akeyless 5.0.14 → 5.0.16

data/docs/CreateAuthMethod.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
@@ -26,6 +27,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethod.new(
   access_expires: null,
+  allowed_client_type: null,
   audit_logs_claims: null,
   bound_ips: null,
   delete_protection: null,

data/docs/CreateAuthMethodAWSIAM.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_arn** | **Array<String>** | A list of full arns that the access is restricted to | [optional] |
 | **bound_aws_account_id** | **Array<String>** | A list of AWS account-IDs that the access is restricted to |  |
@@ -35,6 +36,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodAWSIAM.new(
   access_expires: null,
+  allowed_client_type: null,
   audit_logs_claims: null,
   bound_arn: null,
   bound_aws_account_id: null,

data/docs/CreateAuthMethodAzureAD.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audience** | **String** | Deprecated (Deprecated) The audience in the JWT | [optional][default to 'https://management.azure.com/'] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_group_id** | **Array<String>** | A list of group ids that the access is restricted to | [optional] |
@@ -39,6 +40,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodAzureAD.new(
   access_expires: null,
+  allowed_client_type: null,
   audience: null,
   audit_logs_claims: null,
   bound_group_id: null,

data/docs/CreateAuthMethodCert.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **allowed_cors** | **String** | Comma separated list of allowed CORS domains to be validated as part of the authentication flow. | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_common_names** | **Array<String>** | A list of names. At least one must exist in the Common Name. Supports globbing. | [optional] |
@@ -36,6 +37,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodCert.new(
   access_expires: null,
+  allowed_client_type: null,
   allowed_cors: null,
   audit_logs_claims: null,
   bound_common_names: null,

data/docs/CreateAuthMethodEmail.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
@@ -29,6 +30,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodEmail.new(
   access_expires: null,
+  allowed_client_type: null,
   audit_logs_claims: null,
   bound_ips: null,
   delete_protection: null,

data/docs/CreateAuthMethodGCP.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audience** | **String** | The audience to verify in the JWT received by the client | [default to 'akeyless.io'] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
@@ -35,6 +36,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodGCP.new(
   access_expires: null,
+  allowed_client_type: null,
   audience: null,
   audit_logs_claims: null,
   bound_ips: null,

data/docs/CreateAuthMethodHuawei.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **auth_url** | **String** | sts URL | [optional][default to 'https://iam.myhwclouds.com:443/v3'] |
 | **bound_domain_id** | **Array<String>** | A list of domain IDs that the access is restricted to | [optional] |
@@ -33,6 +34,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodHuawei.new(
   access_expires: null,
+  allowed_client_type: null,
   audit_logs_claims: null,
   auth_url: null,
   bound_domain_id: null,

data/docs/CreateAuthMethodK8S.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audience** | **String** | The audience in the Kubernetes JWT that the access is restricted to | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
@@ -32,6 +33,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodK8S.new(
   access_expires: null,
+  allowed_client_type: null,
   audience: null,
   audit_logs_claims: null,
   bound_ips: null,

data/docs/CreateAuthMethodLDAP.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
@@ -29,6 +30,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodLDAP.new(
   access_expires: null,
+  allowed_client_type: null,
   audit_logs_claims: null,
   bound_ips: null,
   delete_protection: null,

data/docs/CreateAuthMethodOAuth2.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audience** | **String** | The audience in the JWT | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_client_ids** | **Array<String>** | The clients ids that the access is restricted to | [optional] |
@@ -36,6 +37,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodOAuth2.new(
   access_expires: null,
+  allowed_client_type: null,
   audience: null,
   audit_logs_claims: null,
   bound_client_ids: null,

data/docs/CreateAuthMethodOCI.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
@@ -28,6 +29,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodOCI.new(
   access_expires: null,
+  allowed_client_type: null,
   audit_logs_claims: null,
   bound_ips: null,
   delete_protection: null,

data/docs/CreateAuthMethodOIDC.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **allowed_redirect_uri** | **Array<String>** | Allowed redirect URIs after the authentication | [optional] |
 | **audience** | **String** | Audience claim to be used as part of the authentication flow. In case set, it must match the one configured on the Identity Provider's Application | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
@@ -35,6 +36,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodOIDC.new(
   access_expires: null,
+  allowed_client_type: null,
   allowed_redirect_uri: null,
   audience: null,
   audit_logs_claims: null,

data/docs/CreateAuthMethodSAML.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **allowed_redirect_uri** | **Array<String>** | Allowed redirect URIs after the authentication | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
@@ -31,6 +32,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodSAML.new(
   access_expires: null,
+  allowed_client_type: null,
   allowed_redirect_uri: null,
   audit_logs_claims: null,
   bound_ips: null,

data/docs/CreateAuthMethodUniversalIdentity.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **access_expires** | **Integer** | Access expiration date in Unix timestamp (select 0 for access without expiry date) | [optional][default to 0] |
+| **allowed_client_type** | **Array<String>** |  | [optional] |
 | **audit_logs_claims** | **Array<String>** | Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\" | [optional] |
 | **bound_ips** | **Array<String>** | A CIDR whitelist with the IPs that the access is restricted to | [optional] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
@@ -29,6 +30,7 @@ require 'akeyless'
 
 instance = Akeyless::CreateAuthMethodUniversalIdentity.new(
   access_expires: null,
+  allowed_client_type: null,
   audit_logs_claims: null,
   bound_ips: null,
   delete_protection: null,

data/docs/CreatePKICertIssuer.md

@@ -17,7 +17,9 @@
 | **code_signing_flag** | **Boolean** | If set, certificates will be flagged for code signing use | [optional] |
 | **country** | **String** | A comma-separated list of countries that will be set in the issued certificate | [optional] |
 | **create_private_crl** | **Boolean** | Set this to allow the issuer will expose a CRL endpoint in the Gateway | [optional] |
+| **create_private_ocsp** | **Boolean** |  | [optional] |
 | **create_public_crl** | **Boolean** | Set this to allow the cert issuer will expose a public CRL endpoint | [optional] |
+| **create_public_ocsp** | **Boolean** |  | [optional] |
 | **critical_key_usage** | **String** | Mark key usage as critical [true/false] | [optional][default to 'true'] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
 | **description** | **String** | Description of the object | [optional] |
@@ -36,6 +38,7 @@
 | **name** | **String** | PKI certificate issuer name |  |
 | **not_enforce_hostnames** | **Boolean** | If set, any names are allowed for CN and SANs in the certificate and not only a valid host name | [optional] |
 | **not_require_cn** | **Boolean** | If set, clients can request certificates without a CN | [optional] |
+| **ocsp_ttl** | **String** |  | [optional] |
 | **organizational_units** | **String** | A comma-separated list of organizational units (OU) that will be set in the issued certificate | [optional] |
 | **organizations** | **String** | A comma-separated list of organizations (O) that will be set in the issued certificate | [optional] |
 | **postal_code** | **String** | A comma-separated list of postal codes that will be set in the issued certificate | [optional] |
@@ -69,7 +72,9 @@ instance = Akeyless::CreatePKICertIssuer.new(
   code_signing_flag: null,
   country: null,
   create_private_crl: null,
+  create_private_ocsp: null,
   create_public_crl: null,
+  create_public_ocsp: null,
   critical_key_usage: null,
   delete_protection: null,
   description: null,
@@ -88,6 +93,7 @@ instance = Akeyless::CreatePKICertIssuer.new(
   name: null,
   not_enforce_hostnames: null,
   not_require_cn: null,
+  ocsp_ttl: null,
   organizational_units: null,
   organizations: null,
   postal_code: null,

data/docs/DSProducerDetails.md

@@ -94,9 +94,12 @@
 | **externally_provided_user** | **String** |  | [optional] |
 | **failure_message** | **String** |  | [optional] |
 | **fixed_user_only** | **String** |  | [optional] |
+| **gcp_access_type** | **String** |  | [optional] |
+| **gcp_fixed_user_claim_keyname** | **String** |  | [optional] |
 | **gcp_key_algo** | **String** |  | [optional] |
 | **gcp_project_id** | **String** |  | [optional] |
 | **gcp_role_bindings** | **Hash<String, Array<String>>** |  | [optional] |
+| **gcp_role_names** | **String** |  | [optional] |
 | **gcp_service_account_email** | **String** | GCPServiceAccountEmail overrides the deprecated field from the target | [optional] |
 | **gcp_service_account_key** | **String** |  | [optional] |
 | **gcp_service_account_key_base64** | **String** |  | [optional] |
@@ -187,9 +190,11 @@
 | **mongodb_is_atlas** | **Boolean** |  | [optional] |
 | **mongodb_password** | **String** |  | [optional] |
 | **mongodb_roles** | **String** | common fields | [optional] |
+| **mongodb_scopes** | **String** |  | [optional] |
 | **mongodb_uri_connection** | **String** | mongodb fields | [optional] |
 | **mongodb_uri_options** | **String** |  | [optional] |
 | **mongodb_username** | **String** |  | [optional] |
+| **mssql_allowed_db_names** | **String** | Comma-separated list of allowed DB names for runtime selection when fetching the secret value. Empty string => use target DB name only (no override allowed) \"*\" => any DB name is allowed One or more names => user must select one of the provided names | [optional] |
 | **mssql_creation_statements** | **String** |  | [optional] |
 | **mssql_revocation_statements** | **String** |  | [optional] |
 | **mysql_creation_statements** | **String** |  | [optional] |
@@ -360,9 +365,12 @@ instance = Akeyless::DSProducerDetails.new(
   externally_provided_user: null,
   failure_message: null,
   fixed_user_only: null,
+  gcp_access_type: null,
+  gcp_fixed_user_claim_keyname: null,
   gcp_key_algo: null,
   gcp_project_id: null,
   gcp_role_bindings: null,
+  gcp_role_names: null,
   gcp_service_account_email: null,
   gcp_service_account_key: null,
   gcp_service_account_key_base64: null,
@@ -453,9 +461,11 @@ instance = Akeyless::DSProducerDetails.new(
   mongodb_is_atlas: null,
   mongodb_password: null,
   mongodb_roles: null,
+  mongodb_scopes: null,
   mongodb_uri_connection: null,
   mongodb_uri_options: null,
   mongodb_username: null,
+  mssql_allowed_db_names: null,
   mssql_creation_statements: null,
   mssql_revocation_statements: null,
   mysql_creation_statements: null,

data/docs/DynamicSecretCreateGcp.md

@@ -4,21 +4,29 @@
 
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
+| **access_type** | **String** |  | [optional] |
 | **custom_username_template** | **String** | Customize how temporary usernames are generated using go template | [optional] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
 | **description** | **String** | Description of the object | [optional] |
+| **fixed_user_claim_keyname** | **String** | For externally provided users, denotes the key-name of IdP claim to extract the username from (Relevant only when --access-type=external) | [optional][default to 'ext_email'] |
 | **gcp_cred_type** | **String** |  | [optional] |
 | **gcp_key** | **String** | Base64-encoded service account private key text | [optional] |
-| **gcp_key_algo** | **String** | Service account key algorithm, e.g. KEY_ALG_RSA_1024 | [optional] |
-| **gcp_project_id** | **String** | GCP Project ID override for dynamic secret operations (tmp service accounts) | [optional] |
-| **gcp_sa_email** | **String** | The email of the fixed service acocunt to generate keys or tokens for. (revelant for service-account-type=fixed) | [optional] |
-| **gcp_token_scopes** | **String** | Access token scopes list, e.g. scope1,scope2 | [optional] |
+| **gcp_key_algo** | **String** | Service account key algorithm, e.g. KEY_ALG_RSA_1024 (Relevant only when --access-type=sa and --gcp-cred-type=key) | [optional] |
+| **gcp_project_id** | **String** | GCP Project ID override for dynamic secret operations | [optional] |
+| **gcp_sa_email** | **String** | The email of the fixed service account to generate keys or tokens for (Relevant only when --access-type=sa and --service-account-type=fixed) | [optional] |
+| **gcp_token_scopes** | **String** | Access token scopes list, e.g. scope1,scope2 (Relevant only when --access-type=sa; required when --gcp-cred-type=token) | [optional] |
 | **item_custom_fields** | **Hash<String, String>** | Additional custom fields to associate with the item | [optional] |
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
 | **name** | **String** | Dynamic secret name |  |
 | **producer_encryption_key_name** | **String** | Dynamic producer encryption key | [optional] |
-| **role_binding** | **String** | Role binding definitions in json format | [optional] |
-| **service_account_type** | **String** | The type of the gcp dynamic secret. Options[fixed, dynamic] | [default to 'fixed'] |
+| **role_binding** | **String** | Role binding definitions in JSON format (Relevant only when --access-type=sa and --service-account-type=dynamic) | [optional] |
+| **role_names** | **String** | Comma-separated list of GCP roles to assign to the user (Relevant only when --access-type=external) | [optional] |
+| **secure_access_delay** | **Integer** | The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds | [optional] |
+| **secure_access_enable** | **String** | Enable/Disable secure remote access [true/false] | [optional] |
+| **secure_access_url** | **String** | Destination URL to inject secrets | [optional] |
+| **secure_access_web_browsing** | **Boolean** | Secure browser via Akeyless's Secure Remote Access (SRA) | [optional][default to false] |
+| **secure_access_web_proxy** | **Boolean** | Web-Proxy via Akeyless's Secure Remote Access (SRA) | [optional][default to false] |
+| **service_account_type** | **String** | The type of the GCP service account. Options [fixed, dynamic] (Relevant only when --access-type=sa) | [optional][default to 'fixed'] |
 | **tags** | **Array<String>** | Add tags attached to this object | [optional] |
 | **target_name** | **String** | Target name | [optional] |
 | **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
@@ -31,9 +39,11 @@
 require 'akeyless'
 
 instance = Akeyless::DynamicSecretCreateGcp.new(
+  access_type: null,
   custom_username_template: null,
   delete_protection: null,
   description: null,
+  fixed_user_claim_keyname: null,
   gcp_cred_type: null,
   gcp_key: null,
   gcp_key_algo: null,
@@ -45,6 +55,12 @@ instance = Akeyless::DynamicSecretCreateGcp.new(
   name: null,
   producer_encryption_key_name: null,
   role_binding: null,
+  role_names: null,
+  secure_access_delay: null,
+  secure_access_enable: null,
+  secure_access_url: null,
+  secure_access_web_browsing: null,
+  secure_access_web_proxy: null,
   service_account_type: null,
   tags: null,
   target_name: null,

data/docs/DynamicSecretCreateGoogleWorkspace.md

@@ -18,6 +18,7 @@
 | **producer_encryption_key_name** | **String** | Dynamic producer encryption key | [optional] |
 | **role_name** | **String** | Name of the admin role to assign to the user, relevant only for role access-mode | [optional] |
 | **role_scope** | **String** |  | [optional] |
+| **secure_access_delay** | **Integer** | The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds | [optional] |
 | **secure_access_enable** | **String** | Enable/Disable secure remote access [true/false] | [optional] |
 | **secure_access_url** | **String** | Destination URL to inject secrets | [optional] |
 | **secure_access_web** | **Boolean** | Enable Web Secure Remote Access | [optional][default to true] |
@@ -49,6 +50,7 @@ instance = Akeyless::DynamicSecretCreateGoogleWorkspace.new(
   producer_encryption_key_name: null,
   role_name: null,
   role_scope: null,
+  secure_access_delay: null,
   secure_access_enable: null,
   secure_access_url: null,
   secure_access_web: null,

data/docs/DynamicSecretCreateMongoDb.md

@@ -18,6 +18,7 @@
 | **mongodb_name** | **String** | MongoDB Name | [optional] |
 | **mongodb_password** | **String** | MongoDB server password. You will prompted to provide a password if it will not appear in CLI parameters | [optional] |
 | **mongodb_roles** | **String** | MongoDB Roles | [optional][default to '[]'] |
+| **mongodb_scopes** | **String** | MongoDB Scopes (Atlas only) | [optional] |
 | **mongodb_server_uri** | **String** | MongoDB server URI | [optional] |
 | **mongodb_uri_options** | **String** | MongoDB server URI options | [optional] |
 | **mongodb_username** | **String** | MongoDB server username | [optional] |
@@ -57,6 +58,7 @@ instance = Akeyless::DynamicSecretCreateMongoDb.new(
   mongodb_name: null,
   mongodb_password: null,
   mongodb_roles: null,
+  mongodb_scopes: null,
   mongodb_server_uri: null,
   mongodb_uri_options: null,
   mongodb_username: null,

data/docs/DynamicSecretCreateMsSql.md

@@ -9,6 +9,7 @@
 | **description** | **String** | Description of the object | [optional] |
 | **item_custom_fields** | **Hash<String, String>** | Additional custom fields to associate with the item | [optional] |
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
+| **mssql_allowed_db_names** | **String** | CSV of allowed DB names for runtime selection when getting the secret value. Empty => use target DB only; \"*\" => any DB allowed; One or more names => user must choose from this list | [optional] |
 | **mssql_create_statements** | **String** | MSSQL Creation statements | [optional] |
 | **mssql_dbname** | **String** | MSSQL Name | [optional] |
 | **mssql_host** | **String** | MSSQL Host | [optional][default to '127.0.0.1'] |
@@ -44,6 +45,7 @@ instance = Akeyless::DynamicSecretCreateMsSql.new(
   description: null,
   item_custom_fields: null,
   json: null,
+  mssql_allowed_db_names: null,
   mssql_create_statements: null,
   mssql_dbname: null,
   mssql_host: null,

data/docs/DynamicSecretGetValue.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **args** | **Array<String>** | Optional arguments as key=value pairs or JSON strings, e.g - \\\"--args=csr=base64_encoded_csr --args=common_name=bar\\\" or args='{\\\"csr\\\":\\\"base64_encoded_csr\\\"}. It is possible to combine both formats.' | [optional] |
+| **dbname** | **String** | DBName: Optional override DB name (works only if DS allows it. only relevant for MSSQL) | [optional] |
 | **host** | **String** | Host | [optional] |
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
 | **name** | **String** | Dynamic secret name |  |
@@ -20,6 +21,7 @@ require 'akeyless'
 
 instance = Akeyless::DynamicSecretGetValue.new(
   args: null,
+  dbname: null,
   host: null,
   json: null,
   name: null,

data/docs/DynamicSecretUpdateGcp.md

@@ -4,22 +4,30 @@
 
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
+| **access_type** | **String** |  | [optional] |
 | **custom_username_template** | **String** | Customize how temporary usernames are generated using go template | [optional] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
 | **description** | **String** | Description of the object | [optional] |
+| **fixed_user_claim_keyname** | **String** | For externally provided users, denotes the key-name of IdP claim to extract the username from (Relevant only when --access-type=external) | [optional][default to 'ext_email'] |
 | **gcp_cred_type** | **String** |  | [optional] |
 | **gcp_key** | **String** | Base64-encoded service account private key text | [optional] |
-| **gcp_key_algo** | **String** | Service account key algorithm, e.g. KEY_ALG_RSA_1024 | [optional] |
-| **gcp_project_id** | **String** | GCP Project ID override for dynamic secret operations (tmp service accounts) | [optional] |
-| **gcp_sa_email** | **String** | The email of the fixed service acocunt to generate keys or tokens for. (revelant for service-account-type=fixed) | [optional] |
-| **gcp_token_scopes** | **String** | Access token scopes list, e.g. scope1,scope2 | [optional] |
+| **gcp_key_algo** | **String** | Service account key algorithm, e.g. KEY_ALG_RSA_1024 (Relevant only when --access-type=sa and --gcp-cred-type=key) | [optional] |
+| **gcp_project_id** | **String** | GCP Project ID override for dynamic secret operations | [optional] |
+| **gcp_sa_email** | **String** | The email of the fixed service account to generate keys or tokens for (Relevant only when --access-type=sa and --service-account-type=fixed) | [optional] |
+| **gcp_token_scopes** | **String** | Access token scopes list, e.g. scope1,scope2 (Relevant only when --access-type=sa; required when --gcp-cred-type=token) | [optional] |
 | **item_custom_fields** | **Hash<String, String>** | Additional custom fields to associate with the item | [optional] |
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
 | **name** | **String** | Dynamic secret name |  |
 | **new_name** | **String** | Dynamic secret name | [optional] |
 | **producer_encryption_key_name** | **String** | Dynamic producer encryption key | [optional] |
-| **role_binding** | **String** | Role binding definitions in json format | [optional] |
-| **service_account_type** | **String** | The type of the gcp dynamic secret. Options[fixed, dynamic] | [default to 'fixed'] |
+| **role_binding** | **String** | Role binding definitions in JSON format (Relevant only when --access-type=sa and --service-account-type=dynamic) | [optional] |
+| **role_names** | **String** | Comma-separated list of GCP roles to assign to the user (Relevant only when --access-type=external) | [optional] |
+| **secure_access_delay** | **Integer** | The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds | [optional] |
+| **secure_access_enable** | **String** | Enable/Disable secure remote access [true/false] | [optional] |
+| **secure_access_url** | **String** | Destination URL to inject secrets | [optional] |
+| **secure_access_web_browsing** | **Boolean** | Secure browser via Akeyless's Secure Remote Access (SRA) | [optional][default to false] |
+| **secure_access_web_proxy** | **Boolean** | Web-Proxy via Akeyless's Secure Remote Access (SRA) | [optional][default to false] |
+| **service_account_type** | **String** | The type of the GCP service account. Options [fixed, dynamic] (Relevant only when --access-type=sa) | [optional][default to 'fixed'] |
 | **tags** | **Array<String>** | Add tags attached to this object | [optional] |
 | **target_name** | **String** | Target name | [optional] |
 | **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
@@ -32,9 +40,11 @@
 require 'akeyless'
 
 instance = Akeyless::DynamicSecretUpdateGcp.new(
+  access_type: null,
   custom_username_template: null,
   delete_protection: null,
   description: null,
+  fixed_user_claim_keyname: null,
   gcp_cred_type: null,
   gcp_key: null,
   gcp_key_algo: null,
@@ -47,6 +57,12 @@ instance = Akeyless::DynamicSecretUpdateGcp.new(
   new_name: null,
   producer_encryption_key_name: null,
   role_binding: null,
+  role_names: null,
+  secure_access_delay: null,
+  secure_access_enable: null,
+  secure_access_url: null,
+  secure_access_web_browsing: null,
+  secure_access_web_proxy: null,
   service_account_type: null,
   tags: null,
   target_name: null,

data/docs/DynamicSecretUpdateGoogleWorkspace.md

@@ -19,6 +19,7 @@
 | **producer_encryption_key_name** | **String** | Dynamic producer encryption key | [optional] |
 | **role_name** | **String** | Name of the admin role to assign to the user, relevant only for role access-mode | [optional] |
 | **role_scope** | **String** |  | [optional] |
+| **secure_access_delay** | **Integer** | The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds | [optional] |
 | **secure_access_enable** | **String** | Enable/Disable secure remote access [true/false] | [optional] |
 | **secure_access_url** | **String** | Destination URL to inject secrets | [optional] |
 | **secure_access_web** | **Boolean** | Enable Web Secure Remote Access | [optional][default to true] |
@@ -51,6 +52,7 @@ instance = Akeyless::DynamicSecretUpdateGoogleWorkspace.new(
   producer_encryption_key_name: null,
   role_name: null,
   role_scope: null,
+  secure_access_delay: null,
   secure_access_enable: null,
   secure_access_url: null,
   secure_access_web: null,

data/docs/DynamicSecretUpdateMongoDb.md

@@ -18,6 +18,7 @@
 | **mongodb_name** | **String** | MongoDB Name | [optional] |
 | **mongodb_password** | **String** | MongoDB server password. You will prompted to provide a password if it will not appear in CLI parameters | [optional] |
 | **mongodb_roles** | **String** | MongoDB Roles | [optional][default to '[]'] |
+| **mongodb_scopes** | **String** | MongoDB Scopes (Atlas only) | [optional] |
 | **mongodb_server_uri** | **String** | MongoDB server URI | [optional] |
 | **mongodb_uri_options** | **String** | MongoDB server URI options | [optional] |
 | **mongodb_username** | **String** | MongoDB server username | [optional] |
@@ -58,6 +59,7 @@ instance = Akeyless::DynamicSecretUpdateMongoDb.new(
   mongodb_name: null,
   mongodb_password: null,
   mongodb_roles: null,
+  mongodb_scopes: null,
   mongodb_server_uri: null,
   mongodb_uri_options: null,
   mongodb_username: null,

data/docs/DynamicSecretUpdateMsSql.md

@@ -9,6 +9,7 @@
 | **description** | **String** | Description of the object | [optional] |
 | **item_custom_fields** | **Hash<String, String>** | Additional custom fields to associate with the item | [optional] |
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
+| **mssql_allowed_db_names** | **String** | CSV of allowed DB names for runtime selection when getting the secret value. Empty => use target DB only; \"*\" => any DB allowed; One or more names => user must choose from this list | [optional] |
 | **mssql_create_statements** | **String** | MSSQL Creation statements | [optional] |
 | **mssql_dbname** | **String** | MSSQL Name | [optional] |
 | **mssql_host** | **String** | MSSQL Host | [optional][default to '127.0.0.1'] |
@@ -45,6 +46,7 @@ instance = Akeyless::DynamicSecretUpdateMsSql.new(
   description: null,
   item_custom_fields: null,
   json: null,
+  mssql_allowed_db_names: null,
   mssql_create_statements: null,
   mssql_dbname: null,
   mssql_host: null,

data/docs/EventForwarderGetOutput.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **event_forwarder** | [**NotiForwarder**](NotiForwarder.md) |  | [optional] |
+| **event_forwarder_details** | [**NotiForwarderDetailsInput**](NotiForwarderDetailsInput.md) |  | [optional] |
 
 ## Example
 
@@ -12,7 +13,8 @@
 require 'akeyless'
 
 instance = Akeyless::EventForwarderGetOutput.new(
-  event_forwarder: null
+  event_forwarder: null,
+  event_forwarder_details: null
 )
 ```
 

data/docs/GatewayCreateMigration.md

@@ -7,6 +7,7 @@
 | **service_account_key_decoded** | **String** |  | [optional] |
 | **ad_auto_rotate** | **String** | Enable/Disable automatic/recurrent rotation for migrated secrets. Default is false: only manual rotation is allowed for migrated secrets. If set to true, this command should be combined with --ad-rotation-interval and --ad-rotation-hour parameters (Relevant only for Active Directory migration) | [optional] |
 | **ad_computer_base_dn** | **String** | Distinguished Name of Computer objects (servers) to search in Active Directory e.g.: CN=Computers,DC=example,DC=com (Relevant only for Active Directory migration) | [optional] |
+| **ad_discover_iis_app** | **String** | Enable/Disable discovery of IIS application from each domain server as part of the SSH/Windows Rotated Secrets. Default is false. (Relevant only for Active Directory migration) | [optional][default to 'false'] |
 | **ad_discover_services** | **String** | Enable/Disable discovery of Windows services from each domain server as part of the SSH/Windows Rotated Secrets. Default is false. (Relevant only for Active Directory migration) | [optional][default to 'false'] |
 | **ad_discovery_types** | **Array<String>** | Set migration discovery types (domain-users, computers, local-users). (Relevant only for Active Directory migration) | [optional] |
 | **ad_domain_name** | **String** | Active Directory Domain Name (Relevant only for Active Directory migration) | [optional] |
@@ -73,6 +74,7 @@ instance = Akeyless::GatewayCreateMigration.new(
   service_account_key_decoded: null,
   ad_auto_rotate: null,
   ad_computer_base_dn: null,
+  ad_discover_iis_app: null,
   ad_discover_services: null,
   ad_discovery_types: null,
   ad_domain_name: null,