akeyless 5.0.21 → 5.0.23

data/docs/CreateSecret.md

@@ -13,6 +13,7 @@
 | **inject_url** | **Array<String>** | For Password Management use, reflect the website context | [optional] |
 | **item_custom_fields** | **Hash<String, String>** | Additional custom fields to associate with the item | [optional] |
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
+| **lock_during_sra_session** | **String** | Lock this secret for read/update while an SRA session is active | [optional] |
 | **max_versions** | **String** | Set the maximum number of versions, limited by the account settings defaults. | [optional] |
 | **metadata** | **String** | Deprecated - use description | [optional] |
 | **multiline_value** | **Boolean** | The provided value is a multiline value (separated by '\\n') | [optional] |
@@ -52,6 +53,7 @@ instance = Akeyless::CreateSecret.new(
   inject_url: null,
   item_custom_fields: null,
   json: null,
+  lock_during_sra_session: null,
   max_versions: null,
   metadata: null,
   multiline_value: null,

data/docs/CreateUSC.md

@@ -7,12 +7,17 @@
 | **azure_kv_name** | **String** | Azure Key Vault name (Relevant only for Azure targets) | [optional] |
 | **delete_protection** | **String** | Protection from accidental deletion of this object [true/false] | [optional] |
 | **description** | **String** | Description of the Universal Secrets Connector | [optional] |
+| **environment_names** | **String** | The environments in repo-name/environment-name format, comma-separated (only relevant for: github-scope=repository-environment) | [optional] |
 | **gcp_project_id** | **String** | GCP Project ID (Relevant only for GCP targets) | [optional] |
 | **gcp_sm_regions** | **String** | GCP Secret Manager regions to query for regional secrets (comma-separated, e.g., us-east1,us-west1). Max 12 regions. Required when listing with object-type=regional-secrets. | [optional] |
+| **github_scope** | **String** | The scope where secrets will be created, available options: [repository, organization, repository-environment] | [optional][default to 'repository'] |
 | **item_custom_fields** | **Hash<String, String>** | Additional custom fields to associate with the item | [optional] |
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
 | **k8s_namespace** | **String** | K8s namespace (Relevant to Kubernetes targets) | [optional] |
 | **name** | **String** | Universal Secrets Connector name |  |
+| **organization_name** | **String** | The organization name to create the secret in | [optional] |
+| **repository_access** | **String** |  | [optional][default to 'public'] |
+| **repository_names** | **String** | The repository names, comma-separated (only relevant for: github-scope=repository) | [optional] |
 | **tags** | **Array<String>** | List of the tags attached to this Universal Secrets Connector | [optional] |
 | **target_to_associate** | **String** | Target Universal Secrets Connector to connect |  |
 | **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
@@ -29,12 +34,17 @@ instance = Akeyless::CreateUSC.new(
   azure_kv_name: null,
   delete_protection: null,
   description: null,
+  environment_names: null,
   gcp_project_id: null,
   gcp_sm_regions: null,
+  github_scope: null,
   item_custom_fields: null,
   json: null,
   k8s_namespace: null,
   name: null,
+  organization_name: null,
+  repository_access: null,
+  repository_names: null,
   tags: null,
   target_to_associate: null,
   token: null,

data/docs/DSProducerDetails.md

@@ -36,6 +36,7 @@
 | **azure_app_object_id** | **String** |  | [optional] |
 | **azure_client_id** | **String** |  | [optional] |
 | **azure_client_secret** | **String** |  | [optional] |
+| **azure_cloud** | **String** |  | [optional] |
 | **azure_fixed_user_name_sub_claim_key** | **String** |  | [optional] |
 | **azure_fixed_user_only** | **Boolean** |  | [optional] |
 | **azure_resource_group_name** | **String** |  | [optional] |
@@ -307,6 +308,7 @@ instance = Akeyless::DSProducerDetails.new(
   azure_app_object_id: null,
   azure_client_id: null,
   azure_client_secret: null,
+  azure_cloud: null,
   azure_fixed_user_name_sub_claim_key: null,
   azure_fixed_user_only: null,
   azure_resource_group_name: null,

data/docs/DefaultAuthMethodSettings.md

@@ -0,0 +1,20 @@
+# Akeyless::DefaultAuthMethodSettings
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **default_access_id** | **String** |  | [optional] |
+| **default_auth_method_type** | **String** |  | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::DefaultAuthMethodSettings.new(
+  default_access_id: null,
+  default_auth_method_type: null
+)
+```
+

data/docs/DeleteRoleRule.md

@@ -7,7 +7,7 @@
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
 | **path** | **String** | The path the rule refers to |  |
 | **role_name** | **String** | The role name to be updated |  |
-| **rule_type** | **String** | item-rule, role-rule, auth-method-rule, search-rule, reports-rule, gw-reports-rule or sra-reports-rule | [optional][default to 'item-rule'] |
+| **rule_type** | **String** | item-rule, role-rule, auth-method-rule, search-rule, reports-rule, gw-reports-rule, sra-reports-rule, sra-rule, ara-rule | [optional][default to 'item-rule'] |
 | **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
 | **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
 

data/docs/DescribePermissions.md

@@ -7,7 +7,7 @@
 | **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
 | **path** | **String** | Path to an object |  |
 | **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
-| **type** | **String** | Type of object (item, am, role, target) |  |
+| **type** | **String** | Type of object (item, am, role, target, sra, ara) |  |
 | **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
 
 ## Example

data/docs/DigiCertTargetDetails.md

@@ -0,0 +1,42 @@
+# Akeyless::DigiCertTargetDetails
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **account_key_pem** | **String** | ACME Account Private Key (PEM-encoded). Supports ECDSA (P-256, P-384, P-521), RSA (2048+), and Ed25519. Auto-generated as ECDSA P-256 during first certificate issuance bootstrap. Stored encrypted, required for certificate operations and revocation. | [optional] |
+| **account_url** | **String** | ACME Account URL (returned after registration with DigiCert ACME). Used to retrieve existing account instead of re-registering. | [optional] |
+| **challenge_type** | **String** | ACMEChallengeType defines ACME challenge type for Let's Encrypt | [optional] |
+| **digicert_directory_type** | **String** |  | [optional] |
+| **dns_target_name** | **String** | Name of DNS target (transient field - not stored in DB). Used by CLI to pass DNS target name to SDK for creating target_object_assoc. Retrieved from target_object_assoc when reading target. Required when ChallengeType is dns. | [optional] |
+| **dns_target_type** | **String** |  | [optional] |
+| **eab_hmac_key** | **String** | External Account Binding HMAC key. Required until ACME account is bootstrapped on first issuance. | [optional] |
+| **eab_key_id** | **String** | External Account Binding key identifier. Required until ACME account is bootstrapped on first issuance. | [optional] |
+| **email** | **String** | Email address for ACME account registration. Required. | [optional] |
+| **gcp_project** | **String** | GCP Cloud DNS: Project ID. Optional - can be derived from service account. | [optional] |
+| **hosted_zone** | **String** | AWS Route53: Hosted zone ID. Required when DNSTargetType is AWS. | [optional] |
+| **resource_group** | **String** | Azure DNS: Resource group name. Required when DNSTargetType is Azure. | [optional] |
+| **timeout** | **Integer** | A Duration represents the elapsed time between two instants as an int64 nanosecond count. The representation limits the largest representable duration to approximately 290 years. | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::DigiCertTargetDetails.new(
+  account_key_pem: null,
+  account_url: null,
+  challenge_type: null,
+  digicert_directory_type: null,
+  dns_target_name: null,
+  dns_target_type: null,
+  eab_hmac_key: null,
+  eab_key_id: null,
+  email: null,
+  gcp_project: null,
+  hosted_zone: null,
+  resource_group: null,
+  timeout: null
+)
+```
+

data/docs/EsmListSecretsOutput.md

@@ -5,6 +5,7 @@
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
 | **secrets_list** | [**Array<SecretInfo>**](SecretInfo.md) |  | [optional] |
+| **warnings** | **Array<String>** |  | [optional] |
 
 ## Example
 
@@ -12,7 +13,8 @@
 require 'akeyless'
 
 instance = Akeyless::EsmListSecretsOutput.new(
-  secrets_list: null
+  secrets_list: null,
+  warnings: null
 )
 ```
 

data/docs/GatewayCreateMigration.md

@@ -6,6 +6,8 @@
 | ---- | ---- | ----------- | ----- |
 | **service_account_key_decoded** | **String** |  | [optional] |
 | **ad_auto_rotate** | **String** | Enable/Disable automatic/recurrent rotation for migrated secrets. Default is false: only manual rotation is allowed for migrated secrets. If set to true, this command should be combined with --ad-rotation-interval and --ad-rotation-hour parameters (Relevant only for Active Directory migration) | [optional] |
+| **ad_cert_expiration_event_in** | **Array<String>** | How many days before the expiration of discovered certificates would you like to be notified (Relevant only for Active Directory migration with certificate discovery enabled) | [optional] |
+| **ad_certificates_path_template** | **String** | Path location template for migrating certificates e.g.: /Certificates/{{COMMON_NAME}} (Relevant only for Active Directory migration with certificate discovery enabled) | [optional] |
 | **ad_computer_base_dn** | **String** | Distinguished Name of Computer objects (servers) to search in Active Directory e.g.: CN=Computers,DC=example,DC=com (Relevant only for Active Directory migration) | [optional] |
 | **ad_discover_iis_app** | **String** | Enable/Disable discovery of IIS application from each domain server as part of the SSH/Windows Rotated Secrets. Default is false. (Relevant only for Active Directory migration) | [optional][default to 'false'] |
 | **ad_discover_services** | **String** | Enable/Disable discovery of Windows services from each domain server as part of the SSH/Windows Rotated Secrets. Default is false. (Relevant only for Active Directory migration) | [optional][default to 'false'] |
@@ -28,6 +30,7 @@
 | **ad_winrm_over_http** | **String** | Use WinRM over HTTP, by default runs over HTTPS | [optional][default to 'false'] |
 | **ad_winrm_port** | **String** | Set the WinRM Port for further connection to the domain servers. Default is 5986 (Relevant only for Active Directory migration) | [optional][default to '5986'] |
 | **ad_discover_local_users** | **String** | Enable/Disable discovery of local users from each domain server and migrate them as SSH/Windows Rotated Secrets. Default is false: only domain users will be migrated. Discovery of local users might require further installation of SSH on the servers, based on the supplied computer base DN. This will be implemented automatically as part of the migration process (Relevant only for Active Directory migration) Deprecated: use AdDiscoverTypes | [optional] |
+| **ai_certificate_discovery** | **String** | Enable AI-assisted certificate discovery (only when AI Insight is enabled on the Gateway) | [optional] |
 | **aws_key** | **String** | AWS Secret Access Key (relevant only for AWS migration) | [optional] |
 | **aws_key_id** | **String** | AWS Access Key ID with sufficient permissions to get all secrets, e.g. 'arn:aws:secretsmanager:[Region]:[AccountId]:secret:[/path/to/secrets/*]' (relevant only for AWS migration) | [optional] |
 | **aws_region** | **String** | AWS region of the required Secrets Manager (relevant only for AWS migration) | [optional][default to 'us-east-2'] |
@@ -35,6 +38,11 @@
 | **azure_kv_name** | **String** | Azure Key Vault Name (relevant only for Azure Key Vault migration) | [optional] |
 | **azure_secret** | **String** | Azure Key Vault secret (relevant only for Azure Key Vault migration) | [optional] |
 | **azure_tenant_id** | **String** | Azure Key Vault Access tenant ID (relevant only for Azure Key Vault migration) | [optional] |
+| **conjur_account** | **String** | Conjur account name set on your Conjur server (relevant only for Conjur migration). | [optional] |
+| **conjur_api_key** | **String** | Conjur API Key for the specified user (relevant only for Conjur migration). | [optional] |
+| **conjur_url** | **String** | Conjur server base URL (relevant only for Conjur migration). If conjur-url is HTTPS and Conjur uses a private CA/self-signed certificate, make the CA bundle available on the Gateway and set CONJUR_SSL_CERT_PATH to its path. | [optional] |
+| **conjur_username** | **String** | Conjur username used to authenticate (relevant only for Conjur migration). | [optional] |
+| **delete_remote** | **Boolean** | Delete the secret from the remote target as well, relevant only when usc-name is not empty (relevant only for HasiCorp Vault migration) | [optional] |
 | **expiration_event_in** | **Array<String>** | How many days before the expiration of the certificate would you like to be notified. | [optional] |
 | **gcp_key** | **String** | Base64-encoded GCP Service Account private key text with sufficient permissions to Secrets Manager, Minimum required permission is Secret Manager Secret Accessor, e.g. 'roles/secretmanager.secretAccessor' (relevant only for GCP migration) | [optional] |
 | **gcp_project_id** | **String** | GCP Project ID (cross-project override) | [optional] |
@@ -66,8 +74,9 @@
 | **si_users_path_template** | **String** | Path location template for migrating users as Rotated Secrets e.g.: .../Users/{{COMPUTER_NAME}}/{{USERNAME}} (Relevant only for Server Inventory migration) |  |
 | **target_location** | **String** | Target location in Akeyless for imported secrets |  |
 | **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
-| **type** | **String** | Migration type (hashi/aws/gcp/k8s/azure_kv/active_directory/server_inventory/certificate) | [optional] |
+| **type** | **String** | Migration type (hashi/aws/gcp/k8s/azure_kv/conjur/active_directory/server_inventory/certificate) | [optional] |
 | **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
+| **usc_name** | **String** | Universal Secret Connector name | [optional] |
 | **use_gw_cloud_identity** | **Boolean** | Use the GW's Cloud IAM | [optional] |
 
 ## Example
@@ -78,6 +87,8 @@ require 'akeyless'
 instance = Akeyless::GatewayCreateMigration.new(
   service_account_key_decoded: null,
   ad_auto_rotate: null,
+  ad_cert_expiration_event_in: null,
+  ad_certificates_path_template: null,
   ad_computer_base_dn: null,
   ad_discover_iis_app: null,
   ad_discover_services: null,
@@ -100,6 +111,7 @@ instance = Akeyless::GatewayCreateMigration.new(
   ad_winrm_over_http: null,
   ad_winrm_port: null,
   ad_discover_local_users: null,
+  ai_certificate_discovery: null,
   aws_key: null,
   aws_key_id: null,
   aws_region: null,
@@ -107,6 +119,11 @@ instance = Akeyless::GatewayCreateMigration.new(
   azure_kv_name: null,
   azure_secret: null,
   azure_tenant_id: null,
+  conjur_account: null,
+  conjur_api_key: null,
+  conjur_url: null,
+  conjur_username: null,
+  delete_remote: null,
   expiration_event_in: null,
   gcp_key: null,
   gcp_project_id: null,
@@ -140,6 +157,7 @@ instance = Akeyless::GatewayCreateMigration.new(
   token: null,
   type: null,
   uid_token: null,
+  usc_name: null,
   use_gw_cloud_identity: null
 )
 ```

data/docs/GatewayUpdateMigration.md

@@ -6,6 +6,8 @@
 | ---- | ---- | ----------- | ----- |
 | **service_account_key_decoded** | **String** |  | [optional] |
 | **ad_auto_rotate** | **String** | Enable/Disable automatic/recurrent rotation for migrated secrets. Default is false: only manual rotation is allowed for migrated secrets. If set to true, this command should be combined with --ad-rotation-interval and --ad-rotation-hour parameters (Relevant only for Active Directory migration) | [optional] |
+| **ad_cert_expiration_event_in** | **Array<String>** | How many days before the expiration of discovered certificates would you like to be notified (Relevant only for Active Directory migration with certificate discovery enabled) | [optional] |
+| **ad_certificates_path_template** | **String** | Path location template for migrating certificates e.g.: /Certificates/{{COMMON_NAME}} (Relevant only for Active Directory migration with certificate discovery enabled) | [optional] |
 | **ad_computer_base_dn** | **String** | Distinguished Name of Computer objects (servers) to search in Active Directory e.g.: CN=Computers,DC=example,DC=com (Relevant only for Active Directory migration) | [optional] |
 | **ad_discover_iis_app** | **String** | Enable/Disable discovery of IIS application from each domain server as part of the SSH/Windows Rotated Secrets. Default is false. (Relevant only for Active Directory migration) | [optional][default to 'false'] |
 | **ad_discover_services** | **String** | Enable/Disable discovery of Windows services from each domain server as part of the SSH/Windows Rotated Secrets. Default is false. (Relevant only for Active Directory migration) | [optional][default to 'false'] |
@@ -28,6 +30,7 @@
 | **ad_winrm_over_http** | **String** | Use WinRM over HTTP, by default runs over HTTPS | [optional][default to 'false'] |
 | **ad_winrm_port** | **String** | Set the WinRM Port for further connection to the domain servers. Default is 5986 (Relevant only for Active Directory migration) | [optional][default to '5986'] |
 | **ad_discover_local_users** | **String** | Enable/Disable discovery of local users from each domain server and migrate them as SSH/Windows Rotated Secrets. Default is false: only domain users will be migrated. Discovery of local users might require further installation of SSH on the servers, based on the supplied computer base DN. This will be implemented automatically as part of the migration process (Relevant only for Active Directory migration) Deprecated: use AdDiscoverTypes | [optional] |
+| **ai_certificate_discovery** | **String** | Enable AI-assisted certificate discovery (only when AI Insight is enabled on the Gateway) | [optional] |
 | **aws_key** | **String** | AWS Secret Access Key (relevant only for AWS migration) | [optional] |
 | **aws_key_id** | **String** | AWS Access Key ID with sufficient permissions to get all secrets, e.g. 'arn:aws:secretsmanager:[Region]:[AccountId]:secret:[/path/to/secrets/*]' (relevant only for AWS migration) | [optional] |
 | **aws_region** | **String** | AWS region of the required Secrets Manager (relevant only for AWS migration) | [optional][default to 'us-east-2'] |
@@ -35,6 +38,11 @@
 | **azure_kv_name** | **String** | Azure Key Vault Name (relevant only for Azure Key Vault migration) | [optional] |
 | **azure_secret** | **String** | Azure Key Vault secret (relevant only for Azure Key Vault migration) | [optional] |
 | **azure_tenant_id** | **String** | Azure Key Vault Access tenant ID (relevant only for Azure Key Vault migration) | [optional] |
+| **conjur_account** | **String** | Conjur account name set on your Conjur server (relevant only for Conjur migration). | [optional] |
+| **conjur_api_key** | **String** | Conjur API Key for the specified user (relevant only for Conjur migration). | [optional] |
+| **conjur_url** | **String** | Conjur server base URL (relevant only for Conjur migration). If conjur-url is HTTPS and Conjur uses a private CA/self-signed certificate, make the CA bundle available on the Gateway and set CONJUR_SSL_CERT_PATH to its path. | [optional] |
+| **conjur_username** | **String** | Conjur username used to authenticate (relevant only for Conjur migration). | [optional] |
+| **delete_remote** | **Boolean** | Delete the secret from the remote target as well, relevant only when usc-name is not empty (relevant only for HasiCorp Vault migration) | [optional] |
 | **expiration_event_in** | **Array<String>** | How many days before the expiration of the certificate would you like to be notified. | [optional] |
 | **gcp_key** | **String** | Base64-encoded GCP Service Account private key text with sufficient permissions to Secrets Manager, Minimum required permission is Secret Manager Secret Accessor, e.g. 'roles/secretmanager.secretAccessor' (relevant only for GCP migration) | [optional] |
 | **gcp_project_id** | **String** | GCP Project ID (cross-project override) | [optional] |
@@ -69,6 +77,7 @@
 | **target_location** | **String** | Target location in Akeyless for imported secrets |  |
 | **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
 | **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
+| **usc_name** | **String** | Universal Secret Connector name | [optional] |
 | **use_gw_cloud_identity** | **Boolean** | Use the GW's Cloud IAM | [optional] |
 
 ## Example
@@ -79,6 +88,8 @@ require 'akeyless'
 instance = Akeyless::GatewayUpdateMigration.new(
   service_account_key_decoded: null,
   ad_auto_rotate: null,
+  ad_cert_expiration_event_in: null,
+  ad_certificates_path_template: null,
   ad_computer_base_dn: null,
   ad_discover_iis_app: null,
   ad_discover_services: null,
@@ -101,6 +112,7 @@ instance = Akeyless::GatewayUpdateMigration.new(
   ad_winrm_over_http: null,
   ad_winrm_port: null,
   ad_discover_local_users: null,
+  ai_certificate_discovery: null,
   aws_key: null,
   aws_key_id: null,
   aws_region: null,
@@ -108,6 +120,11 @@ instance = Akeyless::GatewayUpdateMigration.new(
   azure_kv_name: null,
   azure_secret: null,
   azure_tenant_id: null,
+  conjur_account: null,
+  conjur_api_key: null,
+  conjur_url: null,
+  conjur_username: null,
+  delete_remote: null,
   expiration_event_in: null,
   gcp_key: null,
   gcp_project_id: null,
@@ -142,6 +159,7 @@ instance = Akeyless::GatewayUpdateMigration.new(
   target_location: null,
   token: null,
   uid_token: null,
+  usc_name: null,
   use_gw_cloud_identity: null
 )
 ```

data/docs/GatewayUpdateRemoteAccessRdpRecordings.md

@@ -7,6 +7,7 @@
 | **aws_storage_access_key_id** | **String** | AWS access key id. For more information refer to https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html | [optional] |
 | **aws_storage_bucket_name** | **String** | The AWS bucket name. For more information refer to https://docs.aws.amazon.com/s3/ | [optional] |
 | **aws_storage_bucket_prefix** | **String** | The folder name in S3 bucket. For more information refer to https://docs.aws.amazon.com/s3/ | [optional] |
+| **aws_storage_endpoint_url** | **String** | Custom AWS endpoint URL for S3-compatible storage (e.g. a private AWS endpoint) | [optional] |
 | **aws_storage_region** | **String** | The region where the storage is located | [optional] |
 | **aws_storage_secret_access_key** | **String** | AWS secret access key. For more information refer to https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html | [optional] |
 | **azure_storage_account_name** | **String** | Azure account name. For more information refer to https://learn.microsoft.com/en-us/azure/storage/common/storage-account-overview | [optional] |
@@ -32,6 +33,7 @@ instance = Akeyless::GatewayUpdateRemoteAccessRdpRecordings.new(
   aws_storage_access_key_id: null,
   aws_storage_bucket_name: null,
   aws_storage_bucket_prefix: null,
+  aws_storage_endpoint_url: null,
   aws_storage_region: null,
   aws_storage_secret_access_key: null,
   azure_storage_account_name: null,

data/docs/GeneralConfigPart.md

@@ -7,6 +7,7 @@
 | **akeyless_url** | **String** | AkeylessUrl is here for BC only. Gator will still return it if it exists in the configuration, but new clients (>=2.34.0) will ignore it and override it with what exists in their local file. It will no longer be sent to Gator for update, so new clusters will only have the default value saved in the DB. | [optional] |
 | **api_token_ttl** | **String** |  | [optional] |
 | **display_name** | **String** |  | [optional] |
+| **enable_json_body_limit** | **Boolean** |  | [optional] |
 | **enable_sni_proxy** | **Boolean** |  | [optional] |
 | **enable_tls** | **Boolean** |  | [optional] |
 | **enable_tls_configure** | **Boolean** |  | [optional] |
@@ -14,6 +15,7 @@
 | **enable_tls_hvp** | **Boolean** |  | [optional] |
 | **gw_cluster_url** | **String** |  | [optional] |
 | **hvp_route_version** | **Integer** |  | [optional] |
+| **json_body_limit_mb** | **Integer** |  | [optional] |
 | **notify_on_status_change** | **Boolean** |  | [optional] |
 | **tcp_port** | **String** |  | [optional] |
 | **tls_cert** | **String** |  | [optional] |
@@ -31,6 +33,7 @@ instance = Akeyless::GeneralConfigPart.new(
   akeyless_url: null,
   api_token_ttl: null,
   display_name: null,
+  enable_json_body_limit: null,
   enable_sni_proxy: null,
   enable_tls: null,
   enable_tls_configure: null,
@@ -38,6 +41,7 @@ instance = Akeyless::GeneralConfigPart.new(
   enable_tls_hvp: null,
   gw_cluster_url: null,
   hvp_route_version: null,
+  json_body_limit_mb: null,
   notify_on_status_change: null,
   tcp_port: null,
   tls_cert: null,

data/docs/GetPKICertificateOutput.md

@@ -7,6 +7,7 @@
 | **cert_display_id** | **String** |  | [optional] |
 | **cert_item_id** | **Integer** |  | [optional] |
 | **data** | **String** |  | [optional] |
+| **http_challenge_info** | [**HTTPChallengeInfo**](HTTPChallengeInfo.md) |  | [optional] |
 | **parent_cert** | **String** |  | [optional] |
 | **path** | **String** |  | [optional] |
 | **reading_token** | **String** |  | [optional] |
@@ -20,6 +21,7 @@ instance = Akeyless::GetPKICertificateOutput.new(
   cert_display_id: null,
   cert_item_id: null,
   data: null,
+  http_challenge_info: null,
   parent_cert: null,
   path: null,
   reading_token: null

data/docs/GithubMetadata.md

@@ -0,0 +1,28 @@
+# Akeyless::GithubMetadata
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **environment_name** | **String** |  | [optional] |
+| **organization_name** | **String** |  | [optional] |
+| **repository** | **String** |  | [optional] |
+| **repository_access** | **String** |  | [optional] |
+| **scope** | **String** |  | [optional] |
+| **selected_repositories** | **String** |  | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::GithubMetadata.new(
+  environment_name: null,
+  organization_name: null,
+  repository: null,
+  repository_access: null,
+  scope: null,
+  selected_repositories: null
+)
+```
+

data/docs/GoogleTrustTargetDetails.md

@@ -0,0 +1,42 @@
+# Akeyless::GoogleTrustTargetDetails
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **account_key_pem** | **String** | ACME Account Private Key (PEM-encoded) Supports ECDSA (P-256, P-384, P-521), RSA (2048+), and Ed25519 Auto-generated as ECDSA P-256 during target creation bootstrap Stored encrypted, required for certificate operations and revocation | [optional] |
+| **account_url** | **String** | ACME Account URL (returned after registration with Google Trust Services) Used to retrieve existing account instead of re-registering | [optional] |
+| **acme_environment** | **String** | ACMEEnvironment defines Let's Encrypt ACME directory environment | [optional] |
+| **challenge_type** | **String** | ACMEChallengeType defines ACME challenge type for Let's Encrypt | [optional] |
+| **dns_target_name** | **String** | Name of DNS target (transient field - not stored in DB) Used by CLI to pass DNS target name to SDK for creating target_object_assoc Retrieved from target_object_assoc when reading target Required when ChallengeType is \"dns\" | [optional] |
+| **dns_target_type** | **String** |  | [optional] |
+| **eab_hmac_key** | **String** | External Account Binding HMAC key (required for ACME account bootstrap on target creation) Not persisted after bootstrap | [optional] |
+| **eab_key_id** | **String** | External Account Binding key identifier (required for ACME account bootstrap on target creation) Not persisted after bootstrap | [optional] |
+| **email** | **String** | Email address for ACME account registration Required | [optional] |
+| **gcp_project** | **String** | GCP Cloud DNS: Project ID Optional - can be derived from service account | [optional] |
+| **hosted_zone** | **String** | AWS Route53: Hosted zone ID Required when DNSTargetType is AWS | [optional] |
+| **resource_group** | **String** | Azure DNS: Resource group name Required when DNSTargetType is Azure | [optional] |
+| **timeout** | **Integer** | A Duration represents the elapsed time between two instants as an int64 nanosecond count. The representation limits the largest representable duration to approximately 290 years. | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::GoogleTrustTargetDetails.new(
+  account_key_pem: null,
+  account_url: null,
+  acme_environment: null,
+  challenge_type: null,
+  dns_target_name: null,
+  dns_target_type: null,
+  eab_hmac_key: null,
+  eab_key_id: null,
+  email: null,
+  gcp_project: null,
+  hosted_zone: null,
+  resource_group: null,
+  timeout: null
+)
+```
+

data/docs/HTTPChallengeInfo.md

@@ -0,0 +1,26 @@
+# Akeyless::HTTPChallengeInfo
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **file_content** | **String** |  | [optional] |
+| **file_path** | **String** |  | [optional] |
+| **instructions** | **String** |  | [optional] |
+| **key_auth** | **String** |  | [optional] |
+| **token** | **String** |  | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::HTTPChallengeInfo.new(
+  file_content: null,
+  file_path: null,
+  instructions: null,
+  key_auth: null,
+  token: null
+)
+```
+

data/docs/HashiPayload.md

@@ -4,10 +4,12 @@
 
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
+| **delete_sync_on_deletion** | **Boolean** |  | [optional] |
 | **import_as_json** | **Boolean** |  | [optional] |
 | **namespaces** | **Array<String>** |  | [optional] |
 | **token** | **String** |  | [optional] |
 | **url** | **String** |  | [optional] |
+| **usc_name** | **String** |  | [optional] |
 
 ## Example
 
@@ -15,10 +17,12 @@
 require 'akeyless'
 
 instance = Akeyless::HashiPayload.new(
+  delete_sync_on_deletion: null,
   import_as_json: null,
   namespaces: null,
   token: null,
-  url: null
+  url: null,
+  usc_name: null
 )
 ```
 

data/docs/IssuerOverviewInfo.md

@@ -0,0 +1,22 @@
+# Akeyless::IssuerOverviewInfo
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **certificate_authority_mode** | **String** |  | [optional] |
+| **expiration_date** | **Time** |  | [optional] |
+| **key_type** | **String** |  | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::IssuerOverviewInfo.new(
+  certificate_authority_mode: null,
+  expiration_date: null,
+  key_type: null
+)
+```
+

data/docs/Item.md

@@ -37,6 +37,7 @@
 | **last_rotation_date** | **Time** |  | [optional] |
 | **last_version** | **Integer** |  | [optional] |
 | **linked_details** | [**LinkedDetails**](LinkedDetails.md) |  | [optional] |
+| **locking_info** | [**LockingInfo**](LockingInfo.md) |  | [optional] |
 | **modification_date** | **Time** |  | [optional] |
 | **next_rotation_date** | **Time** |  | [optional] |
 | **protection_key_name** | **String** |  | [optional] |
@@ -87,6 +88,7 @@ instance = Akeyless::Item.new(
   last_rotation_date: null,
   last_version: null,
   linked_details: null,
+  locking_info: null,
   modification_date: null,
   next_rotation_date: null,
   protection_key_name: null,

data/docs/ItemGeneralInfo.md

@@ -14,6 +14,7 @@
 | **dynamic_secret_producer_details** | [**DynamicSecretProducerInfo**](DynamicSecretProducerInfo.md) |  | [optional] |
 | **expiration_events** | [**Array<CertificateExpirationEvent>**](CertificateExpirationEvent.md) |  | [optional] |
 | **importer_info** | [**ImporterInfo**](ImporterInfo.md) |  | [optional] |
+| **issuer_overview_info** | [**IssuerOverviewInfo**](IssuerOverviewInfo.md) |  | [optional] |
 | **next_rotation_events** | [**Array<NextAutoRotationEvent>**](NextAutoRotationEvent.md) |  | [optional] |
 | **oidc_client_info** | [**OidcClientInfo**](OidcClientInfo.md) |  | [optional] |
 | **password_policy** | [**PasswordPolicyInfo**](PasswordPolicyInfo.md) |  | [optional] |
@@ -38,6 +39,7 @@ instance = Akeyless::ItemGeneralInfo.new(
   dynamic_secret_producer_details: null,
   expiration_events: null,
   importer_info: null,
+  issuer_overview_info: null,
   next_rotation_events: null,
   oidc_client_info: null,
   password_policy: null,

data/docs/ItemLockingSetting.md

@@ -0,0 +1,20 @@
+# Akeyless::ItemLockingSetting
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **enable** | **Boolean** |  | [optional] |
+| **max_lock_ttl_mins** | **Integer** |  | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::ItemLockingSetting.new(
+  enable: null,
+  max_lock_ttl_mins: null
+)
+```
+

data/docs/LockItem.md

@@ -0,0 +1,28 @@
+# Akeyless::LockItem
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **actions** | **String** | Comma-separated blocked actions (read, update) | [optional] |
+| **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
+| **lock_ttl** | **Integer** | Lock TTL in minutes | [optional] |
+| **name** | **String** | Item name |  |
+| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
+| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::LockItem.new(
+  actions: null,
+  json: null,
+  lock_ttl: null,
+  name: null,
+  token: null,
+  uid_token: null
+)
+```
+

data/docs/LockTarget.md

@@ -0,0 +1,28 @@
+# Akeyless::LockTarget
+
+## Properties
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **actions** | **String** | Comma-separated blocked actions (read, update) | [optional] |
+| **json** | **Boolean** | Set output format to JSON | [optional][default to false] |
+| **lock_ttl** | **Integer** | Lock TTL in minutes | [optional] |
+| **name** | **String** | Target name |  |
+| **token** | **String** | Authentication token (see `/auth` and `/configure`) | [optional] |
+| **uid_token** | **String** | The universal identity token, Required only for universal_identity authentication | [optional] |
+
+## Example
+
+```ruby
+require 'akeyless'
+
+instance = Akeyless::LockTarget.new(
+  actions: null,
+  json: null,
+  lock_ttl: null,
+  name: null,
+  token: null,
+  uid_token: null
+)
+```
+