akeyless 5.0.14 → 5.0.16

data/lib/akeyless/models/gateway_update_producer_gcp.rb

@@ -16,27 +16,32 @@ require 'time'
 module Akeyless
   # gatewayUpdateProducerGcp is a command that updates a GCP producer [Deprecated: Use dynamic-secret-update-gcp command]
   class GatewayUpdateProducerGcp
+    attr_accessor :access_type
+
     # Customize how temporary usernames are generated using go template
     attr_accessor :custom_username_template
 
     # Protection from accidental deletion of this object [true/false]
     attr_accessor :delete_protection
 
+    # For externally provided users, denotes the key-name of IdP claim to extract the username from (Relevant only when --access-type=external)
+    attr_accessor :fixed_user_claim_keyname
+
     attr_accessor :gcp_cred_type
 
     # Base64-encoded service account private key text
     attr_accessor :gcp_key
 
-    # Service account key algorithm, e.g. KEY_ALG_RSA_1024
+    # Service account key algorithm, e.g. KEY_ALG_RSA_1024 (Relevant only when --access-type=sa and --gcp-cred-type=key)
     attr_accessor :gcp_key_algo
 
-    # GCP Project ID override for dynamic secret operations (tmp service accounts)
+    # GCP Project ID override for dynamic secret operations
     attr_accessor :gcp_project_id
 
-    # The email of the fixed service acocunt to generate keys or tokens for. (revelant for service-account-type=fixed)
+    # The email of the fixed service account to generate keys or tokens for (Relevant only when --access-type=sa and --service-account-type=fixed)
     attr_accessor :gcp_sa_email
 
-    # Access token scopes list, e.g. scope1,scope2
+    # Access token scopes list, e.g. scope1,scope2 (Relevant only when --access-type=sa; required when --gcp-cred-type=token)
     attr_accessor :gcp_token_scopes
 
     # Additional custom fields to associate with the item
@@ -54,10 +59,28 @@ module Akeyless
     # Dynamic producer encryption key
     attr_accessor :producer_encryption_key_name
 
-    # Role binding definitions in json format
+    # Role binding definitions in JSON format (Relevant only when --access-type=sa and --service-account-type=dynamic)
     attr_accessor :role_binding
 
-    # The type of the gcp dynamic secret. Options[fixed, dynamic]
+    # Comma-separated list of GCP roles to assign to the user (Relevant only when --access-type=external)
+    attr_accessor :role_names
+
+    # The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds
+    attr_accessor :secure_access_delay
+
+    # Enable/Disable secure remote access [true/false]
+    attr_accessor :secure_access_enable
+
+    # Destination URL to inject secrets
+    attr_accessor :secure_access_url
+
+    # Secure browser via Akeyless's Secure Remote Access (SRA)
+    attr_accessor :secure_access_web_browsing
+
+    # Web-Proxy via Akeyless's Secure Remote Access (SRA)
+    attr_accessor :secure_access_web_proxy
+
+    # The type of the GCP service account. Options [fixed, dynamic] (Relevant only when --access-type=sa)
     attr_accessor :service_account_type
 
     # Add tags attached to this object
@@ -78,8 +101,10 @@ module Akeyless
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
+        :'access_type' => :'access-type',
         :'custom_username_template' => :'custom-username-template',
         :'delete_protection' => :'delete_protection',
+        :'fixed_user_claim_keyname' => :'fixed-user-claim-keyname',
         :'gcp_cred_type' => :'gcp-cred-type',
         :'gcp_key' => :'gcp-key',
         :'gcp_key_algo' => :'gcp-key-algo',
@@ -92,6 +117,12 @@ module Akeyless
         :'new_name' => :'new-name',
         :'producer_encryption_key_name' => :'producer-encryption-key-name',
         :'role_binding' => :'role-binding',
+        :'role_names' => :'role-names',
+        :'secure_access_delay' => :'secure-access-delay',
+        :'secure_access_enable' => :'secure-access-enable',
+        :'secure_access_url' => :'secure-access-url',
+        :'secure_access_web_browsing' => :'secure-access-web-browsing',
+        :'secure_access_web_proxy' => :'secure-access-web-proxy',
         :'service_account_type' => :'service-account-type',
         :'tags' => :'tags',
         :'target_name' => :'target-name',
@@ -109,8 +140,10 @@ module Akeyless
     # Attribute type mapping.
     def self.openapi_types
       {
+        :'access_type' => :'String',
         :'custom_username_template' => :'String',
         :'delete_protection' => :'String',
+        :'fixed_user_claim_keyname' => :'String',
         :'gcp_cred_type' => :'String',
         :'gcp_key' => :'String',
         :'gcp_key_algo' => :'String',
@@ -123,6 +156,12 @@ module Akeyless
         :'new_name' => :'String',
         :'producer_encryption_key_name' => :'String',
         :'role_binding' => :'String',
+        :'role_names' => :'String',
+        :'secure_access_delay' => :'Integer',
+        :'secure_access_enable' => :'String',
+        :'secure_access_url' => :'String',
+        :'secure_access_web_browsing' => :'Boolean',
+        :'secure_access_web_proxy' => :'Boolean',
         :'service_account_type' => :'String',
         :'tags' => :'Array<String>',
         :'target_name' => :'String',
@@ -153,6 +192,10 @@ module Akeyless
         h[k.to_sym] = v
       }
 
+      if attributes.key?(:'access_type')
+        self.access_type = attributes[:'access_type']
+      end
+
       if attributes.key?(:'custom_username_template')
         self.custom_username_template = attributes[:'custom_username_template']
       end
@@ -161,6 +204,12 @@ module Akeyless
         self.delete_protection = attributes[:'delete_protection']
       end
 
+      if attributes.key?(:'fixed_user_claim_keyname')
+        self.fixed_user_claim_keyname = attributes[:'fixed_user_claim_keyname']
+      else
+        self.fixed_user_claim_keyname = 'ext_email'
+      end
+
       if attributes.key?(:'gcp_cred_type')
         self.gcp_cred_type = attributes[:'gcp_cred_type']
       end
@@ -215,6 +264,34 @@ module Akeyless
         self.role_binding = attributes[:'role_binding']
       end
 
+      if attributes.key?(:'role_names')
+        self.role_names = attributes[:'role_names']
+      end
+
+      if attributes.key?(:'secure_access_delay')
+        self.secure_access_delay = attributes[:'secure_access_delay']
+      end
+
+      if attributes.key?(:'secure_access_enable')
+        self.secure_access_enable = attributes[:'secure_access_enable']
+      end
+
+      if attributes.key?(:'secure_access_url')
+        self.secure_access_url = attributes[:'secure_access_url']
+      end
+
+      if attributes.key?(:'secure_access_web_browsing')
+        self.secure_access_web_browsing = attributes[:'secure_access_web_browsing']
+      else
+        self.secure_access_web_browsing = false
+      end
+
+      if attributes.key?(:'secure_access_web_proxy')
+        self.secure_access_web_proxy = attributes[:'secure_access_web_proxy']
+      else
+        self.secure_access_web_proxy = false
+      end
+
       if attributes.key?(:'service_account_type')
         self.service_account_type = attributes[:'service_account_type']
       else
@@ -255,10 +332,6 @@ module Akeyless
         invalid_properties.push('invalid value for "name", name cannot be nil.')
       end
 
-      if @service_account_type.nil?
-        invalid_properties.push('invalid value for "service_account_type", service_account_type cannot be nil.')
-      end
-
       invalid_properties
     end
 
@@ -267,7 +340,6 @@ module Akeyless
     def valid?
       warn '[DEPRECATED] the `valid?` method is obsolete'
       return false if @name.nil?
-      return false if @service_account_type.nil?
       true
     end
 
@@ -276,8 +348,10 @@ module Akeyless
     def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
+          access_type == o.access_type &&
           custom_username_template == o.custom_username_template &&
           delete_protection == o.delete_protection &&
+          fixed_user_claim_keyname == o.fixed_user_claim_keyname &&
           gcp_cred_type == o.gcp_cred_type &&
           gcp_key == o.gcp_key &&
           gcp_key_algo == o.gcp_key_algo &&
@@ -290,6 +364,12 @@ module Akeyless
           new_name == o.new_name &&
           producer_encryption_key_name == o.producer_encryption_key_name &&
           role_binding == o.role_binding &&
+          role_names == o.role_names &&
+          secure_access_delay == o.secure_access_delay &&
+          secure_access_enable == o.secure_access_enable &&
+          secure_access_url == o.secure_access_url &&
+          secure_access_web_browsing == o.secure_access_web_browsing &&
+          secure_access_web_proxy == o.secure_access_web_proxy &&
           service_account_type == o.service_account_type &&
           tags == o.tags &&
           target_name == o.target_name &&
@@ -307,7 +387,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, gcp_cred_type, gcp_key, gcp_key_algo, gcp_project_id, gcp_sa_email, gcp_token_scopes, item_custom_fields, json, name, new_name, producer_encryption_key_name, role_binding, service_account_type, tags, target_name, token, uid_token, user_ttl].hash
+      [access_type, custom_username_template, delete_protection, fixed_user_claim_keyname, gcp_cred_type, gcp_key, gcp_key_algo, gcp_project_id, gcp_sa_email, gcp_token_scopes, item_custom_fields, json, name, new_name, producer_encryption_key_name, role_binding, role_names, secure_access_delay, secure_access_enable, secure_access_url, secure_access_web_browsing, secure_access_web_proxy, service_account_type, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_update_producer_mongo.rb

@@ -55,6 +55,9 @@ module Akeyless
     # MongoDB Roles
     attr_accessor :mongodb_roles
 
+    # MongoDB Scopes (Atlas only)
+    attr_accessor :mongodb_scopes
+
     # MongoDB server URI
     attr_accessor :mongodb_server_uri
 
@@ -128,6 +131,7 @@ module Akeyless
         :'mongodb_name' => :'mongodb-name',
         :'mongodb_password' => :'mongodb-password',
         :'mongodb_roles' => :'mongodb-roles',
+        :'mongodb_scopes' => :'mongodb-scopes',
         :'mongodb_server_uri' => :'mongodb-server-uri',
         :'mongodb_uri_options' => :'mongodb-uri-options',
         :'mongodb_username' => :'mongodb-username',
@@ -171,6 +175,7 @@ module Akeyless
         :'mongodb_name' => :'String',
         :'mongodb_password' => :'String',
         :'mongodb_roles' => :'String',
+        :'mongodb_scopes' => :'String',
         :'mongodb_server_uri' => :'String',
         :'mongodb_uri_options' => :'String',
         :'mongodb_username' => :'String',
@@ -272,6 +277,10 @@ module Akeyless
         self.mongodb_roles = '[]'
       end
 
+      if attributes.key?(:'mongodb_scopes')
+        self.mongodb_scopes = attributes[:'mongodb_scopes']
+      end
+
       if attributes.key?(:'mongodb_server_uri')
         self.mongodb_server_uri = attributes[:'mongodb_server_uri']
       end
@@ -397,6 +406,7 @@ module Akeyless
           mongodb_name == o.mongodb_name &&
           mongodb_password == o.mongodb_password &&
           mongodb_roles == o.mongodb_roles &&
+          mongodb_scopes == o.mongodb_scopes &&
           mongodb_server_uri == o.mongodb_server_uri &&
           mongodb_uri_options == o.mongodb_uri_options &&
           mongodb_username == o.mongodb_username &&
@@ -427,7 +437,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, item_custom_fields, json, mongodb_atlas_api_private_key, mongodb_atlas_api_public_key, mongodb_atlas_project_id, mongodb_custom_data, mongodb_default_auth_db, mongodb_host_port, mongodb_name, mongodb_password, mongodb_roles, mongodb_server_uri, mongodb_uri_options, mongodb_username, name, new_name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
+      [custom_username_template, delete_protection, item_custom_fields, json, mongodb_atlas_api_private_key, mongodb_atlas_api_public_key, mongodb_atlas_project_id, mongodb_custom_data, mongodb_default_auth_db, mongodb_host_port, mongodb_name, mongodb_password, mongodb_roles, mongodb_scopes, mongodb_server_uri, mongodb_uri_options, mongodb_username, name, new_name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_update_producer_mssql.rb

@@ -28,6 +28,9 @@ module Akeyless
     # Set output format to JSON
     attr_accessor :json
 
+    # CSV of allowed DB names for runtime selection when getting the secret value. Empty => use target DB only; \"*\" => any DB allowed; One or more names => user must choose from this list
+    attr_accessor :mssql_allowed_db_names
+
     # MSSQL Creation statements
     attr_accessor :mssql_create_statements
 
@@ -107,6 +110,7 @@ module Akeyless
         :'delete_protection' => :'delete_protection',
         :'item_custom_fields' => :'item-custom-fields',
         :'json' => :'json',
+        :'mssql_allowed_db_names' => :'mssql-allowed-db-names',
         :'mssql_create_statements' => :'mssql-create-statements',
         :'mssql_dbname' => :'mssql-dbname',
         :'mssql_host' => :'mssql-host',
@@ -146,6 +150,7 @@ module Akeyless
         :'delete_protection' => :'String',
         :'item_custom_fields' => :'Hash<String, String>',
         :'json' => :'Boolean',
+        :'mssql_allowed_db_names' => :'String',
         :'mssql_create_statements' => :'String',
         :'mssql_dbname' => :'String',
         :'mssql_host' => :'String',
@@ -214,6 +219,10 @@ module Akeyless
         self.json = false
       end
 
+      if attributes.key?(:'mssql_allowed_db_names')
+        self.mssql_allowed_db_names = attributes[:'mssql_allowed_db_names']
+      end
+
       if attributes.key?(:'mssql_create_statements')
         self.mssql_create_statements = attributes[:'mssql_create_statements']
       end
@@ -354,6 +363,7 @@ module Akeyless
           delete_protection == o.delete_protection &&
           item_custom_fields == o.item_custom_fields &&
           json == o.json &&
+          mssql_allowed_db_names == o.mssql_allowed_db_names &&
           mssql_create_statements == o.mssql_create_statements &&
           mssql_dbname == o.mssql_dbname &&
           mssql_host == o.mssql_host &&
@@ -389,7 +399,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [custom_username_template, delete_protection, item_custom_fields, json, mssql_create_statements, mssql_dbname, mssql_host, mssql_password, mssql_port, mssql_revocation_statements, mssql_username, name, new_name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_db_schema, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
+      [custom_username_template, delete_protection, item_custom_fields, json, mssql_allowed_db_names, mssql_create_statements, mssql_dbname, mssql_host, mssql_password, mssql_port, mssql_revocation_statements, mssql_username, name, new_name, password_length, producer_encryption_key_name, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_db_schema, secure_access_delay, secure_access_enable, secure_access_host, secure_access_web, tags, target_name, token, uid_token, user_ttl].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_update_remote_access.rb

@@ -16,9 +16,15 @@ require 'time'
 module Akeyless
   # gatewayUpdateRemoteAccess is a command that update remote access config
   class GatewayUpdateRemoteAccess
+    # Specify a valid SSH-URL to tunnel to SSH session
+    attr_accessor :allowed_ssh_url
+
     # List of valid URLs to redirect from the Portal back to the remote access server (in a comma-delimited list)
     attr_accessor :allowed_urls
 
+    # Default session TTL in minutes
+    attr_accessor :default_session_ttl_minutes
+
     # Specifies whether to show/hide if the session is currently recorded [true/false]
     attr_accessor :hide_session_recording
 
@@ -49,7 +55,9 @@ module Akeyless
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
+        :'allowed_ssh_url' => :'allowed-ssh-url',
         :'allowed_urls' => :'allowed-urls',
+        :'default_session_ttl_minutes' => :'default-session-ttl-minutes',
         :'hide_session_recording' => :'hide-session-recording',
         :'json' => :'json',
         :'kexalgs' => :'kexalgs',
@@ -70,7 +78,9 @@ module Akeyless
     # Attribute type mapping.
     def self.openapi_types
       {
+        :'allowed_ssh_url' => :'String',
         :'allowed_urls' => :'String',
+        :'default_session_ttl_minutes' => :'String',
         :'hide_session_recording' => :'String',
         :'json' => :'Boolean',
         :'kexalgs' => :'String',
@@ -104,12 +114,24 @@ module Akeyless
         h[k.to_sym] = v
       }
 
+      if attributes.key?(:'allowed_ssh_url')
+        self.allowed_ssh_url = attributes[:'allowed_ssh_url']
+      else
+        self.allowed_ssh_url = 'use-existing'
+      end
+
       if attributes.key?(:'allowed_urls')
         self.allowed_urls = attributes[:'allowed_urls']
       else
         self.allowed_urls = 'use-existing'
       end
 
+      if attributes.key?(:'default_session_ttl_minutes')
+        self.default_session_ttl_minutes = attributes[:'default_session_ttl_minutes']
+      else
+        self.default_session_ttl_minutes = 'use-existing'
+      end
+
       if attributes.key?(:'hide_session_recording')
         self.hide_session_recording = attributes[:'hide_session_recording']
       end
@@ -177,7 +199,9 @@ module Akeyless
     def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
+          allowed_ssh_url == o.allowed_ssh_url &&
           allowed_urls == o.allowed_urls &&
+          default_session_ttl_minutes == o.default_session_ttl_minutes &&
           hide_session_recording == o.hide_session_recording &&
           json == o.json &&
           kexalgs == o.kexalgs &&
@@ -198,7 +222,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [allowed_urls, hide_session_recording, json, kexalgs, keyboard_layout, legacy_ssh_algorithm, rdp_target_configuration, ssh_target_configuration, token, uid_token].hash
+      [allowed_ssh_url, allowed_urls, default_session_ttl_minutes, hide_session_recording, json, kexalgs, keyboard_layout, legacy_ssh_algorithm, rdp_target_configuration, ssh_target_configuration, token, uid_token].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/get_dynamic_secret_value.rb

@@ -18,6 +18,9 @@ module Akeyless
     # Optional arguments as key=value pairs or JSON strings, e.g - \\\"--args=csr=base64_encoded_csr --args=common_name=bar\\\" or args='{\\\"csr\\\":\\\"base64_encoded_csr\\\"}. It is possible to combine both formats.'
     attr_accessor :args
 
+    # DBName: Optional override DB name (works only if DS allows it. only relevant for MSSQL)
+    attr_accessor :dbname
+
     # Host
     attr_accessor :host
 
@@ -43,6 +46,7 @@ module Akeyless
     def self.attribute_map
       {
         :'args' => :'args',
+        :'dbname' => :'dbname',
         :'host' => :'host',
         :'json' => :'json',
         :'name' => :'name',
@@ -62,6 +66,7 @@ module Akeyless
     def self.openapi_types
       {
         :'args' => :'Array<String>',
+        :'dbname' => :'String',
         :'host' => :'String',
         :'json' => :'Boolean',
         :'name' => :'String',
@@ -99,6 +104,10 @@ module Akeyless
         end
       end
 
+      if attributes.key?(:'dbname')
+        self.dbname = attributes[:'dbname']
+      end
+
       if attributes.key?(:'host')
         self.host = attributes[:'host']
       end
@@ -160,6 +169,7 @@ module Akeyless
       return true if self.equal?(o)
       self.class == o.class &&
           args == o.args &&
+          dbname == o.dbname &&
           host == o.host &&
           json == o.json &&
           name == o.name &&
@@ -178,7 +188,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [args, host, json, name, target, timeout, token, uid_token].hash
+      [args, dbname, host, json, name, target, timeout, token, uid_token].hash
     end
 
     # Builds the object from hash