Skip to main content

akeyless_api/models/
update_auth_method_gcp.rs

1/*
2 * Akeyless API
3 *
4 * The purpose of this application is to provide access to Akeyless API.
5 *
6 * The version of the OpenAPI document: 3.0
7 * Contact: support@akeyless.io
8 * Generated by: https://openapi-generator.tech
9 */
10
11use crate::models;
12use serde::{Deserialize, Serialize};
13
14/// UpdateAuthMethodGcp : updateAuthMethodGCP is a command that updates a new auth method that will be able to authenticate using GCP IAM Service Account credentials or GCE instance credentials. [Deprecated: Use auth-method-update-gcp command]
15#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
16pub struct UpdateAuthMethodGcp {
17    /// Access expiration date in Unix timestamp (select 0 for access without expiry date)
18    #[serde(rename = "access-expires", skip_serializing_if = "Option::is_none")]
19    pub access_expires: Option<i64>,
20    /// limit the auth method usage for specific client types [cli,ui,gateway-admin,sdk,mobile,extension]
21    #[serde(rename = "allowed-client-type", skip_serializing_if = "Option::is_none")]
22    pub allowed_client_type: Option<Vec<String>>,
23    /// The audience to verify in the JWT received by the client
24    #[serde(rename = "audience")]
25    pub audience: String,
26    /// Subclaims to include in audit logs, e.g \"--audit-logs-claims email --audit-logs-claims username\"
27    #[serde(rename = "audit-logs-claims", skip_serializing_if = "Option::is_none")]
28    pub audit_logs_claims: Option<Vec<String>>,
29    /// A CIDR whitelist with the IPs that the access is restricted to
30    #[serde(rename = "bound-ips", skip_serializing_if = "Option::is_none")]
31    pub bound_ips: Option<Vec<String>>,
32    /// A comma-separated list of GCP labels formatted as \"key:value\" strings that must be set on authorized GCE instances. TODO: Because GCP labels are not currently ACL'd ....
33    #[serde(rename = "bound-labels", skip_serializing_if = "Option::is_none")]
34    pub bound_labels: Option<Vec<String>>,
35    /// === Human and Machine authentication section === Array of GCP project IDs. Only entities belonging to any of the provided projects can authenticate.
36    #[serde(rename = "bound-projects", skip_serializing_if = "Option::is_none")]
37    pub bound_projects: Option<Vec<String>>,
38    /// List of regions that a GCE instance must belong to in order to be authenticated. TODO: If bound_instance_groups is provided, it is assumed to be a regional group and the group must belong to this region. If bound_zones are provided, this attribute is ignored.
39    #[serde(rename = "bound-regions", skip_serializing_if = "Option::is_none")]
40    pub bound_regions: Option<Vec<String>>,
41    /// List of service accounts the service account must be part of in order to be authenticated.
42    #[serde(rename = "bound-service-accounts", skip_serializing_if = "Option::is_none")]
43    pub bound_service_accounts: Option<Vec<String>>,
44    /// === Machine authentication section === List of zones that a GCE instance must belong to in order to be authenticated. TODO: If bound_instance_groups is provided, it is assumed to be a zonal group and the group must belong to this zone.
45    #[serde(rename = "bound-zones", skip_serializing_if = "Option::is_none")]
46    pub bound_zones: Option<Vec<String>>,
47    /// Protection from accidental deletion of this object [true/false]
48    #[serde(rename = "delete_protection", skip_serializing_if = "Option::is_none")]
49    pub delete_protection: Option<String>,
50    /// Auth Method description
51    #[serde(rename = "description", skip_serializing_if = "Option::is_none")]
52    pub description: Option<String>,
53    /// How many days before the expiration of the auth method would you like to be notified.
54    #[serde(rename = "expiration-event-in", skip_serializing_if = "Option::is_none")]
55    pub expiration_event_in: Option<Vec<String>>,
56    /// if true: enforce role-association must include sub claims
57    #[serde(rename = "force-sub-claims", skip_serializing_if = "Option::is_none")]
58    pub force_sub_claims: Option<bool>,
59    /// A CIDR whitelist with the GW IPs that the access is restricted to
60    #[serde(rename = "gw-bound-ips", skip_serializing_if = "Option::is_none")]
61    pub gw_bound_ips: Option<Vec<String>>,
62    /// Set output format to JSON
63    #[serde(rename = "json", skip_serializing_if = "Option::is_none")]
64    pub json: Option<bool>,
65    /// Jwt TTL
66    #[serde(rename = "jwt-ttl", skip_serializing_if = "Option::is_none")]
67    pub jwt_ttl: Option<i64>,
68    /// Auth Method name
69    #[serde(rename = "name")]
70    pub name: String,
71    /// Auth Method new name
72    #[serde(rename = "new-name", skip_serializing_if = "Option::is_none")]
73    pub new_name: Option<String>,
74    /// Choose the relevant product type for the auth method [sm, sra, pm, dp, ca]
75    #[serde(rename = "product-type", skip_serializing_if = "Option::is_none")]
76    pub product_type: Option<Vec<String>>,
77    /// ServiceAccount credentials data instead of giving a file path, base64 encoded
78    #[serde(rename = "service-account-creds-data", skip_serializing_if = "Option::is_none")]
79    pub service_account_creds_data: Option<String>,
80    /// Authentication token (see `/auth` and `/configure`)
81    #[serde(rename = "token", skip_serializing_if = "Option::is_none")]
82    pub token: Option<String>,
83    /// Type of the GCP Access Rules
84    #[serde(rename = "type")]
85    pub r#type: String,
86    /// The universal identity token, Required only for universal_identity authentication
87    #[serde(rename = "uid-token", skip_serializing_if = "Option::is_none")]
88    pub uid_token: Option<String>,
89    /// A unique identifier (ID) value which is a \"sub claim\" name that contains details uniquely identifying that resource. This \"sub claim\" is used to distinguish between different identities.
90    #[serde(rename = "unique-identifier", skip_serializing_if = "Option::is_none")]
91    pub unique_identifier: Option<String>,
92}
93
94impl UpdateAuthMethodGcp {
95    /// updateAuthMethodGCP is a command that updates a new auth method that will be able to authenticate using GCP IAM Service Account credentials or GCE instance credentials. [Deprecated: Use auth-method-update-gcp command]
96    pub fn new(audience: String, name: String, r#type: String) -> UpdateAuthMethodGcp {
97        UpdateAuthMethodGcp {
98            access_expires: None,
99            allowed_client_type: None,
100            audience,
101            audit_logs_claims: None,
102            bound_ips: None,
103            bound_labels: None,
104            bound_projects: None,
105            bound_regions: None,
106            bound_service_accounts: None,
107            bound_zones: None,
108            delete_protection: None,
109            description: None,
110            expiration_event_in: None,
111            force_sub_claims: None,
112            gw_bound_ips: None,
113            json: None,
114            jwt_ttl: None,
115            name,
116            new_name: None,
117            product_type: None,
118            service_account_creds_data: None,
119            token: None,
120            r#type,
121            uid_token: None,
122            unique_identifier: None,
123        }
124    }
125}
126