strongdm 7.1.0 → 8.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5c057417bc8df129e58f80222c92f1d47974637172f83b9049183a9dfa062952
-  data.tar.gz: 380e652a133f54b2951e41f9ab9036ce7083e8bbae474c11366599ecdb1e6b60
+  metadata.gz: 9126b0fed8d1f9d6bace10080c99994b18fea3dfb5d10728cb14f0ccbf2cac5b
+  data.tar.gz: 45523efb30a4a5615704eac6078c24187c8033739066669afac11c30c032f2ac
 SHA512:
-  metadata.gz: c886b286f177d51cb64793394983de2694dfcc2cf0e76ef59021e59e76063ed3c632224c7d3f79f63283acafe8b2c05caec74d1ff7651f0ac10d11d93d9aa57b
-  data.tar.gz: 67a3a57f5bbe4a3f78798ea81fa48d8137ff7d910591e97d4c90881bf6b58e7eb248d5bd649a0bbafe4e100b272cae876b54c897f4dfe034b460486e312b77d8
+  metadata.gz: 8b95773f4109c5e056bcfb92dd4b95ebc52eec97e178c8794622e2169e4bae765f420df3a763d5cf94bf37f1a1f443732abb1344cd4174f8d66d629cb47ed1d5
+  data.tar.gz: 66429d1d6759fb9f349b8fc110ae80ff297f43f3ae7bb98f6ac56de3f8fd338a6f0ecef79b81f4430e787c4974c433a0313e66510f70b9b67efa5f77ae58a2d1

data/.git/ORIG_HEAD

@@ -1 +1 @@
-c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c
+7659a644ef149debee2515386136b7e2d5e917ea

data/.git/logs/HEAD

@@ -1,3 +1,3 @@
-0000000000000000000000000000000000000000 c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c sdmrelease <support@strongdm.com> 1710521783 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
-c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c sdmrelease <support@strongdm.com> 1710521783 +0000	checkout: moving from master to master
-c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c f34575bc142eabf113dbbc5b40b3a16e0c026355 sdmrelease <support@strongdm.com> 1710521783 +0000	merge origin/development: Fast-forward
+0000000000000000000000000000000000000000 7659a644ef149debee2515386136b7e2d5e917ea sdmrelease <support@strongdm.com> 1714059057 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+7659a644ef149debee2515386136b7e2d5e917ea 7659a644ef149debee2515386136b7e2d5e917ea sdmrelease <support@strongdm.com> 1714059057 +0000	checkout: moving from master to master
+7659a644ef149debee2515386136b7e2d5e917ea 14ef2b24960a5e854b60586884494ed913221b5b sdmrelease <support@strongdm.com> 1714059057 +0000	merge origin/development: Fast-forward

data/.git/logs/refs/heads/master

@@ -1,2 +1,2 @@
-0000000000000000000000000000000000000000 c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c sdmrelease <support@strongdm.com> 1710521783 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
-c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c f34575bc142eabf113dbbc5b40b3a16e0c026355 sdmrelease <support@strongdm.com> 1710521783 +0000	merge origin/development: Fast-forward
+0000000000000000000000000000000000000000 7659a644ef149debee2515386136b7e2d5e917ea sdmrelease <support@strongdm.com> 1714059057 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+7659a644ef149debee2515386136b7e2d5e917ea 14ef2b24960a5e854b60586884494ed913221b5b sdmrelease <support@strongdm.com> 1714059057 +0000	merge origin/development: Fast-forward

data/.git/logs/refs/remotes/origin/HEAD

@@ -1 +1 @@
-0000000000000000000000000000000000000000 c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c sdmrelease <support@strongdm.com> 1710521783 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git
+0000000000000000000000000000000000000000 7659a644ef149debee2515386136b7e2d5e917ea sdmrelease <support@strongdm.com> 1714059057 +0000	clone: from github.com:strongdm/strongdm-sdk-ruby.git

data/.git/packed-refs

@@ -1,6 +1,6 @@
 # pack-refs with: peeled fully-peeled sorted 
-f34575bc142eabf113dbbc5b40b3a16e0c026355 refs/remotes/origin/development
-c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c refs/remotes/origin/master
+14ef2b24960a5e854b60586884494ed913221b5b refs/remotes/origin/development
+7659a644ef149debee2515386136b7e2d5e917ea refs/remotes/origin/master
 2e4fe8087177ddea9b3991ca499f758384839c89 refs/tags/untagged-84fd83a4484c785cce63
 04f604866214fab4d5663b5171a3e596331577bd refs/tags/v0.9.4
 6f9a7b75b345c65fb554884907b7060680c807b7 refs/tags/v0.9.5
@@ -103,3 +103,5 @@ e37aa2b50ffd917949a8e1c7a1fa28d12071fa69 refs/tags/v6.7.0
 0429c9a2739f699ea33db7e6dd85e6be47e9190e refs/tags/v6.8.0
 d8a1092c15d3618de31ada43875014d96bd21e36 refs/tags/v6.9.0
 c69cd1f08e014470bbe2e4dbc4ad494d4bf78d6c refs/tags/v7.0.0
+f34575bc142eabf113dbbc5b40b3a16e0c026355 refs/tags/v7.1.0
+7659a644ef149debee2515386136b7e2d5e917ea refs/tags/v8.0.0

data/.git/refs/heads/master

@@ -1 +1 @@
-f34575bc142eabf113dbbc5b40b3a16e0c026355
+14ef2b24960a5e854b60586884494ed913221b5b

data/lib/constants.rb

@@ -241,9 +241,13 @@ module SDM
     REMOTE_IDENTITY_GROUP_CREATED = "remote identity group created"
     REMOTE_IDENTITY_GROUP_UPDATED = "remote identity group updated"
     REMOTE_IDENTITY_GROUP_DELETED = "remote identity group deleted"
+    IDENTITY_SET_PROVISIONING_ENABLED = "identity set provisioning enabled"
+    IDENTITY_SET_PROVISIONING_DISABLED = "identity set provisioning disabled"
     REMOTE_IDENTITY_CREATED = "remote identity created"
     REMOTE_IDENTITY_UPDATED = "remote identity updated"
     REMOTE_IDENTITY_DELETED = "remote identity deleted"
+    IDENTITY_ALIAS_PROVISIONING_ENABLED = "identity alias provisioning enabled"
+    IDENTITY_ALIAS_PROVISIONING_DISABLED = "identity alias provisioning disabled"
     ACCESS_REQUESTED_TO_RESOURCE = "access requested to resource"
     ACCESS_REQUEST_TO_RESOURCE_APPROVAL_ADDED = "access request to resource approval added"
     ACCESS_REQUEST_TO_RESOURCE_CANCELED = "access request to resource canceled"

data/lib/grpc/accounts_pb.rb

@@ -17,6 +17,7 @@
 
 require "google/protobuf"
 
+require "google/protobuf/duration_pb"
 require "google/protobuf/timestamp_pb"
 require "options_pb"
 require "spec_pb"
@@ -33,6 +34,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :account, :message, 2, "v1.Account"
       optional :token, :string, 3
       optional :rate_limit, :message, 4, "v1.RateLimitMetadata"
+      optional :access_key, :string, 5
+      optional :secret_key, :string, 6
     end
     add_message "v1.AccountGetRequest" do
       optional :meta, :message, 1, "v1.GetRequestMetadata"
@@ -103,6 +106,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :tags, :message, 4, "v1.Tags"
       optional :rekeyed, :message, 5, "google.protobuf.Timestamp"
       optional :deadline, :message, 6, "google.protobuf.Timestamp"
+      optional :account_type, :string, 7
+      repeated :permissions, :string, 8
+      optional :duration, :message, 9, "google.protobuf.Duration"
     end
   end
 end

data/lib/grpc/accounts_services_pb.rb

@@ -23,6 +23,7 @@ module V1
     # Accounts are users that have access to strongDM. There are two types of accounts:
     # 1. **Users:** humans who are authenticated through username and password or SSO.
     # 2. **Service Accounts:** machines that are authenticated using a service token.
+    # 3. **Tokens** are access keys with permissions that can be used for authentication.
     class Service
       include ::GRPC::GenericService
 

data/lib/grpc/options_pb.rb

@@ -44,6 +44,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       repeated :targets, :string, 1941306
       optional :terraform_docs, :message, 1941304, "v1.TerraformDocs"
       optional :custom, :message, 1941305, "v1.CustomOptions"
+      optional :terraform_datasource_only, :bool, 1941307
     end
     add_message "v1.OneofOptions" do
       repeated :common_fields, :string, 1941381

data/lib/grpc/plumbing.rb

@@ -1041,6 +1041,9 @@ module SDM
       if porcelain.instance_of? Service
         plumbing.service = convert_service_to_plumbing(porcelain)
       end
+      if porcelain.instance_of? Token
+        plumbing.token = convert_token_to_plumbing(porcelain)
+      end
       if porcelain.instance_of? User
         plumbing.user = convert_user_to_plumbing(porcelain)
       end
@@ -1054,6 +1057,9 @@ module SDM
       if plumbing.service != nil
         return convert_service_to_porcelain(plumbing.service)
       end
+      if plumbing.token != nil
+        return convert_token_to_porcelain(plumbing.token)
+      end
       if plumbing.user != nil
         return convert_user_to_porcelain(plumbing.user)
       end
@@ -1271,9 +1277,11 @@ module SDM
         return nil
       end
       porcelain = AccountCreateResponse.new()
+      porcelain.access_key = (plumbing.access_key)
       porcelain.account = convert_account_to_porcelain(plumbing.account)
       porcelain.meta = convert_create_response_metadata_to_porcelain(plumbing.meta)
       porcelain.rate_limit = convert_rate_limit_metadata_to_porcelain(plumbing.rate_limit)
+      porcelain.secret_key = (plumbing.secret_key)
       porcelain.token = (plumbing.token)
       porcelain
     end
@@ -1283,9 +1291,11 @@ module SDM
         return nil
       end
       plumbing = V1::AccountCreateResponse.new()
+      plumbing.access_key = (porcelain.access_key)
       plumbing.account = convert_account_to_plumbing(porcelain.account)
       plumbing.meta = convert_create_response_metadata_to_plumbing(porcelain.meta)
       plumbing.rate_limit = convert_rate_limit_metadata_to_plumbing(porcelain.rate_limit)
+      plumbing.secret_key = (porcelain.secret_key)
       plumbing.token = (porcelain.token)
       plumbing
     end
@@ -5406,6 +5416,64 @@ module SDM
       end
       items
     end
+    def self.convert_keyfactor_x_509_store_to_porcelain(plumbing)
+      if plumbing == nil
+        return nil
+      end
+      porcelain = KeyfactorX509Store.new()
+      porcelain.ca_file_path = (plumbing.ca_file_path)
+      porcelain.certificate_file_path = (plumbing.certificate_file_path)
+      porcelain.default_certificate_authority_name = (plumbing.default_certificate_authority_name)
+      porcelain.default_certificate_profile_name = (plumbing.default_certificate_profile_name)
+      porcelain.default_end_entity_profile_name = (plumbing.default_end_entity_profile_name)
+      porcelain.enrollment_code_env_var = (plumbing.enrollment_code_env_var)
+      porcelain.enrollment_username_env_var = (plumbing.enrollment_username_env_var)
+      porcelain.id = (plumbing.id)
+      porcelain.key_file_path = (plumbing.key_file_path)
+      porcelain.key_password_env_var = (plumbing.key_password_env_var)
+      porcelain.name = (plumbing.name)
+      porcelain.server_address = (plumbing.server_address)
+      porcelain.tags = convert_tags_to_porcelain(plumbing.tags)
+      porcelain
+    end
+
+    def self.convert_keyfactor_x_509_store_to_plumbing(porcelain)
+      if porcelain == nil
+        return nil
+      end
+      plumbing = V1::KeyfactorX509Store.new()
+      plumbing.ca_file_path = (porcelain.ca_file_path)
+      plumbing.certificate_file_path = (porcelain.certificate_file_path)
+      plumbing.default_certificate_authority_name = (porcelain.default_certificate_authority_name)
+      plumbing.default_certificate_profile_name = (porcelain.default_certificate_profile_name)
+      plumbing.default_end_entity_profile_name = (porcelain.default_end_entity_profile_name)
+      plumbing.enrollment_code_env_var = (porcelain.enrollment_code_env_var)
+      plumbing.enrollment_username_env_var = (porcelain.enrollment_username_env_var)
+      plumbing.id = (porcelain.id)
+      plumbing.key_file_path = (porcelain.key_file_path)
+      plumbing.key_password_env_var = (porcelain.key_password_env_var)
+      plumbing.name = (porcelain.name)
+      plumbing.server_address = (porcelain.server_address)
+      plumbing.tags = convert_tags_to_plumbing(porcelain.tags)
+      plumbing
+    end
+    def self.convert_repeated_keyfactor_x_509_store_to_plumbing(porcelains)
+      items = Array.new
+      porcelains.each do |porcelain|
+        plumbing = convert_keyfactor_x_509_store_to_plumbing(porcelain)
+        items.append(plumbing)
+      end
+      items
+    end
+
+    def self.convert_repeated_keyfactor_x_509_store_to_porcelain(plumbings)
+      items = Array.new
+      plumbings.each do |plumbing|
+        porcelain = convert_keyfactor_x_509_store_to_porcelain(plumbing)
+        items.append(porcelain)
+      end
+      items
+    end
     def self.convert_kubernetes_to_porcelain(plumbing)
       if plumbing == nil
         return nil
@@ -10363,6 +10431,9 @@ module SDM
       if porcelain.instance_of? GCPCertX509Store
         plumbing.gcp_cert_x_509 = convert_gcp_cert_x_509_store_to_plumbing(porcelain)
       end
+      if porcelain.instance_of? KeyfactorX509Store
+        plumbing.keyfactor_x_509 = convert_keyfactor_x_509_store_to_plumbing(porcelain)
+      end
       if porcelain.instance_of? VaultAppRoleStore
         plumbing.vault_app_role = convert_vault_app_role_store_to_plumbing(porcelain)
       end
@@ -10427,6 +10498,9 @@ module SDM
       if plumbing.gcp_cert_x_509 != nil
         return convert_gcp_cert_x_509_store_to_porcelain(plumbing.gcp_cert_x_509)
       end
+      if plumbing.keyfactor_x_509 != nil
+        return convert_keyfactor_x_509_store_to_porcelain(plumbing.keyfactor_x_509)
+      end
       if plumbing.vault_app_role != nil
         return convert_vault_app_role_store_to_porcelain(plumbing.vault_app_role)
       end
@@ -11207,6 +11281,56 @@ module SDM
       end
       items
     end
+    def self.convert_token_to_porcelain(plumbing)
+      if plumbing == nil
+        return nil
+      end
+      porcelain = Token.new()
+      porcelain.account_type = (plumbing.account_type)
+      porcelain.deadline = convert_timestamp_to_porcelain(plumbing.deadline)
+      porcelain.duration = convert_duration_to_porcelain(plumbing.duration)
+      porcelain.id = (plumbing.id)
+      porcelain.name = (plumbing.name)
+      porcelain.permissions = (plumbing.permissions)
+      porcelain.rekeyed = convert_timestamp_to_porcelain(plumbing.rekeyed)
+      porcelain.suspended = (plumbing.suspended)
+      porcelain.tags = convert_tags_to_porcelain(plumbing.tags)
+      porcelain
+    end
+
+    def self.convert_token_to_plumbing(porcelain)
+      if porcelain == nil
+        return nil
+      end
+      plumbing = V1::Token.new()
+      plumbing.account_type = (porcelain.account_type)
+      plumbing.deadline = convert_timestamp_to_plumbing(porcelain.deadline)
+      plumbing.duration = convert_duration_to_plumbing(porcelain.duration)
+      plumbing.id = (porcelain.id)
+      plumbing.name = (porcelain.name)
+      plumbing.permissions += (porcelain.permissions)
+      plumbing.rekeyed = convert_timestamp_to_plumbing(porcelain.rekeyed)
+      plumbing.suspended = (porcelain.suspended)
+      plumbing.tags = convert_tags_to_plumbing(porcelain.tags)
+      plumbing
+    end
+    def self.convert_repeated_token_to_plumbing(porcelains)
+      items = Array.new
+      porcelains.each do |porcelain|
+        plumbing = convert_token_to_plumbing(porcelain)
+        items.append(plumbing)
+      end
+      items
+    end
+
+    def self.convert_repeated_token_to_porcelain(plumbings)
+      items = Array.new
+      plumbings.each do |plumbing|
+        porcelain = convert_token_to_porcelain(plumbing)
+        items.append(porcelain)
+      end
+      items
+    end
     def self.convert_trino_to_porcelain(plumbing)
       if plumbing == nil
         return nil

data/lib/grpc/secret_store_types_pb.rb

@@ -34,6 +34,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
         optional :delinea, :message, 2900, "v1.DelineaStore"
         optional :gcp, :message, 201, "v1.GCPStore"
         optional :gcp_cert_x_509, :message, 202, "v1.GCPCertX509Store"
+        optional :keyfactor_x_509, :message, 200, "v1.KeyfactorX509Store"
         optional :vault_app_role, :message, 4, "v1.VaultAppRoleStore"
         optional :vault_app_role_cert_ssh, :message, 94, "v1.VaultAppRoleCertSSHStore"
         optional :vault_app_role_cert_x_509, :message, 95, "v1.VaultAppRoleCertX509Store"
@@ -114,6 +115,21 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :projectID, :string, 3
       optional :tags, :message, 32771, "v1.Tags"
     end
+    add_message "v1.KeyfactorX509Store" do
+      optional :id, :string, 1
+      optional :name, :string, 2
+      optional :ca_file_path, :string, 6
+      optional :certificate_file_path, :string, 4
+      optional :default_certificate_authority_name, :string, 10
+      optional :default_certificate_profile_name, :string, 8
+      optional :default_end_entity_profile_name, :string, 9
+      optional :enrollment_code_env_var, :string, 12
+      optional :enrollment_username_env_var, :string, 11
+      optional :key_file_path, :string, 5
+      optional :key_password_env_var, :string, 7
+      optional :server_address, :string, 3
+      optional :tags, :message, 32771, "v1.Tags"
+    end
     add_message "v1.VaultAppRoleStore" do
       optional :id, :string, 1
       optional :name, :string, 2
@@ -219,6 +235,7 @@ module V1
   DelineaStore = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.DelineaStore").msgclass
   GCPStore = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.GCPStore").msgclass
   GCPCertX509Store = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.GCPCertX509Store").msgclass
+  KeyfactorX509Store = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.KeyfactorX509Store").msgclass
   VaultAppRoleStore = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.VaultAppRoleStore").msgclass
   VaultAppRoleCertSSHStore = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.VaultAppRoleCertSSHStore").msgclass
   VaultAppRoleCertX509Store = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.VaultAppRoleCertX509Store").msgclass

data/lib/models/porcelain.rb

@@ -1081,25 +1081,33 @@ module SDM
 
   # AccountCreateResponse reports how the Accounts were created in the system.
   class AccountCreateResponse
+    # ID part of the API key.
+    attr_accessor :access_key
     # The created Account.
     attr_accessor :account
     # Reserved for future use.
     attr_accessor :meta
     # Rate limit information.
     attr_accessor :rate_limit
+    # Secret part of the API key.
+    attr_accessor :secret_key
     # The auth token generated for the Account. The Account will use this token to
     # authenticate with the strongDM API.
     attr_accessor :token
 
     def initialize(
+      access_key: nil,
       account: nil,
       meta: nil,
       rate_limit: nil,
+      secret_key: nil,
       token: nil
     )
+      @access_key = access_key == nil ? "" : access_key
       @account = account == nil ? nil : account
       @meta = meta == nil ? nil : meta
       @rate_limit = rate_limit == nil ? nil : rate_limit
+      @secret_key = secret_key == nil ? "" : secret_key
       @token = token == nil ? "" : token
     end
 
@@ -5245,6 +5253,79 @@ module SDM
     end
   end
 
+  class KeyfactorX509Store
+    # Path to the root CA that signed the certificate passed to the client for HTTPS connection.
+    # This is not required if the CA is trusted by the host operating system. This should be a PEM
+    # formatted certificate, and doesn't necessarily have to be the CA that signed CertificateFile.
+    attr_accessor :ca_file_path
+    # Path to client certificate in PEM format. This certificate must contain a client certificate that
+    # is recognized by the EJBCA instance represented by Hostname. This PEM file may also contain the private
+    # key associated with the certificate, but KeyFile can also be set to configure the private key.
+    attr_accessor :certificate_file_path
+    # Name of EJBCA certificate authority that will enroll CSR.
+    attr_accessor :default_certificate_authority_name
+    # Certificate profile name that EJBCA will enroll the CSR with.
+    attr_accessor :default_certificate_profile_name
+    # End entity profile that EJBCA will enroll the CSR with.
+    attr_accessor :default_end_entity_profile_name
+    # code used by EJBCA during enrollment. May be left blank if no code is required.
+    attr_accessor :enrollment_code_env_var
+    # username that used by the EJBCA during enrollment. This can be left out.
+    # If so, the username must be auto-generated on the Keyfactor side.
+    attr_accessor :enrollment_username_env_var
+    # Unique identifier of the SecretStore.
+    attr_accessor :id
+    # Path to private key in PEM format. This file should contain the private key associated with the
+    # client certificate configured in CertificateFile.
+    attr_accessor :key_file_path
+    # optional environment variable housing the password that is used to decrypt the key file.
+    attr_accessor :key_password_env_var
+    # Unique human-readable name of the SecretStore.
+    attr_accessor :name
+    # the host of the Key Factor CA
+    attr_accessor :server_address
+    # Tags is a map of key, value pairs.
+    attr_accessor :tags
+
+    def initialize(
+      ca_file_path: nil,
+      certificate_file_path: nil,
+      default_certificate_authority_name: nil,
+      default_certificate_profile_name: nil,
+      default_end_entity_profile_name: nil,
+      enrollment_code_env_var: nil,
+      enrollment_username_env_var: nil,
+      id: nil,
+      key_file_path: nil,
+      key_password_env_var: nil,
+      name: nil,
+      server_address: nil,
+      tags: nil
+    )
+      @ca_file_path = ca_file_path == nil ? "" : ca_file_path
+      @certificate_file_path = certificate_file_path == nil ? "" : certificate_file_path
+      @default_certificate_authority_name = default_certificate_authority_name == nil ? "" : default_certificate_authority_name
+      @default_certificate_profile_name = default_certificate_profile_name == nil ? "" : default_certificate_profile_name
+      @default_end_entity_profile_name = default_end_entity_profile_name == nil ? "" : default_end_entity_profile_name
+      @enrollment_code_env_var = enrollment_code_env_var == nil ? "" : enrollment_code_env_var
+      @enrollment_username_env_var = enrollment_username_env_var == nil ? "" : enrollment_username_env_var
+      @id = id == nil ? "" : id
+      @key_file_path = key_file_path == nil ? "" : key_file_path
+      @key_password_env_var = key_password_env_var == nil ? "" : key_password_env_var
+      @name = name == nil ? "" : name
+      @server_address = server_address == nil ? "" : server_address
+      @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
   class Kubernetes
     # The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.
     attr_accessor :bind_interface
@@ -10409,6 +10490,59 @@ module SDM
     end
   end
 
+  # A Token is an account providing tokenized access for automation or integration use.
+  # Tokens include admin tokens, API keys, and SCIM tokens.
+  class Token
+    # Corresponds to the type of token, e.g. api or admin-token.
+    attr_accessor :account_type
+    # The timestamp when the Token will expire.
+    attr_accessor :deadline
+    # Duration from token creation to expiration.
+    attr_accessor :duration
+    # Unique identifier of the Token.
+    attr_accessor :id
+    # Unique human-readable name of the Token.
+    attr_accessor :name
+    # Permissions assigned to the token, e.g. role:create.
+    attr_accessor :permissions
+    # The timestamp when the Token was last rekeyed.
+    attr_accessor :rekeyed
+    # Reserved for future use.  Always false for tokens.
+    attr_accessor :suspended
+    # Tags is a map of key, value pairs.
+    attr_accessor :tags
+
+    def initialize(
+      account_type: nil,
+      deadline: nil,
+      duration: nil,
+      id: nil,
+      name: nil,
+      permissions: nil,
+      rekeyed: nil,
+      suspended: nil,
+      tags: nil
+    )
+      @account_type = account_type == nil ? "" : account_type
+      @deadline = deadline == nil ? nil : deadline
+      @duration = duration == nil ? nil : duration
+      @id = id == nil ? "" : id
+      @name = name == nil ? "" : name
+      @permissions = permissions == nil ? [] : permissions
+      @rekeyed = rekeyed == nil ? nil : rekeyed
+      @suspended = suspended == nil ? false : suspended
+      @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
   # Trino is currently unstable, and its API may change, or it may be removed, without a major version bump.
   class Trino
     # The bind interface is the IP address to which the port override of a resource is bound (for example, 127.0.0.1). It is automatically generated if not provided.

data/lib/strongdm.rb

@@ -28,8 +28,8 @@ module SDM #:nodoc:
     DEFAULT_MAX_RETRIES = 3
     DEFAULT_BASE_RETRY_DELAY = 0.0030 # 30 ms
     DEFAULT_MAX_RETRY_DELAY = 300 # 300 seconds
-    API_VERSION = "2024-03-14"
-    USER_AGENT = "strongdm-sdk-ruby/7.1.0"
+    API_VERSION = "2024-03-28"
+    USER_AGENT = "strongdm-sdk-ruby/8.1.0"
     private_constant :DEFAULT_MAX_RETRIES, :DEFAULT_BASE_RETRY_DELAY, :DEFAULT_MAX_RETRY_DELAY, :API_VERSION, :USER_AGENT
 
     # Creates a new strongDM API client.
@@ -240,6 +240,7 @@ module SDM #:nodoc:
     # Accounts are users that have access to strongDM. There are two types of accounts:
     # 1. **Users:** humans who are authenticated through username and password or SSO.
     # 2. **Service Accounts:** machines that are authenticated using a service token.
+    # 3. **Tokens** are access keys with permissions that can be used for authentication.
     #
     # See {Accounts}.
     attr_reader :accounts
@@ -527,6 +528,7 @@ module SDM #:nodoc:
     # Accounts are users that have access to strongDM. There are two types of accounts:
     # 1. **Users:** humans who are authenticated through username and password or SSO.
     # 2. **Service Accounts:** machines that are authenticated using a service token.
+    # 3. **Tokens** are access keys with permissions that can be used for authentication.
     #
     # See {SnapshotAccounts}.
     attr_reader :accounts

data/lib/svc.rb

@@ -902,9 +902,11 @@ module SDM #:nodoc:
   # Accounts are users that have access to strongDM. There are two types of accounts:
   # 1. **Users:** humans who are authenticated through username and password or SSO.
   # 2. **Service Accounts:** machines that are authenticated using a service token.
+  # 3. **Tokens** are access keys with permissions that can be used for authentication.
   #
   # See:
   # {Service}
+  # {Token}
   # {User}
   class Accounts
     extend Gem::Deprecate
@@ -942,9 +944,11 @@ module SDM #:nodoc:
       end
 
       resp = AccountCreateResponse.new()
+      resp.access_key = (plumbing_response.access_key)
       resp.account = Plumbing::convert_account_to_porcelain(plumbing_response.account)
       resp.meta = Plumbing::convert_create_response_metadata_to_porcelain(plumbing_response.meta)
       resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp.secret_key = (plumbing_response.secret_key)
       resp.token = (plumbing_response.token)
       resp
     end
@@ -4504,6 +4508,7 @@ module SDM #:nodoc:
   # {DelineaStore}
   # {GCPStore}
   # {GCPCertX509Store}
+  # {KeyfactorX509Store}
   # {VaultAppRoleStore}
   # {VaultAppRoleCertSSHStore}
   # {VaultAppRoleCertX509Store}

data/lib/version

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "7.1.0"
+  VERSION = "8.1.0"
 end

data/lib/version.rb

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "7.1.0"
+  VERSION = "8.1.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: strongdm
 version: !ruby/object:Gem::Version
-  version: 7.1.0
+  version: 8.1.0
 platform: ruby
 authors:
 - strongDM Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-03-15 00:00:00.000000000 Z
+date: 2024-04-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -81,8 +81,8 @@ files:
 - "./.git/logs/HEAD"
 - "./.git/logs/refs/heads/master"
 - "./.git/logs/refs/remotes/origin/HEAD"
-- "./.git/objects/pack/pack-9cd0615b40bc7f8b12560a1af725da3a06bcb1d9.idx"
-- "./.git/objects/pack/pack-9cd0615b40bc7f8b12560a1af725da3a06bcb1d9.pack"
+- "./.git/objects/pack/pack-63b03bbfbc64adbf239ae7962c94b13e00085e38.idx"
+- "./.git/objects/pack/pack-63b03bbfbc64adbf239ae7962c94b13e00085e38.pack"
 - "./.git/packed-refs"
 - "./.git/refs/heads/master"
 - "./.git/refs/remotes/origin/HEAD"