vaultrs 0.8.0

An asynchronous Rust client library for the Hashicorp Vault API.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262

use rustify_derive::Endpoint;
use std::fmt::Debug;

use super::responses::{
    GenerateCredentialsResponse, GetConfigurationResponse, ListRolesResponse, ReadLeaseResponse,
    ReadRoleResponse, RotateRootCredentialsResponse,
};

/// ## Configure Root IAM Credentials
///
/// Configures the root IAM credentials to communicate with AWS.
///
/// * Path: {self.mount}/config/root
/// * Method: POST
/// * Response: N/A
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#configure-root-iam-credentials>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(path = "{self.mount}/config/root", method = "POST", builder = "true")]
#[builder(setter(into, strip_option), default)]
pub struct SetConfigurationRequest {
    #[endpoint(skip)]
    pub mount: String,
    pub max_retries: Option<i32>,
    pub access_key: String,
    pub secret_key: String,
    pub region: Option<String>,
    pub iam_endpoint: Option<String>,
    pub sts_endpoint: Option<String>,
    pub username_template: Option<String>,
}

/// ## Read Root Configuration
///
/// Read non-secure values that have been configured in the config/root endpoint
///
/// * Path: {self.mount}/config/root
/// * Method: GET
/// * Response: [GetConfigurationResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-root-configuration>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/config/root",
    method = "GET",
    builder = "true",
    response = "GetConfigurationResponse"
)]
#[builder(setter(into, strip_option), default)]
pub struct GetConfigurationRequest {
    #[endpoint(skip)]
    pub mount: String,
}

/// ## Rotate Root IAM Credentials
///
/// When you have configured Vault with static credentials, you can use this endpoint to have Vault rotate the access key it used.
///
/// * Path: {self.mount}/config/rotate-root
/// * Method: GET
/// * Response: [RotateRootCredentialsResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#rotate-root-iam-credentials>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/config/rotate-root",
    method = "POST",
    builder = "true",
    response = "RotateRootCredentialsResponse"
)]
#[builder(setter(into, strip_option), default)]
pub struct RotateRootCredentialsRequest {
    #[endpoint(skip)]
    pub mount: String,
}

/// ## Configure Lease
///
/// Configures lease settings for the AWS secrets engine
///
/// * Path: {self.mount}/config/lease
/// * Method: POST
/// * Response: N.A.
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#configure-lease>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(path = "{self.mount}/config/lease", method = "POST", builder = "true")]
#[builder(setter(into, strip_option), default)]
pub struct ConfigureLeaseRequest {
    #[endpoint(skip)]
    pub mount: String,

    pub lease: String,
    pub lease_max: String,
}

/// ## Read Lease
///
/// Returns the current lease settings for the AWS secrets engine
///
/// * Path: {self.mount}/config/lease
/// * Method: GET
/// * Response: [ReadLeaseResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-lease>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/config/lease",
    method = "GET",
    response = "ReadLeaseResponse",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct ReadLeaseRequest {
    #[endpoint(skip)]
    pub mount: String,
}

/// ## Create/Update Role
///
/// Creates or updates the role with the given name
///
/// * Path: {self.mount}/roles/{self.name}
/// * Method: POST
/// * Response: N.A.
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#create-update-role>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/roles/{self.name}",
    method = "POST",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct CreateUpdateRoleRequest {
    #[endpoint(skip)]
    pub mount: String,

    pub name: String,
    pub credential_type: String,
    pub role_arns: Option<Vec<String>>,
    pub policy_arns: Option<Vec<String>>,
    pub policy_document: String,
    pub iam_groups: Option<Vec<String>>,
    pub iam_tags: Option<Vec<String>>,
    pub default_sts_ttl: Option<u32>,
    pub max_sts_ttl: Option<u32>,
    pub user_path: Option<String>,
    pub permissions_boundary_arn: Option<String>,

    pub policy: Option<String>,
    pub arn: Option<String>,
}

/// ## Read Role
///
/// Queries an existing role by the given name
///
/// * Path: {self.mount}/roles/{self.name}
/// * Method: GET
/// * Response: [ReadRoleResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-role>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/roles/{self.name}",
    method = "GET",
    response = "ReadRoleResponse",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct ReadRoleRequest {
    #[endpoint(skip)]
    pub mount: String,

    pub name: String,
}

/// ## List Roles
///
///  lists all existing roles in the secrets engine
///
/// * Path: {self.mount}/roles
/// * Method: LIST
/// * Response: [ListRolesResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#list-roles>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/roles",
    method = "LIST",
    response = "ListRolesResponse",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct ListRolesRequest {
    #[endpoint(skip)]
    pub mount: String,
}

/// ## Delete Role
///
/// Deletes an existing role by the given name
///
/// * Path: {self.mount}/roles/{self.name}
/// * Method: DELETE
/// * Response: N.A.
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#delete-role>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/roles/{self.name}",
    method = "DELETE",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct DeleteRoleRequest {
    #[endpoint(skip)]
    pub mount: String,
    pub name: String,
}

/// ## Generate Credentials (/aws/creds)
///
/// Generates credentials based on the named role using /aws/creds endpoint
///
/// * Path: {self.mount}/creds/{self.name}
/// * Method: GET
/// * Response: [GenerateCredentialsResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#generate-credentials>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/creds/{self.name}",
    method = "GET",
    response = "GenerateCredentialsResponse",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct GenerateCredentialsRequest {
    #[endpoint(skip)]
    pub mount: String,
    pub name: String,
    pub role_arn: Option<String>,
    pub role_session_name: Option<String>,
    pub ttl: Option<String>,
}

/// ## Generate Credentials (/aws/sts)
///
/// Generates credentials based on the named role using /aws/sts endpoint
///
/// * Path: {self.mount}/sts/{self.name}
/// * Method: POST
/// * Response: [GenerateCredentialsResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#generate-credentials>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "{self.mount}/sts/{self.name}",
    method = "POST",
    response = "GenerateCredentialsResponse",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct GenerateCredentialsStsRequest {
    #[endpoint(skip)]
    pub mount: String,
    pub name: String,
    pub role_arn: Option<String>,
    pub role_session_name: Option<String>,
    pub ttl: Option<String>,
}