akeyless 5.0.21 → 5.0.22

data/lib/akeyless/models/default_auth_method_settings.rb

@@ -0,0 +1,223 @@
+=begin
+#Akeyless API
+
+#The purpose of this application is to provide access to Akeyless API.
+
+The version of the OpenAPI document: 3.0
+Contact: support@akeyless.io
+Generated by: https://openapi-generator.tech
+Generator version: 7.10.0
+
+=end
+
+require 'date'
+require 'time'
+
+module Akeyless
+  class DefaultAuthMethodSettings
+    attr_accessor :default_access_id
+
+    attr_accessor :default_auth_method_type
+
+    # Attribute mapping from ruby-style variable name to JSON key.
+    def self.attribute_map
+      {
+        :'default_access_id' => :'default_access_id',
+        :'default_auth_method_type' => :'default_auth_method_type'
+      }
+    end
+
+    # Returns all the JSON keys this model knows about
+    def self.acceptable_attributes
+      attribute_map.values
+    end
+
+    # Attribute type mapping.
+    def self.openapi_types
+      {
+        :'default_access_id' => :'String',
+        :'default_auth_method_type' => :'String'
+      }
+    end
+
+    # List of attributes with nullable: true
+    def self.openapi_nullable
+      Set.new([
+      ])
+    end
+
+    # Initializes the object
+    # @param [Hash] attributes Model attributes in the form of hash
+    def initialize(attributes = {})
+      if (!attributes.is_a?(Hash))
+        fail ArgumentError, "The input argument (attributes) must be a hash in `Akeyless::DefaultAuthMethodSettings` initialize method"
+      end
+
+      # check to see if the attribute exists and convert string to symbol for hash key
+      attributes = attributes.each_with_object({}) { |(k, v), h|
+        if (!self.class.attribute_map.key?(k.to_sym))
+          fail ArgumentError, "`#{k}` is not a valid attribute in `Akeyless::DefaultAuthMethodSettings`. Please check the name to make sure it's valid. List of attributes: " + self.class.attribute_map.keys.inspect
+        end
+        h[k.to_sym] = v
+      }
+
+      if attributes.key?(:'default_access_id')
+        self.default_access_id = attributes[:'default_access_id']
+      end
+
+      if attributes.key?(:'default_auth_method_type')
+        self.default_auth_method_type = attributes[:'default_auth_method_type']
+      end
+    end
+
+    # Show invalid properties with the reasons. Usually used together with valid?
+    # @return Array for valid properties with the reasons
+    def list_invalid_properties
+      warn '[DEPRECATED] the `list_invalid_properties` method is obsolete'
+      invalid_properties = Array.new
+      invalid_properties
+    end
+
+    # Check to see if the all the properties in the model are valid
+    # @return true if the model is valid
+    def valid?
+      warn '[DEPRECATED] the `valid?` method is obsolete'
+      true
+    end
+
+    # Checks equality by comparing each attribute.
+    # @param [Object] Object to be compared
+    def ==(o)
+      return true if self.equal?(o)
+      self.class == o.class &&
+          default_access_id == o.default_access_id &&
+          default_auth_method_type == o.default_auth_method_type
+    end
+
+    # @see the `==` method
+    # @param [Object] Object to be compared
+    def eql?(o)
+      self == o
+    end
+
+    # Calculates hash code according to all attributes.
+    # @return [Integer] Hash code
+    def hash
+      [default_access_id, default_auth_method_type].hash
+    end
+
+    # Builds the object from hash
+    # @param [Hash] attributes Model attributes in the form of hash
+    # @return [Object] Returns the model itself
+    def self.build_from_hash(attributes)
+      return nil unless attributes.is_a?(Hash)
+      attributes = attributes.transform_keys(&:to_sym)
+      transformed_hash = {}
+      openapi_types.each_pair do |key, type|
+        if attributes.key?(attribute_map[key]) && attributes[attribute_map[key]].nil?
+          transformed_hash["#{key}"] = nil
+        elsif type =~ /\AArray<(.*)>/i
+          # check to ensure the input is an array given that the attribute
+          # is documented as an array but the input is not
+          if attributes[attribute_map[key]].is_a?(Array)
+            transformed_hash["#{key}"] = attributes[attribute_map[key]].map { |v| _deserialize($1, v) }
+          end
+        elsif !attributes[attribute_map[key]].nil?
+          transformed_hash["#{key}"] = _deserialize(type, attributes[attribute_map[key]])
+        end
+      end
+      new(transformed_hash)
+    end
+
+    # Deserializes the data based on type
+    # @param string type Data type
+    # @param string value Value to be deserialized
+    # @return [Object] Deserialized data
+    def self._deserialize(type, value)
+      case type.to_sym
+      when :Time
+        Time.parse(value)
+      when :Date
+        Date.parse(value)
+      when :String
+        value.to_s
+      when :Integer
+        value.to_i
+      when :Float
+        value.to_f
+      when :Boolean
+        if value.to_s =~ /\A(true|t|yes|y|1)\z/i
+          true
+        else
+          false
+        end
+      when :Object
+        # generic object (usually a Hash), return directly
+        value
+      when /\AArray<(?<inner_type>.+)>\z/
+        inner_type = Regexp.last_match[:inner_type]
+        value.map { |v| _deserialize(inner_type, v) }
+      when /\AHash<(?<k_type>.+?), (?<v_type>.+)>\z/
+        k_type = Regexp.last_match[:k_type]
+        v_type = Regexp.last_match[:v_type]
+        {}.tap do |hash|
+          value.each do |k, v|
+            hash[_deserialize(k_type, k)] = _deserialize(v_type, v)
+          end
+        end
+      else # model
+        # models (e.g. Pet) or oneOf
+        klass = Akeyless.const_get(type)
+        klass.respond_to?(:openapi_any_of) || klass.respond_to?(:openapi_one_of) ? klass.build(value) : klass.build_from_hash(value)
+      end
+    end
+
+    # Returns the string representation of the object
+    # @return [String] String presentation of the object
+    def to_s
+      to_hash.to_s
+    end
+
+    # to_body is an alias to to_hash (backward compatibility)
+    # @return [Hash] Returns the object in the form of hash
+    def to_body
+      to_hash
+    end
+
+    # Returns the object in the form of hash
+    # @return [Hash] Returns the object in the form of hash
+    def to_hash
+      hash = {}
+      self.class.attribute_map.each_pair do |attr, param|
+        value = self.send(attr)
+        if value.nil?
+          is_nullable = self.class.openapi_nullable.include?(attr)
+          next if !is_nullable || (is_nullable && !instance_variable_defined?(:"@#{attr}"))
+        end
+
+        hash[param] = _to_hash(value)
+      end
+      hash
+    end
+
+    # Outputs non-array value in the form of hash
+    # For object, use to_hash. Otherwise, just return the value
+    # @param [Object] value Any valid value
+    # @return [Hash] Returns the value in the form of hash
+    def _to_hash(value)
+      if value.is_a?(Array)
+        value.compact.map { |v| _to_hash(v) }
+      elsif value.is_a?(Hash)
+        {}.tap do |hash|
+          value.each { |k, v| hash[k] = _to_hash(v) }
+        end
+      elsif value.respond_to? :to_hash
+        value.to_hash
+      else
+        value
+      end
+    end
+
+  end
+
+end

data/lib/akeyless/models/ds_producer_details.rb

@@ -79,6 +79,8 @@ module Akeyless
 
     attr_accessor :azure_client_secret
 
+    attr_accessor :azure_cloud
+
     attr_accessor :azure_fixed_user_name_sub_claim_key
 
     attr_accessor :azure_fixed_user_only
@@ -600,6 +602,7 @@ module Akeyless
         :'azure_app_object_id' => :'azure_app_object_id',
         :'azure_client_id' => :'azure_client_id',
         :'azure_client_secret' => :'azure_client_secret',
+        :'azure_cloud' => :'azure_cloud',
         :'azure_fixed_user_name_sub_claim_key' => :'azure_fixed_user_name_sub_claim_key',
         :'azure_fixed_user_only' => :'azure_fixed_user_only',
         :'azure_resource_group_name' => :'azure_resource_group_name',
@@ -875,6 +878,7 @@ module Akeyless
         :'azure_app_object_id' => :'String',
         :'azure_client_id' => :'String',
         :'azure_client_secret' => :'String',
+        :'azure_cloud' => :'String',
         :'azure_fixed_user_name_sub_claim_key' => :'String',
         :'azure_fixed_user_only' => :'Boolean',
         :'azure_resource_group_name' => :'String',
@@ -1261,6 +1265,10 @@ module Akeyless
         self.azure_client_secret = attributes[:'azure_client_secret']
       end
 
+      if attributes.key?(:'azure_cloud')
+        self.azure_cloud = attributes[:'azure_cloud']
+      end
+
       if attributes.key?(:'azure_fixed_user_name_sub_claim_key')
         self.azure_fixed_user_name_sub_claim_key = attributes[:'azure_fixed_user_name_sub_claim_key']
       end
@@ -2270,6 +2278,7 @@ module Akeyless
           azure_app_object_id == o.azure_app_object_id &&
           azure_client_id == o.azure_client_id &&
           azure_client_secret == o.azure_client_secret &&
+          azure_cloud == o.azure_cloud &&
           azure_fixed_user_name_sub_claim_key == o.azure_fixed_user_name_sub_claim_key &&
           azure_fixed_user_only == o.azure_fixed_user_only &&
           azure_resource_group_name == o.azure_resource_group_name &&
@@ -2513,7 +2522,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [access_token_manager_id, acl_rules, active, admin_name, admin_pwd, admin_rotation_interval_days, administrative_port, api_key, api_key_id, artifactory_admin_apikey, artifactory_admin_username, artifactory_base_url, artifactory_token_audience, artifactory_token_scope, authorization_port, aws_access_key_id, aws_access_mode, aws_external_id, aws_region, aws_role_arns, aws_secret_access_key, aws_session_tags, aws_session_token, aws_transitive_tag_keys, aws_user_console_access, aws_user_groups, aws_user_policies, aws_user_programmatic_access, azure_administrative_unit, azure_app_object_id, azure_client_id, azure_client_secret, azure_fixed_user_name_sub_claim_key, azure_fixed_user_only, azure_resource_group_name, azure_resource_name, azure_subscription_id, azure_tenant_id, azure_user_groups_obj_id, azure_user_portal_access, azure_user_programmatic_access, azure_user_roles_template_id, azure_username, cassandra_creation_statements, chef_organizations, chef_server_access_mode, chef_server_host_name, chef_server_key, chef_server_port, chef_server_url, chef_server_username, chef_skip_ssl, client_authentication_type, cloud_service_provider, cluster_mode, connection_type, create_sync_url, db_client_id, db_client_secret, db_host_name, db_isolation_level, db_max_idle_conns, db_max_open_conns, db_name, db_port, db_private_key, db_private_key_passphrase, db_pwd, db_server_certificates, db_server_name, db_tenant_id, db_user_name, delete_protection, dynamic_secret_id, dynamic_secret_key, dynamic_secret_name, dynamic_secret_type, eks_access_key_id, eks_assume_role, eks_cluster_ca_certificate, eks_cluster_endpoint, eks_cluster_name, eks_region, eks_secret_access_key, enable_admin_rotation, enforce_replay_prevention, expiration_date, externally_provided_user, failure_message, fixed_user_only, gcp_access_type, gcp_fixed_user_claim_keyname, gcp_key_algo, gcp_project_id, gcp_role_bindings, gcp_role_names, gcp_service_account_email, gcp_service_account_key, gcp_service_account_key_base64, gcp_service_account_key_id, gcp_service_account_type, gcp_tmp_service_account_name, gcp_token_lifetime, gcp_token_scope, gcp_token_type, github_app_id, github_app_private_key, github_base_url, github_installation_id, github_installation_token_permissions, github_installation_token_repositories, github_installation_token_repositories_ids, github_organization_name, github_repository_path, gitlab_access_token, gitlab_access_type, gitlab_certificate, gitlab_group_name, gitlab_project_name, gitlab_role, gitlab_token_scope, gitlab_url, gke_cluster_ca_certificate, gke_cluster_endpoint, gke_cluster_name, gke_service_account_key, gke_service_account_name, google_workspace_access_mode, google_workspace_admin_name, google_workspace_fixed_user_name_sub_claim_key, google_workspace_group_name, google_workspace_group_role, google_workspace_role_name, google_workspace_role_scope, grace_rotated_secret_key, grant_types, groups, gw_cloud_identity_external_id_opt, hanadb_creation_statements, hanadb_revocation_statements, host_name, host_port, implementation_type, is_fixed_user, issuer, item_custom_fields_details, item_targets_assoc, jwks, jwks_url, k8s_allowed_namespaces, k8s_auth_type, k8s_bearer_token, k8s_client_cert_data, k8s_client_key_data, k8s_cluster_ca_certificate, k8s_cluster_endpoint, k8s_cluster_name, k8s_dynamic_mode, k8s_multiple_doc_yaml_temp_definition, k8s_namespace, k8s_role_name, k8s_role_type, k8s_service_account, last_admin_rotation, ldap_audience, ldap_bind_dn, ldap_bind_password, ldap_certificate, ldap_fixed_user_name_sub_claim_key, ldap_fixed_user_type, ldap_group_dn, ldap_token_expiration, ldap_url, ldap_user_attr, ldap_user_dn, metadata, mongodb_atlas_api_private_key, mongodb_atlas_api_public_key, mongodb_atlas_project_id, mongodb_custom_data, mongodb_db_name, mongodb_default_auth_db, mongodb_host_port, mongodb_is_atlas, mongodb_password, mongodb_roles, mongodb_scopes, mongodb_uri_connection, mongodb_uri_options, mongodb_username, mssql_allowed_db_names, mssql_creation_statements, mssql_revocation_statements, mysql_creation_statements, mysql_revocation_statements, openai_url, oracle_creation_statements, oracle_revocation_statements, oracle_wallet_details, organization_id, password, password_length, password_policy, payload, ping_url, postgres_creation_statements, postgres_revocation_statements, privileged_user, project_id, rabbitmq_server_password, rabbitmq_server_uri, rabbitmq_server_user, rabbitmq_user_conf_permission, rabbitmq_user_read_permission, rabbitmq_user_tags, rabbitmq_user_vhost, rabbitmq_user_write_permission, rdp_fixed_user_name_sub_claim_key, redirect_uris, redshift_creation_statements, restricted_scopes, revoke_sync_url, rotate_sync_url, scopes, secure_remote_access_details, session_extension_warn_interval_min, sf_account, sf_auth_mode, sf_key_algo, sf_user_role, sf_warehouse_name, should_stop, signing_algorithm, ssl_connection_certificate, ssl_connection_mode, subject_dn, tags, timeout_seconds, use_gw_cloud_identity, use_gw_service_account, user_name, user_password, user_principal_name, user_ttl, username_length, username_policy, username_template, venafi_allow_subdomains, venafi_allowed_domains, venafi_api_key, venafi_auto_generated_folder, venafi_base_url, venafi_root_first_in_chain, venafi_sign_using_akeyless_pki, venafi_signer_key_name, venafi_store_private_key, venafi_tpp_access_token, venafi_tpp_client_id, venafi_tpp_password, venafi_tpp_refresh_token, venafi_tpp_username, venafi_use_tpp, venafi_zone, warn_before_user_expiration_min].hash
+      [access_token_manager_id, acl_rules, active, admin_name, admin_pwd, admin_rotation_interval_days, administrative_port, api_key, api_key_id, artifactory_admin_apikey, artifactory_admin_username, artifactory_base_url, artifactory_token_audience, artifactory_token_scope, authorization_port, aws_access_key_id, aws_access_mode, aws_external_id, aws_region, aws_role_arns, aws_secret_access_key, aws_session_tags, aws_session_token, aws_transitive_tag_keys, aws_user_console_access, aws_user_groups, aws_user_policies, aws_user_programmatic_access, azure_administrative_unit, azure_app_object_id, azure_client_id, azure_client_secret, azure_cloud, azure_fixed_user_name_sub_claim_key, azure_fixed_user_only, azure_resource_group_name, azure_resource_name, azure_subscription_id, azure_tenant_id, azure_user_groups_obj_id, azure_user_portal_access, azure_user_programmatic_access, azure_user_roles_template_id, azure_username, cassandra_creation_statements, chef_organizations, chef_server_access_mode, chef_server_host_name, chef_server_key, chef_server_port, chef_server_url, chef_server_username, chef_skip_ssl, client_authentication_type, cloud_service_provider, cluster_mode, connection_type, create_sync_url, db_client_id, db_client_secret, db_host_name, db_isolation_level, db_max_idle_conns, db_max_open_conns, db_name, db_port, db_private_key, db_private_key_passphrase, db_pwd, db_server_certificates, db_server_name, db_tenant_id, db_user_name, delete_protection, dynamic_secret_id, dynamic_secret_key, dynamic_secret_name, dynamic_secret_type, eks_access_key_id, eks_assume_role, eks_cluster_ca_certificate, eks_cluster_endpoint, eks_cluster_name, eks_region, eks_secret_access_key, enable_admin_rotation, enforce_replay_prevention, expiration_date, externally_provided_user, failure_message, fixed_user_only, gcp_access_type, gcp_fixed_user_claim_keyname, gcp_key_algo, gcp_project_id, gcp_role_bindings, gcp_role_names, gcp_service_account_email, gcp_service_account_key, gcp_service_account_key_base64, gcp_service_account_key_id, gcp_service_account_type, gcp_tmp_service_account_name, gcp_token_lifetime, gcp_token_scope, gcp_token_type, github_app_id, github_app_private_key, github_base_url, github_installation_id, github_installation_token_permissions, github_installation_token_repositories, github_installation_token_repositories_ids, github_organization_name, github_repository_path, gitlab_access_token, gitlab_access_type, gitlab_certificate, gitlab_group_name, gitlab_project_name, gitlab_role, gitlab_token_scope, gitlab_url, gke_cluster_ca_certificate, gke_cluster_endpoint, gke_cluster_name, gke_service_account_key, gke_service_account_name, google_workspace_access_mode, google_workspace_admin_name, google_workspace_fixed_user_name_sub_claim_key, google_workspace_group_name, google_workspace_group_role, google_workspace_role_name, google_workspace_role_scope, grace_rotated_secret_key, grant_types, groups, gw_cloud_identity_external_id_opt, hanadb_creation_statements, hanadb_revocation_statements, host_name, host_port, implementation_type, is_fixed_user, issuer, item_custom_fields_details, item_targets_assoc, jwks, jwks_url, k8s_allowed_namespaces, k8s_auth_type, k8s_bearer_token, k8s_client_cert_data, k8s_client_key_data, k8s_cluster_ca_certificate, k8s_cluster_endpoint, k8s_cluster_name, k8s_dynamic_mode, k8s_multiple_doc_yaml_temp_definition, k8s_namespace, k8s_role_name, k8s_role_type, k8s_service_account, last_admin_rotation, ldap_audience, ldap_bind_dn, ldap_bind_password, ldap_certificate, ldap_fixed_user_name_sub_claim_key, ldap_fixed_user_type, ldap_group_dn, ldap_token_expiration, ldap_url, ldap_user_attr, ldap_user_dn, metadata, mongodb_atlas_api_private_key, mongodb_atlas_api_public_key, mongodb_atlas_project_id, mongodb_custom_data, mongodb_db_name, mongodb_default_auth_db, mongodb_host_port, mongodb_is_atlas, mongodb_password, mongodb_roles, mongodb_scopes, mongodb_uri_connection, mongodb_uri_options, mongodb_username, mssql_allowed_db_names, mssql_creation_statements, mssql_revocation_statements, mysql_creation_statements, mysql_revocation_statements, openai_url, oracle_creation_statements, oracle_revocation_statements, oracle_wallet_details, organization_id, password, password_length, password_policy, payload, ping_url, postgres_creation_statements, postgres_revocation_statements, privileged_user, project_id, rabbitmq_server_password, rabbitmq_server_uri, rabbitmq_server_user, rabbitmq_user_conf_permission, rabbitmq_user_read_permission, rabbitmq_user_tags, rabbitmq_user_vhost, rabbitmq_user_write_permission, rdp_fixed_user_name_sub_claim_key, redirect_uris, redshift_creation_statements, restricted_scopes, revoke_sync_url, rotate_sync_url, scopes, secure_remote_access_details, session_extension_warn_interval_min, sf_account, sf_auth_mode, sf_key_algo, sf_user_role, sf_warehouse_name, should_stop, signing_algorithm, ssl_connection_certificate, ssl_connection_mode, subject_dn, tags, timeout_seconds, use_gw_cloud_identity, use_gw_service_account, user_name, user_password, user_principal_name, user_ttl, username_length, username_policy, username_template, venafi_allow_subdomains, venafi_allowed_domains, venafi_api_key, venafi_auto_generated_folder, venafi_base_url, venafi_root_first_in_chain, venafi_sign_using_akeyless_pki, venafi_signer_key_name, venafi_store_private_key, venafi_tpp_access_token, venafi_tpp_client_id, venafi_tpp_password, venafi_tpp_refresh_token, venafi_tpp_username, venafi_use_tpp, venafi_zone, warn_before_user_expiration_min].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_create_migration.rb

@@ -21,6 +21,12 @@ module Akeyless
     # Enable/Disable automatic/recurrent rotation for migrated secrets. Default is false: only manual rotation is allowed for migrated secrets. If set to true, this command should be combined with --ad-rotation-interval and --ad-rotation-hour parameters (Relevant only for Active Directory migration)
     attr_accessor :ad_auto_rotate
 
+    # How many days before the expiration of discovered certificates would you like to be notified (Relevant only for Active Directory migration with certificate discovery enabled)
+    attr_accessor :ad_cert_expiration_event_in
+
+    # Path location template for migrating certificates e.g.: /Certificates/{{COMMON_NAME}} (Relevant only for Active Directory migration with certificate discovery enabled)
+    attr_accessor :ad_certificates_path_template
+
     # Distinguished Name of Computer objects (servers) to search in Active Directory e.g.: CN=Computers,DC=example,DC=com (Relevant only for Active Directory migration)
     attr_accessor :ad_computer_base_dn
 
@@ -87,6 +93,9 @@ module Akeyless
     # Enable/Disable discovery of local users from each domain server and migrate them as SSH/Windows Rotated Secrets. Default is false: only domain users will be migrated. Discovery of local users might require further installation of SSH on the servers, based on the supplied computer base DN. This will be implemented automatically as part of the migration process (Relevant only for Active Directory migration) Deprecated: use AdDiscoverTypes
     attr_accessor :ad_discover_local_users
 
+    # Enable AI-assisted certificate discovery (only when AI Insight is enabled on the Gateway)
+    attr_accessor :ai_certificate_discovery
+
     # AWS Secret Access Key (relevant only for AWS migration)
     attr_accessor :aws_key
 
@@ -108,6 +117,18 @@ module Akeyless
     # Azure Key Vault Access tenant ID (relevant only for Azure Key Vault migration)
     attr_accessor :azure_tenant_id
 
+    # Conjur account name set on your Conjur server (relevant only for Conjur migration).
+    attr_accessor :conjur_account
+
+    # Conjur API Key for the specified user (relevant only for Conjur migration).
+    attr_accessor :conjur_api_key
+
+    # Conjur server base URL (relevant only for Conjur migration). If conjur-url is HTTPS and Conjur uses a private CA/self-signed certificate, make the CA bundle available on the Gateway and set CONJUR_SSL_CERT_PATH to its path.
+    attr_accessor :conjur_url
+
+    # Conjur username used to authenticate (relevant only for Conjur migration).
+    attr_accessor :conjur_username
+
     # How many days before the expiration of the certificate would you like to be notified.
     attr_accessor :expiration_event_in
 
@@ -201,7 +222,7 @@ module Akeyless
     # Authentication token (see `/auth` and `/configure`)
     attr_accessor :token
 
-    # Migration type (hashi/aws/gcp/k8s/azure_kv/active_directory/server_inventory/certificate)
+    # Migration type (hashi/aws/gcp/k8s/azure_kv/conjur/active_directory/server_inventory/certificate)
     attr_accessor :type
 
     # The universal identity token, Required only for universal_identity authentication
@@ -215,6 +236,8 @@ module Akeyless
       {
         :'service_account_key_decoded' => :'ServiceAccountKeyDecoded',
         :'ad_auto_rotate' => :'ad-auto-rotate',
+        :'ad_cert_expiration_event_in' => :'ad-cert-expiration-event-in',
+        :'ad_certificates_path_template' => :'ad-certificates-path-template',
         :'ad_computer_base_dn' => :'ad-computer-base-dn',
         :'ad_discover_iis_app' => :'ad-discover-iis-app',
         :'ad_discover_services' => :'ad-discover-services',
@@ -237,6 +260,7 @@ module Akeyless
         :'ad_winrm_over_http' => :'ad-winrm-over-http',
         :'ad_winrm_port' => :'ad-winrm-port',
         :'ad_discover_local_users' => :'ad_discover_local_users',
+        :'ai_certificate_discovery' => :'ai-certificate-discovery',
         :'aws_key' => :'aws-key',
         :'aws_key_id' => :'aws-key-id',
         :'aws_region' => :'aws-region',
@@ -244,6 +268,10 @@ module Akeyless
         :'azure_kv_name' => :'azure-kv-name',
         :'azure_secret' => :'azure-secret',
         :'azure_tenant_id' => :'azure-tenant-id',
+        :'conjur_account' => :'conjur-account',
+        :'conjur_api_key' => :'conjur-api-key',
+        :'conjur_url' => :'conjur-url',
+        :'conjur_username' => :'conjur-username',
         :'expiration_event_in' => :'expiration-event-in',
         :'gcp_key' => :'gcp-key',
         :'gcp_project_id' => :'gcp-project-id',
@@ -291,6 +319,8 @@ module Akeyless
       {
         :'service_account_key_decoded' => :'String',
         :'ad_auto_rotate' => :'String',
+        :'ad_cert_expiration_event_in' => :'Array<String>',
+        :'ad_certificates_path_template' => :'String',
         :'ad_computer_base_dn' => :'String',
         :'ad_discover_iis_app' => :'String',
         :'ad_discover_services' => :'String',
@@ -313,6 +343,7 @@ module Akeyless
         :'ad_winrm_over_http' => :'String',
         :'ad_winrm_port' => :'String',
         :'ad_discover_local_users' => :'String',
+        :'ai_certificate_discovery' => :'String',
         :'aws_key' => :'String',
         :'aws_key_id' => :'String',
         :'aws_region' => :'String',
@@ -320,6 +351,10 @@ module Akeyless
         :'azure_kv_name' => :'String',
         :'azure_secret' => :'String',
         :'azure_tenant_id' => :'String',
+        :'conjur_account' => :'String',
+        :'conjur_api_key' => :'String',
+        :'conjur_url' => :'String',
+        :'conjur_username' => :'String',
         :'expiration_event_in' => :'Array<String>',
         :'gcp_key' => :'String',
         :'gcp_project_id' => :'String',
@@ -386,6 +421,16 @@ module Akeyless
         self.ad_auto_rotate = attributes[:'ad_auto_rotate']
       end
 
+      if attributes.key?(:'ad_cert_expiration_event_in')
+        if (value = attributes[:'ad_cert_expiration_event_in']).is_a?(Array)
+          self.ad_cert_expiration_event_in = value
+        end
+      end
+
+      if attributes.key?(:'ad_certificates_path_template')
+        self.ad_certificates_path_template = attributes[:'ad_certificates_path_template']
+      end
+
       if attributes.key?(:'ad_computer_base_dn')
         self.ad_computer_base_dn = attributes[:'ad_computer_base_dn']
       end
@@ -490,6 +535,10 @@ module Akeyless
         self.ad_discover_local_users = attributes[:'ad_discover_local_users']
       end
 
+      if attributes.key?(:'ai_certificate_discovery')
+        self.ai_certificate_discovery = attributes[:'ai_certificate_discovery']
+      end
+
       if attributes.key?(:'aws_key')
         self.aws_key = attributes[:'aws_key']
       end
@@ -520,6 +569,22 @@ module Akeyless
         self.azure_tenant_id = attributes[:'azure_tenant_id']
       end
 
+      if attributes.key?(:'conjur_account')
+        self.conjur_account = attributes[:'conjur_account']
+      end
+
+      if attributes.key?(:'conjur_api_key')
+        self.conjur_api_key = attributes[:'conjur_api_key']
+      end
+
+      if attributes.key?(:'conjur_url')
+        self.conjur_url = attributes[:'conjur_url']
+      end
+
+      if attributes.key?(:'conjur_username')
+        self.conjur_username = attributes[:'conjur_username']
+      end
+
       if attributes.key?(:'expiration_event_in')
         if (value = attributes[:'expiration_event_in']).is_a?(Array)
           self.expiration_event_in = value
@@ -732,6 +797,8 @@ module Akeyless
       self.class == o.class &&
           service_account_key_decoded == o.service_account_key_decoded &&
           ad_auto_rotate == o.ad_auto_rotate &&
+          ad_cert_expiration_event_in == o.ad_cert_expiration_event_in &&
+          ad_certificates_path_template == o.ad_certificates_path_template &&
           ad_computer_base_dn == o.ad_computer_base_dn &&
           ad_discover_iis_app == o.ad_discover_iis_app &&
           ad_discover_services == o.ad_discover_services &&
@@ -754,6 +821,7 @@ module Akeyless
           ad_winrm_over_http == o.ad_winrm_over_http &&
           ad_winrm_port == o.ad_winrm_port &&
           ad_discover_local_users == o.ad_discover_local_users &&
+          ai_certificate_discovery == o.ai_certificate_discovery &&
           aws_key == o.aws_key &&
           aws_key_id == o.aws_key_id &&
           aws_region == o.aws_region &&
@@ -761,6 +829,10 @@ module Akeyless
           azure_kv_name == o.azure_kv_name &&
           azure_secret == o.azure_secret &&
           azure_tenant_id == o.azure_tenant_id &&
+          conjur_account == o.conjur_account &&
+          conjur_api_key == o.conjur_api_key &&
+          conjur_url == o.conjur_url &&
+          conjur_username == o.conjur_username &&
           expiration_event_in == o.expiration_event_in &&
           gcp_key == o.gcp_key &&
           gcp_project_id == o.gcp_project_id &&
@@ -806,7 +878,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [service_account_key_decoded, ad_auto_rotate, ad_computer_base_dn, ad_discover_iis_app, ad_discover_services, ad_discovery_types, ad_domain_name, ad_domain_users_path_template, ad_local_users_ignore, ad_local_users_path_template, ad_os_filter, ad_rotation_hour, ad_rotation_interval, ad_sra_enable_rdp, ad_ssh_port, ad_target_format, ad_target_name, ad_targets_path_template, ad_targets_type, ad_user_base_dn, ad_user_groups, ad_winrm_over_http, ad_winrm_port, ad_discover_local_users, aws_key, aws_key_id, aws_region, azure_client_id, azure_kv_name, azure_secret, azure_tenant_id, expiration_event_in, gcp_key, gcp_project_id, hashi_json, hashi_ns, hashi_token, hashi_url, hosts, json, k8s_ca_certificate, k8s_client_certificate, k8s_client_key, k8s_namespace, k8s_password, k8s_skip_system, k8s_token, k8s_url, k8s_username, name, port_ranges, protection_key, si_auto_rotate, si_rotation_hour, si_rotation_interval, si_sra_enable_rdp, si_target_name, si_user_groups, si_users_ignore, si_users_path_template, target_location, token, type, uid_token, use_gw_cloud_identity].hash
+      [service_account_key_decoded, ad_auto_rotate, ad_cert_expiration_event_in, ad_certificates_path_template, ad_computer_base_dn, ad_discover_iis_app, ad_discover_services, ad_discovery_types, ad_domain_name, ad_domain_users_path_template, ad_local_users_ignore, ad_local_users_path_template, ad_os_filter, ad_rotation_hour, ad_rotation_interval, ad_sra_enable_rdp, ad_ssh_port, ad_target_format, ad_target_name, ad_targets_path_template, ad_targets_type, ad_user_base_dn, ad_user_groups, ad_winrm_over_http, ad_winrm_port, ad_discover_local_users, ai_certificate_discovery, aws_key, aws_key_id, aws_region, azure_client_id, azure_kv_name, azure_secret, azure_tenant_id, conjur_account, conjur_api_key, conjur_url, conjur_username, expiration_event_in, gcp_key, gcp_project_id, hashi_json, hashi_ns, hashi_token, hashi_url, hosts, json, k8s_ca_certificate, k8s_client_certificate, k8s_client_key, k8s_namespace, k8s_password, k8s_skip_system, k8s_token, k8s_url, k8s_username, name, port_ranges, protection_key, si_auto_rotate, si_rotation_hour, si_rotation_interval, si_sra_enable_rdp, si_target_name, si_user_groups, si_users_ignore, si_users_path_template, target_location, token, type, uid_token, use_gw_cloud_identity].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/gateway_update_migration.rb

@@ -21,6 +21,12 @@ module Akeyless
     # Enable/Disable automatic/recurrent rotation for migrated secrets. Default is false: only manual rotation is allowed for migrated secrets. If set to true, this command should be combined with --ad-rotation-interval and --ad-rotation-hour parameters (Relevant only for Active Directory migration)
     attr_accessor :ad_auto_rotate
 
+    # How many days before the expiration of discovered certificates would you like to be notified (Relevant only for Active Directory migration with certificate discovery enabled)
+    attr_accessor :ad_cert_expiration_event_in
+
+    # Path location template for migrating certificates e.g.: /Certificates/{{COMMON_NAME}} (Relevant only for Active Directory migration with certificate discovery enabled)
+    attr_accessor :ad_certificates_path_template
+
     # Distinguished Name of Computer objects (servers) to search in Active Directory e.g.: CN=Computers,DC=example,DC=com (Relevant only for Active Directory migration)
     attr_accessor :ad_computer_base_dn
 
@@ -87,6 +93,9 @@ module Akeyless
     # Enable/Disable discovery of local users from each domain server and migrate them as SSH/Windows Rotated Secrets. Default is false: only domain users will be migrated. Discovery of local users might require further installation of SSH on the servers, based on the supplied computer base DN. This will be implemented automatically as part of the migration process (Relevant only for Active Directory migration) Deprecated: use AdDiscoverTypes
     attr_accessor :ad_discover_local_users
 
+    # Enable AI-assisted certificate discovery (only when AI Insight is enabled on the Gateway)
+    attr_accessor :ai_certificate_discovery
+
     # AWS Secret Access Key (relevant only for AWS migration)
     attr_accessor :aws_key
 
@@ -108,6 +117,18 @@ module Akeyless
     # Azure Key Vault Access tenant ID (relevant only for Azure Key Vault migration)
     attr_accessor :azure_tenant_id
 
+    # Conjur account name set on your Conjur server (relevant only for Conjur migration).
+    attr_accessor :conjur_account
+
+    # Conjur API Key for the specified user (relevant only for Conjur migration).
+    attr_accessor :conjur_api_key
+
+    # Conjur server base URL (relevant only for Conjur migration). If conjur-url is HTTPS and Conjur uses a private CA/self-signed certificate, make the CA bundle available on the Gateway and set CONJUR_SSL_CERT_PATH to its path.
+    attr_accessor :conjur_url
+
+    # Conjur username used to authenticate (relevant only for Conjur migration).
+    attr_accessor :conjur_username
+
     # How many days before the expiration of the certificate would you like to be notified.
     attr_accessor :expiration_event_in
 
@@ -218,6 +239,8 @@ module Akeyless
       {
         :'service_account_key_decoded' => :'ServiceAccountKeyDecoded',
         :'ad_auto_rotate' => :'ad-auto-rotate',
+        :'ad_cert_expiration_event_in' => :'ad-cert-expiration-event-in',
+        :'ad_certificates_path_template' => :'ad-certificates-path-template',
         :'ad_computer_base_dn' => :'ad-computer-base-dn',
         :'ad_discover_iis_app' => :'ad-discover-iis-app',
         :'ad_discover_services' => :'ad-discover-services',
@@ -240,6 +263,7 @@ module Akeyless
         :'ad_winrm_over_http' => :'ad-winrm-over-http',
         :'ad_winrm_port' => :'ad-winrm-port',
         :'ad_discover_local_users' => :'ad_discover_local_users',
+        :'ai_certificate_discovery' => :'ai-certificate-discovery',
         :'aws_key' => :'aws-key',
         :'aws_key_id' => :'aws-key-id',
         :'aws_region' => :'aws-region',
@@ -247,6 +271,10 @@ module Akeyless
         :'azure_kv_name' => :'azure-kv-name',
         :'azure_secret' => :'azure-secret',
         :'azure_tenant_id' => :'azure-tenant-id',
+        :'conjur_account' => :'conjur-account',
+        :'conjur_api_key' => :'conjur-api-key',
+        :'conjur_url' => :'conjur-url',
+        :'conjur_username' => :'conjur-username',
         :'expiration_event_in' => :'expiration-event-in',
         :'gcp_key' => :'gcp-key',
         :'gcp_project_id' => :'gcp-project-id',
@@ -295,6 +323,8 @@ module Akeyless
       {
         :'service_account_key_decoded' => :'String',
         :'ad_auto_rotate' => :'String',
+        :'ad_cert_expiration_event_in' => :'Array<String>',
+        :'ad_certificates_path_template' => :'String',
         :'ad_computer_base_dn' => :'String',
         :'ad_discover_iis_app' => :'String',
         :'ad_discover_services' => :'String',
@@ -317,6 +347,7 @@ module Akeyless
         :'ad_winrm_over_http' => :'String',
         :'ad_winrm_port' => :'String',
         :'ad_discover_local_users' => :'String',
+        :'ai_certificate_discovery' => :'String',
         :'aws_key' => :'String',
         :'aws_key_id' => :'String',
         :'aws_region' => :'String',
@@ -324,6 +355,10 @@ module Akeyless
         :'azure_kv_name' => :'String',
         :'azure_secret' => :'String',
         :'azure_tenant_id' => :'String',
+        :'conjur_account' => :'String',
+        :'conjur_api_key' => :'String',
+        :'conjur_url' => :'String',
+        :'conjur_username' => :'String',
         :'expiration_event_in' => :'Array<String>',
         :'gcp_key' => :'String',
         :'gcp_project_id' => :'String',
@@ -391,6 +426,16 @@ module Akeyless
         self.ad_auto_rotate = attributes[:'ad_auto_rotate']
       end
 
+      if attributes.key?(:'ad_cert_expiration_event_in')
+        if (value = attributes[:'ad_cert_expiration_event_in']).is_a?(Array)
+          self.ad_cert_expiration_event_in = value
+        end
+      end
+
+      if attributes.key?(:'ad_certificates_path_template')
+        self.ad_certificates_path_template = attributes[:'ad_certificates_path_template']
+      end
+
       if attributes.key?(:'ad_computer_base_dn')
         self.ad_computer_base_dn = attributes[:'ad_computer_base_dn']
       end
@@ -495,6 +540,10 @@ module Akeyless
         self.ad_discover_local_users = attributes[:'ad_discover_local_users']
       end
 
+      if attributes.key?(:'ai_certificate_discovery')
+        self.ai_certificate_discovery = attributes[:'ai_certificate_discovery']
+      end
+
       if attributes.key?(:'aws_key')
         self.aws_key = attributes[:'aws_key']
       end
@@ -525,6 +574,22 @@ module Akeyless
         self.azure_tenant_id = attributes[:'azure_tenant_id']
       end
 
+      if attributes.key?(:'conjur_account')
+        self.conjur_account = attributes[:'conjur_account']
+      end
+
+      if attributes.key?(:'conjur_api_key')
+        self.conjur_api_key = attributes[:'conjur_api_key']
+      end
+
+      if attributes.key?(:'conjur_url')
+        self.conjur_url = attributes[:'conjur_url']
+      end
+
+      if attributes.key?(:'conjur_username')
+        self.conjur_username = attributes[:'conjur_username']
+      end
+
       if attributes.key?(:'expiration_event_in')
         if (value = attributes[:'expiration_event_in']).is_a?(Array)
           self.expiration_event_in = value
@@ -734,6 +799,8 @@ module Akeyless
       self.class == o.class &&
           service_account_key_decoded == o.service_account_key_decoded &&
           ad_auto_rotate == o.ad_auto_rotate &&
+          ad_cert_expiration_event_in == o.ad_cert_expiration_event_in &&
+          ad_certificates_path_template == o.ad_certificates_path_template &&
           ad_computer_base_dn == o.ad_computer_base_dn &&
           ad_discover_iis_app == o.ad_discover_iis_app &&
           ad_discover_services == o.ad_discover_services &&
@@ -756,6 +823,7 @@ module Akeyless
           ad_winrm_over_http == o.ad_winrm_over_http &&
           ad_winrm_port == o.ad_winrm_port &&
           ad_discover_local_users == o.ad_discover_local_users &&
+          ai_certificate_discovery == o.ai_certificate_discovery &&
           aws_key == o.aws_key &&
           aws_key_id == o.aws_key_id &&
           aws_region == o.aws_region &&
@@ -763,6 +831,10 @@ module Akeyless
           azure_kv_name == o.azure_kv_name &&
           azure_secret == o.azure_secret &&
           azure_tenant_id == o.azure_tenant_id &&
+          conjur_account == o.conjur_account &&
+          conjur_api_key == o.conjur_api_key &&
+          conjur_url == o.conjur_url &&
+          conjur_username == o.conjur_username &&
           expiration_event_in == o.expiration_event_in &&
           gcp_key == o.gcp_key &&
           gcp_project_id == o.gcp_project_id &&
@@ -809,7 +881,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [service_account_key_decoded, ad_auto_rotate, ad_computer_base_dn, ad_discover_iis_app, ad_discover_services, ad_discovery_types, ad_domain_name, ad_domain_users_path_template, ad_local_users_ignore, ad_local_users_path_template, ad_os_filter, ad_rotation_hour, ad_rotation_interval, ad_sra_enable_rdp, ad_ssh_port, ad_target_format, ad_target_name, ad_targets_path_template, ad_targets_type, ad_user_base_dn, ad_user_groups, ad_winrm_over_http, ad_winrm_port, ad_discover_local_users, aws_key, aws_key_id, aws_region, azure_client_id, azure_kv_name, azure_secret, azure_tenant_id, expiration_event_in, gcp_key, gcp_project_id, hashi_json, hashi_ns, hashi_token, hashi_url, hosts, id, json, k8s_ca_certificate, k8s_client_certificate, k8s_client_key, k8s_namespace, k8s_password, k8s_skip_system, k8s_token, k8s_url, k8s_username, name, new_name, port_ranges, protection_key, si_auto_rotate, si_rotation_hour, si_rotation_interval, si_sra_enable_rdp, si_target_name, si_user_groups, si_users_ignore, si_users_path_template, target_location, token, uid_token, use_gw_cloud_identity].hash
+      [service_account_key_decoded, ad_auto_rotate, ad_cert_expiration_event_in, ad_certificates_path_template, ad_computer_base_dn, ad_discover_iis_app, ad_discover_services, ad_discovery_types, ad_domain_name, ad_domain_users_path_template, ad_local_users_ignore, ad_local_users_path_template, ad_os_filter, ad_rotation_hour, ad_rotation_interval, ad_sra_enable_rdp, ad_ssh_port, ad_target_format, ad_target_name, ad_targets_path_template, ad_targets_type, ad_user_base_dn, ad_user_groups, ad_winrm_over_http, ad_winrm_port, ad_discover_local_users, ai_certificate_discovery, aws_key, aws_key_id, aws_region, azure_client_id, azure_kv_name, azure_secret, azure_tenant_id, conjur_account, conjur_api_key, conjur_url, conjur_username, expiration_event_in, gcp_key, gcp_project_id, hashi_json, hashi_ns, hashi_token, hashi_url, hosts, id, json, k8s_ca_certificate, k8s_client_certificate, k8s_client_key, k8s_namespace, k8s_password, k8s_skip_system, k8s_token, k8s_url, k8s_username, name, new_name, port_ranges, protection_key, si_auto_rotate, si_rotation_hour, si_rotation_interval, si_sra_enable_rdp, si_target_name, si_user_groups, si_users_ignore, si_users_path_template, target_location, token, uid_token, use_gw_cloud_identity].hash
     end
 
     # Builds the object from hash