akeyless 5.0.13 → 5.0.16

data/lib/akeyless/models/dynamic_secret_create_gcp.rb

@@ -16,6 +16,8 @@ require 'time'
 module Akeyless
   # dynamicSecretCreateGcp is a command that creates a GCP dynamic secret
   class DynamicSecretCreateGcp
+    attr_accessor :access_type
+
     # Customize how temporary usernames are generated using go template
     attr_accessor :custom_username_template
 
@@ -25,18 +27,24 @@ module Akeyless
     # Description of the object
     attr_accessor :description
 
+    # For externally provided users, denotes the key-name of IdP claim to extract the username from (Relevant only when --access-type=external)
+    attr_accessor :fixed_user_claim_keyname
+
     attr_accessor :gcp_cred_type
 
     # Base64-encoded service account private key text
     attr_accessor :gcp_key
 
-    # Service account key algorithm, e.g. KEY_ALG_RSA_1024
+    # Service account key algorithm, e.g. KEY_ALG_RSA_1024 (Relevant only when --access-type=sa and --gcp-cred-type=key)
     attr_accessor :gcp_key_algo
 
-    # The email of the fixed service acocunt to generate keys or tokens for. (revelant for service-account-type=fixed)
+    # GCP Project ID override for dynamic secret operations
+    attr_accessor :gcp_project_id
+
+    # The email of the fixed service account to generate keys or tokens for (Relevant only when --access-type=sa and --service-account-type=fixed)
     attr_accessor :gcp_sa_email
 
-    # Access token scopes list, e.g. scope1,scope2
+    # Access token scopes list, e.g. scope1,scope2 (Relevant only when --access-type=sa; required when --gcp-cred-type=token)
     attr_accessor :gcp_token_scopes
 
     # Additional custom fields to associate with the item
@@ -51,10 +59,28 @@ module Akeyless
     # Dynamic producer encryption key
     attr_accessor :producer_encryption_key_name
 
-    # Role binding definitions in json format
+    # Role binding definitions in JSON format (Relevant only when --access-type=sa and --service-account-type=dynamic)
     attr_accessor :role_binding
 
-    # The type of the gcp dynamic secret. Options[fixed, dynamic]
+    # Comma-separated list of GCP roles to assign to the user (Relevant only when --access-type=external)
+    attr_accessor :role_names
+
+    # The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
+    attr_accessor :secure_access_delay
+
+    # Enable/Disable secure remote access [true/false]
+    attr_accessor :secure_access_enable
+
+    # Destination URL to inject secrets
+    attr_accessor :secure_access_url
+
+    # Secure browser via Akeyless's Secure Remote Access (SRA)
+    attr_accessor :secure_access_web_browsing
+
+    # Web-Proxy via Akeyless's Secure Remote Access (SRA)
+    attr_accessor :secure_access_web_proxy
+
+    # The type of the GCP service account. Options [fixed, dynamic] (Relevant only when --access-type=sa)
     attr_accessor :service_account_type
 
     # Add tags attached to this object
@@ -75,12 +101,15 @@ module Akeyless
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
+        :'access_type' => :'access-type',
         :'custom_username_template' => :'custom-username-template',
         :'delete_protection' => :'delete_protection',
         :'description' => :'description',
+        :'fixed_user_claim_keyname' => :'fixed-user-claim-keyname',
         :'gcp_cred_type' => :'gcp-cred-type',
         :'gcp_key' => :'gcp-key',
         :'gcp_key_algo' => :'gcp-key-algo',
+        :'gcp_project_id' => :'gcp-project-id',
         :'gcp_sa_email' => :'gcp-sa-email',
         :'gcp_token_scopes' => :'gcp-token-scopes',
         :'item_custom_fields' => :'item-custom-fields',
@@ -88,6 +117,12 @@ module Akeyless
         :'name' => :'name',
         :'producer_encryption_key_name' => :'producer-encryption-key-name',
         :'role_binding' => :'role-binding',
+        :'role_names' => :'role-names',
+        :'secure_access_delay' => :'secure-access-delay',
+        :'secure_access_enable' => :'secure-access-enable',
+        :'secure_access_url' => :'secure-access-url',
+        :'secure_access_web_browsing' => :'secure-access-web-browsing',
+        :'secure_access_web_proxy' => :'secure-access-web-proxy',
         :'service_account_type' => :'service-account-type',
         :'tags' => :'tags',
         :'target_name' => :'target-name',
@@ -105,12 +140,15 @@ module Akeyless
     # Attribute type mapping.
     def self.openapi_types
       {
+        :'access_type' => :'String',
         :'custom_username_template' => :'String',
         :'delete_protection' => :'String',
         :'description' => :'String',
+        :'fixed_user_claim_keyname' => :'String',
         :'gcp_cred_type' => :'String',
         :'gcp_key' => :'String',
         :'gcp_key_algo' => :'String',
+        :'gcp_project_id' => :'String',
         :'gcp_sa_email' => :'String',
         :'gcp_token_scopes' => :'String',
         :'item_custom_fields' => :'Hash<String, String>',
@@ -118,6 +156,12 @@ module Akeyless
         :'name' => :'String',
         :'producer_encryption_key_name' => :'String',
         :'role_binding' => :'String',
+        :'role_names' => :'String',
+        :'secure_access_delay' => :'Integer',
+        :'secure_access_enable' => :'String',
+        :'secure_access_url' => :'String',
+        :'secure_access_web_browsing' => :'Boolean',
+        :'secure_access_web_proxy' => :'Boolean',
         :'service_account_type' => :'String',
         :'tags' => :'Array<String>',
         :'target_name' => :'String',
@@ -148,6 +192,10 @@ module Akeyless
         h[k.to_sym] = v
       }
 
+      if attributes.key?(:'access_type')
+        self.access_type = attributes[:'access_type']
+      end
+
       if attributes.key?(:'custom_username_template')
         self.custom_username_template = attributes[:'custom_username_template']
       end
@@ -160,6 +208,12 @@ module Akeyless
         self.description = attributes[:'description']
       end
 
+      if attributes.key?(:'fixed_user_claim_keyname')
+        self.fixed_user_claim_keyname = attributes[:'fixed_user_claim_keyname']
+      else
+        self.fixed_user_claim_keyname = 'ext_email'
+      end
+
       if attributes.key?(:'gcp_cred_type')
         self.gcp_cred_type = attributes[:'gcp_cred_type']
       end
@@ -172,6 +226,10 @@ module Akeyless
         self.gcp_key_algo = attributes[:'gcp_key_algo']
       end
 
+      if attributes.key?(:'gcp_project_id')
+        self.gcp_project_id = attributes[:'gcp_project_id']
+      end
+
       if attributes.key?(:'gcp_sa_email')
         self.gcp_sa_email = attributes[:'gcp_sa_email']
       end
@@ -206,6 +264,34 @@ module Akeyless
         self.role_binding = attributes[:'role_binding']
       end
 
+      if attributes.key?(:'role_names')
+        self.role_names = attributes[:'role_names']
+      end
+
+      if attributes.key?(:'secure_access_delay')
+        self.secure_access_delay = attributes[:'secure_access_delay']
+      end
+
+      if attributes.key?(:'secure_access_enable')
+        self.secure_access_enable = attributes[:'secure_access_enable']
+      end
+
+      if attributes.key?(:'secure_access_url')
+        self.secure_access_url = attributes[:'secure_access_url']
+      end
+
+      if attributes.key?(:'secure_access_web_browsing')
+        self.secure_access_web_browsing = attributes[:'secure_access_web_browsing']
+      else
+        self.secure_access_web_browsing = false
+      end
+
+      if attributes.key?(:'secure_access_web_proxy')
+        self.secure_access_web_proxy = attributes[:'secure_access_web_proxy']
+      else
+        self.secure_access_web_proxy = false
+      end
+
       if attributes.key?(:'service_account_type')
         self.service_account_type = attributes[:'service_account_type']
       else
@@ -246,10 +332,6 @@ module Akeyless
         invalid_properties.push('invalid value for "name", name cannot be nil.')
       end
 
-      if @service_account_type.nil?
-        invalid_properties.push('invalid value for "service_account_type", service_account_type cannot be nil.')
-      end
-
       invalid_properties
     end
 
@@ -258,7 +340,6 @@ module Akeyless
     def valid?
       warn '[DEPRECATED] the `valid?` method is obsolete'
       return false if @name.nil?
-      return false if @service_account_type.nil?
       true
     end
 
@@ -267,12 +348,15 @@ module Akeyless
     def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
+          access_type == o.access_type &&
           custom_username_template == o.custom_username_template &&
           delete_protection == o.delete_protection &&
           description == o.description &&
+          fixed_user_claim_keyname == o.fixed_user_claim_keyname &&
           gcp_cred_type == o.gcp_cred_type &&
           gcp_key == o.gcp_key &&
           gcp_key_algo == o.gcp_key_algo &&
+          gcp_project_id == o.gcp_project_id &&
           gcp_sa_email == o.gcp_sa_email &&
           gcp_token_scopes == o.gcp_token_scopes &&
           item_custom_fields == o.item_custom_fields &&
@@ -280,6 +364,12 @@ module Akeyless
           name == o.name &&
           producer_encryption_key_name == o.producer_encryption_key_name &&
           role_binding == o.role_binding &&
+          role_names == o.role_names &&
+          secure_access_delay == o.secure_access_delay &&
+          secure_access_enable == o.secure_access_enable &&
+          secure_access_url == o.secure_access_url &&
+          secure_access_web_browsing == o.secure_access_web_browsing &&
+          secure_access_web_proxy == o.secure_access_web_proxy &&
           service_account_type == o.service_account_type &&
           tags == o.tags &&
           target_name == o.target_name &&
@@ -297,7 +387,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, description, gcp_cred_type, gcp_key, gcp_key_algo, gcp_sa_email, gcp_token_scopes, item_custom_fields, json, name, producer_encryption_key_name, role_binding, service_account_type, tags, target_name, token, uid_token, user_ttl].hash
+      [access_type, custom_username_template, delete_protection, description, fixed_user_claim_keyname, gcp_cred_type, gcp_key, gcp_key_algo, gcp_project_id, gcp_sa_email, gcp_token_scopes, item_custom_fields, json, name, producer_encryption_key_name, role_binding, role_names, secure_access_delay, secure_access_enable, secure_access_url, secure_access_web_browsing, secure_access_web_proxy, service_account_type, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/dynamic_secret_create_google_workspace.rb

@@ -55,6 +55,9 @@ module Akeyless
 
     attr_accessor :role_scope
 
+    # The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
+    attr_accessor :secure_access_delay
+
     # Enable/Disable secure remote access [true/false]
     attr_accessor :secure_access_enable
 
@@ -102,6 +105,7 @@ module Akeyless
         :'producer_encryption_key_name' => :'producer-encryption-key-name',
         :'role_name' => :'role-name',
         :'role_scope' => :'role-scope',
+        :'secure_access_delay' => :'secure-access-delay',
         :'secure_access_enable' => :'secure-access-enable',
         :'secure_access_url' => :'secure-access-url',
         :'secure_access_web' => :'secure-access-web',
@@ -137,6 +141,7 @@ module Akeyless
         :'producer_encryption_key_name' => :'String',
         :'role_name' => :'String',
         :'role_scope' => :'String',
+        :'secure_access_delay' => :'Integer',
         :'secure_access_enable' => :'String',
         :'secure_access_url' => :'String',
         :'secure_access_web' => :'Boolean',
@@ -239,6 +244,10 @@ module Akeyless
         self.role_scope = attributes[:'role_scope']
       end
 
+      if attributes.key?(:'secure_access_delay')
+        self.secure_access_delay = attributes[:'secure_access_delay']
+      end
+
       if attributes.key?(:'secure_access_enable')
         self.secure_access_enable = attributes[:'secure_access_enable']
       end
@@ -339,6 +348,7 @@ module Akeyless
           producer_encryption_key_name == o.producer_encryption_key_name &&
           role_name == o.role_name &&
           role_scope == o.role_scope &&
+          secure_access_delay == o.secure_access_delay &&
           secure_access_enable == o.secure_access_enable &&
           secure_access_url == o.secure_access_url &&
           secure_access_web == o.secure_access_web &&
@@ -360,7 +370,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [access_mode, admin_email, delete_protection, description, fixed_user_claim_keyname, gcp_key, group_email, group_role, item_custom_fields, json, name, producer_encryption_key_name, role_name, role_scope, secure_access_enable, secure_access_url, secure_access_web, secure_access_web_browsing, secure_access_web_proxy, tags, target_name, token, uid_token, user_ttl].hash
+      [access_mode, admin_email, delete_protection, description, fixed_user_claim_keyname, gcp_key, group_email, group_role, item_custom_fields, json, name, producer_encryption_key_name, role_name, role_scope, secure_access_delay, secure_access_enable, secure_access_url, secure_access_web, secure_access_web_browsing, secure_access_web_proxy, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/dynamic_secret_create_mongo_db.rb

@@ -58,6 +58,9 @@ module Akeyless
     # MongoDB Roles
     attr_accessor :mongodb_roles
 
+    # MongoDB Scopes (Atlas only)
+    attr_accessor :mongodb_scopes
+
     # MongoDB server URI
     attr_accessor :mongodb_server_uri
 
@@ -129,6 +132,7 @@ module Akeyless
         :'mongodb_name' => :'mongodb-name',
         :'mongodb_password' => :'mongodb-password',
         :'mongodb_roles' => :'mongodb-roles',
+        :'mongodb_scopes' => :'mongodb-scopes',
         :'mongodb_server_uri' => :'mongodb-server-uri',
         :'mongodb_uri_options' => :'mongodb-uri-options',
         :'mongodb_username' => :'mongodb-username',
@@ -172,6 +176,7 @@ module Akeyless
         :'mongodb_name' => :'String',
         :'mongodb_password' => :'String',
         :'mongodb_roles' => :'String',
+        :'mongodb_scopes' => :'String',
         :'mongodb_server_uri' => :'String',
         :'mongodb_uri_options' => :'String',
         :'mongodb_username' => :'String',
@@ -276,6 +281,10 @@ module Akeyless
         self.mongodb_roles = '[]'
       end
 
+      if attributes.key?(:'mongodb_scopes')
+        self.mongodb_scopes = attributes[:'mongodb_scopes']
+      end
+
       if attributes.key?(:'mongodb_server_uri')
         self.mongodb_server_uri = attributes[:'mongodb_server_uri']
       end
@@ -398,6 +407,7 @@ module Akeyless
           mongodb_name == o.mongodb_name &&
           mongodb_password == o.mongodb_password &&
           mongodb_roles == o.mongodb_roles &&
+          mongodb_scopes == o.mongodb_scopes &&
           mongodb_server_uri == o.mongodb_server_uri &&
           mongodb_uri_options == o.mongodb_uri_options &&
           mongodb_username == o.mongodb_username &&
@@ -427,7 +437,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, description, item_custom_fields, json, mongodb_atlas_api_private_key, mongodb_atlas_api_public_key, mongodb_atlas_project_id, mongodb_custom_data, mongodb_default_auth_db, mongodb_host_port, mongodb_name, mongodb_password, mongodb_roles, mongodb_server_uri, mongodb_uri_options, mongodb_username, name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
+      [custom_username_template, delete_protection, description, item_custom_fields, json, mongodb_atlas_api_private_key, mongodb_atlas_api_public_key, mongodb_atlas_project_id, mongodb_custom_data, mongodb_default_auth_db, mongodb_host_port, mongodb_name, mongodb_password, mongodb_roles, mongodb_scopes, mongodb_server_uri, mongodb_uri_options, mongodb_username, name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/dynamic_secret_create_ms_sql.rb

@@ -31,6 +31,9 @@ module Akeyless
     # Set output format to JSON
     attr_accessor :json
 
+    # CSV of allowed DB names for runtime selection when getting the secret value. Empty => use target DB only; \"*\" => any DB allowed; One or more names => user must choose from this list
+    attr_accessor :mssql_allowed_db_names
+
     # MSSQL Creation statements
     attr_accessor :mssql_create_statements
 
@@ -108,6 +111,7 @@ module Akeyless
         :'description' => :'description',
         :'item_custom_fields' => :'item-custom-fields',
         :'json' => :'json',
+        :'mssql_allowed_db_names' => :'mssql-allowed-db-names',
         :'mssql_create_statements' => :'mssql-create-statements',
         :'mssql_dbname' => :'mssql-dbname',
         :'mssql_host' => :'mssql-host',
@@ -147,6 +151,7 @@ module Akeyless
         :'description' => :'String',
         :'item_custom_fields' => :'Hash<String, String>',
         :'json' => :'Boolean',
+        :'mssql_allowed_db_names' => :'String',
         :'mssql_create_statements' => :'String',
         :'mssql_dbname' => :'String',
         :'mssql_host' => :'String',
@@ -218,6 +223,10 @@ module Akeyless
         self.json = false
       end
 
+      if attributes.key?(:'mssql_allowed_db_names')
+        self.mssql_allowed_db_names = attributes[:'mssql_allowed_db_names']
+      end
+
       if attributes.key?(:'mssql_create_statements')
         self.mssql_create_statements = attributes[:'mssql_create_statements']
       end
@@ -355,6 +364,7 @@ module Akeyless
           description == o.description &&
           item_custom_fields == o.item_custom_fields &&
           json == o.json &&
+          mssql_allowed_db_names == o.mssql_allowed_db_names &&
           mssql_create_statements == o.mssql_create_statements &&
           mssql_dbname == o.mssql_dbname &&
           mssql_host == o.mssql_host &&
@@ -389,7 +399,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, description, item_custom_fields, json, mssql_create_statements, mssql_dbname, mssql_host, mssql_password, mssql_port, mssql_revocation_statements, mssql_username, name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_db_schema, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
+      [custom_username_template, delete_protection, description, item_custom_fields, json, mssql_allowed_db_names, mssql_create_statements, mssql_dbname, mssql_host, mssql_password, mssql_port, mssql_revocation_statements, mssql_username, name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_db_schema, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/dynamic_secret_get_value.rb

@@ -18,6 +18,9 @@ module Akeyless
     # Optional arguments as key=value pairs or JSON strings, e.g - \\\"--args=csr=base64_encoded_csr --args=common_name=bar\\\" or args='{\\\"csr\\\":\\\"base64_encoded_csr\\\"}. It is possible to combine both formats.'
     attr_accessor :args
 
+    # DBName: Optional override DB name (works only if DS allows it. only relevant for MSSQL)
+    attr_accessor :dbname
+
     # Host
     attr_accessor :host
 
@@ -43,6 +46,7 @@ module Akeyless
     def self.attribute_map
       {
         :'args' => :'args',
+        :'dbname' => :'dbname',
         :'host' => :'host',
         :'json' => :'json',
         :'name' => :'name',
@@ -62,6 +66,7 @@ module Akeyless
     def self.openapi_types
       {
         :'args' => :'Array<String>',
+        :'dbname' => :'String',
         :'host' => :'String',
         :'json' => :'Boolean',
         :'name' => :'String',
@@ -99,6 +104,10 @@ module Akeyless
         end
       end
 
+      if attributes.key?(:'dbname')
+        self.dbname = attributes[:'dbname']
+      end
+
       if attributes.key?(:'host')
         self.host = attributes[:'host']
       end
@@ -160,6 +169,7 @@ module Akeyless
       return true if self.equal?(o)
       self.class == o.class &&
           args == o.args &&
+          dbname == o.dbname &&
           host == o.host &&
           json == o.json &&
           name == o.name &&
@@ -178,7 +188,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [args, host, json, name, target, timeout, token, uid_token].hash
+      [args, dbname, host, json, name, target, timeout, token, uid_token].hash
     end
 
     # Builds the object from hash