Skip to main content

akeyless_api/models/
gcp_access_rules.rs

1/*
2 * Akeyless API
3 *
4 * The purpose of this application is to provide access to Akeyless API.
5 *
6 * The version of the OpenAPI document: 3.0
7 * Contact: support@akeyless.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12use serde::{Deserialize, Serialize};
13
14#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
15pub struct GcpAccessRules {
16    /// The audience in the JWT
17    #[serde(rename = "audience", skip_serializing_if = "Option::is_none")]
18    pub audience: Option<String>,
19    /// A map of GCP labels formatted as \"key:value\" strings that must be set on authorized GCE instances. TODO: Because GCP labels are not currently ACL'd ....
20    #[serde(rename = "bound_labels", skip_serializing_if = "Option::is_none")]
21    pub bound_labels: Option<std::collections::HashMap<String, String>>,
22    /// Human and Machine authentication section Array of GCP project IDs. Only entities belonging to any of the provided projects can authenticate.
23    #[serde(rename = "bound_projects", skip_serializing_if = "Option::is_none")]
24    pub bound_projects: Option<Vec<String>>,
25    /// List of regions that a GCE instance must belong to in order to be authenticated. TODO: If bound_instance_groups is provided, it is assumed to be a regional group and the group must belong to this region. If bound_zones are provided, this attribute is ignored.
26    #[serde(rename = "bound_regions", skip_serializing_if = "Option::is_none")]
27    pub bound_regions: Option<Vec<String>>,
28    /// List of service accounts the service account must be part of in order to be authenticated
29    #[serde(rename = "bound_service_accounts", skip_serializing_if = "Option::is_none")]
30    pub bound_service_accounts: Option<Vec<String>>,
31    /// === Machine authentication section === List of zones that a GCE instance must belong to in order to be authenticated. TODO: If bound_instance_groups is provided, it is assumed to be a zonal group and the group must belong to this zone.
32    #[serde(rename = "bound_zones", skip_serializing_if = "Option::is_none")]
33    pub bound_zones: Option<Vec<String>>,
34    /// ServiceAccount holds the credentials file contents to be used by Akeyless to validate IAM (Human) and GCE (Machine) logins against GCP base64 encoded string
35    #[serde(rename = "service_account", skip_serializing_if = "Option::is_none")]
36    pub service_account: Option<String>,
37    #[serde(rename = "type", skip_serializing_if = "Option::is_none")]
38    pub r#type: Option<String>,
39    /// A unique identifier to distinguish different users
40    #[serde(rename = "unique_identifier", skip_serializing_if = "Option::is_none")]
41    pub unique_identifier: Option<String>,
42}
43
44impl GcpAccessRules {
45    pub fn new() -> GcpAccessRules {
46        GcpAccessRules {
47            audience: None,
48            bound_labels: None,
49            bound_projects: None,
50            bound_regions: None,
51            bound_service_accounts: None,
52            bound_zones: None,
53            service_account: None,
54            r#type: None,
55            unique_identifier: None,
56        }
57    }
58}
59