strongdm 7.0.0 → 8.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0760de79267673cdb950eee0db3fd85393fd67a99af0eade61452a44211576fe
-  data.tar.gz: a9d0ef8500ace7013543a8c1a744c4cf726f3b570606512d96af8dab867d148d
+  metadata.gz: 1692786ff878322b92229abdcf3a833c53a3ac2fcc282c908b88746b39c50a10
+  data.tar.gz: 523e925b33b3b3246e53f3819820c50095305ad79c486e6b21cb09e5558c89e7
 SHA512:
-  metadata.gz: f189580f1ba7e1a2829be6b31037ec97636d7a0ccdbebf1e0d81b98fc91fcdcc21ab13139cca1d09d95ac04eba5f672c1d5f381ec9bba98bb73fb8937dcb922f
-  data.tar.gz: ec158df54db66b17e634ae0cafb277a53ad5e997c6d8f70cfcde29b80e02fe580bb223333b493bd272126ae84ea3eda44eb46d1bda199aec83a9c9cb04f1bb1d
+  metadata.gz: 8d6a587a20eb66b2d917c2587f553f98325d1e270b8f321ce628eb3d22fb5b0437b655e5f3ed2b38e48971d3e6302775db7473e3d1397bc436e77cba926fe65e
+  data.tar.gz: 8cb03acd29cce7f386c47956607d3e3e2b7457cd30200fcfdcf4760bb3a0539bf4811d7ad42c4ea88c0b707405a069b4bdb86fd5ff418e0c506585f52d2d4f86

data/.git/ORIG_HEAD

@@ -1 +1 @@
-d8a1092c15d3618de31ada43875014d96bd21e36
+f34575bc142eabf113dbbc5b40b3a16e0c026355

data/.git/logs/HEAD

@@ -1,3 +1,3 @@
-0000000000000000000000000000000000000000 d8a1092c15d3618de31ada43875014d96bd21e36 sdmrelease <support@strongdm.com> 1710517159 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
-d8a1092c15d3618de31ada43875014d96bd21e36 d8a1092c15d3618de31ada43875014d96bd21e36 sdmrelease <support@strongdm.com> 1710517159 +0000	checkout: moving from master to master
-d8a1092c15d3618de31ada43875014d96bd21e36 c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c sdmrelease <support@strongdm.com> 1710517159 +0000	merge origin/development: Fast-forward
+0000000000000000000000000000000000000000 f34575bc142eabf113dbbc5b40b3a16e0c026355 sdmrelease <support@strongdm.com> 1712692017 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+f34575bc142eabf113dbbc5b40b3a16e0c026355 f34575bc142eabf113dbbc5b40b3a16e0c026355 sdmrelease <support@strongdm.com> 1712692017 +0000	checkout: moving from master to master
+f34575bc142eabf113dbbc5b40b3a16e0c026355 7659a644ef149debee2515386136b7e2d5e917ea sdmrelease <support@strongdm.com> 1712692017 +0000	merge origin/development: Fast-forward

data/.git/logs/refs/heads/master

@@ -1,2 +1,2 @@
-0000000000000000000000000000000000000000 d8a1092c15d3618de31ada43875014d96bd21e36 sdmrelease <support@strongdm.com> 1710517159 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
-d8a1092c15d3618de31ada43875014d96bd21e36 c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c sdmrelease <support@strongdm.com> 1710517159 +0000	merge origin/development: Fast-forward
+0000000000000000000000000000000000000000 f34575bc142eabf113dbbc5b40b3a16e0c026355 sdmrelease <support@strongdm.com> 1712692017 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+f34575bc142eabf113dbbc5b40b3a16e0c026355 7659a644ef149debee2515386136b7e2d5e917ea sdmrelease <support@strongdm.com> 1712692017 +0000	merge origin/development: Fast-forward

data/.git/logs/refs/remotes/origin/HEAD

@@ -1 +1 @@
-0000000000000000000000000000000000000000 d8a1092c15d3618de31ada43875014d96bd21e36 sdmrelease <support@strongdm.com> 1710517159 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+0000000000000000000000000000000000000000 f34575bc142eabf113dbbc5b40b3a16e0c026355 sdmrelease <support@strongdm.com> 1712692017 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git

data/.git/packed-refs

@@ -1,6 +1,6 @@
 # pack-refs with: peeled fully-peeled sorted 
-c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c refs/remotes/origin/development
-d8a1092c15d3618de31ada43875014d96bd21e36 refs/remotes/origin/master
+7659a644ef149debee2515386136b7e2d5e917ea refs/remotes/origin/development
+f34575bc142eabf113dbbc5b40b3a16e0c026355 refs/remotes/origin/master
 2e4fe8087177ddea9b3991ca499f758384839c89 refs/tags/untagged-84fd83a4484c785cce63
 04f604866214fab4d5663b5171a3e596331577bd refs/tags/v0.9.4
 6f9a7b75b345c65fb554884907b7060680c807b7 refs/tags/v0.9.5
@@ -102,3 +102,5 @@ e37aa2b50ffd917949a8e1c7a1fa28d12071fa69 refs/tags/v6.7.0
 3e28afb8b757876c463b22aac13ee618d9ead204 refs/tags/v6.7.1
 0429c9a2739f699ea33db7e6dd85e6be47e9190e refs/tags/v6.8.0
 d8a1092c15d3618de31ada43875014d96bd21e36 refs/tags/v6.9.0
+c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c refs/tags/v7.0.0
+f34575bc142eabf113dbbc5b40b3a16e0c026355 refs/tags/v7.1.0

data/.git/refs/heads/master

@@ -1 +1 @@
-c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c
+7659a644ef149debee2515386136b7e2d5e917ea

data/lib/grpc/accounts_pb.rb

@@ -17,6 +17,7 @@
 
 require "google/protobuf"
 
+require "google/protobuf/duration_pb"
 require "google/protobuf/timestamp_pb"
 require "options_pb"
 require "spec_pb"
@@ -33,6 +34,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :account, :message, 2, "v1.Account"
       optional :token, :string, 3
       optional :rate_limit, :message, 4, "v1.RateLimitMetadata"
+      optional :access_key, :string, 5
+      optional :secret_key, :string, 6
     end
     add_message "v1.AccountGetRequest" do
       optional :meta, :message, 1, "v1.GetRequestMetadata"
@@ -103,6 +106,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :tags, :message, 4, "v1.Tags"
       optional :rekeyed, :message, 5, "google.protobuf.Timestamp"
       optional :deadline, :message, 6, "google.protobuf.Timestamp"
+      optional :account_type, :string, 7
+      repeated :permissions, :string, 8
+      optional :duration, :message, 9, "google.protobuf.Duration"
     end
   end
 end

data/lib/grpc/accounts_services_pb.rb

@@ -23,6 +23,7 @@ module V1
     # Accounts are users that have access to strongDM. There are two types of accounts:
     # 1. **Users:** humans who are authenticated through username and password or SSO.
     # 2. **Service Accounts:** machines that are authenticated using a service token.
+    # 3. **Tokens** are access keys with permissions that can be used for authentication.
     class Service
       include ::GRPC::GenericService
 

data/lib/grpc/plumbing.rb

@@ -1041,6 +1041,9 @@ module SDM
       if porcelain.instance_of? Service
         plumbing.service = convert_service_to_plumbing(porcelain)
       end
+      if porcelain.instance_of? Token
+        plumbing.token = convert_token_to_plumbing(porcelain)
+      end
       if porcelain.instance_of? User
         plumbing.user = convert_user_to_plumbing(porcelain)
       end
@@ -1054,6 +1057,9 @@ module SDM
       if plumbing.service != nil
         return convert_service_to_porcelain(plumbing.service)
       end
+      if plumbing.token != nil
+        return convert_token_to_porcelain(plumbing.token)
+      end
       if plumbing.user != nil
         return convert_user_to_porcelain(plumbing.user)
       end
@@ -1271,9 +1277,11 @@ module SDM
         return nil
       end
       porcelain = AccountCreateResponse.new()
+      porcelain.access_key = (plumbing.access_key)
       porcelain.account = convert_account_to_porcelain(plumbing.account)
       porcelain.meta = convert_create_response_metadata_to_porcelain(plumbing.meta)
       porcelain.rate_limit = convert_rate_limit_metadata_to_porcelain(plumbing.rate_limit)
+      porcelain.secret_key = (plumbing.secret_key)
       porcelain.token = (plumbing.token)
       porcelain
     end
@@ -1283,9 +1291,11 @@ module SDM
         return nil
       end
       plumbing = V1::AccountCreateResponse.new()
+      plumbing.access_key = (porcelain.access_key)
       plumbing.account = convert_account_to_plumbing(porcelain.account)
       plumbing.meta = convert_create_response_metadata_to_plumbing(porcelain.meta)
       plumbing.rate_limit = convert_rate_limit_metadata_to_plumbing(porcelain.rate_limit)
+      plumbing.secret_key = (porcelain.secret_key)
       plumbing.token = (porcelain.token)
       plumbing
     end
@@ -4878,6 +4888,7 @@ module SDM
       porcelain.caid = (plumbing.caID)
       porcelain.capoolid = (plumbing.caPoolID)
       porcelain.id = (plumbing.id)
+      porcelain.issuedcertttlminutes = (plumbing.issuedCertTTLMinutes)
       porcelain.location = (plumbing.location)
       porcelain.name = (plumbing.name)
       porcelain.projectid = (plumbing.projectID)
@@ -4893,6 +4904,7 @@ module SDM
       plumbing.caID = (porcelain.caid)
       plumbing.caPoolID = (porcelain.capoolid)
       plumbing.id = (porcelain.id)
+      plumbing.issuedCertTTLMinutes = (porcelain.issuedcertttlminutes)
       plumbing.location = (porcelain.location)
       plumbing.name = (porcelain.name)
       plumbing.projectID = (porcelain.projectid)
@@ -11205,6 +11217,56 @@ module SDM
       end
       items
     end
+    def self.convert_token_to_porcelain(plumbing)
+      if plumbing == nil
+        return nil
+      end
+      porcelain = Token.new()
+      porcelain.account_type = (plumbing.account_type)
+      porcelain.deadline = convert_timestamp_to_porcelain(plumbing.deadline)
+      porcelain.duration = convert_duration_to_porcelain(plumbing.duration)
+      porcelain.id = (plumbing.id)
+      porcelain.name = (plumbing.name)
+      porcelain.permissions = (plumbing.permissions)
+      porcelain.rekeyed = convert_timestamp_to_porcelain(plumbing.rekeyed)
+      porcelain.suspended = (plumbing.suspended)
+      porcelain.tags = convert_tags_to_porcelain(plumbing.tags)
+      porcelain
+    end
+
+    def self.convert_token_to_plumbing(porcelain)
+      if porcelain == nil
+        return nil
+      end
+      plumbing = V1::Token.new()
+      plumbing.account_type = (porcelain.account_type)
+      plumbing.deadline = convert_timestamp_to_plumbing(porcelain.deadline)
+      plumbing.duration = convert_duration_to_plumbing(porcelain.duration)
+      plumbing.id = (porcelain.id)
+      plumbing.name = (porcelain.name)
+      plumbing.permissions += (porcelain.permissions)
+      plumbing.rekeyed = convert_timestamp_to_plumbing(porcelain.rekeyed)
+      plumbing.suspended = (porcelain.suspended)
+      plumbing.tags = convert_tags_to_plumbing(porcelain.tags)
+      plumbing
+    end
+    def self.convert_repeated_token_to_plumbing(porcelains)
+      items = Array.new
+      porcelains.each do |porcelain|
+        plumbing = convert_token_to_plumbing(porcelain)
+        items.append(plumbing)
+      end
+      items
+    end
+
+    def self.convert_repeated_token_to_porcelain(plumbings)
+      items = Array.new
+      plumbings.each do |plumbing|
+        porcelain = convert_token_to_porcelain(plumbing)
+        items.append(porcelain)
+      end
+      items
+    end
     def self.convert_trino_to_porcelain(plumbing)
       if plumbing == nil
         return nil
@@ -11353,6 +11415,7 @@ module SDM
       end
       porcelain = VaultAppRoleCertSSHStore.new()
       porcelain.id = (plumbing.id)
+      porcelain.issuedcertttlminutes = (plumbing.issuedCertTTLMinutes)
       porcelain.name = (plumbing.name)
       porcelain.namespace = (plumbing.namespace)
       porcelain.server_address = (plumbing.server_address)
@@ -11368,6 +11431,7 @@ module SDM
       end
       plumbing = V1::VaultAppRoleCertSSHStore.new()
       plumbing.id = (porcelain.id)
+      plumbing.issuedCertTTLMinutes = (porcelain.issuedcertttlminutes)
       plumbing.name = (porcelain.name)
       plumbing.namespace = (porcelain.namespace)
       plumbing.server_address = (porcelain.server_address)
@@ -11399,6 +11463,7 @@ module SDM
       end
       porcelain = VaultAppRoleCertX509Store.new()
       porcelain.id = (plumbing.id)
+      porcelain.issuedcertttlminutes = (plumbing.issuedCertTTLMinutes)
       porcelain.name = (plumbing.name)
       porcelain.namespace = (plumbing.namespace)
       porcelain.pki_mount_point = (plumbing.pki_mount_point)
@@ -11414,6 +11479,7 @@ module SDM
       end
       plumbing = V1::VaultAppRoleCertX509Store.new()
       plumbing.id = (porcelain.id)
+      plumbing.issuedCertTTLMinutes = (porcelain.issuedcertttlminutes)
       plumbing.name = (porcelain.name)
       plumbing.namespace = (porcelain.namespace)
       plumbing.pki_mount_point = (porcelain.pki_mount_point)
@@ -11490,6 +11556,7 @@ module SDM
       porcelain.client_cert_path = (plumbing.client_cert_path)
       porcelain.client_key_path = (plumbing.client_key_path)
       porcelain.id = (plumbing.id)
+      porcelain.issuedcertttlminutes = (plumbing.issuedCertTTLMinutes)
       porcelain.name = (plumbing.name)
       porcelain.namespace = (plumbing.namespace)
       porcelain.server_address = (plumbing.server_address)
@@ -11508,6 +11575,7 @@ module SDM
       plumbing.client_cert_path = (porcelain.client_cert_path)
       plumbing.client_key_path = (porcelain.client_key_path)
       plumbing.id = (porcelain.id)
+      plumbing.issuedCertTTLMinutes = (porcelain.issuedcertttlminutes)
       plumbing.name = (porcelain.name)
       plumbing.namespace = (porcelain.namespace)
       plumbing.server_address = (porcelain.server_address)
@@ -11542,6 +11610,7 @@ module SDM
       porcelain.client_cert_path = (plumbing.client_cert_path)
       porcelain.client_key_path = (plumbing.client_key_path)
       porcelain.id = (plumbing.id)
+      porcelain.issuedcertttlminutes = (plumbing.issuedCertTTLMinutes)
       porcelain.name = (plumbing.name)
       porcelain.namespace = (plumbing.namespace)
       porcelain.pki_mount_point = (plumbing.pki_mount_point)
@@ -11560,6 +11629,7 @@ module SDM
       plumbing.client_cert_path = (porcelain.client_cert_path)
       plumbing.client_key_path = (porcelain.client_key_path)
       plumbing.id = (porcelain.id)
+      plumbing.issuedCertTTLMinutes = (porcelain.issuedcertttlminutes)
       plumbing.name = (porcelain.name)
       plumbing.namespace = (porcelain.namespace)
       plumbing.pki_mount_point = (porcelain.pki_mount_point)
@@ -11639,6 +11709,7 @@ module SDM
       end
       porcelain = VaultTokenCertSSHStore.new()
       porcelain.id = (plumbing.id)
+      porcelain.issuedcertttlminutes = (plumbing.issuedCertTTLMinutes)
       porcelain.name = (plumbing.name)
       porcelain.namespace = (plumbing.namespace)
       porcelain.server_address = (plumbing.server_address)
@@ -11654,6 +11725,7 @@ module SDM
       end
       plumbing = V1::VaultTokenCertSSHStore.new()
       plumbing.id = (porcelain.id)
+      plumbing.issuedCertTTLMinutes = (porcelain.issuedcertttlminutes)
       plumbing.name = (porcelain.name)
       plumbing.namespace = (porcelain.namespace)
       plumbing.server_address = (porcelain.server_address)
@@ -11685,6 +11757,7 @@ module SDM
       end
       porcelain = VaultTokenCertX509Store.new()
       porcelain.id = (plumbing.id)
+      porcelain.issuedcertttlminutes = (plumbing.issuedCertTTLMinutes)
       porcelain.name = (plumbing.name)
       porcelain.namespace = (plumbing.namespace)
       porcelain.pki_mount_point = (plumbing.pki_mount_point)
@@ -11700,6 +11773,7 @@ module SDM
       end
       plumbing = V1::VaultTokenCertX509Store.new()
       plumbing.id = (porcelain.id)
+      plumbing.issuedCertTTLMinutes = (porcelain.issuedcertttlminutes)
       plumbing.name = (porcelain.name)
       plumbing.namespace = (porcelain.namespace)
       plumbing.pki_mount_point = (porcelain.pki_mount_point)

data/lib/grpc/secret_store_types_pb.rb

@@ -56,7 +56,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :name, :string, 2
       optional :caArn, :string, 5
       optional :certificateTemplateArn, :string, 7
-      optional :issuedCertTTLMinutes, :string, 8
+      optional :issuedCertTTLMinutes, :int32, 8
       optional :region, :string, 3
       optional :signingAlgo, :string, 6
       optional :tags, :message, 4, "v1.Tags"
@@ -109,6 +109,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :name, :string, 2
       optional :caID, :string, 6
       optional :caPoolID, :string, 5
+      optional :issuedCertTTLMinutes, :int32, 7
       optional :location, :string, 4
       optional :projectID, :string, 3
       optional :tags, :message, 32771, "v1.Tags"
@@ -123,6 +124,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "v1.VaultAppRoleCertSSHStore" do
       optional :id, :string, 1
       optional :name, :string, 2
+      optional :issuedCertTTLMinutes, :int32, 9
       optional :namespace, :string, 5
       optional :server_address, :string, 3
       optional :signing_role, :string, 7
@@ -132,6 +134,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "v1.VaultAppRoleCertX509Store" do
       optional :id, :string, 1
       optional :name, :string, 2
+      optional :issuedCertTTLMinutes, :int32, 9
       optional :namespace, :string, 5
       optional :pki_mount_point, :string, 6
       optional :server_address, :string, 3
@@ -154,6 +157,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :CA_cert_path, :string, 4
       optional :client_cert_path, :string, 5
       optional :client_key_path, :string, 6
+      optional :issuedCertTTLMinutes, :int32, 11
       optional :namespace, :string, 8
       optional :server_address, :string, 3
       optional :signing_role, :string, 10
@@ -166,6 +170,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :CA_cert_path, :string, 4
       optional :client_cert_path, :string, 5
       optional :client_key_path, :string, 6
+      optional :issuedCertTTLMinutes, :int32, 11
       optional :namespace, :string, 8
       optional :pki_mount_point, :string, 9
       optional :server_address, :string, 3
@@ -182,6 +187,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "v1.VaultTokenCertSSHStore" do
       optional :id, :string, 1
       optional :name, :string, 2
+      optional :issuedCertTTLMinutes, :int32, 9
       optional :namespace, :string, 5
       optional :server_address, :string, 3
       optional :signing_role, :string, 7
@@ -191,6 +197,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
     add_message "v1.VaultTokenCertX509Store" do
       optional :id, :string, 1
       optional :name, :string, 2
+      optional :issuedCertTTLMinutes, :int32, 8
       optional :namespace, :string, 5
       optional :pki_mount_point, :string, 6
       optional :server_address, :string, 3

data/lib/models/porcelain.rb

@@ -458,7 +458,6 @@ module SDM
     end
   end
 
-  # AWSCertX509Store is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class AWSCertX509Store
     # The ARN of the CA in AWS Private CA
     attr_accessor :caarn
@@ -466,7 +465,7 @@ module SDM
     attr_accessor :certificatetemplatearn
     # Unique identifier of the SecretStore.
     attr_accessor :id
-    # The lifetime of certificates issued by this CA represented in minutes e.g. 600 (for 10 hours). Defaults to 8 hours if not provided.
+    # The lifetime of certificates issued by this CA represented in minutes.
     attr_accessor :issuedcertttlminutes
     # Unique human-readable name of the SecretStore.
     attr_accessor :name
@@ -490,7 +489,7 @@ module SDM
       @caarn = caarn == nil ? "" : caarn
       @certificatetemplatearn = certificatetemplatearn == nil ? "" : certificatetemplatearn
       @id = id == nil ? "" : id
-      @issuedcertttlminutes = issuedcertttlminutes == nil ? "" : issuedcertttlminutes
+      @issuedcertttlminutes = issuedcertttlminutes == nil ? 0 : issuedcertttlminutes
       @name = name == nil ? "" : name
       @region = region == nil ? "" : region
       @signingalgo = signingalgo == nil ? "" : signingalgo
@@ -1082,25 +1081,33 @@ module SDM
 
   # AccountCreateResponse reports how the Accounts were created in the system.
   class AccountCreateResponse
+    # ID part of the API key.
+    attr_accessor :access_key
     # The created Account.
     attr_accessor :account
     # Reserved for future use.
     attr_accessor :meta
     # Rate limit information.
     attr_accessor :rate_limit
+    # Secret part of the API key.
+    attr_accessor :secret_key
     # The auth token generated for the Account. The Account will use this token to
     # authenticate with the strongDM API.
     attr_accessor :token
 
     def initialize(
+      access_key: nil,
       account: nil,
       meta: nil,
       rate_limit: nil,
+      secret_key: nil,
       token: nil
     )
+      @access_key = access_key == nil ? "" : access_key
       @account = account == nil ? nil : account
       @meta = meta == nil ? nil : meta
       @rate_limit = rate_limit == nil ? nil : rate_limit
+      @secret_key = secret_key == nil ? "" : secret_key
       @token = token == nil ? "" : token
     end
 
@@ -1506,7 +1513,6 @@ module SDM
     end
   end
 
-  # ActiveDirectoryStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class ActiveDirectoryStore
     # Unique identifier of the SecretStore.
     attr_accessor :id
@@ -4648,7 +4654,6 @@ module SDM
     end
   end
 
-  # GCPCertX509Store is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class GCPCertX509Store
     # The ID of the target CA
     attr_accessor :caid
@@ -4656,6 +4661,8 @@ module SDM
     attr_accessor :capoolid
     # Unique identifier of the SecretStore.
     attr_accessor :id
+    # The lifetime of certificates issued by this CA represented in minutes.
+    attr_accessor :issuedcertttlminutes
     # The Region for the CA in GCP format e.g. us-west1
     attr_accessor :location
     # Unique human-readable name of the SecretStore.
@@ -4669,6 +4676,7 @@ module SDM
       caid: nil,
       capoolid: nil,
       id: nil,
+      issuedcertttlminutes: nil,
       location: nil,
       name: nil,
       projectid: nil,
@@ -4677,6 +4685,7 @@ module SDM
       @caid = caid == nil ? "" : caid
       @capoolid = capoolid == nil ? "" : capoolid
       @id = id == nil ? "" : id
+      @issuedcertttlminutes = issuedcertttlminutes == nil ? 0 : issuedcertttlminutes
       @location = location == nil ? "" : location
       @name = name == nil ? "" : name
       @projectid = projectid == nil ? "" : projectid
@@ -10408,6 +10417,59 @@ module SDM
     end
   end
 
+  # A Token is an account providing tokenized access for automation or integration use.
+  # Tokens include admin tokens, API keys, and SCIM tokens.
+  class Token
+    # Corresponds to the type of token, e.g. api or admin-token.
+    attr_accessor :account_type
+    # The timestamp when the Token will expire.
+    attr_accessor :deadline
+    # Duration from token creation to expiration.
+    attr_accessor :duration
+    # Unique identifier of the Token.
+    attr_accessor :id
+    # Unique human-readable name of the Token.
+    attr_accessor :name
+    # Permissions assigned to the token, e.g. role:create.
+    attr_accessor :permissions
+    # The timestamp when the Token was last rekeyed.
+    attr_accessor :rekeyed
+    # Reserved for future use.  Always false for tokens.
+    attr_accessor :suspended
+    # Tags is a map of key, value pairs.
+    attr_accessor :tags
+
+    def initialize(
+      account_type: nil,
+      deadline: nil,
+      duration: nil,
+      id: nil,
+      name: nil,
+      permissions: nil,
+      rekeyed: nil,
+      suspended: nil,
+      tags: nil
+    )
+      @account_type = account_type == nil ? "" : account_type
+      @deadline = deadline == nil ? nil : deadline
+      @duration = duration == nil ? nil : duration
+      @id = id == nil ? "" : id
+      @name = name == nil ? "" : name
+      @permissions = permissions == nil ? [] : permissions
+      @rekeyed = rekeyed == nil ? nil : rekeyed
+      @suspended = suspended == nil ? false : suspended
+      @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
   # Trino is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class Trino
     # The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
@@ -10547,10 +10609,11 @@ module SDM
     end
   end
 
-  # VaultAppRoleCertSSHStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class VaultAppRoleCertSSHStore
     # Unique identifier of the SecretStore.
     attr_accessor :id
+    # The lifetime of certificates issued by this CA represented in minutes.
+    attr_accessor :issuedcertttlminutes
     # Unique human-readable name of the SecretStore.
     attr_accessor :name
     # The namespace to make requests within
@@ -10566,6 +10629,7 @@ module SDM
 
     def initialize(
       id: nil,
+      issuedcertttlminutes: nil,
       name: nil,
       namespace: nil,
       server_address: nil,
@@ -10574,6 +10638,7 @@ module SDM
       tags: nil
     )
       @id = id == nil ? "" : id
+      @issuedcertttlminutes = issuedcertttlminutes == nil ? 0 : issuedcertttlminutes
       @name = name == nil ? "" : name
       @namespace = namespace == nil ? "" : namespace
       @server_address = server_address == nil ? "" : server_address
@@ -10591,10 +10656,11 @@ module SDM
     end
   end
 
-  # VaultAppRoleCertX509Store is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class VaultAppRoleCertX509Store
     # Unique identifier of the SecretStore.
     attr_accessor :id
+    # The lifetime of certificates issued by this CA in minutes. Recommended value is 5.
+    attr_accessor :issuedcertttlminutes
     # Unique human-readable name of the SecretStore.
     attr_accessor :name
     # The namespace to make requests within
@@ -10610,6 +10676,7 @@ module SDM
 
     def initialize(
       id: nil,
+      issuedcertttlminutes: nil,
       name: nil,
       namespace: nil,
       pki_mount_point: nil,
@@ -10618,6 +10685,7 @@ module SDM
       tags: nil
     )
       @id = id == nil ? "" : id
+      @issuedcertttlminutes = issuedcertttlminutes == nil ? 0 : issuedcertttlminutes
       @name = name == nil ? "" : name
       @namespace = namespace == nil ? "" : namespace
       @pki_mount_point = pki_mount_point == nil ? "" : pki_mount_point
@@ -10670,7 +10738,6 @@ module SDM
     end
   end
 
-  # VaultTLSCertSSHStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class VaultTLSCertSSHStore
     # A path to a CA file accessible by a Node
     attr_accessor :ca_cert_path
@@ -10680,6 +10747,8 @@ module SDM
     attr_accessor :client_key_path
     # Unique identifier of the SecretStore.
     attr_accessor :id
+    # The lifetime of certificates issued by this CA represented in minutes.
+    attr_accessor :issuedcertttlminutes
     # Unique human-readable name of the SecretStore.
     attr_accessor :name
     # The namespace to make requests within
@@ -10698,6 +10767,7 @@ module SDM
       client_cert_path: nil,
       client_key_path: nil,
       id: nil,
+      issuedcertttlminutes: nil,
       name: nil,
       namespace: nil,
       server_address: nil,
@@ -10709,6 +10779,7 @@ module SDM
       @client_cert_path = client_cert_path == nil ? "" : client_cert_path
       @client_key_path = client_key_path == nil ? "" : client_key_path
       @id = id == nil ? "" : id
+      @issuedcertttlminutes = issuedcertttlminutes == nil ? 0 : issuedcertttlminutes
       @name = name == nil ? "" : name
       @namespace = namespace == nil ? "" : namespace
       @server_address = server_address == nil ? "" : server_address
@@ -10726,7 +10797,6 @@ module SDM
     end
   end
 
-  # VaultTLSCertX509Store is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class VaultTLSCertX509Store
     # A path to a CA file accessible by a Node
     attr_accessor :ca_cert_path
@@ -10736,6 +10806,8 @@ module SDM
     attr_accessor :client_key_path
     # Unique identifier of the SecretStore.
     attr_accessor :id
+    # The lifetime of certificates issued by this CA represented in minutes.
+    attr_accessor :issuedcertttlminutes
     # Unique human-readable name of the SecretStore.
     attr_accessor :name
     # The namespace to make requests within
@@ -10754,6 +10826,7 @@ module SDM
       client_cert_path: nil,
       client_key_path: nil,
       id: nil,
+      issuedcertttlminutes: nil,
       name: nil,
       namespace: nil,
       pki_mount_point: nil,
@@ -10765,6 +10838,7 @@ module SDM
       @client_cert_path = client_cert_path == nil ? "" : client_cert_path
       @client_key_path = client_key_path == nil ? "" : client_key_path
       @id = id == nil ? "" : id
+      @issuedcertttlminutes = issuedcertttlminutes == nil ? 0 : issuedcertttlminutes
       @name = name == nil ? "" : name
       @namespace = namespace == nil ? "" : namespace
       @pki_mount_point = pki_mount_point == nil ? "" : pki_mount_point
@@ -10829,10 +10903,11 @@ module SDM
     end
   end
 
-  # VaultTokenCertSSHStore is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class VaultTokenCertSSHStore
     # Unique identifier of the SecretStore.
     attr_accessor :id
+    # The lifetime of certificates issued by this CA in minutes. Recommended value is 5.
+    attr_accessor :issuedcertttlminutes
     # Unique human-readable name of the SecretStore.
     attr_accessor :name
     # The namespace to make requests within
@@ -10848,6 +10923,7 @@ module SDM
 
     def initialize(
       id: nil,
+      issuedcertttlminutes: nil,
       name: nil,
       namespace: nil,
       server_address: nil,
@@ -10856,6 +10932,7 @@ module SDM
       tags: nil
     )
       @id = id == nil ? "" : id
+      @issuedcertttlminutes = issuedcertttlminutes == nil ? 0 : issuedcertttlminutes
       @name = name == nil ? "" : name
       @namespace = namespace == nil ? "" : namespace
       @server_address = server_address == nil ? "" : server_address
@@ -10873,10 +10950,11 @@ module SDM
     end
   end
 
-  # VaultTokenCertX509Store is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class VaultTokenCertX509Store
     # Unique identifier of the SecretStore.
     attr_accessor :id
+    # The lifetime of certificates issued by this CA represented in minutes.
+    attr_accessor :issuedcertttlminutes
     # Unique human-readable name of the SecretStore.
     attr_accessor :name
     # The namespace to make requests within
@@ -10892,6 +10970,7 @@ module SDM
 
     def initialize(
       id: nil,
+      issuedcertttlminutes: nil,
       name: nil,
       namespace: nil,
       pki_mount_point: nil,
@@ -10900,6 +10979,7 @@ module SDM
       tags: nil
     )
       @id = id == nil ? "" : id
+      @issuedcertttlminutes = issuedcertttlminutes == nil ? 0 : issuedcertttlminutes
       @name = name == nil ? "" : name
       @namespace = namespace == nil ? "" : namespace
       @pki_mount_point = pki_mount_point == nil ? "" : pki_mount_point

data/lib/strongdm.rb

@@ -28,8 +28,8 @@ module SDM #:nodoc:
     DEFAULT_MAX_RETRIES = 3
     DEFAULT_BASE_RETRY_DELAY = 0.0030 # 30 ms
     DEFAULT_MAX_RETRY_DELAY = 300 # 300 seconds
-    API_VERSION = "2024-03-14"
-    USER_AGENT = "strongdm-sdk-ruby/7.0.0"
+    API_VERSION = "2024-03-28"
+    USER_AGENT = "strongdm-sdk-ruby/8.0.0"
     private_constant :DEFAULT_MAX_RETRIES, :DEFAULT_BASE_RETRY_DELAY, :DEFAULT_MAX_RETRY_DELAY, :API_VERSION, :USER_AGENT
 
     # Creates a new strongDM API client.
@@ -240,6 +240,7 @@ module SDM #:nodoc:
     # Accounts are users that have access to strongDM. There are two types of accounts:
     # 1. **Users:** humans who are authenticated through username and password or SSO.
     # 2. **Service Accounts:** machines that are authenticated using a service token.
+    # 3. **Tokens** are access keys with permissions that can be used for authentication.
     #
     # See {Accounts}.
     attr_reader :accounts
@@ -527,6 +528,7 @@ module SDM #:nodoc:
     # Accounts are users that have access to strongDM. There are two types of accounts:
     # 1. **Users:** humans who are authenticated through username and password or SSO.
     # 2. **Service Accounts:** machines that are authenticated using a service token.
+    # 3. **Tokens** are access keys with permissions that can be used for authentication.
     #
     # See {SnapshotAccounts}.
     attr_reader :accounts

data/lib/svc.rb

@@ -902,9 +902,11 @@ module SDM #:nodoc:
   # Accounts are users that have access to strongDM. There are two types of accounts:
   # 1. **Users:** humans who are authenticated through username and password or SSO.
   # 2. **Service Accounts:** machines that are authenticated using a service token.
+  # 3. **Tokens** are access keys with permissions that can be used for authentication.
   #
   # See:
   # {Service}
+  # {Token}
   # {User}
   class Accounts
     extend Gem::Deprecate
@@ -942,9 +944,11 @@ module SDM #:nodoc:
       end
 
       resp = AccountCreateResponse.new()
+      resp.access_key = (plumbing_response.access_key)
       resp.account = Plumbing::convert_account_to_porcelain(plumbing_response.account)
       resp.meta = Plumbing::convert_create_response_metadata_to_porcelain(plumbing_response.meta)
       resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp.secret_key = (plumbing_response.secret_key)
       resp.token = (plumbing_response.token)
       resp
     end

data/lib/version

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "7.0.0"
+  VERSION = "8.0.0"
 end

data/lib/version.rb

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "7.0.0"
+  VERSION = "8.0.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: strongdm
 version: !ruby/object:Gem::Version
-  version: 7.0.0
+  version: 8.0.0
 platform: ruby
 authors:
 - strongDM Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-03-15 00:00:00.000000000 Z
+date: 2024-04-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -81,8 +81,8 @@ files:
 - "./.git/logs/HEAD"
 - "./.git/logs/refs/heads/master"
 - "./.git/logs/refs/remotes/origin/HEAD"
-- "./.git/objects/pack/pack-35100f17336a9a56e777373870676ef90dc420dc.idx"
-- "./.git/objects/pack/pack-35100f17336a9a56e777373870676ef90dc420dc.pack"
+- "./.git/objects/pack/pack-69c9823403bcd0961320d5e472ca7682c217e13f.idx"
+- "./.git/objects/pack/pack-69c9823403bcd0961320d5e472ca7682c217e13f.pack"
 - "./.git/packed-refs"
 - "./.git/refs/heads/master"
 - "./.git/refs/remotes/origin/HEAD"