Auth Config in the Akeyless Gateway) | [optional] |
|
12
13
|
| **pub_key** | **String** | The public key value of the Kubernetes auth method configuration in the Akeyless Gateway. | [optional] |
|
13
14
|
|
14
15
|
## Example
|
@@ -22,6 +23,7 @@ instance = Akeyless::KubernetesAccessRules.new(
|
|
22
23
|
bound_namespaces: null,
|
23
24
|
bound_pod_names: null,
|
24
25
|
bound_service_account_names: null,
|
26
|
+
gen_key_pair: null,
|
25
27
|
pub_key: null
|
26
28
|
)
|
27
29
|
```
|
data/docs/LDAPAccessRules.md
CHANGED
@@ -5,6 +5,7 @@
|
|
5
5
|
| Name | Type | Description | Notes |
|
6
6
|
| ---- | ---- | ----------- | ----- |
|
7
7
|
| **alg** | **String** | | [optional] |
|
8
|
+
| **gen_key_pair** | **String** | Generate public/private key (the private key is required for the LDAP Auth Config in the Akeyless Gateway) | [optional] |
|
8
9
|
| **key** | **String** | The public key value of LDAP. | [optional] |
|
9
10
|
| **unique_identifier** | **String** | A unique identifier to distinguish different users | [optional] |
|
10
11
|
|
@@ -15,6 +16,7 @@ require 'akeyless'
|
|
15
16
|
|
16
17
|
instance = Akeyless::LDAPAccessRules.new(
|
17
18
|
alg: null,
|
19
|
+
gen_key_pair: null,
|
18
20
|
key: null,
|
19
21
|
unique_identifier: null
|
20
22
|
)
|
@@ -0,0 +1,20 @@
|
|
1
|
+
# Akeyless::RuleAssigner
|
2
|
+
|
3
|
+
## Properties
|
4
|
+
|
5
|
+
| Name | Type | Description | Notes |
|
6
|
+
| ---- | ---- | ----------- | ----- |
|
7
|
+
| **access_id** | **String** | | [optional] |
|
8
|
+
| **unique_id** | **String** | | [optional] |
|
9
|
+
|
10
|
+
## Example
|
11
|
+
|
12
|
+
```ruby
|
13
|
+
require 'akeyless'
|
14
|
+
|
15
|
+
instance = Akeyless::RuleAssigner.new(
|
16
|
+
access_id: null,
|
17
|
+
unique_id: null
|
18
|
+
)
|
19
|
+
```
|
20
|
+
|
@@ -15,10 +15,15 @@
|
|
15
15
|
| **jwt_ttl_max** | **Integer** | Maximum ttl | [optional] |
|
16
16
|
| **jwt_ttl_min** | **Integer** | Minimum ttl | [optional] |
|
17
17
|
| **max_versions** | **String** | Max versions | [optional] |
|
18
|
+
| **password_length** | **Integer** | For PasswordPolicy use | [optional] |
|
18
19
|
| **phone** | **String** | Phone number | [optional] |
|
19
20
|
| **postal_code** | **String** | Postal code | [optional] |
|
20
21
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
21
22
|
| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
|
23
|
+
| **use_lower_letters** | **String** | For PasswordPolicy use | [optional] |
|
24
|
+
| **use_numbers** | **String** | For PasswordPolicy use | [optional] |
|
25
|
+
| **use_special_characters** | **String** | For PasswordPolicy use | [optional] |
|
26
|
+
| **use_capital_letters** | **String** | For PasswordPolicy use | [optional] |
|
22
27
|
|
23
28
|
## Example
|
24
29
|
|
@@ -37,10 +42,15 @@ instance = Akeyless::UpdateAccountSettings.new(
|
|
37
42
|
jwt_ttl_max: null,
|
38
43
|
jwt_ttl_min: null,
|
39
44
|
max_versions: null,
|
45
|
+
password_length: null,
|
40
46
|
phone: null,
|
41
47
|
postal_code: null,
|
42
48
|
token: null,
|
43
|
-
uid_token: null
|
49
|
+
uid_token: null,
|
50
|
+
use_lower_letters: null,
|
51
|
+
use_numbers: null,
|
52
|
+
use_special_characters: null,
|
53
|
+
use_capital_letters: null
|
44
54
|
)
|
45
55
|
```
|
46
56
|
|
data/docs/UpdateAuthMethodK8S.md
CHANGED
@@ -11,12 +11,12 @@
|
|
11
11
|
| **bound_pod_names** | **Array<String>** | A list of pod names that the access is restricted to | [optional] |
|
12
12
|
| **bound_sa_names** | **Array<String>** | A list of service account names that the access is restricted to | [optional] |
|
13
13
|
| **force_sub_claims** | **Boolean** | if true: enforce role-association must include sub claims | [optional] |
|
14
|
-
| **gen_key** | **String** |
|
14
|
+
| **gen_key** | **String** | Automatically generate key-pair for K8S configuration. If set to false, a public key needs to be provided | [optional] |
|
15
15
|
| **gw_bound_ips** | **Array<String>** | A CIDR whitelist with the GW IPs that the access is restricted to | [optional] |
|
16
16
|
| **jwt_ttl** | **Integer** | Jwt TTL | [optional] |
|
17
17
|
| **name** | **String** | Auth Method name | |
|
18
18
|
| **new_name** | **String** | Auth Method new name | [optional] |
|
19
|
-
| **public_key** | **String** | Base64-encoded public key
|
19
|
+
| **public_key** | **String** | Base64-encoded or PEM formatted public key data for K8S authentication method is required [RSA2048] | [optional] |
|
20
20
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
21
21
|
| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
|
22
22
|
|
@@ -7,11 +7,12 @@
|
|
7
7
|
| **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
|
8
8
|
| **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
|
9
9
|
| **force_sub_claims** | **Boolean** | if true: enforce role-association must include sub claims | [optional] |
|
10
|
+
| **gen_key** | **String** | Automatically generate key-pair for LDAP configuration. If set to false, a public key needs to be provided | [optional] |
|
10
11
|
| **gw_bound_ips** | **Array<String>** | A CIDR whitelist with the GW IPs that the access is restricted to | [optional] |
|
11
12
|
| **jwt_ttl** | **Integer** | Jwt TTL | [optional] |
|
12
13
|
| **name** | **String** | Auth Method name | |
|
13
14
|
| **new_name** | **String** | Auth Method new name | [optional] |
|
14
|
-
| **public_key_data** | **String** | A public key generated for LDAP authentication method on Akeyless in base64 format [RSA2048] | [optional] |
|
15
|
+
| **public_key_data** | **String** | A public key generated for LDAP authentication method on Akeyless in base64 or PEM format [RSA2048] | [optional] |
|
15
16
|
| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
|
16
17
|
| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
|
17
18
|
| **unique_identifier** | **String** | A unique identifier (ID) value should be configured for OAuth2, LDAP and SAML authentication method types and is usually a value such as the email, username, or upn for example. Whenever a user logs in with a token, these authentication types issue a \"sub claim\" that contains details uniquely identifying that user. This sub claim includes a key containing the ID value that you configured, and is used to distinguish between different users from within the same organization. | [optional] |
|
@@ -25,6 +26,7 @@ instance = Akeyless::UpdateAuthMethodLDAP.new(
|
|
25
26
|
access_expires: null,
|
26
27
|
bound_ips: null,
|
27
28
|
force_sub_claims: null,
|
29
|
+
gen_key: null,
|
28
30
|
gw_bound_ips: null,
|
29
31
|
jwt_ttl: null,
|
30
32
|
name: null,
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# Akeyless::UpdateAuthMethodLDAPOutput
|
2
|
+
|
3
|
+
## Properties
|
4
|
+
|
5
|
+
| Name | Type | Description | Notes |
|
6
|
+
| ---- | ---- | ----------- | ----- |
|
7
|
+
| **prv_key** | **String** | | [optional] |
|
8
|
+
|
9
|
+
## Example
|
10
|
+
|
11
|
+
```ruby
|
12
|
+
require 'akeyless'
|
13
|
+
|
14
|
+
instance = Akeyless::UpdateAuthMethodLDAPOutput.new(
|
15
|
+
prv_key: null
|
16
|
+
)
|
17
|
+
```
|
18
|
+
|
data/docs/V2Api.md
CHANGED
@@ -65,7 +65,6 @@ All URIs are relative to *https://api.akeyless.io*
|
|
65
65
|
| [**describe_sub_claims**](V2Api.md#describe_sub_claims) | **POST** /describe-sub-claims | |
|
66
66
|
| [**detokenize**](V2Api.md#detokenize) | **POST** /detokenize | |
|
67
67
|
| [**encrypt**](V2Api.md#encrypt) | **POST** /encrypt | |
|
68
|
-
| [**encrypt_pkcs1**](V2Api.md#encrypt_pkcs1) | **POST** /encrypt-pkcs1 | |
|
69
68
|
| [**encrypt_with_classic_key**](V2Api.md#encrypt_with_classic_key) | **POST** /encrypt-with-classic-key | |
|
70
69
|
| [**gateway_create_k8_s_auth_config**](V2Api.md#gateway_create_k8_s_auth_config) | **POST** /gateway-create-k8s-auth-config | |
|
71
70
|
| [**gateway_create_migration**](V2Api.md#gateway_create_migration) | **POST** /gateway-create-migration | |
|
@@ -4022,68 +4021,6 @@ No authorization required
|
|
4022
4021
|
- **Accept**: application/json
|
4023
4022
|
|
4024
4023
|
|
4025
|
-
## encrypt_pkcs1
|
4026
|
-
|
4027
|
-
> <EncryptPKCS1Output> encrypt_pkcs1(body)
|
4028
|
-
|
4029
|
-
|
4030
|
-
|
4031
|
-
### Examples
|
4032
|
-
|
4033
|
-
```ruby
|
4034
|
-
require 'time'
|
4035
|
-
require 'akeyless'
|
4036
|
-
|
4037
|
-
api_instance = Akeyless::V2Api.new
|
4038
|
-
body = Akeyless::EncryptPKCS1.new({key_name: 'key_name_example', plaintext: 'plaintext_example'}) # EncryptPKCS1 |
|
4039
|
-
|
4040
|
-
begin
|
4041
|
-
|
4042
|
-
result = api_instance.encrypt_pkcs1(body)
|
4043
|
-
p result
|
4044
|
-
rescue Akeyless::ApiError => e
|
4045
|
-
puts "Error when calling V2Api->encrypt_pkcs1: #{e}"
|
4046
|
-
end
|
4047
|
-
```
|
4048
|
-
|
4049
|
-
#### Using the encrypt_pkcs1_with_http_info variant
|
4050
|
-
|
4051
|
-
This returns an Array which contains the response data, status code and headers.
|
4052
|
-
|
4053
|
-
> <Array(<EncryptPKCS1Output>, Integer, Hash)> encrypt_pkcs1_with_http_info(body)
|
4054
|
-
|
4055
|
-
```ruby
|
4056
|
-
begin
|
4057
|
-
|
4058
|
-
data, status_code, headers = api_instance.encrypt_pkcs1_with_http_info(body)
|
4059
|
-
p status_code # => 2xx
|
4060
|
-
p headers # => { ... }
|
4061
|
-
p data # => <EncryptPKCS1Output>
|
4062
|
-
rescue Akeyless::ApiError => e
|
4063
|
-
puts "Error when calling V2Api->encrypt_pkcs1_with_http_info: #{e}"
|
4064
|
-
end
|
4065
|
-
```
|
4066
|
-
|
4067
|
-
### Parameters
|
4068
|
-
|
4069
|
-
| Name | Type | Description | Notes |
|
4070
|
-
| ---- | ---- | ----------- | ----- |
|
4071
|
-
| **body** | [**EncryptPKCS1**](EncryptPKCS1.md) | | |
|
4072
|
-
|
4073
|
-
### Return type
|
4074
|
-
|
4075
|
-
[**EncryptPKCS1Output**](EncryptPKCS1Output.md)
|
4076
|
-
|
4077
|
-
### Authorization
|
4078
|
-
|
4079
|
-
No authorization required
|
4080
|
-
|
4081
|
-
### HTTP request headers
|
4082
|
-
|
4083
|
-
- **Content-Type**: application/json
|
4084
|
-
- **Accept**: application/json
|
4085
|
-
|
4086
|
-
|
4087
4024
|
## encrypt_with_classic_key
|
4088
4025
|
|
4089
4026
|
> <EncryptOutput> encrypt_with_classic_key(body)
|
@@ -12294,7 +12231,7 @@ No authorization required
|
|
12294
12231
|
|
12295
12232
|
## update_auth_method_ldap
|
12296
12233
|
|
12297
|
-
>
|
12234
|
+
> <UpdateAuthMethodLDAPOutput> update_auth_method_ldap(body)
|
12298
12235
|
|
12299
12236
|
|
12300
12237
|
|
@@ -12320,7 +12257,7 @@ end
|
|
12320
12257
|
|
12321
12258
|
This returns an Array which contains the response data, status code and headers.
|
12322
12259
|
|
12323
|
-
> <Array(
|
12260
|
+
> <Array(<UpdateAuthMethodLDAPOutput>, Integer, Hash)> update_auth_method_ldap_with_http_info(body)
|
12324
12261
|
|
12325
12262
|
```ruby
|
12326
12263
|
begin
|
@@ -12328,7 +12265,7 @@ begin
|
|
12328
12265
|
data, status_code, headers = api_instance.update_auth_method_ldap_with_http_info(body)
|
12329
12266
|
p status_code # => 2xx
|
12330
12267
|
p headers # => { ... }
|
12331
|
-
p data # =>
|
12268
|
+
p data # => <UpdateAuthMethodLDAPOutput>
|
12332
12269
|
rescue Akeyless::ApiError => e
|
12333
12270
|
puts "Error when calling V2Api->update_auth_method_ldap_with_http_info: #{e}"
|
12334
12271
|
end
|
@@ -12342,7 +12279,7 @@ end
|
|
12342
12279
|
|
12343
12280
|
### Return type
|
12344
12281
|
|
12345
|
-
**
|
12282
|
+
[**UpdateAuthMethodLDAPOutput**](UpdateAuthMethodLDAPOutput.md)
|
12346
12283
|
|
12347
12284
|
### Authorization
|
12348
12285
|
|
data/lib/akeyless/api/v2_api.rb
CHANGED
@@ -3923,70 +3923,6 @@ module Akeyless
|
|
3923
3923
|
return data, status_code, headers
|
3924
3924
|
end
|
3925
3925
|
|
3926
|
-
# @param body [EncryptPKCS1]
|
3927
|
-
# @param [Hash] opts the optional parameters
|
3928
|
-
# @return [EncryptPKCS1Output]
|
3929
|
-
def encrypt_pkcs1(body, opts = {})
|
3930
|
-
data, _status_code, _headers = encrypt_pkcs1_with_http_info(body, opts)
|
3931
|
-
data
|
3932
|
-
end
|
3933
|
-
|
3934
|
-
# @param body [EncryptPKCS1]
|
3935
|
-
# @param [Hash] opts the optional parameters
|
3936
|
-
# @return [Array<(EncryptPKCS1Output, Integer, Hash)>] EncryptPKCS1Output data, response status code and response headers
|
3937
|
-
def encrypt_pkcs1_with_http_info(body, opts = {})
|
3938
|
-
if @api_client.config.debugging
|
3939
|
-
@api_client.config.logger.debug 'Calling API: V2Api.encrypt_pkcs1 ...'
|
3940
|
-
end
|
3941
|
-
# verify the required parameter 'body' is set
|
3942
|
-
if @api_client.config.client_side_validation && body.nil?
|
3943
|
-
fail ArgumentError, "Missing the required parameter 'body' when calling V2Api.encrypt_pkcs1"
|
3944
|
-
end
|
3945
|
-
# resource path
|
3946
|
-
local_var_path = '/encrypt-pkcs1'
|
3947
|
-
|
3948
|
-
# query parameters
|
3949
|
-
query_params = opts[:query_params] || {}
|
3950
|
-
|
3951
|
-
# header parameters
|
3952
|
-
header_params = opts[:header_params] || {}
|
3953
|
-
# HTTP header 'Accept' (if needed)
|
3954
|
-
header_params['Accept'] = @api_client.select_header_accept(['application/json'])
|
3955
|
-
# HTTP header 'Content-Type'
|
3956
|
-
content_type = @api_client.select_header_content_type(['application/json'])
|
3957
|
-
if !content_type.nil?
|
3958
|
-
header_params['Content-Type'] = content_type
|
3959
|
-
end
|
3960
|
-
|
3961
|
-
# form parameters
|
3962
|
-
form_params = opts[:form_params] || {}
|
3963
|
-
|
3964
|
-
# http body (model)
|
3965
|
-
post_body = opts[:debug_body] || @api_client.object_to_http_body(body)
|
3966
|
-
|
3967
|
-
# return_type
|
3968
|
-
return_type = opts[:debug_return_type] || 'EncryptPKCS1Output'
|
3969
|
-
|
3970
|
-
# auth_names
|
3971
|
-
auth_names = opts[:debug_auth_names] || []
|
3972
|
-
|
3973
|
-
new_options = opts.merge(
|
3974
|
-
:operation => :"V2Api.encrypt_pkcs1",
|
3975
|
-
:header_params => header_params,
|
3976
|
-
:query_params => query_params,
|
3977
|
-
:form_params => form_params,
|
3978
|
-
:body => post_body,
|
3979
|
-
:auth_names => auth_names,
|
3980
|
-
:return_type => return_type
|
3981
|
-
)
|
3982
|
-
|
3983
|
-
data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
|
3984
|
-
if @api_client.config.debugging
|
3985
|
-
@api_client.config.logger.debug "API called: V2Api#encrypt_pkcs1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
|
3986
|
-
end
|
3987
|
-
return data, status_code, headers
|
3988
|
-
end
|
3989
|
-
|
3990
3926
|
# @param body [EncryptWithClassicKey]
|
3991
3927
|
# @param [Hash] opts the optional parameters
|
3992
3928
|
# @return [EncryptOutput]
|
@@ -12351,7 +12287,7 @@ module Akeyless
|
|
12351
12287
|
|
12352
12288
|
# @param body [UpdateAuthMethodLDAP]
|
12353
12289
|
# @param [Hash] opts the optional parameters
|
12354
|
-
# @return [
|
12290
|
+
# @return [UpdateAuthMethodLDAPOutput]
|
12355
12291
|
def update_auth_method_ldap(body, opts = {})
|
12356
12292
|
data, _status_code, _headers = update_auth_method_ldap_with_http_info(body, opts)
|
12357
12293
|
data
|
@@ -12359,7 +12295,7 @@ module Akeyless
|
|
12359
12295
|
|
12360
12296
|
# @param body [UpdateAuthMethodLDAP]
|
12361
12297
|
# @param [Hash] opts the optional parameters
|
12362
|
-
# @return [Array<(
|
12298
|
+
# @return [Array<(UpdateAuthMethodLDAPOutput, Integer, Hash)>] UpdateAuthMethodLDAPOutput data, response status code and response headers
|
12363
12299
|
def update_auth_method_ldap_with_http_info(body, opts = {})
|
12364
12300
|
if @api_client.config.debugging
|
12365
12301
|
@api_client.config.logger.debug 'Calling API: V2Api.update_auth_method_ldap ...'
|
@@ -12391,7 +12327,7 @@ module Akeyless
|
|
12391
12327
|
post_body = opts[:debug_body] || @api_client.object_to_http_body(body)
|
12392
12328
|
|
12393
12329
|
# return_type
|
12394
|
-
return_type = opts[:debug_return_type] || '
|
12330
|
+
return_type = opts[:debug_return_type] || 'UpdateAuthMethodLDAPOutput'
|
12395
12331
|
|
12396
12332
|
# auth_names
|
12397
12333
|
auth_names = opts[:debug_auth_names] || []
|