akeyless 5.0.21 → 5.0.23

data/lib/akeyless/models/create_auth_method_cert.rb

@@ -79,6 +79,9 @@ module Akeyless
     # Choose the relevant product type for the auth method [sm, sra, pm, dp, ca]
     attr_accessor :product_type
 
+    # Require certificate CRL distribution points (CDP) and enforce CRL validation during authentication.
+    attr_accessor :require_crl_dp
+
     # A list of revoked cert ids
     attr_accessor :revoked_cert_ids
 
@@ -115,6 +118,7 @@ module Akeyless
         :'jwt_ttl' => :'jwt-ttl',
         :'name' => :'name',
         :'product_type' => :'product-type',
+        :'require_crl_dp' => :'require-crl-dp',
         :'revoked_cert_ids' => :'revoked-cert-ids',
         :'token' => :'token',
         :'uid_token' => :'uid-token',
@@ -151,6 +155,7 @@ module Akeyless
         :'jwt_ttl' => :'Integer',
         :'name' => :'String',
         :'product_type' => :'Array<String>',
+        :'require_crl_dp' => :'Boolean',
         :'revoked_cert_ids' => :'Array<String>',
         :'token' => :'String',
         :'uid_token' => :'String',
@@ -295,6 +300,10 @@ module Akeyless
         end
       end
 
+      if attributes.key?(:'require_crl_dp')
+        self.require_crl_dp = attributes[:'require_crl_dp']
+      end
+
       if attributes.key?(:'revoked_cert_ids')
         if (value = attributes[:'revoked_cert_ids']).is_a?(Array)
           self.revoked_cert_ids = value
@@ -367,6 +376,7 @@ module Akeyless
           jwt_ttl == o.jwt_ttl &&
           name == o.name &&
           product_type == o.product_type &&
+          require_crl_dp == o.require_crl_dp &&
           revoked_cert_ids == o.revoked_cert_ids &&
           token == o.token &&
           uid_token == o.uid_token &&
@@ -382,7 +392,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [access_expires, allowed_client_type, allowed_cors, audit_logs_claims, bound_common_names, bound_dns_sans, bound_email_sans, bound_extensions, bound_ips, bound_organizational_units, bound_uri_sans, certificate_data, delete_protection, description, expiration_event_in, force_sub_claims, gw_bound_ips, json, jwt_ttl, name, product_type, revoked_cert_ids, token, uid_token, unique_identifier].hash
+      [access_expires, allowed_client_type, allowed_cors, audit_logs_claims, bound_common_names, bound_dns_sans, bound_email_sans, bound_extensions, bound_ips, bound_organizational_units, bound_uri_sans, certificate_data, delete_protection, description, expiration_event_in, force_sub_claims, gw_bound_ips, json, jwt_ttl, name, product_type, require_crl_dp, revoked_cert_ids, token, uid_token, unique_identifier].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/create_auth_method_universal_identity.rb

@@ -28,6 +28,9 @@ module Akeyless
     # A CIDR whitelist with the IPs that the access is restricted to
     attr_accessor :bound_ips
 
+    # Maximum child token ttl allowed in uid-create-child-token
+    attr_accessor :child_ttl_limit
+
     # Protection from accidental deletion of this object [true/false]
     attr_accessor :delete_protection
 
@@ -64,6 +67,9 @@ module Akeyless
     # Authentication token (see `/auth` and `/configure`)
     attr_accessor :token
 
+    # Maximum UID tree depth allowed (child of child of ...)
+    attr_accessor :tree_length
+
     # Token ttl
     attr_accessor :ttl
 
@@ -77,6 +83,7 @@ module Akeyless
         :'allowed_client_type' => :'allowed-client-type',
         :'audit_logs_claims' => :'audit-logs-claims',
         :'bound_ips' => :'bound-ips',
+        :'child_ttl_limit' => :'child-ttl-limit',
         :'delete_protection' => :'delete_protection',
         :'deny_inheritance' => :'deny-inheritance',
         :'deny_rotate' => :'deny-rotate',
@@ -89,6 +96,7 @@ module Akeyless
         :'name' => :'name',
         :'product_type' => :'product-type',
         :'token' => :'token',
+        :'tree_length' => :'tree-length',
         :'ttl' => :'ttl',
         :'uid_token' => :'uid-token'
       }
@@ -106,6 +114,7 @@ module Akeyless
         :'allowed_client_type' => :'Array<String>',
         :'audit_logs_claims' => :'Array<String>',
         :'bound_ips' => :'Array<String>',
+        :'child_ttl_limit' => :'Integer',
         :'delete_protection' => :'String',
         :'deny_inheritance' => :'Boolean',
         :'deny_rotate' => :'Boolean',
@@ -118,6 +127,7 @@ module Akeyless
         :'name' => :'String',
         :'product_type' => :'Array<String>',
         :'token' => :'String',
+        :'tree_length' => :'Integer',
         :'ttl' => :'Integer',
         :'uid_token' => :'String'
       }
@@ -168,6 +178,12 @@ module Akeyless
         end
       end
 
+      if attributes.key?(:'child_ttl_limit')
+        self.child_ttl_limit = attributes[:'child_ttl_limit']
+      else
+        self.child_ttl_limit = 43200
+      end
+
       if attributes.key?(:'delete_protection')
         self.delete_protection = attributes[:'delete_protection']
       end
@@ -228,6 +244,12 @@ module Akeyless
         self.token = attributes[:'token']
       end
 
+      if attributes.key?(:'tree_length')
+        self.tree_length = attributes[:'tree_length']
+      else
+        self.tree_length = 200
+      end
+
       if attributes.key?(:'ttl')
         self.ttl = attributes[:'ttl']
       else
@@ -268,6 +290,7 @@ module Akeyless
           allowed_client_type == o.allowed_client_type &&
           audit_logs_claims == o.audit_logs_claims &&
           bound_ips == o.bound_ips &&
+          child_ttl_limit == o.child_ttl_limit &&
           delete_protection == o.delete_protection &&
           deny_inheritance == o.deny_inheritance &&
           deny_rotate == o.deny_rotate &&
@@ -280,6 +303,7 @@ module Akeyless
           name == o.name &&
           product_type == o.product_type &&
           token == o.token &&
+          tree_length == o.tree_length &&
           ttl == o.ttl &&
           uid_token == o.uid_token
     end
@@ -293,7 +317,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [access_expires, allowed_client_type, audit_logs_claims, bound_ips, delete_protection, deny_inheritance, deny_rotate, description, expiration_event_in, force_sub_claims, gw_bound_ips, json, jwt_ttl, name, product_type, token, ttl, uid_token].hash
+      [access_expires, allowed_client_type, audit_logs_claims, bound_ips, child_ttl_limit, delete_protection, deny_inheritance, deny_rotate, description, expiration_event_in, force_sub_claims, gw_bound_ips, json, jwt_ttl, name, product_type, token, tree_length, ttl, uid_token].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/create_azure_target.rb

@@ -16,6 +16,9 @@ require 'time'
 module Akeyless
   # createAzureTarget is a command that creates a new target. [Deprecated: Use target-create-azure command]
   class CreateAzureTarget
+    # Azure cloud environment to use. Values: AzureCloud (default), AzureUSGovernment, AzureChinaCloud.
+    attr_accessor :azure_cloud
+
     # Azure client/application id
     attr_accessor :client_id
 
@@ -67,6 +70,7 @@ module Akeyless
     # Attribute mapping from ruby-style variable name to JSON key.
     def self.attribute_map
       {
+        :'azure_cloud' => :'azure-cloud',
         :'client_id' => :'client-id',
         :'client_secret' => :'client-secret',
         :'comment' => :'comment',
@@ -94,6 +98,7 @@ module Akeyless
     # Attribute type mapping.
     def self.openapi_types
       {
+        :'azure_cloud' => :'String',
         :'client_id' => :'String',
         :'client_secret' => :'String',
         :'comment' => :'String',
@@ -134,6 +139,12 @@ module Akeyless
         h[k.to_sym] = v
       }
 
+      if attributes.key?(:'azure_cloud')
+        self.azure_cloud = attributes[:'azure_cloud']
+      else
+        self.azure_cloud = 'AzureCloud'
+      end
+
       if attributes.key?(:'client_id')
         self.client_id = attributes[:'client_id']
       end
@@ -230,6 +241,7 @@ module Akeyless
     def ==(o)
       return true if self.equal?(o)
       self.class == o.class &&
+          azure_cloud == o.azure_cloud &&
           client_id == o.client_id &&
           client_secret == o.client_secret &&
           comment == o.comment &&
@@ -257,7 +269,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [client_id, client_secret, comment, connection_type, description, json, key, max_versions, name, resource_group_name, resource_name, subscription_id, tenant_id, token, uid_token, use_gw_cloud_identity].hash
+      [azure_cloud, client_id, client_secret, comment, connection_type, description, json, key, max_versions, name, resource_group_name, resource_name, subscription_id, tenant_id, token, uid_token, use_gw_cloud_identity].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/create_rotated_secret.rb

@@ -66,6 +66,9 @@ module Akeyless
     # The name of a key that used to encrypt the secret value (if empty, the account default protectionKey key will be used)
     attr_accessor :key
 
+    # Lock this secret for read/update while an SRA session is active
+    attr_accessor :lock_during_sra_session
+
     # Deprecated - use description
     attr_accessor :metadata
 
@@ -75,7 +78,7 @@ module Akeyless
     # The length of the password to be generated
     attr_accessor :password_length
 
-    # Rotate the value of the secret after SRA session ends [true/false]
+    # StringOrBool accepts JSON strings, booleans, and numbers for backward compatibility with older SDK versions that send boolean values for rotate-after-disconnect.
     attr_accessor :rotate_after_disconnect
 
     # rotated-username password (relevant only for rotator-type=password)
@@ -199,6 +202,7 @@ module Akeyless
         :'host_provider' => :'host-provider',
         :'json' => :'json',
         :'key' => :'key',
+        :'lock_during_sra_session' => :'lock-during-sra-session',
         :'metadata' => :'metadata',
         :'name' => :'name',
         :'password_length' => :'password-length',
@@ -265,6 +269,7 @@ module Akeyless
         :'host_provider' => :'String',
         :'json' => :'Boolean',
         :'key' => :'String',
+        :'lock_during_sra_session' => :'String',
         :'metadata' => :'String',
         :'name' => :'String',
         :'password_length' => :'String',
@@ -401,6 +406,10 @@ module Akeyless
         self.key = attributes[:'key']
       end
 
+      if attributes.key?(:'lock_during_sra_session')
+        self.lock_during_sra_session = attributes[:'lock_during_sra_session']
+      end
+
       if attributes.key?(:'metadata')
         self.metadata = attributes[:'metadata']
       end
@@ -417,8 +426,6 @@ module Akeyless
 
       if attributes.key?(:'rotate_after_disconnect')
         self.rotate_after_disconnect = attributes[:'rotate_after_disconnect']
-      else
-        self.rotate_after_disconnect = 'false'
       end
 
       if attributes.key?(:'rotated_password')
@@ -630,6 +637,7 @@ module Akeyless
           host_provider == o.host_provider &&
           json == o.json &&
           key == o.key &&
+          lock_during_sra_session == o.lock_during_sra_session &&
           metadata == o.metadata &&
           name == o.name &&
           password_length == o.password_length &&
@@ -679,7 +687,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [provider_type, api_id, api_key, application_id, authentication_credentials, auto_rotate, aws_region, custom_payload, delete_protection, description, gcp_key, gcp_service_account_email, gcp_service_account_key_id, grace_rotation, host_provider, json, key, metadata, name, password_length, rotate_after_disconnect, rotated_password, rotated_username, rotation_hour, rotation_interval, rotator_creds_type, rotator_custom_cmd, rotator_type, same_password, secure_access_allow_external_user, secure_access_aws_account_id, secure_access_aws_native_cli, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_db_schema, secure_access_disable_concurrent_connections, secure_access_enable, secure_access_host, secure_access_rdp_domain, secure_access_rdp_user, secure_access_url, secure_access_web, secure_access_web_browsing, secure_access_web_proxy, ssh_password, ssh_username, storage_account_key_name, tags, target, target_name, token, uid_token, user_attribute, user_dn].hash
+      [provider_type, api_id, api_key, application_id, authentication_credentials, auto_rotate, aws_region, custom_payload, delete_protection, description, gcp_key, gcp_service_account_email, gcp_service_account_key_id, grace_rotation, host_provider, json, key, lock_during_sra_session, metadata, name, password_length, rotate_after_disconnect, rotated_password, rotated_username, rotation_hour, rotation_interval, rotator_creds_type, rotator_custom_cmd, rotator_type, same_password, secure_access_allow_external_user, secure_access_aws_account_id, secure_access_aws_native_cli, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_db_name, secure_access_db_schema, secure_access_disable_concurrent_connections, secure_access_enable, secure_access_host, secure_access_rdp_domain, secure_access_rdp_user, secure_access_url, secure_access_web, secure_access_web_browsing, secure_access_web_proxy, ssh_password, ssh_username, storage_account_key_name, tags, target, target_name, token, uid_token, user_attribute, user_dn].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/create_secret.rb

@@ -42,6 +42,9 @@ module Akeyless
     # Set output format to JSON
     attr_accessor :json
 
+    # Lock this secret for read/update while an SRA session is active
+    attr_accessor :lock_during_sra_session
+
     # Set the maximum number of versions, limited by the account settings defaults.
     attr_accessor :max_versions
 
@@ -122,6 +125,7 @@ module Akeyless
         :'inject_url' => :'inject-url',
         :'item_custom_fields' => :'item-custom-fields',
         :'json' => :'json',
+        :'lock_during_sra_session' => :'lock-during-sra-session',
         :'max_versions' => :'max-versions',
         :'metadata' => :'metadata',
         :'multiline_value' => :'multiline_value',
@@ -165,6 +169,7 @@ module Akeyless
         :'inject_url' => :'Array<String>',
         :'item_custom_fields' => :'Hash<String, String>',
         :'json' => :'Boolean',
+        :'lock_during_sra_session' => :'String',
         :'max_versions' => :'String',
         :'metadata' => :'String',
         :'multiline_value' => :'Boolean',
@@ -260,6 +265,10 @@ module Akeyless
         self.json = false
       end
 
+      if attributes.key?(:'lock_during_sra_session')
+        self.lock_during_sra_session = attributes[:'lock_during_sra_session']
+      end
+
       if attributes.key?(:'max_versions')
         self.max_versions = attributes[:'max_versions']
       end
@@ -406,6 +415,7 @@ module Akeyless
           inject_url == o.inject_url &&
           item_custom_fields == o.item_custom_fields &&
           json == o.json &&
+          lock_during_sra_session == o.lock_during_sra_session &&
           max_versions == o.max_versions &&
           metadata == o.metadata &&
           multiline_value == o.multiline_value &&
@@ -440,7 +450,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [accessibility, change_event, custom_field, delete_protection, description, format, inject_url, item_custom_fields, json, max_versions, metadata, multiline_value, name, password, protection_key, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_enable, secure_access_gateway, secure_access_host, secure_access_rdp_user, secure_access_ssh_creds, secure_access_ssh_user, secure_access_url, secure_access_web_browsing, secure_access_web_proxy, tags, token, type, uid_token, username, value].hash
+      [accessibility, change_event, custom_field, delete_protection, description, format, inject_url, item_custom_fields, json, lock_during_sra_session, max_versions, metadata, multiline_value, name, password, protection_key, secure_access_bastion_issuer, secure_access_certificate_issuer, secure_access_enable, secure_access_gateway, secure_access_host, secure_access_rdp_user, secure_access_ssh_creds, secure_access_ssh_user, secure_access_url, secure_access_web_browsing, secure_access_web_proxy, tags, token, type, uid_token, username, value].hash
     end
 
     # Builds the object from hash

data/lib/akeyless/models/create_usc.rb

@@ -25,12 +25,18 @@ module Akeyless
     # Description of the Universal Secrets Connector
     attr_accessor :description
 
+    # The environments in repo-name/environment-name format, comma-separated (only relevant for: github-scope=repository-environment)
+    attr_accessor :environment_names
+
     # GCP Project ID (Relevant only for GCP targets)
     attr_accessor :gcp_project_id
 
     # GCP Secret Manager regions to query for regional secrets (comma-separated, e.g., us-east1,us-west1). Max 12 regions. Required when listing with object-type=regional-secrets.
     attr_accessor :gcp_sm_regions
 
+    # The scope where secrets will be created, available options: [repository, organization, repository-environment]
+    attr_accessor :github_scope
+
     # Additional custom fields to associate with the item
     attr_accessor :item_custom_fields
 
@@ -43,6 +49,14 @@ module Akeyless
     # Universal Secrets Connector name
     attr_accessor :name
 
+    # The organization name to create the secret in
+    attr_accessor :organization_name
+
+    attr_accessor :repository_access
+
+    # The repository names, comma-separated (only relevant for: github-scope=repository)
+    attr_accessor :repository_names
+
     # List of the tags attached to this Universal Secrets Connector
     attr_accessor :tags
 
@@ -67,12 +81,17 @@ module Akeyless
         :'azure_kv_name' => :'azure-kv-name',
         :'delete_protection' => :'delete_protection',
         :'description' => :'description',
+        :'environment_names' => :'environment-names',
         :'gcp_project_id' => :'gcp-project-id',
         :'gcp_sm_regions' => :'gcp-sm-regions',
+        :'github_scope' => :'github-scope',
         :'item_custom_fields' => :'item-custom-fields',
         :'json' => :'json',
         :'k8s_namespace' => :'k8s-namespace',
         :'name' => :'name',
+        :'organization_name' => :'organization-name',
+        :'repository_access' => :'repository-access',
+        :'repository_names' => :'repository-names',
         :'tags' => :'tags',
         :'target_to_associate' => :'target-to-associate',
         :'token' => :'token',
@@ -93,12 +112,17 @@ module Akeyless
         :'azure_kv_name' => :'String',
         :'delete_protection' => :'String',
         :'description' => :'String',
+        :'environment_names' => :'String',
         :'gcp_project_id' => :'String',
         :'gcp_sm_regions' => :'String',
+        :'github_scope' => :'String',
         :'item_custom_fields' => :'Hash<String, String>',
         :'json' => :'Boolean',
         :'k8s_namespace' => :'String',
         :'name' => :'String',
+        :'organization_name' => :'String',
+        :'repository_access' => :'String',
+        :'repository_names' => :'String',
         :'tags' => :'Array<String>',
         :'target_to_associate' => :'String',
         :'token' => :'String',
@@ -141,6 +165,10 @@ module Akeyless
         self.description = attributes[:'description']
       end
 
+      if attributes.key?(:'environment_names')
+        self.environment_names = attributes[:'environment_names']
+      end
+
       if attributes.key?(:'gcp_project_id')
         self.gcp_project_id = attributes[:'gcp_project_id']
       end
@@ -149,6 +177,12 @@ module Akeyless
         self.gcp_sm_regions = attributes[:'gcp_sm_regions']
       end
 
+      if attributes.key?(:'github_scope')
+        self.github_scope = attributes[:'github_scope']
+      else
+        self.github_scope = 'repository'
+      end
+
       if attributes.key?(:'item_custom_fields')
         if (value = attributes[:'item_custom_fields']).is_a?(Hash)
           self.item_custom_fields = value
@@ -171,6 +205,20 @@ module Akeyless
         self.name = nil
       end
 
+      if attributes.key?(:'organization_name')
+        self.organization_name = attributes[:'organization_name']
+      end
+
+      if attributes.key?(:'repository_access')
+        self.repository_access = attributes[:'repository_access']
+      else
+        self.repository_access = 'public'
+      end
+
+      if attributes.key?(:'repository_names')
+        self.repository_names = attributes[:'repository_names']
+      end
+
       if attributes.key?(:'tags')
         if (value = attributes[:'tags']).is_a?(Array)
           self.tags = value
@@ -235,12 +283,17 @@ module Akeyless
           azure_kv_name == o.azure_kv_name &&
           delete_protection == o.delete_protection &&
           description == o.description &&
+          environment_names == o.environment_names &&
           gcp_project_id == o.gcp_project_id &&
           gcp_sm_regions == o.gcp_sm_regions &&
+          github_scope == o.github_scope &&
           item_custom_fields == o.item_custom_fields &&
           json == o.json &&
           k8s_namespace == o.k8s_namespace &&
           name == o.name &&
+          organization_name == o.organization_name &&
+          repository_access == o.repository_access &&
+          repository_names == o.repository_names &&
           tags == o.tags &&
           target_to_associate == o.target_to_associate &&
           token == o.token &&
@@ -258,7 +311,7 @@ module Akeyless
     # Calculates hash code according to all attributes.
     # @return [Integer] Hash code
     def hash
-      [azure_kv_name, delete_protection, description, gcp_project_id, gcp_sm_regions, item_custom_fields, json, k8s_namespace, name, tags, target_to_associate, token, uid_token, usc_prefix, use_prefix_as_filter].hash
+      [azure_kv_name, delete_protection, description, environment_names, gcp_project_id, gcp_sm_regions, github_scope, item_custom_fields, json, k8s_namespace, name, organization_name, repository_access, repository_names, tags, target_to_associate, token, uid_token, usc_prefix, use_prefix_as_filter].hash
     end
 
     # Builds the object from hash