akeyless 5.0.13 → 5.0.16

data/lib/akeyless/models/gateway_create_producer_gcp.rb

@@ -16,24 +16,32 @@ require 'time'
 module Akeyless
   # gatewayCreateProducerGcp is a command that creates a GCP producer [Deprecated: Use dynamic-secret-create-gcp command]
   class GatewayCreateProducerGcp
+    attr_accessor :access_type
+
     # Customize how temporary usernames are generated using go template
     attr_accessor :custom_username_template
 
     # Protection from accidental deletion of this object [true/false]
     attr_accessor :delete_protection
 
+    # For externally provided users, denotes the key-name of IdP claim to extract the username from (Relevant only when --access-type=external)
+    attr_accessor :fixed_user_claim_keyname
+
     attr_accessor :gcp_cred_type
 
     # Base64-encoded service account private key text
     attr_accessor :gcp_key
 
-    # Service account key algorithm, e.g. KEY_ALG_RSA_1024
+    # Service account key algorithm, e.g. KEY_ALG_RSA_1024 (Relevant only when --access-type=sa and --gcp-cred-type=key)
     attr_accessor :gcp_key_algo
 
-    # The email of the fixed service acocunt to generate keys or tokens for. (revelant for service-account-type=fixed)
+    # GCP Project ID override for dynamic secret operations
+    attr_accessor :gcp_project_id
+
+    # The email of the fixed service account to generate keys or tokens for (Relevant only when --access-type=sa and --service-account-type=fixed)
     attr_accessor :gcp_sa_email
 
-    # Access token scopes list, e.g. scope1,scope2
+    # Access token scopes list, e.g. scope1,scope2 (Relevant only when --access-type=sa; required when --gcp-cred-type=token)
     attr_accessor :gcp_token_scopes
 
     # Additional custom fields to associate with the item
@@ -48,10 +56,28 @@ module Akeyless
     # Dynamic producer encryption key
     attr_accessor :producer_encryption_key_name
 
-    # Role binding definitions in json format
+    # Role binding definitions in JSON format (Relevant only when --access-type=sa and --service-account-type=dynamic)
     attr_accessor :role_binding
 
-    # The type of the gcp dynamic secret. Options[fixed, dynamic]
+    # Comma-separated list of GCP roles to assign to the user (Relevant only when --access-type=external)
+    attr_accessor :role_names
+
+    # The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
+    attr_accessor :secure_access_delay
+
+    # Enable/Disable secure remote access [true/false]
+    attr_accessor :secure_access_enable
+
+    # Destination URL to inject secrets
+    attr_accessor :secure_access_url
+
+    # Secure browser via Akeyless's Secure Remote Access (SRA)
+    attr_accessor :secure_access_web_browsing
+
+    # Web-Proxy via Akeyless's Secure Remote Access (SRA)
+    attr_accessor :secure_access_web_proxy
+
+    # The type of the GCP service account. Options [fixed, dynamic] (Relevant only when --access-type=sa)
     attr_accessor :service_account_type
 
     # Add tags attached to this object
@@ -72,11 +98,14 @@ module Akeyless
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
+        :'access_type' => :'access-type',
         :'custom_username_template' => :'custom-username-template',
         :'delete_protection' => :'delete_protection',
+        :'fixed_user_claim_keyname' => :'fixed-user-claim-keyname',
         :'gcp_cred_type' => :'gcp-cred-type',
         :'gcp_key' => :'gcp-key',
         :'gcp_key_algo' => :'gcp-key-algo',
+        :'gcp_project_id' => :'gcp-project-id',
         :'gcp_sa_email' => :'gcp-sa-email',
         :'gcp_token_scopes' => :'gcp-token-scopes',
         :'item_custom_fields' => :'item-custom-fields',
@@ -84,6 +113,12 @@ module Akeyless
         :'name' => :'name',
         :'producer_encryption_key_name' => :'producer-encryption-key-name',
         :'role_binding' => :'role-binding',
+        :'role_names' => :'role-names',
+        :'secure_access_delay' => :'secure-access-delay',
+        :'secure_access_enable' => :'secure-access-enable',
+        :'secure_access_url' => :'secure-access-url',
+        :'secure_access_web_browsing' => :'secure-access-web-browsing',
+        :'secure_access_web_proxy' => :'secure-access-web-proxy',
         :'service_account_type' => :'service-account-type',
         :'tags' => :'tags',
         :'target_name' => :'target-name',
@@ -101,11 +136,14 @@ module Akeyless
     # Attribute type mapping.
     def self.openapi_types
       {
+        :'access_type' => :'String',
         :'custom_username_template' => :'String',
         :'delete_protection' => :'String',
+        :'fixed_user_claim_keyname' => :'String',
         :'gcp_cred_type' => :'String',
         :'gcp_key' => :'String',
         :'gcp_key_algo' => :'String',
+        :'gcp_project_id' => :'String',
         :'gcp_sa_email' => :'String',
         :'gcp_token_scopes' => :'String',
         :'item_custom_fields' => :'Hash<String, String>',
@@ -113,6 +151,12 @@ module Akeyless
         :'name' => :'String',
         :'producer_encryption_key_name' => :'String',
         :'role_binding' => :'String',
+        :'role_names' => :'String',
+        :'secure_access_delay' => :'Integer',
+        :'secure_access_enable' => :'String',
+        :'secure_access_url' => :'String',
+        :'secure_access_web_browsing' => :'Boolean',
+        :'secure_access_web_proxy' => :'Boolean',
         :'service_account_type' => :'String',
         :'tags' => :'Array<String>',
         :'target_name' => :'String',
@@ -143,6 +187,10 @@ module Akeyless
         h[k.to_sym] = v
       }
 
+      if attributes.key?(:'access_type')
+        self.access_type = attributes[:'access_type']
+      end
+
       if attributes.key?(:'custom_username_template')
         self.custom_username_template = attributes[:'custom_username_template']
       end
@@ -151,6 +199,12 @@ module Akeyless
         self.delete_protection = attributes[:'delete_protection']
       end
 
+      if attributes.key?(:'fixed_user_claim_keyname')
+        self.fixed_user_claim_keyname = attributes[:'fixed_user_claim_keyname']
+      else
+        self.fixed_user_claim_keyname = 'ext_email'
+      end
+
       if attributes.key?(:'gcp_cred_type')
         self.gcp_cred_type = attributes[:'gcp_cred_type']
       end
@@ -163,6 +217,10 @@ module Akeyless
         self.gcp_key_algo = attributes[:'gcp_key_algo']
       end
 
+      if attributes.key?(:'gcp_project_id')
+        self.gcp_project_id = attributes[:'gcp_project_id']
+      end
+
       if attributes.key?(:'gcp_sa_email')
         self.gcp_sa_email = attributes[:'gcp_sa_email']
       end
@@ -197,6 +255,34 @@ module Akeyless
         self.role_binding = attributes[:'role_binding']
       end
 
+      if attributes.key?(:'role_names')
+        self.role_names = attributes[:'role_names']
+      end
+
+      if attributes.key?(:'secure_access_delay')
+        self.secure_access_delay = attributes[:'secure_access_delay']
+      end
+
+      if attributes.key?(:'secure_access_enable')
+        self.secure_access_enable = attributes[:'secure_access_enable']
+      end
+
+      if attributes.key?(:'secure_access_url')
+        self.secure_access_url = attributes[:'secure_access_url']
+      end
+
+      if attributes.key?(:'secure_access_web_browsing')
+        self.secure_access_web_browsing = attributes[:'secure_access_web_browsing']
+      else
+        self.secure_access_web_browsing = false
+      end
+
+      if attributes.key?(:'secure_access_web_proxy')
+        self.secure_access_web_proxy = attributes[:'secure_access_web_proxy']
+      else
+        self.secure_access_web_proxy = false
+      end
+
       if attributes.key?(:'service_account_type')
         self.service_account_type = attributes[:'service_account_type']
       else
@@ -237,10 +323,6 @@ module Akeyless
         invalid_properties.push('invalid value for "name", name cannot be nil.')
       end
 
-      if @service_account_type.nil?
-        invalid_properties.push('invalid value for "service_account_type", service_account_type cannot be nil.')
-      end
-
       invalid_properties
     end
 
@@ -249,7 +331,6 @@ module Akeyless
     def valid?
       warn '[DEPRECATED] the `valid?` method is obsolete'
       return false if @name.nil?
-      return false if @service_account_type.nil?
       true
     end
 
@@ -258,11 +339,14 @@ module Akeyless
     def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
+          access_type == o.access_type &&
           custom_username_template == o.custom_username_template &&
           delete_protection == o.delete_protection &&
+          fixed_user_claim_keyname == o.fixed_user_claim_keyname &&
           gcp_cred_type == o.gcp_cred_type &&
           gcp_key == o.gcp_key &&
           gcp_key_algo == o.gcp_key_algo &&
+          gcp_project_id == o.gcp_project_id &&
           gcp_sa_email == o.gcp_sa_email &&
           gcp_token_scopes == o.gcp_token_scopes &&
           item_custom_fields == o.item_custom_fields &&
@@ -270,6 +354,12 @@ module Akeyless
           name == o.name &&
           producer_encryption_key_name == o.producer_encryption_key_name &&
           role_binding == o.role_binding &&
+          role_names == o.role_names &&
+          secure_access_delay == o.secure_access_delay &&
+          secure_access_enable == o.secure_access_enable &&
+          secure_access_url == o.secure_access_url &&
+          secure_access_web_browsing == o.secure_access_web_browsing &&
+          secure_access_web_proxy == o.secure_access_web_proxy &&
           service_account_type == o.service_account_type &&
           tags == o.tags &&
           target_name == o.target_name &&
@@ -287,7 +377,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, gcp_cred_type, gcp_key, gcp_key_algo, gcp_sa_email, gcp_token_scopes, item_custom_fields, json, name, producer_encryption_key_name, role_binding, service_account_type, tags, target_name, token, uid_token, user_ttl].hash
+      [access_type, custom_username_template, delete_protection, fixed_user_claim_keyname, gcp_cred_type, gcp_key, gcp_key_algo, gcp_project_id, gcp_sa_email, gcp_token_scopes, item_custom_fields, json, name, producer_encryption_key_name, role_binding, role_names, secure_access_delay, secure_access_enable, secure_access_url, secure_access_web_browsing, secure_access_web_proxy, service_account_type, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_create_producer_mongo.rb

@@ -55,6 +55,9 @@ module Akeyless
     # MongoDB Roles
     attr_accessor :mongodb_roles
 
+    # MongoDB Scopes (Atlas only)
+    attr_accessor :mongodb_scopes
+
     # MongoDB server URI
     attr_accessor :mongodb_server_uri
 
@@ -125,6 +128,7 @@ module Akeyless
         :'mongodb_name' => :'mongodb-name',
         :'mongodb_password' => :'mongodb-password',
         :'mongodb_roles' => :'mongodb-roles',
+        :'mongodb_scopes' => :'mongodb-scopes',
         :'mongodb_server_uri' => :'mongodb-server-uri',
         :'mongodb_uri_options' => :'mongodb-uri-options',
         :'mongodb_username' => :'mongodb-username',
@@ -167,6 +171,7 @@ module Akeyless
         :'mongodb_name' => :'String',
         :'mongodb_password' => :'String',
         :'mongodb_roles' => :'String',
+        :'mongodb_scopes' => :'String',
         :'mongodb_server_uri' => :'String',
         :'mongodb_uri_options' => :'String',
         :'mongodb_username' => :'String',
@@ -267,6 +272,10 @@ module Akeyless
         self.mongodb_roles = '[]'
       end
 
+      if attributes.key?(:'mongodb_scopes')
+        self.mongodb_scopes = attributes[:'mongodb_scopes']
+      end
+
       if attributes.key?(:'mongodb_server_uri')
         self.mongodb_server_uri = attributes[:'mongodb_server_uri']
       end
@@ -388,6 +397,7 @@ module Akeyless
           mongodb_name == o.mongodb_name &&
           mongodb_password == o.mongodb_password &&
           mongodb_roles == o.mongodb_roles &&
+          mongodb_scopes == o.mongodb_scopes &&
           mongodb_server_uri == o.mongodb_server_uri &&
           mongodb_uri_options == o.mongodb_uri_options &&
           mongodb_username == o.mongodb_username &&
@@ -417,7 +427,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, item_custom_fields, json, mongodb_atlas_api_private_key, mongodb_atlas_api_public_key, mongodb_atlas_project_id, mongodb_custom_data, mongodb_default_auth_db, mongodb_host_port, mongodb_name, mongodb_password, mongodb_roles, mongodb_server_uri, mongodb_uri_options, mongodb_username, name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
+      [custom_username_template, delete_protection, item_custom_fields, json, mongodb_atlas_api_private_key, mongodb_atlas_api_public_key, mongodb_atlas_project_id, mongodb_custom_data, mongodb_default_auth_db, mongodb_host_port, mongodb_name, mongodb_password, mongodb_roles, mongodb_scopes, mongodb_server_uri, mongodb_uri_options, mongodb_username, name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_create_producer_mssql.rb

@@ -28,6 +28,9 @@ module Akeyless
     # Set output format to JSON
     attr_accessor :json
 
+    # CSV of allowed DB names for runtime selection when getting the secret value. Empty => use target DB only; \"*\" => any DB allowed; One or more names => user must choose from this list
+    attr_accessor :mssql_allowed_db_names
+
     # MSSQL Creation statements
     attr_accessor :mssql_create_statements
 
@@ -104,6 +107,7 @@ module Akeyless
         :'delete_protection' => :'delete_protection',
         :'item_custom_fields' => :'item-custom-fields',
         :'json' => :'json',
+        :'mssql_allowed_db_names' => :'mssql-allowed-db-names',
         :'mssql_create_statements' => :'mssql-create-statements',
         :'mssql_dbname' => :'mssql-dbname',
         :'mssql_host' => :'mssql-host',
@@ -142,6 +146,7 @@ module Akeyless
         :'delete_protection' => :'String',
         :'item_custom_fields' => :'Hash<String, String>',
         :'json' => :'Boolean',
+        :'mssql_allowed_db_names' => :'String',
         :'mssql_create_statements' => :'String',
         :'mssql_dbname' => :'String',
         :'mssql_host' => :'String',
@@ -209,6 +214,10 @@ module Akeyless
         self.json = false
       end
 
+      if attributes.key?(:'mssql_allowed_db_names')
+        self.mssql_allowed_db_names = attributes[:'mssql_allowed_db_names']
+      end
+
       if attributes.key?(:'mssql_create_statements')
         self.mssql_create_statements = attributes[:'mssql_create_statements']
       end
@@ -345,6 +354,7 @@ module Akeyless
           delete_protection == o.delete_protection &&
           item_custom_fields == o.item_custom_fields &&
           json == o.json &&
+          mssql_allowed_db_names == o.mssql_allowed_db_names &&
           mssql_create_statements == o.mssql_create_statements &&
           mssql_dbname == o.mssql_dbname &&
           mssql_host == o.mssql_host &&
@@ -379,7 +389,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, item_custom_fields, json, mssql_create_statements, mssql_dbname, mssql_host, mssql_password, mssql_port, mssql_revocation_statements, mssql_username, name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_db_schema, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
+      [custom_username_template, delete_protection, item_custom_fields, json, mssql_allowed_db_names, mssql_create_statements, mssql_dbname, mssql_host, mssql_password, mssql_port, mssql_revocation_statements, mssql_username, name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_db_schema, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_update_migration.rb

@@ -24,6 +24,9 @@ module Akeyless
     # Distinguished Name of Computer objects (servers) to search in Active Directory e.g.: CN=Computers,DC=example,DC=com (Relevant only for Active Directory migration)
     attr_accessor :ad_computer_base_dn
 
+    # Enable/Disable discovery of IIS application from each domain server as part of the SSH/Windows Rotated Secrets. Default is false. (Relevant only for Active Directory migration)
+    attr_accessor :ad_discover_iis_app
+
     # Enable/Disable discovery of Windows services from each domain server as part of the SSH/Windows Rotated Secrets. Default is false. (Relevant only for Active Directory migration)
     attr_accessor :ad_discover_services
 
@@ -201,6 +204,7 @@ module Akeyless
         :'service_account_key_decoded' => :'ServiceAccountKeyDecoded',
         :'ad_auto_rotate' => :'ad-auto-rotate',
         :'ad_computer_base_dn' => :'ad-computer-base-dn',
+        :'ad_discover_iis_app' => :'ad-discover-iis-app',
         :'ad_discover_services' => :'ad-discover-services',
         :'ad_discovery_types' => :'ad-discovery-types',
         :'ad_domain_name' => :'ad-domain-name',
@@ -272,6 +276,7 @@ module Akeyless
         :'service_account_key_decoded' => :'String',
         :'ad_auto_rotate' => :'String',
         :'ad_computer_base_dn' => :'String',
+        :'ad_discover_iis_app' => :'String',
         :'ad_discover_services' => :'String',
         :'ad_discovery_types' => :'Array<String>',
         :'ad_domain_name' => :'String',
@@ -365,6 +370,12 @@ module Akeyless
         self.ad_computer_base_dn = attributes[:'ad_computer_base_dn']
       end
 
+      if attributes.key?(:'ad_discover_iis_app')
+        self.ad_discover_iis_app = attributes[:'ad_discover_iis_app']
+      else
+        self.ad_discover_iis_app = 'false'
+      end
+
       if attributes.key?(:'ad_discover_services')
         self.ad_discover_services = attributes[:'ad_discover_services']
       else
@@ -668,6 +679,7 @@ module Akeyless
           service_account_key_decoded == o.service_account_key_decoded &&
           ad_auto_rotate == o.ad_auto_rotate &&
           ad_computer_base_dn == o.ad_computer_base_dn &&
+          ad_discover_iis_app == o.ad_discover_iis_app &&
           ad_discover_services == o.ad_discover_services &&
           ad_discovery_types == o.ad_discovery_types &&
           ad_domain_name == o.ad_domain_name &&
@@ -736,7 +748,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [service_account_key_decoded, ad_auto_rotate, ad_computer_base_dn, ad_discover_services, ad_discovery_types, ad_domain_name, ad_domain_users_path_template, ad_local_users_ignore, ad_local_users_path_template, ad_os_filter, ad_rotation_hour, ad_rotation_interval, ad_sra_enable_rdp, ad_ssh_port, ad_target_format, ad_target_name, ad_targets_path_template, ad_targets_type, ad_user_base_dn, ad_user_groups, ad_winrm_over_http, ad_winrm_port, ad_discover_local_users, aws_key, aws_key_id, aws_region, azure_client_id, azure_kv_name, azure_secret, azure_tenant_id, gcp_key, hashi_json, hashi_ns, hashi_token, hashi_url, id, json, k8s_ca_certificate, k8s_client_certificate, k8s_client_key, k8s_namespace, k8s_password, k8s_skip_system, k8s_token, k8s_url, k8s_username, name, new_name, protection_key, si_auto_rotate, si_rotation_hour, si_rotation_interval, si_sra_enable_rdp, si_target_name, si_user_groups, si_users_ignore, si_users_path_template, target_location, token, uid_token].hash
+      [service_account_key_decoded, ad_auto_rotate, ad_computer_base_dn, ad_discover_iis_app, ad_discover_services, ad_discovery_types, ad_domain_name, ad_domain_users_path_template, ad_local_users_ignore, ad_local_users_path_template, ad_os_filter, ad_rotation_hour, ad_rotation_interval, ad_sra_enable_rdp, ad_ssh_port, ad_target_format, ad_target_name, ad_targets_path_template, ad_targets_type, ad_user_base_dn, ad_user_groups, ad_winrm_over_http, ad_winrm_port, ad_discover_local_users, aws_key, aws_key_id, aws_region, azure_client_id, azure_kv_name, azure_secret, azure_tenant_id, gcp_key, hashi_json, hashi_ns, hashi_token, hashi_url, id, json, k8s_ca_certificate, k8s_client_certificate, k8s_client_key, k8s_namespace, k8s_password, k8s_skip_system, k8s_token, k8s_url, k8s_username, name, new_name, protection_key, si_auto_rotate, si_rotation_hour, si_rotation_interval, si_sra_enable_rdp, si_target_name, si_user_groups, si_users_ignore, si_users_path_template, target_location, token, uid_token].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_update_producer_gcp.rb

@@ -16,24 +16,32 @@ require 'time'
 module Akeyless
   # gatewayUpdateProducerGcp is a command that updates a GCP producer [Deprecated: Use dynamic-secret-update-gcp command]
   class GatewayUpdateProducerGcp
+    attr_accessor :access_type
+
     # Customize how temporary usernames are generated using go template
     attr_accessor :custom_username_template
 
     # Protection from accidental deletion of this object [true/false]
     attr_accessor :delete_protection
 
+    # For externally provided users, denotes the key-name of IdP claim to extract the username from (Relevant only when --access-type=external)
+    attr_accessor :fixed_user_claim_keyname
+
     attr_accessor :gcp_cred_type
 
     # Base64-encoded service account private key text
     attr_accessor :gcp_key
 
-    # Service account key algorithm, e.g. KEY_ALG_RSA_1024
+    # Service account key algorithm, e.g. KEY_ALG_RSA_1024 (Relevant only when --access-type=sa and --gcp-cred-type=key)
     attr_accessor :gcp_key_algo
 
-    # The email of the fixed service acocunt to generate keys or tokens for. (revelant for service-account-type=fixed)
+    # GCP Project ID override for dynamic secret operations
+    attr_accessor :gcp_project_id
+
+    # The email of the fixed service account to generate keys or tokens for (Relevant only when --access-type=sa and --service-account-type=fixed)
     attr_accessor :gcp_sa_email
 
-    # Access token scopes list, e.g. scope1,scope2
+    # Access token scopes list, e.g. scope1,scope2 (Relevant only when --access-type=sa; required when --gcp-cred-type=token)
     attr_accessor :gcp_token_scopes
 
     # Additional custom fields to associate with the item
@@ -51,10 +59,28 @@ module Akeyless
     # Dynamic producer encryption key
     attr_accessor :producer_encryption_key_name
 
-    # Role binding definitions in json format
+    # Role binding definitions in JSON format (Relevant only when --access-type=sa and --service-account-type=dynamic)
     attr_accessor :role_binding
 
-    # The type of the gcp dynamic secret. Options[fixed, dynamic]
+    # Comma-separated list of GCP roles to assign to the user (Relevant only when --access-type=external)
+    attr_accessor :role_names
+
+    # The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
+    attr_accessor :secure_access_delay
+
+    # Enable/Disable secure remote access [true/false]
+    attr_accessor :secure_access_enable
+
+    # Destination URL to inject secrets
+    attr_accessor :secure_access_url
+
+    # Secure browser via Akeyless's Secure Remote Access (SRA)
+    attr_accessor :secure_access_web_browsing
+
+    # Web-Proxy via Akeyless's Secure Remote Access (SRA)
+    attr_accessor :secure_access_web_proxy
+
+    # The type of the GCP service account. Options [fixed, dynamic] (Relevant only when --access-type=sa)
     attr_accessor :service_account_type
 
     # Add tags attached to this object
@@ -75,11 +101,14 @@ module Akeyless
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
+        :'access_type' => :'access-type',
         :'custom_username_template' => :'custom-username-template',
         :'delete_protection' => :'delete_protection',
+        :'fixed_user_claim_keyname' => :'fixed-user-claim-keyname',
         :'gcp_cred_type' => :'gcp-cred-type',
         :'gcp_key' => :'gcp-key',
         :'gcp_key_algo' => :'gcp-key-algo',
+        :'gcp_project_id' => :'gcp-project-id',
         :'gcp_sa_email' => :'gcp-sa-email',
         :'gcp_token_scopes' => :'gcp-token-scopes',
         :'item_custom_fields' => :'item-custom-fields',
@@ -88,6 +117,12 @@ module Akeyless
         :'new_name' => :'new-name',
         :'producer_encryption_key_name' => :'producer-encryption-key-name',
         :'role_binding' => :'role-binding',
+        :'role_names' => :'role-names',
+        :'secure_access_delay' => :'secure-access-delay',
+        :'secure_access_enable' => :'secure-access-enable',
+        :'secure_access_url' => :'secure-access-url',
+        :'secure_access_web_browsing' => :'secure-access-web-browsing',
+        :'secure_access_web_proxy' => :'secure-access-web-proxy',
         :'service_account_type' => :'service-account-type',
         :'tags' => :'tags',
         :'target_name' => :'target-name',
@@ -105,11 +140,14 @@ module Akeyless
     # Attribute type mapping.
     def self.openapi_types
       {
+        :'access_type' => :'String',
         :'custom_username_template' => :'String',
         :'delete_protection' => :'String',
+        :'fixed_user_claim_keyname' => :'String',
         :'gcp_cred_type' => :'String',
         :'gcp_key' => :'String',
         :'gcp_key_algo' => :'String',
+        :'gcp_project_id' => :'String',
         :'gcp_sa_email' => :'String',
         :'gcp_token_scopes' => :'String',
         :'item_custom_fields' => :'Hash<String, String>',
@@ -118,6 +156,12 @@ module Akeyless
         :'new_name' => :'String',
         :'producer_encryption_key_name' => :'String',
         :'role_binding' => :'String',
+        :'role_names' => :'String',
+        :'secure_access_delay' => :'Integer',
+        :'secure_access_enable' => :'String',
+        :'secure_access_url' => :'String',
+        :'secure_access_web_browsing' => :'Boolean',
+        :'secure_access_web_proxy' => :'Boolean',
         :'service_account_type' => :'String',
         :'tags' => :'Array<String>',
         :'target_name' => :'String',
@@ -148,6 +192,10 @@ module Akeyless
         h[k.to_sym] = v
       }
 
+      if attributes.key?(:'access_type')
+        self.access_type = attributes[:'access_type']
+      end
+
       if attributes.key?(:'custom_username_template')
         self.custom_username_template = attributes[:'custom_username_template']
       end
@@ -156,6 +204,12 @@ module Akeyless
         self.delete_protection = attributes[:'delete_protection']
       end
 
+      if attributes.key?(:'fixed_user_claim_keyname')
+        self.fixed_user_claim_keyname = attributes[:'fixed_user_claim_keyname']
+      else
+        self.fixed_user_claim_keyname = 'ext_email'
+      end
+
       if attributes.key?(:'gcp_cred_type')
         self.gcp_cred_type = attributes[:'gcp_cred_type']
       end
@@ -168,6 +222,10 @@ module Akeyless
         self.gcp_key_algo = attributes[:'gcp_key_algo']
       end
 
+      if attributes.key?(:'gcp_project_id')
+        self.gcp_project_id = attributes[:'gcp_project_id']
+      end
+
       if attributes.key?(:'gcp_sa_email')
         self.gcp_sa_email = attributes[:'gcp_sa_email']
       end
@@ -206,6 +264,34 @@ module Akeyless
         self.role_binding = attributes[:'role_binding']
       end
 
+      if attributes.key?(:'role_names')
+        self.role_names = attributes[:'role_names']
+      end
+
+      if attributes.key?(:'secure_access_delay')
+        self.secure_access_delay = attributes[:'secure_access_delay']
+      end
+
+      if attributes.key?(:'secure_access_enable')
+        self.secure_access_enable = attributes[:'secure_access_enable']
+      end
+
+      if attributes.key?(:'secure_access_url')
+        self.secure_access_url = attributes[:'secure_access_url']
+      end
+
+      if attributes.key?(:'secure_access_web_browsing')
+        self.secure_access_web_browsing = attributes[:'secure_access_web_browsing']
+      else
+        self.secure_access_web_browsing = false
+      end
+
+      if attributes.key?(:'secure_access_web_proxy')
+        self.secure_access_web_proxy = attributes[:'secure_access_web_proxy']
+      else
+        self.secure_access_web_proxy = false
+      end
+
       if attributes.key?(:'service_account_type')
         self.service_account_type = attributes[:'service_account_type']
       else
@@ -246,10 +332,6 @@ module Akeyless
         invalid_properties.push('invalid value for "name", name cannot be nil.')
       end
 
-      if @service_account_type.nil?
-        invalid_properties.push('invalid value for "service_account_type", service_account_type cannot be nil.')
-      end
-
       invalid_properties
     end
 
@@ -258,7 +340,6 @@ module Akeyless
     def valid?
       warn '[DEPRECATED] the `valid?` method is obsolete'
       return false if @name.nil?
-      return false if @service_account_type.nil?
       true
     end
 
@@ -267,11 +348,14 @@ module Akeyless
     def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
+          access_type == o.access_type &&
           custom_username_template == o.custom_username_template &&
           delete_protection == o.delete_protection &&
+          fixed_user_claim_keyname == o.fixed_user_claim_keyname &&
           gcp_cred_type == o.gcp_cred_type &&
           gcp_key == o.gcp_key &&
           gcp_key_algo == o.gcp_key_algo &&
+          gcp_project_id == o.gcp_project_id &&
           gcp_sa_email == o.gcp_sa_email &&
           gcp_token_scopes == o.gcp_token_scopes &&
           item_custom_fields == o.item_custom_fields &&
@@ -280,6 +364,12 @@ module Akeyless
           new_name == o.new_name &&
           producer_encryption_key_name == o.producer_encryption_key_name &&
           role_binding == o.role_binding &&
+          role_names == o.role_names &&
+          secure_access_delay == o.secure_access_delay &&
+          secure_access_enable == o.secure_access_enable &&
+          secure_access_url == o.secure_access_url &&
+          secure_access_web_browsing == o.secure_access_web_browsing &&
+          secure_access_web_proxy == o.secure_access_web_proxy &&
           service_account_type == o.service_account_type &&
           tags == o.tags &&
           target_name == o.target_name &&
@@ -297,7 +387,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, gcp_cred_type, gcp_key, gcp_key_algo, gcp_sa_email, gcp_token_scopes, item_custom_fields, json, name, new_name, producer_encryption_key_name, role_binding, service_account_type, tags, target_name, token, uid_token, user_ttl].hash
+      [access_type, custom_username_template, delete_protection, fixed_user_claim_keyname, gcp_cred_type, gcp_key, gcp_key_algo, gcp_project_id, gcp_sa_email, gcp_token_scopes, item_custom_fields, json, name, new_name, producer_encryption_key_name, role_binding, role_names, secure_access_delay, secure_access_enable, secure_access_url, secure_access_web_browsing, secure_access_web_proxy, service_account_type, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash