schema

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 10, 2023 License: MPL-2.0 Imports: 1 Imported by: 61

Documentation ¶

Index ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AliCloudConfigureRequest ¶ added in v0.3.0 

type AliCloudConfigureRequest struct {
	// Access key with appropriate permissions.
	AccessKey string `json:"access_key,omitempty"`

	// Secret key with appropriate permissions.
	SecretKey string `json:"secret_key,omitempty"`
}

AliCloudConfigureRequest struct for AliCloudConfigureRequest

func NewAliCloudConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewAliCloudConfigureRequestWithDefaults() *AliCloudConfigureRequest

NewAliCloudConfigureRequestWithDefaults instantiates a new AliCloudConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AliCloudLoginRequest ¶ 

type AliCloudLoginRequest struct {
	// The request headers. This must include the headers over which AliCloud has included a signature.
	IdentityRequestHeaders string `json:"identity_request_headers,omitempty"`

	// Base64-encoded full URL against which to make the AliCloud request.
	IdentityRequestUrl string `json:"identity_request_url,omitempty"`

	// Name of the role against which the login is being attempted. If 'role' is not specified, then the login endpoint looks for a role name in the ARN returned by the GetCallerIdentity request. If a matching role is not found, login fails.
	Role string `json:"role"`
}

AliCloudLoginRequest struct for AliCloudLoginRequest

func NewAliCloudLoginRequestWithDefaults ¶ 

func NewAliCloudLoginRequestWithDefaults() *AliCloudLoginRequest

NewAliCloudLoginRequestWithDefaults instantiates a new AliCloudLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AliCloudWriteAuthRoleRequest ¶ 

type AliCloudWriteAuthRoleRequest struct {
	// ARN of the RAM to bind to this role.
	Arn string `json:"arn,omitempty"`

	// Use \"token_bound_cidrs\" instead. If this and \"token_bound_cidrs\" are both specified, only \"token_bound_cidrs\" will be used.
	// Deprecated
	BoundCidrs []string `json:"bound_cidrs,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

AliCloudWriteAuthRoleRequest struct for AliCloudWriteAuthRoleRequest

func NewAliCloudWriteAuthRoleRequestWithDefaults ¶ 

func NewAliCloudWriteAuthRoleRequestWithDefaults() *AliCloudWriteAuthRoleRequest

NewAliCloudWriteAuthRoleRequestWithDefaults instantiates a new AliCloudWriteAuthRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AliCloudWriteRoleRequest ¶ 

type AliCloudWriteRoleRequest struct {
	// JSON of policies to be dynamically applied to users of this role.
	InlinePolicies string `json:"inline_policies,omitempty"`

	// The maximum allowed lifetime of tokens issued using this role.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// The name and type of each remote policy to be applied. Example: \"name:AliyunRDSReadOnlyAccess,type:System\".
	RemotePolicies []string `json:"remote_policies,omitempty"`

	// ARN of the role to be assumed. If provided, inline_policies and remote_policies should be blank. At creation time, this role must have configured trusted actors, and the access key and secret that will be used to assume the role (in /config) must qualify as a trusted actor.
	RoleArn string `json:"role_arn,omitempty"`

	// Duration in seconds after which the issued token should expire. Defaults to 0, in which case the value will fallback to the system/mount defaults.
	Ttl int32 `json:"ttl,omitempty"`
}

AliCloudWriteRoleRequest struct for AliCloudWriteRoleRequest

func NewAliCloudWriteRoleRequestWithDefaults ¶ 

func NewAliCloudWriteRoleRequestWithDefaults() *AliCloudWriteRoleRequest

NewAliCloudWriteRoleRequestWithDefaults instantiates a new AliCloudWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AliasCreateRequest ¶ added in v0.3.0 

type AliasCreateRequest struct {
	// Entity ID to which this alias belongs to
	CanonicalId string `json:"canonical_id,omitempty"`

	// Entity ID to which this alias belongs to. This field is deprecated in favor of 'canonical_id'.
	EntityId string `json:"entity_id,omitempty"`

	// ID of the alias
	Id string `json:"id,omitempty"`

	// Mount accessor to which this alias belongs to
	MountAccessor string `json:"mount_accessor,omitempty"`

	// Name of the alias
	Name string `json:"name,omitempty"`
}

AliasCreateRequest struct for AliasCreateRequest

func NewAliasCreateRequestWithDefaults ¶ added in v0.3.0 

func NewAliasCreateRequestWithDefaults() *AliasCreateRequest

NewAliasCreateRequestWithDefaults instantiates a new AliasCreateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AliasUpdateByIdRequest ¶ added in v0.3.0 

type AliasUpdateByIdRequest struct {
	// Entity ID to which this alias should be tied to
	CanonicalId string `json:"canonical_id,omitempty"`

	// Entity ID to which this alias should be tied to. This field is deprecated in favor of 'canonical_id'.
	EntityId string `json:"entity_id,omitempty"`

	// Mount accessor to which this alias belongs to
	MountAccessor string `json:"mount_accessor,omitempty"`

	// Name of the alias
	Name string `json:"name,omitempty"`
}

AliasUpdateByIdRequest struct for AliasUpdateByIdRequest

func NewAliasUpdateByIdRequestWithDefaults ¶ added in v0.3.0 

func NewAliasUpdateByIdRequestWithDefaults() *AliasUpdateByIdRequest

NewAliasUpdateByIdRequestWithDefaults instantiates a new AliasUpdateByIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleDestroySecretIdByAccessorRequest ¶ added in v0.3.0 

type AppRoleDestroySecretIdByAccessorRequest struct {
	// Accessor of the SecretID
	SecretIdAccessor string `json:"secret_id_accessor,omitempty"`
}

AppRoleDestroySecretIdByAccessorRequest struct for AppRoleDestroySecretIdByAccessorRequest

func NewAppRoleDestroySecretIdByAccessorRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleDestroySecretIdByAccessorRequestWithDefaults() *AppRoleDestroySecretIdByAccessorRequest

NewAppRoleDestroySecretIdByAccessorRequestWithDefaults instantiates a new AppRoleDestroySecretIdByAccessorRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleDestroySecretIdRequest ¶ added in v0.3.0 

type AppRoleDestroySecretIdRequest struct {
	// SecretID attached to the role.
	SecretId string `json:"secret_id,omitempty"`
}

AppRoleDestroySecretIdRequest struct for AppRoleDestroySecretIdRequest

func NewAppRoleDestroySecretIdRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleDestroySecretIdRequestWithDefaults() *AppRoleDestroySecretIdRequest

NewAppRoleDestroySecretIdRequestWithDefaults instantiates a new AppRoleDestroySecretIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleListRolesResponse ¶ 

type AppRoleListRolesResponse struct {
	Keys []string `json:"keys,omitempty"`
}

AppRoleListRolesResponse struct for AppRoleListRolesResponse

func NewAppRoleListRolesResponseWithDefaults ¶ 

func NewAppRoleListRolesResponseWithDefaults() *AppRoleListRolesResponse

NewAppRoleListRolesResponseWithDefaults instantiates a new AppRoleListRolesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleListSecretIdsResponse ¶ added in v0.3.0 

type AppRoleListSecretIdsResponse struct {
	Keys []string `json:"keys,omitempty"`
}

AppRoleListSecretIdsResponse struct for AppRoleListSecretIdsResponse

func NewAppRoleListSecretIdsResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleListSecretIdsResponseWithDefaults() *AppRoleListSecretIdsResponse

NewAppRoleListSecretIdsResponseWithDefaults instantiates a new AppRoleListSecretIdsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleLoginRequest ¶ 

type AppRoleLoginRequest struct {
	// Unique identifier of the Role. Required to be supplied when the 'bind_secret_id' constraint is set.
	RoleId string `json:"role_id,omitempty"`

	// SecretID belong to the App role
	SecretId string `json:"secret_id,omitempty"`
}

AppRoleLoginRequest struct for AppRoleLoginRequest

func NewAppRoleLoginRequestWithDefaults ¶ 

func NewAppRoleLoginRequestWithDefaults() *AppRoleLoginRequest

NewAppRoleLoginRequestWithDefaults instantiates a new AppRoleLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleLoginResponse ¶ added in v0.3.0 

type AppRoleLoginResponse struct {
	Role string `json:"role,omitempty"`
}

AppRoleLoginResponse struct for AppRoleLoginResponse

func NewAppRoleLoginResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleLoginResponseWithDefaults() *AppRoleLoginResponse

NewAppRoleLoginResponseWithDefaults instantiates a new AppRoleLoginResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleLookUpSecretIdByAccessorRequest ¶ added in v0.3.0 

type AppRoleLookUpSecretIdByAccessorRequest struct {
	// Accessor of the SecretID
	SecretIdAccessor string `json:"secret_id_accessor,omitempty"`
}

AppRoleLookUpSecretIdByAccessorRequest struct for AppRoleLookUpSecretIdByAccessorRequest

func NewAppRoleLookUpSecretIdByAccessorRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleLookUpSecretIdByAccessorRequestWithDefaults() *AppRoleLookUpSecretIdByAccessorRequest

NewAppRoleLookUpSecretIdByAccessorRequestWithDefaults instantiates a new AppRoleLookUpSecretIdByAccessorRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleLookUpSecretIdByAccessorResponse ¶ added in v0.3.0 

type AppRoleLookUpSecretIdByAccessorResponse struct {
	// List of CIDR blocks enforcing secret IDs to be used from specific set of IP addresses. If 'bound_cidr_list' is set on the role, then the list of CIDR blocks listed here should be a subset of the CIDR blocks listed on the role.
	CidrList []string `json:"cidr_list,omitempty"`

	CreationTime time.Time `json:"creation_time,omitempty"`

	ExpirationTime time.Time `json:"expiration_time,omitempty"`

	LastUpdatedTime time.Time `json:"last_updated_time,omitempty"`

	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Accessor of the secret ID
	SecretIdAccessor string `json:"secret_id_accessor,omitempty"`

	// Number of times a secret ID can access the role, after which the secret ID will expire.
	SecretIdNumUses int32 `json:"secret_id_num_uses,omitempty"`

	// Duration in seconds after which the issued secret ID expires.
	SecretIdTtl int32 `json:"secret_id_ttl,omitempty"`

	// List of CIDR blocks. If set, specifies the blocks of IP addresses which can use the returned token. Should be a subset of the token CIDR blocks listed on the role, if any.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`
}

AppRoleLookUpSecretIdByAccessorResponse struct for AppRoleLookUpSecretIdByAccessorResponse

func NewAppRoleLookUpSecretIdByAccessorResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleLookUpSecretIdByAccessorResponseWithDefaults() *AppRoleLookUpSecretIdByAccessorResponse

NewAppRoleLookUpSecretIdByAccessorResponseWithDefaults instantiates a new AppRoleLookUpSecretIdByAccessorResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleLookUpSecretIdRequest ¶ added in v0.3.0 

type AppRoleLookUpSecretIdRequest struct {
	// SecretID attached to the role.
	SecretId string `json:"secret_id,omitempty"`
}

AppRoleLookUpSecretIdRequest struct for AppRoleLookUpSecretIdRequest

func NewAppRoleLookUpSecretIdRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleLookUpSecretIdRequestWithDefaults() *AppRoleLookUpSecretIdRequest

NewAppRoleLookUpSecretIdRequestWithDefaults instantiates a new AppRoleLookUpSecretIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleLookUpSecretIdResponse ¶ added in v0.3.0 

type AppRoleLookUpSecretIdResponse struct {
	// List of CIDR blocks enforcing secret IDs to be used from specific set of IP addresses. If 'bound_cidr_list' is set on the role, then the list of CIDR blocks listed here should be a subset of the CIDR blocks listed on the role.
	CidrList []string `json:"cidr_list,omitempty"`

	CreationTime time.Time `json:"creation_time,omitempty"`

	ExpirationTime time.Time `json:"expiration_time,omitempty"`

	LastUpdatedTime time.Time `json:"last_updated_time,omitempty"`

	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Accessor of the secret ID
	SecretIdAccessor string `json:"secret_id_accessor,omitempty"`

	// Number of times a secret ID can access the role, after which the secret ID will expire.
	SecretIdNumUses int32 `json:"secret_id_num_uses,omitempty"`

	// Duration in seconds after which the issued secret ID expires.
	SecretIdTtl int32 `json:"secret_id_ttl,omitempty"`

	// List of CIDR blocks. If set, specifies the blocks of IP addresses which can use the returned token. Should be a subset of the token CIDR blocks listed on the role, if any.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`
}

AppRoleLookUpSecretIdResponse struct for AppRoleLookUpSecretIdResponse

func NewAppRoleLookUpSecretIdResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleLookUpSecretIdResponseWithDefaults() *AppRoleLookUpSecretIdResponse

NewAppRoleLookUpSecretIdResponseWithDefaults instantiates a new AppRoleLookUpSecretIdResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadBindSecretIdResponse ¶ added in v0.3.0 

type AppRoleReadBindSecretIdResponse struct {
	// Impose secret_id to be presented when logging in using this role. Defaults to 'true'.
	BindSecretId bool `json:"bind_secret_id,omitempty"`
}

AppRoleReadBindSecretIdResponse struct for AppRoleReadBindSecretIdResponse

func NewAppRoleReadBindSecretIdResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadBindSecretIdResponseWithDefaults() *AppRoleReadBindSecretIdResponse

NewAppRoleReadBindSecretIdResponseWithDefaults instantiates a new AppRoleReadBindSecretIdResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadBoundCidrListResponse ¶ added in v0.3.0 

type AppRoleReadBoundCidrListResponse struct {
	// Deprecated: Please use \"secret_id_bound_cidrs\" instead. Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
	// Deprecated
	BoundCidrList []string `json:"bound_cidr_list,omitempty"`
}

AppRoleReadBoundCidrListResponse struct for AppRoleReadBoundCidrListResponse

func NewAppRoleReadBoundCidrListResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadBoundCidrListResponseWithDefaults() *AppRoleReadBoundCidrListResponse

NewAppRoleReadBoundCidrListResponseWithDefaults instantiates a new AppRoleReadBoundCidrListResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadLocalSecretIdsResponse ¶ added in v0.3.0 

type AppRoleReadLocalSecretIdsResponse struct {
	// If true, the secret identifiers generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later
	LocalSecretIds bool `json:"local_secret_ids,omitempty"`
}

AppRoleReadLocalSecretIdsResponse struct for AppRoleReadLocalSecretIdsResponse

func NewAppRoleReadLocalSecretIdsResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadLocalSecretIdsResponseWithDefaults() *AppRoleReadLocalSecretIdsResponse

NewAppRoleReadLocalSecretIdsResponseWithDefaults instantiates a new AppRoleReadLocalSecretIdsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadPeriodResponse ¶ 

type AppRoleReadPeriodResponse struct {
	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`
}

AppRoleReadPeriodResponse struct for AppRoleReadPeriodResponse

func NewAppRoleReadPeriodResponseWithDefaults ¶ 

func NewAppRoleReadPeriodResponseWithDefaults() *AppRoleReadPeriodResponse

NewAppRoleReadPeriodResponseWithDefaults instantiates a new AppRoleReadPeriodResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadPoliciesResponse ¶ 

type AppRoleReadPoliciesResponse struct {
	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`
}

AppRoleReadPoliciesResponse struct for AppRoleReadPoliciesResponse

func NewAppRoleReadPoliciesResponseWithDefaults ¶ 

func NewAppRoleReadPoliciesResponseWithDefaults() *AppRoleReadPoliciesResponse

NewAppRoleReadPoliciesResponseWithDefaults instantiates a new AppRoleReadPoliciesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadRoleIdResponse ¶ added in v0.3.0 

type AppRoleReadRoleIdResponse struct {
	// Identifier of the role. Defaults to a UUID.
	RoleId string `json:"role_id,omitempty"`
}

AppRoleReadRoleIdResponse struct for AppRoleReadRoleIdResponse

func NewAppRoleReadRoleIdResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadRoleIdResponseWithDefaults() *AppRoleReadRoleIdResponse

NewAppRoleReadRoleIdResponseWithDefaults instantiates a new AppRoleReadRoleIdResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadRoleResponse ¶ 

type AppRoleReadRoleResponse struct {
	// Impose secret ID to be presented when logging in using this role.
	BindSecretId bool `json:"bind_secret_id,omitempty"`

	// If true, the secret identifiers generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later
	LocalSecretIds bool `json:"local_secret_ids,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs []string `json:"secret_id_bound_cidrs,omitempty"`

	// Number of times a secret ID can access the role, after which the secret ID will expire.
	SecretIdNumUses int32 `json:"secret_id_num_uses,omitempty"`

	// Duration in seconds after which the issued secret ID expires.
	SecretIdTtl int32 `json:"secret_id_ttl,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value.
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`
}

AppRoleReadRoleResponse struct for AppRoleReadRoleResponse

func NewAppRoleReadRoleResponseWithDefaults ¶ 

func NewAppRoleReadRoleResponseWithDefaults() *AppRoleReadRoleResponse

NewAppRoleReadRoleResponseWithDefaults instantiates a new AppRoleReadRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadSecretIdBoundCidrsResponse ¶ added in v0.3.0 

type AppRoleReadSecretIdBoundCidrsResponse struct {
	// Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs []string `json:"secret_id_bound_cidrs,omitempty"`
}

AppRoleReadSecretIdBoundCidrsResponse struct for AppRoleReadSecretIdBoundCidrsResponse

func NewAppRoleReadSecretIdBoundCidrsResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadSecretIdBoundCidrsResponseWithDefaults() *AppRoleReadSecretIdBoundCidrsResponse

NewAppRoleReadSecretIdBoundCidrsResponseWithDefaults instantiates a new AppRoleReadSecretIdBoundCidrsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadSecretIdNumUsesResponse ¶ added in v0.3.0 

type AppRoleReadSecretIdNumUsesResponse struct {
	// Number of times a secret ID can access the role, after which the SecretID will expire. Defaults to 0 meaning that the secret ID is of unlimited use.
	SecretIdNumUses int32 `json:"secret_id_num_uses,omitempty"`
}

AppRoleReadSecretIdNumUsesResponse struct for AppRoleReadSecretIdNumUsesResponse

func NewAppRoleReadSecretIdNumUsesResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadSecretIdNumUsesResponseWithDefaults() *AppRoleReadSecretIdNumUsesResponse

NewAppRoleReadSecretIdNumUsesResponseWithDefaults instantiates a new AppRoleReadSecretIdNumUsesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadSecretIdTtlResponse ¶ added in v0.3.0 

type AppRoleReadSecretIdTtlResponse struct {
	// Duration in seconds after which the issued secret ID should expire. Defaults to 0, meaning no expiration.
	SecretIdTtl int32 `json:"secret_id_ttl,omitempty"`
}

AppRoleReadSecretIdTtlResponse struct for AppRoleReadSecretIdTtlResponse

func NewAppRoleReadSecretIdTtlResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadSecretIdTtlResponseWithDefaults() *AppRoleReadSecretIdTtlResponse

NewAppRoleReadSecretIdTtlResponseWithDefaults instantiates a new AppRoleReadSecretIdTtlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadTokenBoundCidrsResponse ¶ added in v0.3.0 

type AppRoleReadTokenBoundCidrsResponse struct {
	// Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can use the returned token. Should be a subset of the token CIDR blocks listed on the role, if any.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`
}

AppRoleReadTokenBoundCidrsResponse struct for AppRoleReadTokenBoundCidrsResponse

func NewAppRoleReadTokenBoundCidrsResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadTokenBoundCidrsResponseWithDefaults() *AppRoleReadTokenBoundCidrsResponse

NewAppRoleReadTokenBoundCidrsResponseWithDefaults instantiates a new AppRoleReadTokenBoundCidrsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadTokenMaxTtlResponse ¶ added in v0.3.0 

type AppRoleReadTokenMaxTtlResponse struct {
	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`
}

AppRoleReadTokenMaxTtlResponse struct for AppRoleReadTokenMaxTtlResponse

func NewAppRoleReadTokenMaxTtlResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadTokenMaxTtlResponseWithDefaults() *AppRoleReadTokenMaxTtlResponse

NewAppRoleReadTokenMaxTtlResponseWithDefaults instantiates a new AppRoleReadTokenMaxTtlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadTokenNumUsesResponse ¶ 

type AppRoleReadTokenNumUsesResponse struct {
	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`
}

AppRoleReadTokenNumUsesResponse struct for AppRoleReadTokenNumUsesResponse

func NewAppRoleReadTokenNumUsesResponseWithDefaults ¶ 

func NewAppRoleReadTokenNumUsesResponseWithDefaults() *AppRoleReadTokenNumUsesResponse

NewAppRoleReadTokenNumUsesResponseWithDefaults instantiates a new AppRoleReadTokenNumUsesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleReadTokenTtlResponse ¶ added in v0.3.0 

type AppRoleReadTokenTtlResponse struct {
	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`
}

AppRoleReadTokenTtlResponse struct for AppRoleReadTokenTtlResponse

func NewAppRoleReadTokenTtlResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleReadTokenTtlResponseWithDefaults() *AppRoleReadTokenTtlResponse

NewAppRoleReadTokenTtlResponseWithDefaults instantiates a new AppRoleReadTokenTtlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteBindSecretIdRequest ¶ added in v0.3.0 

type AppRoleWriteBindSecretIdRequest struct {
	// Impose secret_id to be presented when logging in using this role.
	BindSecretId bool `json:"bind_secret_id,omitempty"`
}

AppRoleWriteBindSecretIdRequest struct for AppRoleWriteBindSecretIdRequest

func NewAppRoleWriteBindSecretIdRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteBindSecretIdRequestWithDefaults() *AppRoleWriteBindSecretIdRequest

NewAppRoleWriteBindSecretIdRequestWithDefaults instantiates a new AppRoleWriteBindSecretIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteBoundCidrListRequest ¶ added in v0.3.0 

type AppRoleWriteBoundCidrListRequest struct {
	// Deprecated: Please use \"secret_id_bound_cidrs\" instead. Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
	BoundCidrList []string `json:"bound_cidr_list,omitempty"`
}

AppRoleWriteBoundCidrListRequest struct for AppRoleWriteBoundCidrListRequest

func NewAppRoleWriteBoundCidrListRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteBoundCidrListRequestWithDefaults() *AppRoleWriteBoundCidrListRequest

NewAppRoleWriteBoundCidrListRequestWithDefaults instantiates a new AppRoleWriteBoundCidrListRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteCustomSecretIdRequest ¶ added in v0.3.0 

type AppRoleWriteCustomSecretIdRequest struct {
	// Comma separated string or list of CIDR blocks enforcing secret IDs to be used from specific set of IP addresses. If 'bound_cidr_list' is set on the role, then the list of CIDR blocks listed here should be a subset of the CIDR blocks listed on the role.
	CidrList []string `json:"cidr_list,omitempty"`

	// Metadata to be tied to the SecretID. This should be a JSON formatted string containing metadata in key value pairs.
	Metadata string `json:"metadata,omitempty"`

	// Number of times this SecretID can be used, after which the SecretID expires. Overrides secret_id_num_uses role option when supplied. May not be higher than role's secret_id_num_uses.
	NumUses int32 `json:"num_uses,omitempty"`

	// SecretID to be attached to the role.
	SecretId string `json:"secret_id,omitempty"`

	// Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can use the returned token. Should be a subset of the token CIDR blocks listed on the role, if any.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// Duration in seconds after which this SecretID expires. Overrides secret_id_ttl role option when supplied. May not be longer than role's secret_id_ttl.
	Ttl int32 `json:"ttl,omitempty"`
}

AppRoleWriteCustomSecretIdRequest struct for AppRoleWriteCustomSecretIdRequest

func NewAppRoleWriteCustomSecretIdRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteCustomSecretIdRequestWithDefaults() *AppRoleWriteCustomSecretIdRequest

NewAppRoleWriteCustomSecretIdRequestWithDefaults instantiates a new AppRoleWriteCustomSecretIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteCustomSecretIdResponse ¶ added in v0.3.0 

type AppRoleWriteCustomSecretIdResponse struct {
	// Secret ID attached to the role.
	SecretId string `json:"secret_id,omitempty"`

	// Accessor of the secret ID
	SecretIdAccessor string `json:"secret_id_accessor,omitempty"`

	// Number of times a secret ID can access the role, after which the secret ID will expire.
	SecretIdNumUses int32 `json:"secret_id_num_uses,omitempty"`

	// Duration in seconds after which the issued secret ID expires.
	SecretIdTtl int32 `json:"secret_id_ttl,omitempty"`
}

AppRoleWriteCustomSecretIdResponse struct for AppRoleWriteCustomSecretIdResponse

func NewAppRoleWriteCustomSecretIdResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteCustomSecretIdResponseWithDefaults() *AppRoleWriteCustomSecretIdResponse

NewAppRoleWriteCustomSecretIdResponseWithDefaults instantiates a new AppRoleWriteCustomSecretIdResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWritePeriodRequest ¶ 

type AppRoleWritePeriodRequest struct {
	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`
}

AppRoleWritePeriodRequest struct for AppRoleWritePeriodRequest

func NewAppRoleWritePeriodRequestWithDefaults ¶ 

func NewAppRoleWritePeriodRequestWithDefaults() *AppRoleWritePeriodRequest

NewAppRoleWritePeriodRequestWithDefaults instantiates a new AppRoleWritePeriodRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWritePoliciesRequest ¶ 

type AppRoleWritePoliciesRequest struct {
	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`
}

AppRoleWritePoliciesRequest struct for AppRoleWritePoliciesRequest

func NewAppRoleWritePoliciesRequestWithDefaults ¶ 

func NewAppRoleWritePoliciesRequestWithDefaults() *AppRoleWritePoliciesRequest

NewAppRoleWritePoliciesRequestWithDefaults instantiates a new AppRoleWritePoliciesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteRoleIdRequest ¶ added in v0.3.0 

type AppRoleWriteRoleIdRequest struct {
	// Identifier of the role. Defaults to a UUID.
	RoleId string `json:"role_id,omitempty"`
}

AppRoleWriteRoleIdRequest struct for AppRoleWriteRoleIdRequest

func NewAppRoleWriteRoleIdRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteRoleIdRequestWithDefaults() *AppRoleWriteRoleIdRequest

NewAppRoleWriteRoleIdRequestWithDefaults instantiates a new AppRoleWriteRoleIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteRoleRequest ¶ 

type AppRoleWriteRoleRequest struct {
	// Impose secret_id to be presented when logging in using this role. Defaults to 'true'.
	BindSecretId bool `json:"bind_secret_id,omitempty"`

	// Use \"secret_id_bound_cidrs\" instead.
	// Deprecated
	BoundCidrList []string `json:"bound_cidr_list,omitempty"`

	// If set, the secret IDs generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later.
	LocalSecretIds bool `json:"local_secret_ids,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Identifier of the role. Defaults to a UUID.
	RoleId string `json:"role_id,omitempty"`

	// Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs []string `json:"secret_id_bound_cidrs,omitempty"`

	// Number of times a SecretID can access the role, after which the SecretID will expire. Defaults to 0 meaning that the the secret_id is of unlimited use.
	SecretIdNumUses int32 `json:"secret_id_num_uses,omitempty"`

	// Duration in seconds after which the issued SecretID should expire. Defaults to 0, meaning no expiration.
	SecretIdTtl int32 `json:"secret_id_ttl,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`
}

AppRoleWriteRoleRequest struct for AppRoleWriteRoleRequest

func NewAppRoleWriteRoleRequestWithDefaults ¶ 

func NewAppRoleWriteRoleRequestWithDefaults() *AppRoleWriteRoleRequest

NewAppRoleWriteRoleRequestWithDefaults instantiates a new AppRoleWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteSecretIdBoundCidrsRequest ¶ added in v0.3.0 

type AppRoleWriteSecretIdBoundCidrsRequest struct {
	// Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
	SecretIdBoundCidrs []string `json:"secret_id_bound_cidrs,omitempty"`
}

AppRoleWriteSecretIdBoundCidrsRequest struct for AppRoleWriteSecretIdBoundCidrsRequest

func NewAppRoleWriteSecretIdBoundCidrsRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteSecretIdBoundCidrsRequestWithDefaults() *AppRoleWriteSecretIdBoundCidrsRequest

NewAppRoleWriteSecretIdBoundCidrsRequestWithDefaults instantiates a new AppRoleWriteSecretIdBoundCidrsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteSecretIdNumUsesRequest ¶ added in v0.3.0 

type AppRoleWriteSecretIdNumUsesRequest struct {
	// Number of times a SecretID can access the role, after which the SecretID will expire.
	SecretIdNumUses int32 `json:"secret_id_num_uses,omitempty"`
}

AppRoleWriteSecretIdNumUsesRequest struct for AppRoleWriteSecretIdNumUsesRequest

func NewAppRoleWriteSecretIdNumUsesRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteSecretIdNumUsesRequestWithDefaults() *AppRoleWriteSecretIdNumUsesRequest

NewAppRoleWriteSecretIdNumUsesRequestWithDefaults instantiates a new AppRoleWriteSecretIdNumUsesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteSecretIdRequest ¶ added in v0.3.0 

type AppRoleWriteSecretIdRequest struct {
	// Comma separated string or list of CIDR blocks enforcing secret IDs to be used from specific set of IP addresses. If 'bound_cidr_list' is set on the role, then the list of CIDR blocks listed here should be a subset of the CIDR blocks listed on the role.
	CidrList []string `json:"cidr_list,omitempty"`

	// Metadata to be tied to the SecretID. This should be a JSON formatted string containing the metadata in key value pairs.
	Metadata string `json:"metadata,omitempty"`

	// Number of times this SecretID can be used, after which the SecretID expires. Overrides secret_id_num_uses role option when supplied. May not be higher than role's secret_id_num_uses.
	NumUses int32 `json:"num_uses,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// Duration in seconds after which this SecretID expires. Overrides secret_id_ttl role option when supplied. May not be longer than role's secret_id_ttl.
	Ttl int32 `json:"ttl,omitempty"`
}

AppRoleWriteSecretIdRequest struct for AppRoleWriteSecretIdRequest

func NewAppRoleWriteSecretIdRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteSecretIdRequestWithDefaults() *AppRoleWriteSecretIdRequest

NewAppRoleWriteSecretIdRequestWithDefaults instantiates a new AppRoleWriteSecretIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteSecretIdResponse ¶ added in v0.3.0 

type AppRoleWriteSecretIdResponse struct {
	// Secret ID attached to the role.
	SecretId string `json:"secret_id,omitempty"`

	// Accessor of the secret ID
	SecretIdAccessor string `json:"secret_id_accessor,omitempty"`

	// Number of times a secret ID can access the role, after which the secret ID will expire.
	SecretIdNumUses int32 `json:"secret_id_num_uses,omitempty"`

	// Duration in seconds after which the issued secret ID expires.
	SecretIdTtl int32 `json:"secret_id_ttl,omitempty"`
}

AppRoleWriteSecretIdResponse struct for AppRoleWriteSecretIdResponse

func NewAppRoleWriteSecretIdResponseWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteSecretIdResponseWithDefaults() *AppRoleWriteSecretIdResponse

NewAppRoleWriteSecretIdResponseWithDefaults instantiates a new AppRoleWriteSecretIdResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteSecretIdTtlRequest ¶ added in v0.3.0 

type AppRoleWriteSecretIdTtlRequest struct {
	// Duration in seconds after which the issued SecretID should expire. Defaults to 0, meaning no expiration.
	SecretIdTtl int32 `json:"secret_id_ttl,omitempty"`
}

AppRoleWriteSecretIdTtlRequest struct for AppRoleWriteSecretIdTtlRequest

func NewAppRoleWriteSecretIdTtlRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteSecretIdTtlRequestWithDefaults() *AppRoleWriteSecretIdTtlRequest

NewAppRoleWriteSecretIdTtlRequestWithDefaults instantiates a new AppRoleWriteSecretIdTtlRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteTokenBoundCidrsRequest ¶ added in v0.3.0 

type AppRoleWriteTokenBoundCidrsRequest struct {
	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`
}

AppRoleWriteTokenBoundCidrsRequest struct for AppRoleWriteTokenBoundCidrsRequest

func NewAppRoleWriteTokenBoundCidrsRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteTokenBoundCidrsRequestWithDefaults() *AppRoleWriteTokenBoundCidrsRequest

NewAppRoleWriteTokenBoundCidrsRequestWithDefaults instantiates a new AppRoleWriteTokenBoundCidrsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteTokenMaxTtlRequest ¶ added in v0.3.0 

type AppRoleWriteTokenMaxTtlRequest struct {
	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`
}

AppRoleWriteTokenMaxTtlRequest struct for AppRoleWriteTokenMaxTtlRequest

func NewAppRoleWriteTokenMaxTtlRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteTokenMaxTtlRequestWithDefaults() *AppRoleWriteTokenMaxTtlRequest

NewAppRoleWriteTokenMaxTtlRequestWithDefaults instantiates a new AppRoleWriteTokenMaxTtlRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteTokenNumUsesRequest ¶ 

type AppRoleWriteTokenNumUsesRequest struct {
	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`
}

AppRoleWriteTokenNumUsesRequest struct for AppRoleWriteTokenNumUsesRequest

func NewAppRoleWriteTokenNumUsesRequestWithDefaults ¶ 

func NewAppRoleWriteTokenNumUsesRequestWithDefaults() *AppRoleWriteTokenNumUsesRequest

NewAppRoleWriteTokenNumUsesRequestWithDefaults instantiates a new AppRoleWriteTokenNumUsesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AppRoleWriteTokenTtlRequest ¶ added in v0.3.0 

type AppRoleWriteTokenTtlRequest struct {
	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`
}

AppRoleWriteTokenTtlRequest struct for AppRoleWriteTokenTtlRequest

func NewAppRoleWriteTokenTtlRequestWithDefaults ¶ added in v0.3.0 

func NewAppRoleWriteTokenTtlRequestWithDefaults() *AppRoleWriteTokenTtlRequest

NewAppRoleWriteTokenTtlRequestWithDefaults instantiates a new AppRoleWriteTokenTtlRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuditingCalculateHashRequest ¶ added in v0.3.0 

type AuditingCalculateHashRequest struct {
	Input string `json:"input,omitempty"`
}

AuditingCalculateHashRequest struct for AuditingCalculateHashRequest

func NewAuditingCalculateHashRequestWithDefaults ¶ added in v0.3.0 

func NewAuditingCalculateHashRequestWithDefaults() *AuditingCalculateHashRequest

NewAuditingCalculateHashRequestWithDefaults instantiates a new AuditingCalculateHashRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuditingCalculateHashResponse ¶ added in v0.3.0 

type AuditingCalculateHashResponse struct {
	Hash string `json:"hash,omitempty"`
}

AuditingCalculateHashResponse struct for AuditingCalculateHashResponse

func NewAuditingCalculateHashResponseWithDefaults ¶ added in v0.3.0 

func NewAuditingCalculateHashResponseWithDefaults() *AuditingCalculateHashResponse

NewAuditingCalculateHashResponseWithDefaults instantiates a new AuditingCalculateHashResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuditingEnableDeviceRequest ¶ added in v0.3.0 

type AuditingEnableDeviceRequest struct {
	// User-friendly description for this audit backend.
	Description string `json:"description,omitempty"`

	// Mark the mount as a local mount, which is not replicated and is unaffected by replication.
	Local bool `json:"local,omitempty"`

	// Configuration options for the audit backend.
	Options map[string]interface{} `json:"options,omitempty"`

	// The type of the backend. Example: \"mysql\"
	Type string `json:"type,omitempty"`
}

AuditingEnableDeviceRequest struct for AuditingEnableDeviceRequest

func NewAuditingEnableDeviceRequestWithDefaults ¶ added in v0.3.0 

func NewAuditingEnableDeviceRequestWithDefaults() *AuditingEnableDeviceRequest

NewAuditingEnableDeviceRequestWithDefaults instantiates a new AuditingEnableDeviceRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuditingEnableRequestHeaderRequest ¶ added in v0.3.0 

type AuditingEnableRequestHeaderRequest struct {
	Hmac bool `json:"hmac,omitempty"`
}

AuditingEnableRequestHeaderRequest struct for AuditingEnableRequestHeaderRequest

func NewAuditingEnableRequestHeaderRequestWithDefaults ¶ added in v0.3.0 

func NewAuditingEnableRequestHeaderRequestWithDefaults() *AuditingEnableRequestHeaderRequest

NewAuditingEnableRequestHeaderRequestWithDefaults instantiates a new AuditingEnableRequestHeaderRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuditingListRequestHeadersResponse ¶ added in v0.3.0 

type AuditingListRequestHeadersResponse struct {
	Headers map[string]interface{} `json:"headers,omitempty"`
}

AuditingListRequestHeadersResponse struct for AuditingListRequestHeadersResponse

func NewAuditingListRequestHeadersResponseWithDefaults ¶ added in v0.3.0 

func NewAuditingListRequestHeadersResponseWithDefaults() *AuditingListRequestHeadersResponse

NewAuditingListRequestHeadersResponseWithDefaults instantiates a new AuditingListRequestHeadersResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuthEnableMethodRequest ¶ added in v0.3.0 

type AuthEnableMethodRequest struct {
	// Configuration for this mount, such as plugin_name.
	Config map[string]interface{} `json:"config,omitempty"`

	// User-friendly description for this credential backend.
	Description string `json:"description,omitempty"`

	// Whether to give the mount access to Vault's external entropy.
	ExternalEntropyAccess bool `json:"external_entropy_access,omitempty"`

	// Mark the mount as a local mount, which is not replicated and is unaffected by replication.
	Local bool `json:"local,omitempty"`

	// The options to pass into the backend. Should be a json object with string keys and values.
	Options map[string]interface{} `json:"options,omitempty"`

	// Name of the auth plugin to use based from the name in the plugin catalog.
	PluginName string `json:"plugin_name,omitempty"`

	// The semantic version of the plugin to use.
	PluginVersion string `json:"plugin_version,omitempty"`

	// Whether to turn on seal wrapping for the mount.
	SealWrap bool `json:"seal_wrap,omitempty"`

	// The type of the backend. Example: \"userpass\"
	Type string `json:"type,omitempty"`
}

AuthEnableMethodRequest struct for AuthEnableMethodRequest

func NewAuthEnableMethodRequestWithDefaults ¶ added in v0.3.0 

func NewAuthEnableMethodRequestWithDefaults() *AuthEnableMethodRequest

NewAuthEnableMethodRequestWithDefaults instantiates a new AuthEnableMethodRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuthReadConfigurationResponse ¶ added in v0.3.0 

type AuthReadConfigurationResponse struct {
	Accessor string `json:"accessor,omitempty"`

	Config map[string]interface{} `json:"config,omitempty"`

	DeprecationStatus string `json:"deprecation_status,omitempty"`

	Description string `json:"description,omitempty"`

	ExternalEntropyAccess bool `json:"external_entropy_access,omitempty"`

	Local bool `json:"local,omitempty"`

	Options map[string]interface{} `json:"options,omitempty"`

	PluginVersion string `json:"plugin_version,omitempty"`

	RunningPluginVersion string `json:"running_plugin_version,omitempty"`

	RunningSha256 string `json:"running_sha256,omitempty"`

	SealWrap bool `json:"seal_wrap,omitempty"`

	Type string `json:"type,omitempty"`

	Uuid string `json:"uuid,omitempty"`
}

AuthReadConfigurationResponse struct for AuthReadConfigurationResponse

func NewAuthReadConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewAuthReadConfigurationResponseWithDefaults() *AuthReadConfigurationResponse

NewAuthReadConfigurationResponseWithDefaults instantiates a new AuthReadConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuthReadTuningInformationResponse ¶ added in v0.3.0 

type AuthReadTuningInformationResponse struct {
	AllowedManagedKeys []string `json:"allowed_managed_keys,omitempty"`

	AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty"`

	AuditNonHmacRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty"`

	AuditNonHmacResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty"`

	DefaultLeaseTtl int32 `json:"default_lease_ttl,omitempty"`

	Description string `json:"description,omitempty"`

	ExternalEntropyAccess bool `json:"external_entropy_access,omitempty"`

	ForceNoCache bool `json:"force_no_cache,omitempty"`

	ListingVisibility string `json:"listing_visibility,omitempty"`

	MaxLeaseTtl int32 `json:"max_lease_ttl,omitempty"`

	Options map[string]interface{} `json:"options,omitempty"`

	PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty"`

	PluginVersion string `json:"plugin_version,omitempty"`

	TokenType string `json:"token_type,omitempty"`

	UserLockoutCounterResetDuration int64 `json:"user_lockout_counter_reset_duration,omitempty"`

	UserLockoutDisable bool `json:"user_lockout_disable,omitempty"`

	UserLockoutDuration int64 `json:"user_lockout_duration,omitempty"`

	UserLockoutThreshold int64 `json:"user_lockout_threshold,omitempty"`
}

AuthReadTuningInformationResponse struct for AuthReadTuningInformationResponse

func NewAuthReadTuningInformationResponseWithDefaults ¶ added in v0.3.0 

func NewAuthReadTuningInformationResponseWithDefaults() *AuthReadTuningInformationResponse

NewAuthReadTuningInformationResponseWithDefaults instantiates a new AuthReadTuningInformationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AuthTuneConfigurationParametersRequest ¶ added in v0.3.0 

type AuthTuneConfigurationParametersRequest struct {
	// A list of headers to whitelist and allow a plugin to set on responses.
	AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty"`

	// The list of keys in the request data object that will not be HMAC'ed by audit devices.
	AuditNonHmacRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty"`

	// The list of keys in the response data object that will not be HMAC'ed by audit devices.
	AuditNonHmacResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty"`

	// The default lease TTL for this mount.
	DefaultLeaseTtl string `json:"default_lease_ttl,omitempty"`

	// User-friendly description for this credential backend.
	Description string `json:"description,omitempty"`

	// Determines the visibility of the mount in the UI-specific listing endpoint. Accepted value are 'unauth' and 'hidden', with the empty default (”) behaving like 'hidden'.
	ListingVisibility string `json:"listing_visibility,omitempty"`

	// The max lease TTL for this mount.
	MaxLeaseTtl string `json:"max_lease_ttl,omitempty"`

	// The options to pass into the backend. Should be a json object with string keys and values.
	Options map[string]interface{} `json:"options,omitempty"`

	// A list of headers to whitelist and pass from the request to the plugin.
	PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty"`

	// The semantic version of the plugin to use.
	PluginVersion string `json:"plugin_version,omitempty"`

	// The type of token to issue (service or batch).
	TokenType string `json:"token_type,omitempty"`

	// The user lockout configuration to pass into the backend. Should be a json object with string keys and values.
	UserLockoutConfig map[string]interface{} `json:"user_lockout_config,omitempty"`
}

AuthTuneConfigurationParametersRequest struct for AuthTuneConfigurationParametersRequest

func NewAuthTuneConfigurationParametersRequestWithDefaults ¶ added in v0.3.0 

func NewAuthTuneConfigurationParametersRequestWithDefaults() *AuthTuneConfigurationParametersRequest

NewAuthTuneConfigurationParametersRequestWithDefaults instantiates a new AuthTuneConfigurationParametersRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureCertificateRequest ¶ added in v0.3.0 

type AwsConfigureCertificateRequest struct {
	// Base64 encoded AWS Public cert required to verify PKCS7 signature of the EC2 instance metadata.
	AwsPublicCert string `json:"aws_public_cert,omitempty"`

	// Takes the value of either \"pkcs7\" or \"identity\", indicating the type of document which can be verified using the given certificate. The reason is that the PKCS#7 document will have a DSA digest and the identity signature will have an RSA signature, and accordingly the public certificates to verify those also vary. Defaults to \"pkcs7\".
	Type string `json:"type,omitempty"`
}

AwsConfigureCertificateRequest struct for AwsConfigureCertificateRequest

func NewAwsConfigureCertificateRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureCertificateRequestWithDefaults() *AwsConfigureCertificateRequest

NewAwsConfigureCertificateRequestWithDefaults instantiates a new AwsConfigureCertificateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureClientRequest ¶ added in v0.3.0 

type AwsConfigureClientRequest struct {
	// AWS Access Key ID for the account used to make AWS API requests.
	AccessKey string `json:"access_key,omitempty"`

	// List of additional headers that are allowed to be in AWS STS request headers
	AllowedStsHeaderValues []string `json:"allowed_sts_header_values,omitempty"`

	// URL to override the default generated endpoint for making AWS EC2 API calls.
	Endpoint string `json:"endpoint,omitempty"`

	// URL to override the default generated endpoint for making AWS IAM API calls.
	IamEndpoint string `json:"iam_endpoint,omitempty"`

	// Value to require in the X-Vault-AWS-IAM-Server-ID request header
	IamServerIdHeaderValue string `json:"iam_server_id_header_value,omitempty"`

	// Maximum number of retries for recoverable exceptions of AWS APIs
	MaxRetries int32 `json:"max_retries,omitempty"`

	// AWS Secret Access Key for the account used to make AWS API requests.
	SecretKey string `json:"secret_key,omitempty"`

	// URL to override the default generated endpoint for making AWS STS API calls.
	StsEndpoint string `json:"sts_endpoint,omitempty"`

	// The region ID for the sts_endpoint, if set.
	StsRegion string `json:"sts_region,omitempty"`
}

AwsConfigureClientRequest struct for AwsConfigureClientRequest

func NewAwsConfigureClientRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureClientRequestWithDefaults() *AwsConfigureClientRequest

NewAwsConfigureClientRequestWithDefaults instantiates a new AwsConfigureClientRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureIdentityAccessListTidyOperationRequest ¶ added in v0.3.0 

type AwsConfigureIdentityAccessListTidyOperationRequest struct {
	// If set to 'true', disables the periodic tidying of the 'identity-accesslist/<instance_id>' entries.
	DisablePeriodicTidy bool `json:"disable_periodic_tidy,omitempty"`

	// The amount of extra time that must have passed beyond the identity's expiration, before it is removed from the backend storage.
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`
}

AwsConfigureIdentityAccessListTidyOperationRequest struct for AwsConfigureIdentityAccessListTidyOperationRequest

func NewAwsConfigureIdentityAccessListTidyOperationRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureIdentityAccessListTidyOperationRequestWithDefaults() *AwsConfigureIdentityAccessListTidyOperationRequest

NewAwsConfigureIdentityAccessListTidyOperationRequestWithDefaults instantiates a new AwsConfigureIdentityAccessListTidyOperationRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureIdentityIntegrationRequest ¶ added in v0.3.0 

type AwsConfigureIdentityIntegrationRequest struct {
	// Configure how the AWS auth method generates entity alias when using EC2 auth. Valid values are \"role_id\", \"instance_id\", and \"image_id\". Defaults to \"role_id\".
	Ec2Alias string `json:"ec2_alias,omitempty"`

	// The metadata to include on the aliases and audit logs generated by this plugin. When set to 'default', includes: account_id, auth_type. These fields are available to add: ami_id, instance_id, region. Not editing this field means the 'default' fields are included. Explicitly setting this field to empty overrides the 'default' and means no metadata will be included. If not using 'default', explicit fields must be sent like: 'field1,field2'.
	Ec2Metadata []string `json:"ec2_metadata,omitempty"`

	// Configure how the AWS auth method generates entity aliases when using IAM auth. Valid values are \"role_id\", \"unique_id\", and \"full_arn\". Defaults to \"role_id\".
	IamAlias string `json:"iam_alias,omitempty"`

	// The metadata to include on the aliases and audit logs generated by this plugin. When set to 'default', includes: account_id, auth_type. These fields are available to add: canonical_arn, client_arn, client_user_id, inferred_aws_region, inferred_entity_id, inferred_entity_type. Not editing this field means the 'default' fields are included. Explicitly setting this field to empty overrides the 'default' and means no metadata will be included. If not using 'default', explicit fields must be sent like: 'field1,field2'.
	IamMetadata []string `json:"iam_metadata,omitempty"`
}

AwsConfigureIdentityIntegrationRequest struct for AwsConfigureIdentityIntegrationRequest

func NewAwsConfigureIdentityIntegrationRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureIdentityIntegrationRequestWithDefaults() *AwsConfigureIdentityIntegrationRequest

NewAwsConfigureIdentityIntegrationRequestWithDefaults instantiates a new AwsConfigureIdentityIntegrationRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureIdentityWhitelistTidyOperationRequest ¶ added in v0.3.0 

type AwsConfigureIdentityWhitelistTidyOperationRequest struct {
	// If set to 'true', disables the periodic tidying of the 'identity-accesslist/<instance_id>' entries.
	DisablePeriodicTidy bool `json:"disable_periodic_tidy,omitempty"`

	// The amount of extra time that must have passed beyond the identity's expiration, before it is removed from the backend storage.
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`
}

AwsConfigureIdentityWhitelistTidyOperationRequest struct for AwsConfigureIdentityWhitelistTidyOperationRequest

func NewAwsConfigureIdentityWhitelistTidyOperationRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureIdentityWhitelistTidyOperationRequestWithDefaults() *AwsConfigureIdentityWhitelistTidyOperationRequest

NewAwsConfigureIdentityWhitelistTidyOperationRequestWithDefaults instantiates a new AwsConfigureIdentityWhitelistTidyOperationRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureLeaseRequest ¶ added in v0.3.0 

type AwsConfigureLeaseRequest struct {
	// Default lease for roles.
	Lease string `json:"lease,omitempty"`

	// Maximum time a credential is valid for.
	LeaseMax string `json:"lease_max,omitempty"`
}

AwsConfigureLeaseRequest struct for AwsConfigureLeaseRequest

func NewAwsConfigureLeaseRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureLeaseRequestWithDefaults() *AwsConfigureLeaseRequest

NewAwsConfigureLeaseRequestWithDefaults instantiates a new AwsConfigureLeaseRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureRoleTagBlacklistTidyOperationRequest ¶ added in v0.3.0 

type AwsConfigureRoleTagBlacklistTidyOperationRequest struct {
	// If set to 'true', disables the periodic tidying of deny listed entries.
	DisablePeriodicTidy bool `json:"disable_periodic_tidy,omitempty"`

	// The amount of extra time that must have passed beyond the roletag expiration, before it is removed from the backend storage. Defaults to 4320h (180 days).
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`
}

AwsConfigureRoleTagBlacklistTidyOperationRequest struct for AwsConfigureRoleTagBlacklistTidyOperationRequest

func NewAwsConfigureRoleTagBlacklistTidyOperationRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureRoleTagBlacklistTidyOperationRequestWithDefaults() *AwsConfigureRoleTagBlacklistTidyOperationRequest

NewAwsConfigureRoleTagBlacklistTidyOperationRequestWithDefaults instantiates a new AwsConfigureRoleTagBlacklistTidyOperationRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureRoleTagDenyListTidyOperationRequest ¶ added in v0.3.0 

type AwsConfigureRoleTagDenyListTidyOperationRequest struct {
	// If set to 'true', disables the periodic tidying of deny listed entries.
	DisablePeriodicTidy bool `json:"disable_periodic_tidy,omitempty"`

	// The amount of extra time that must have passed beyond the roletag expiration, before it is removed from the backend storage. Defaults to 4320h (180 days).
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`
}

AwsConfigureRoleTagDenyListTidyOperationRequest struct for AwsConfigureRoleTagDenyListTidyOperationRequest

func NewAwsConfigureRoleTagDenyListTidyOperationRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureRoleTagDenyListTidyOperationRequestWithDefaults() *AwsConfigureRoleTagDenyListTidyOperationRequest

NewAwsConfigureRoleTagDenyListTidyOperationRequestWithDefaults instantiates a new AwsConfigureRoleTagDenyListTidyOperationRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsConfigureRootIamCredentialsRequest ¶ added in v0.3.0 

type AwsConfigureRootIamCredentialsRequest struct {
	// Access key with permission to create new keys.
	AccessKey string `json:"access_key,omitempty"`

	// Endpoint to custom IAM server URL
	IamEndpoint string `json:"iam_endpoint,omitempty"`

	// Maximum number of retries for recoverable exceptions of AWS APIs
	MaxRetries int32 `json:"max_retries,omitempty"`

	// Region for API calls.
	Region string `json:"region,omitempty"`

	// Secret key with permission to create new keys.
	SecretKey string `json:"secret_key,omitempty"`

	// Endpoint to custom STS server URL
	StsEndpoint string `json:"sts_endpoint,omitempty"`

	// Template to generate custom IAM usernames
	UsernameTemplate string `json:"username_template,omitempty"`
}

AwsConfigureRootIamCredentialsRequest struct for AwsConfigureRootIamCredentialsRequest

func NewAwsConfigureRootIamCredentialsRequestWithDefaults ¶ added in v0.3.0 

func NewAwsConfigureRootIamCredentialsRequestWithDefaults() *AwsConfigureRootIamCredentialsRequest

NewAwsConfigureRootIamCredentialsRequestWithDefaults instantiates a new AwsConfigureRootIamCredentialsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsLoginRequest ¶ added in v0.3.0 

type AwsLoginRequest struct {
	// HTTP method to use for the AWS request when auth_type is iam. This must match what has been signed in the presigned request. Currently, POST is the only supported value
	IamHttpRequestMethod string `json:"iam_http_request_method,omitempty"`

	// Base64-encoded request body when auth_type is iam. This must match the request body included in the signature.
	IamRequestBody string `json:"iam_request_body,omitempty"`

	// Key/value pairs of headers for use in the sts:GetCallerIdentity HTTP requests headers when auth_type is iam. Can be either a Base64-encoded, JSON-serialized string, or a JSON object of key/value pairs. This must at a minimum include the headers over which AWS has included a signature.
	IamRequestHeaders string `json:"iam_request_headers,omitempty"`

	// Base64-encoded full URL against which to make the AWS request when using iam auth_type.
	IamRequestUrl string `json:"iam_request_url,omitempty"`

	// Base64 encoded EC2 instance identity document. This needs to be supplied along with the 'signature' parameter. If using 'curl' for fetching the identity document, consider using the option '-w 0' while piping the output to 'base64' binary.
	Identity string `json:"identity,omitempty"`

	// The nonce to be used for subsequent login requests when auth_type is ec2. If this parameter is not specified at all and if reauthentication is allowed, then the backend will generate a random nonce, attaches it to the instance's identity access list entry and returns the nonce back as part of auth metadata. This value should be used with further login requests, to establish client authenticity. Clients can choose to set a custom nonce if preferred, in which case, it is recommended that clients provide a strong nonce. If a nonce is provided but with an empty value, it indicates intent to disable reauthentication. Note that, when 'disallow_reauthentication' option is enabled on either the role or the role tag, the 'nonce' holds no significance.
	Nonce string `json:"nonce,omitempty"`

	// PKCS7 signature of the identity document when using an auth_type of ec2.
	Pkcs7 string `json:"pkcs7,omitempty"`

	// Name of the role against which the login is being attempted. If 'role' is not specified, then the login endpoint looks for a role bearing the name of the AMI ID of the EC2 instance that is trying to login. If a matching role is not found, login fails.
	Role string `json:"role,omitempty"`

	// Base64 encoded SHA256 RSA signature of the instance identity document. This needs to be supplied along with 'identity' parameter.
	Signature string `json:"signature,omitempty"`
}

AwsLoginRequest struct for AwsLoginRequest

func NewAwsLoginRequestWithDefaults ¶ added in v0.3.0 

func NewAwsLoginRequestWithDefaults() *AwsLoginRequest

NewAwsLoginRequestWithDefaults instantiates a new AwsLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsTidyIdentityAccessListRequest ¶ added in v0.3.0 

type AwsTidyIdentityAccessListRequest struct {
	// The amount of extra time that must have passed beyond the identity's expiration, before it is removed from the backend storage.
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`
}

AwsTidyIdentityAccessListRequest struct for AwsTidyIdentityAccessListRequest

func NewAwsTidyIdentityAccessListRequestWithDefaults ¶ added in v0.3.0 

func NewAwsTidyIdentityAccessListRequestWithDefaults() *AwsTidyIdentityAccessListRequest

NewAwsTidyIdentityAccessListRequestWithDefaults instantiates a new AwsTidyIdentityAccessListRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsTidyIdentityWhitelistRequest ¶ added in v0.3.0 

type AwsTidyIdentityWhitelistRequest struct {
	// The amount of extra time that must have passed beyond the identity's expiration, before it is removed from the backend storage.
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`
}

AwsTidyIdentityWhitelistRequest struct for AwsTidyIdentityWhitelistRequest

func NewAwsTidyIdentityWhitelistRequestWithDefaults ¶ added in v0.3.0 

func NewAwsTidyIdentityWhitelistRequestWithDefaults() *AwsTidyIdentityWhitelistRequest

NewAwsTidyIdentityWhitelistRequestWithDefaults instantiates a new AwsTidyIdentityWhitelistRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsTidyRoleTagBlacklistRequest ¶ added in v0.3.0 

type AwsTidyRoleTagBlacklistRequest struct {
	// The amount of extra time that must have passed beyond the roletag expiration, before it is removed from the backend storage.
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`
}

AwsTidyRoleTagBlacklistRequest struct for AwsTidyRoleTagBlacklistRequest

func NewAwsTidyRoleTagBlacklistRequestWithDefaults ¶ added in v0.3.0 

func NewAwsTidyRoleTagBlacklistRequestWithDefaults() *AwsTidyRoleTagBlacklistRequest

NewAwsTidyRoleTagBlacklistRequestWithDefaults instantiates a new AwsTidyRoleTagBlacklistRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsTidyRoleTagDenyListRequest ¶ added in v0.3.0 

type AwsTidyRoleTagDenyListRequest struct {
	// The amount of extra time that must have passed beyond the roletag expiration, before it is removed from the backend storage.
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`
}

AwsTidyRoleTagDenyListRequest struct for AwsTidyRoleTagDenyListRequest

func NewAwsTidyRoleTagDenyListRequestWithDefaults ¶ added in v0.3.0 

func NewAwsTidyRoleTagDenyListRequestWithDefaults() *AwsTidyRoleTagDenyListRequest

NewAwsTidyRoleTagDenyListRequestWithDefaults instantiates a new AwsTidyRoleTagDenyListRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsWriteAuthRoleRequest ¶ added in v0.3.0 

type AwsWriteAuthRoleRequest struct {
	// If set, allows migration of the underlying instance where the client resides. This keys off of pendingTime in the metadata document, so essentially, this disables the client nonce check whenever the instance is migrated to a new host and pendingTime is newer than the previously-remembered time. Use with caution. This is only checked when auth_type is ec2.
	AllowInstanceMigration bool `json:"allow_instance_migration,omitempty"`

	// The auth_type permitted to authenticate to this role. Must be one of iam or ec2 and cannot be changed after role creation.
	AuthType string `json:"auth_type,omitempty"`

	// If set, defines a constraint on the EC2 instances that the account ID in its identity document to match one of the IDs specified by this parameter. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
	BoundAccountId []string `json:"bound_account_id,omitempty"`

	// If set, defines a constraint on the EC2 instances that they should be using one of the AMI IDs specified by this parameter. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
	BoundAmiId []string `json:"bound_ami_id,omitempty"`

	// If set, defines a constraint on the EC2 instances to have one of the given instance IDs. Can be a list or comma-separated string of EC2 instance IDs. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
	BoundEc2InstanceId []string `json:"bound_ec2_instance_id,omitempty"`

	// If set, defines a constraint on the EC2 instances to be associated with an IAM instance profile ARN which has a prefix that matches one of the values specified by this parameter. The value is prefix-matched (as though it were a glob ending in '*'). This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
	BoundIamInstanceProfileArn []string `json:"bound_iam_instance_profile_arn,omitempty"`

	// ARN of the IAM principals to bind to this role. Only applicable when auth_type is iam.
	BoundIamPrincipalArn []string `json:"bound_iam_principal_arn,omitempty"`

	// If set, defines a constraint on the authenticating EC2 instance that it must match one of the IAM role ARNs specified by this parameter. The value is prefix-matched (as though it were a glob ending in '*'). The configured IAM user or EC2 instance role must be allowed to execute the 'iam:GetInstanceProfile' action if this is specified. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
	BoundIamRoleArn []string `json:"bound_iam_role_arn,omitempty"`

	// If set, defines a constraint on the EC2 instances that the region in its identity document match one of the regions specified by this parameter. This is only applicable when auth_type is ec2.
	BoundRegion []string `json:"bound_region,omitempty"`

	// If set, defines a constraint on the EC2 instance to be associated with the subnet ID that matches one of the values specified by this parameter. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
	BoundSubnetId []string `json:"bound_subnet_id,omitempty"`

	// If set, defines a constraint on the EC2 instance to be associated with a VPC ID that matches one of the value specified by this parameter. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
	BoundVpcId []string `json:"bound_vpc_id,omitempty"`

	// If set, only allows a single token to be granted per instance ID. In order to perform a fresh login, the entry in the access list for the instance ID needs to be cleared using 'auth/aws-ec2/identity-accesslist/<instance_id>' endpoint. This is only applicable when auth_type is ec2.
	DisallowReauthentication bool `json:"disallow_reauthentication,omitempty"`

	// When auth_type is iam and inferred_entity_type is set, the region to assume the inferred entity exists in.
	InferredAwsRegion string `json:"inferred_aws_region,omitempty"`

	// When auth_type is iam, the AWS entity type to infer from the authenticated principal. The only supported value is ec2_instance, which will extract the EC2 instance ID from the authenticated role and apply the following restrictions specific to EC2 instances: bound_ami_id, bound_account_id, bound_iam_role_arn, bound_iam_instance_profile_arn, bound_vpc_id, bound_subnet_id. The configured EC2 client must be able to find the inferred instance ID in the results, and the instance must be running. If unable to determine the EC2 instance ID or unable to find the EC2 instance ID among running instances, then authentication will fail.
	InferredEntityType string `json:"inferred_entity_type,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// If set, resolve all AWS IAM ARNs into AWS's internal unique IDs. When an IAM entity (e.g., user, role, or instance profile) is deleted, then all references to it within the role will be invalidated, which prevents a new IAM entity from being created with the same name and matching the role's IAM binds. Once set, this cannot be unset.
	ResolveAwsUniqueIds bool `json:"resolve_aws_unique_ids,omitempty"`

	// If set, enables the role tags for this role. The value set for this field should be the 'key' of the tag on the EC2 instance. The 'value' of the tag should be generated using 'role/<role>/tag' endpoint. Defaults to an empty string, meaning that role tags are disabled. This is only allowed if auth_type is ec2.
	RoleTag string `json:"role_tag,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

AwsWriteAuthRoleRequest struct for AwsWriteAuthRoleRequest

func NewAwsWriteAuthRoleRequestWithDefaults ¶ added in v0.3.0 

func NewAwsWriteAuthRoleRequestWithDefaults() *AwsWriteAuthRoleRequest

NewAwsWriteAuthRoleRequestWithDefaults instantiates a new AwsWriteAuthRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsWriteRoleRequest ¶ added in v0.3.0 

type AwsWriteRoleRequest struct {
	// Use role_arns or policy_arns instead.
	// Deprecated
	Arn string `json:"arn,omitempty"`

	// Type of credential to retrieve. Must be one of assumed_role, iam_user, or federation_token
	CredentialType string `json:"credential_type,omitempty"`

	// Default TTL for assumed_role and federation_token credential types when no TTL is explicitly requested with the credentials
	DefaultStsTtl int32 `json:"default_sts_ttl,omitempty"`

	// Names of IAM groups that generated IAM users will be added to. For a credential type of assumed_role or federation_token, the policies sent to the corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the policies from each group in iam_groups combined with the policy_document and policy_arns parameters.
	IamGroups []string `json:"iam_groups,omitempty"`

	// IAM tags to be set for any users created by this role. These must be presented as Key-Value pairs. This can be represented as a map or a list of equal sign delimited key pairs.
	IamTags map[string]interface{} `json:"iam_tags,omitempty"`

	// Max allowed TTL for assumed_role and federation_token credential types
	MaxStsTtl int32 `json:"max_sts_ttl,omitempty"`

	// ARN of an IAM policy to attach as a permissions boundary on IAM user credentials; only valid when credential_type isiam_user
	PermissionsBoundaryArn string `json:"permissions_boundary_arn,omitempty"`

	// Use policy_document instead.
	// Deprecated
	Policy string `json:"policy,omitempty"`

	// ARNs of AWS policies. Behavior varies by credential_type. When credential_type is iam_user, then it will attach the specified policies to the generated IAM user. When credential_type is assumed_role or federation_token, the policies will be passed as the PolicyArns parameter, acting as a filter on permissions available.
	PolicyArns []string `json:"policy_arns,omitempty"`

	// JSON-encoded IAM policy document. Behavior varies by credential_type. When credential_type is iam_user, then it will attach the contents of the policy_document to the IAM user generated. When credential_type is assumed_role or federation_token, this will be passed in as the Policy parameter to the AssumeRole or GetFederationToken API call, acting as a filter on permissions available.
	PolicyDocument string `json:"policy_document,omitempty"`

	// ARNs of AWS roles allowed to be assumed. Only valid when credential_type is assumed_role
	RoleArns []string `json:"role_arns,omitempty"`

	// Path for IAM User. Only valid when credential_type is iam_user
	UserPath string `json:"user_path,omitempty"`
}

AwsWriteRoleRequest struct for AwsWriteRoleRequest

func NewAwsWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewAwsWriteRoleRequestWithDefaults() *AwsWriteRoleRequest

NewAwsWriteRoleRequestWithDefaults instantiates a new AwsWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsWriteRoleTagRequest ¶ added in v0.3.0 

type AwsWriteRoleTagRequest struct {
	// If set, allows migration of the underlying instance where the client resides. This keys off of pendingTime in the metadata document, so essentially, this disables the client nonce check whenever the instance is migrated to a new host and pendingTime is newer than the previously-remembered time. Use with caution.
	AllowInstanceMigration bool `json:"allow_instance_migration,omitempty"`

	// If set, only allows a single token to be granted per instance ID. In order to perform a fresh login, the entry in access list for the instance ID needs to be cleared using the 'auth/aws-ec2/identity-accesslist/<instance_id>' endpoint.
	DisallowReauthentication bool `json:"disallow_reauthentication,omitempty"`

	// Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
	InstanceId string `json:"instance_id,omitempty"`

	// If set, specifies the maximum allowed token lifetime.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Policies to be associated with the tag. If set, must be a subset of the role's policies. If set, but set to an empty value, only the 'default' policy will be given to issued tokens.
	Policies []string `json:"policies,omitempty"`
}

AwsWriteRoleTagRequest struct for AwsWriteRoleTagRequest

func NewAwsWriteRoleTagRequestWithDefaults ¶ added in v0.3.0 

func NewAwsWriteRoleTagRequestWithDefaults() *AwsWriteRoleTagRequest

NewAwsWriteRoleTagRequestWithDefaults instantiates a new AwsWriteRoleTagRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AwsWriteStsRoleRequest ¶ added in v0.3.0 

type AwsWriteStsRoleRequest struct {
	// AWS ARN for STS role to be assumed when interacting with the account specified. The Vault server must have permissions to assume this role.
	StsRole string `json:"sts_role,omitempty"`
}

AwsWriteStsRoleRequest struct for AwsWriteStsRoleRequest

func NewAwsWriteStsRoleRequestWithDefaults ¶ added in v0.3.0 

func NewAwsWriteStsRoleRequestWithDefaults() *AwsWriteStsRoleRequest

NewAwsWriteStsRoleRequestWithDefaults instantiates a new AwsWriteStsRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AzureConfigureAuthRequest ¶ added in v0.3.0 

type AzureConfigureAuthRequest struct {
	// The OAuth2 client id to connection to Azure. This value can also be provided with the AZURE_CLIENT_ID environment variable.
	ClientId string `json:"client_id,omitempty"`

	// The OAuth2 client secret to connection to Azure. This value can also be provided with the AZURE_CLIENT_SECRET environment variable.
	ClientSecret string `json:"client_secret,omitempty"`

	// The Azure environment name. If not provided, AzurePublicCloud is used. This value can also be provided with the AZURE_ENVIRONMENT environment variable.
	Environment string `json:"environment,omitempty"`

	// The resource URL for the vault application in Azure Active Directory. This value can also be provided with the AZURE_AD_RESOURCE environment variable.
	Resource string `json:"resource,omitempty"`

	// The TTL of the root password in Azure. This can be either a number of seconds or a time formatted duration (ex: 24h, 48ds)
	RootPasswordTtl int32 `json:"root_password_ttl,omitempty"`

	// The tenant id for the Azure Active Directory. This is sometimes referred to as Directory ID in AD. This value can also be provided with the AZURE_TENANT_ID environment variable.
	TenantId string `json:"tenant_id,omitempty"`
}

AzureConfigureAuthRequest struct for AzureConfigureAuthRequest

func NewAzureConfigureAuthRequestWithDefaults ¶ added in v0.3.0 

func NewAzureConfigureAuthRequestWithDefaults() *AzureConfigureAuthRequest

NewAzureConfigureAuthRequestWithDefaults instantiates a new AzureConfigureAuthRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AzureConfigureRequest ¶ added in v0.3.0 

type AzureConfigureRequest struct {
	// The OAuth2 client id to connect to Azure. This value can also be provided with the AZURE_CLIENT_ID environment variable.
	ClientId string `json:"client_id,omitempty"`

	// The OAuth2 client secret to connect to Azure. This value can also be provided with the AZURE_CLIENT_SECRET environment variable.
	ClientSecret string `json:"client_secret,omitempty"`

	// The Azure environment name. If not provided, AzurePublicCloud is used. This value can also be provided with the AZURE_ENVIRONMENT environment variable.
	Environment string `json:"environment,omitempty"`

	// Name of the password policy to use to generate passwords for dynamic credentials.
	PasswordPolicy string `json:"password_policy,omitempty"`

	// The TTL of the root password in Azure. This can be either a number of seconds or a time formatted duration (ex: 24h, 48ds)
	RootPasswordTtl int32 `json:"root_password_ttl,omitempty"`

	// The subscription id for the Azure Active Directory. This value can also be provided with the AZURE_SUBSCRIPTION_ID environment variable.
	SubscriptionId string `json:"subscription_id,omitempty"`

	// The tenant id for the Azure Active Directory. This value can also be provided with the AZURE_TENANT_ID environment variable.
	TenantId string `json:"tenant_id,omitempty"`
}

AzureConfigureRequest struct for AzureConfigureRequest

func NewAzureConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewAzureConfigureRequestWithDefaults() *AzureConfigureRequest

NewAzureConfigureRequestWithDefaults instantiates a new AzureConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AzureLoginRequest ¶ 

type AzureLoginRequest struct {
	// A signed JWT
	Jwt string `json:"jwt,omitempty"`

	// The resource group from the instance.
	ResourceGroupName string `json:"resource_group_name,omitempty"`

	// The fully qualified ID of the resource, includingthe resource name and resource type. Use the format, /subscriptions/{guid}/resourceGroups/{resource-group-name}/{resource-provider-namespace}/{resource-type}/{resource-name}. This value is ignored if vm_name or vmss_name is specified.
	ResourceId string `json:"resource_id,omitempty"`

	// The token role.
	Role string `json:"role,omitempty"`

	// The subscription id for the instance.
	SubscriptionId string `json:"subscription_id,omitempty"`

	// The name of the virtual machine. This value is ignored if vmss_name is specified.
	VmName string `json:"vm_name,omitempty"`

	// The name of the virtual machine scale set the instance is in.
	VmssName string `json:"vmss_name,omitempty"`
}

AzureLoginRequest struct for AzureLoginRequest

func NewAzureLoginRequestWithDefaults ¶ 

func NewAzureLoginRequestWithDefaults() *AzureLoginRequest

NewAzureLoginRequestWithDefaults instantiates a new AzureLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AzureWriteAuthRoleRequest ¶ 

type AzureWriteAuthRoleRequest struct {
	// Comma-separated list of group ids that login is restricted to.
	BoundGroupIds []string `json:"bound_group_ids,omitempty"`

	// Comma-separated list of locations that login is restricted to.
	BoundLocations []string `json:"bound_locations,omitempty"`

	// Comma-separated list of resource groups that login is restricted to.
	BoundResourceGroups []string `json:"bound_resource_groups,omitempty"`

	// Comma-separated list of scale sets that login is restricted to.
	BoundScaleSets []string `json:"bound_scale_sets,omitempty"`

	// Comma-separated list of service principal ids that login is restricted to.
	BoundServicePrincipalIds []string `json:"bound_service_principal_ids,omitempty"`

	// Comma-separated list of subscription ids that login is restricted to.
	BoundSubscriptionIds []string `json:"bound_subscription_ids,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Use \"token_num_uses\" instead. If this and \"token_num_uses\" are both specified, only \"token_num_uses\" will be used.
	// Deprecated
	NumUses int32 `json:"num_uses,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

AzureWriteAuthRoleRequest struct for AzureWriteAuthRoleRequest

func NewAzureWriteAuthRoleRequestWithDefaults ¶ 

func NewAzureWriteAuthRoleRequestWithDefaults() *AzureWriteAuthRoleRequest

NewAzureWriteAuthRoleRequestWithDefaults instantiates a new AzureWriteAuthRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type AzureWriteRoleRequest ¶ 

type AzureWriteRoleRequest struct {
	// Application Object ID to use for static service principal credentials.
	ApplicationObjectId string `json:"application_object_id,omitempty"`

	// JSON list of Azure groups to add the service principal to.
	AzureGroups string `json:"azure_groups,omitempty"`

	// JSON list of Azure roles to assign.
	AzureRoles string `json:"azure_roles,omitempty"`

	// Maximum time a service principal. If not set or set to 0, will use system default.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Indicates whether new application objects should be permanently deleted. If not set, objects will not be permanently deleted.
	PermanentlyDelete bool `json:"permanently_delete,omitempty"`

	// Persist the app between generated credentials. Useful if the app needs to maintain owner ship of resources it creates
	PersistApp bool `json:"persist_app,omitempty"`

	// Default lease for generated credentials. If not set or set to 0, will use system default.
	Ttl int32 `json:"ttl,omitempty"`
}

AzureWriteRoleRequest struct for AzureWriteRoleRequest

func NewAzureWriteRoleRequestWithDefaults ¶ 

func NewAzureWriteRoleRequestWithDefaults() *AzureWriteRoleRequest

NewAzureWriteRoleRequestWithDefaults instantiates a new AzureWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CentrifyConfigureRequest ¶ added in v0.3.0 

type CentrifyConfigureRequest struct {
	// OAuth2 App ID
	AppId string `json:"app_id,omitempty"`

	// OAuth2 Client ID
	ClientId string `json:"client_id,omitempty"`

	// OAuth2 Client Secret
	ClientSecret string `json:"client_secret,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// OAuth2 App Scope
	Scope string `json:"scope,omitempty"`

	// Service URL (https://<tenant>.my.centrify.com)
	ServiceUrl string `json:"service_url,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`
}

CentrifyConfigureRequest struct for CentrifyConfigureRequest

func NewCentrifyConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewCentrifyConfigureRequestWithDefaults() *CentrifyConfigureRequest

NewCentrifyConfigureRequestWithDefaults instantiates a new CentrifyConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CentrifyLoginRequest ¶ 

type CentrifyLoginRequest struct {
	// Auth mode ('ro' for resource owner, 'cc' for credential client).
	Mode string `json:"mode,omitempty"`

	// Password for this user.
	Password string `json:"password,omitempty"`

	// Username of the user.
	Username string `json:"username,omitempty"`
}

CentrifyLoginRequest struct for CentrifyLoginRequest

func NewCentrifyLoginRequestWithDefaults ¶ 

func NewCentrifyLoginRequestWithDefaults() *CentrifyLoginRequest

NewCentrifyLoginRequestWithDefaults instantiates a new CentrifyLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CertConfigureRequest ¶ added in v0.3.0 

type CertConfigureRequest struct {
	// If set, during renewal, skips the matching of presented client identity with the client identity used during login. Defaults to false.
	DisableBinding bool `json:"disable_binding,omitempty"`

	// If set, metadata of the certificate including the metadata corresponding to allowed_metadata_extensions will be stored in the alias. Defaults to false.
	EnableIdentityAliasMetadata bool `json:"enable_identity_alias_metadata,omitempty"`

	// The size of the in memory OCSP response cache, shared by all configured certs
	OcspCacheSize int32 `json:"ocsp_cache_size,omitempty"`
}

CertConfigureRequest struct for CertConfigureRequest

func NewCertConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewCertConfigureRequestWithDefaults() *CertConfigureRequest

NewCertConfigureRequestWithDefaults instantiates a new CertConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CertLoginRequest ¶ added in v0.3.0 

type CertLoginRequest struct {
	// The name of the certificate role to authenticate against.
	Name string `json:"name,omitempty"`
}

CertLoginRequest struct for CertLoginRequest

func NewCertLoginRequestWithDefaults ¶ added in v0.3.0 

func NewCertLoginRequestWithDefaults() *CertLoginRequest

NewCertLoginRequestWithDefaults instantiates a new CertLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CertWriteCertificateRequest ¶ added in v0.3.0 

type CertWriteCertificateRequest struct {
	// A comma-separated list of names. At least one must exist in the Common Name. Supports globbing.
	AllowedCommonNames []string `json:"allowed_common_names,omitempty"`

	// A comma-separated list of DNS names. At least one must exist in the SANs. Supports globbing.
	AllowedDnsSans []string `json:"allowed_dns_sans,omitempty"`

	// A comma-separated list of Email Addresses. At least one must exist in the SANs. Supports globbing.
	AllowedEmailSans []string `json:"allowed_email_sans,omitempty"`

	// A comma-separated string or array of oid extensions. Upon successful authentication, these extensions will be added as metadata if they are present in the certificate. The metadata key will be the string consisting of the oid numbers separated by a dash (-) instead of a dot (.) to allow usage in ACL templates.
	AllowedMetadataExtensions []string `json:"allowed_metadata_extensions,omitempty"`

	// A comma-separated list of names. At least one must exist in either the Common Name or SANs. Supports globbing. This parameter is deprecated, please use allowed_common_names, allowed_dns_sans, allowed_email_sans, allowed_uri_sans.
	AllowedNames []string `json:"allowed_names,omitempty"`

	// A comma-separated list of Organizational Units names. At least one must exist in the OU field.
	AllowedOrganizationalUnits []string `json:"allowed_organizational_units,omitempty"`

	// A comma-separated list of URIs. At least one must exist in the SANs. Supports globbing.
	AllowedUriSans []string `json:"allowed_uri_sans,omitempty"`

	// Use \"token_bound_cidrs\" instead. If this and \"token_bound_cidrs\" are both specified, only \"token_bound_cidrs\" will be used.
	// Deprecated
	BoundCidrs []string `json:"bound_cidrs,omitempty"`

	// The public certificate that should be trusted. Must be x509 PEM encoded.
	Certificate string `json:"certificate,omitempty"`

	// The display name to use for clients using this certificate.
	DisplayName string `json:"display_name,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Lease int32 `json:"lease,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Any additional CA certificates needed to communicate with OCSP servers
	OcspCaCertificates string `json:"ocsp_ca_certificates,omitempty"`

	// Whether to attempt OCSP verification of certificates at login
	OcspEnabled bool `json:"ocsp_enabled,omitempty"`

	// If set to true, if an OCSP revocation cannot be made successfully, login will proceed rather than failing. If false, failing to get an OCSP status fails the request.
	OcspFailOpen bool `json:"ocsp_fail_open,omitempty"`

	// If set to true, rather than accepting the first successful OCSP response, query all servers and consider the certificate valid only if all servers agree.
	OcspQueryAllServers bool `json:"ocsp_query_all_servers,omitempty"`

	// A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected.
	OcspServersOverride []string `json:"ocsp_servers_override,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// A comma-separated string or array of extensions formatted as \"oid:value\". Expects the extension value to be some type of ASN1 encoded string. All values much match. Supports globbing on \"value\".
	RequiredExtensions []string `json:"required_extensions,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

CertWriteCertificateRequest struct for CertWriteCertificateRequest

func NewCertWriteCertificateRequestWithDefaults ¶ added in v0.3.0 

func NewCertWriteCertificateRequestWithDefaults() *CertWriteCertificateRequest

NewCertWriteCertificateRequestWithDefaults instantiates a new CertWriteCertificateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CertWriteCrlRequest ¶ added in v0.3.0 

type CertWriteCrlRequest struct {
	// The public CRL that should be trusted to attest to certificates' validity statuses. May be DER or PEM encoded. Note: the expiration time is ignored; if the CRL is no longer valid, delete it using the same name as specified here.
	Crl string `json:"crl,omitempty"`

	// The URL of a CRL distribution point. Only one of 'crl' or 'url' parameters should be specified.
	Url string `json:"url,omitempty"`
}

CertWriteCrlRequest struct for CertWriteCrlRequest

func NewCertWriteCrlRequestWithDefaults ¶ added in v0.3.0 

func NewCertWriteCrlRequestWithDefaults() *CertWriteCrlRequest

NewCertWriteCrlRequestWithDefaults instantiates a new CertWriteCrlRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CloudFoundryConfigureRequest ¶ added in v0.3.0 

type CloudFoundryConfigureRequest struct {
	// CF’s API address.
	CfApiAddr string `json:"cf_api_addr,omitempty"`

	// The PEM-format certificates that are presented for mutual TLS with the CloudFoundry API. If not set, mutual TLS is not used
	CfApiMutualTlsCertificate string `json:"cf_api_mutual_tls_certificate,omitempty"`

	// The PEM-format private key that are used for mutual TLS with the CloudFoundry API. If not set, mutual TLS is not used
	CfApiMutualTlsKey string `json:"cf_api_mutual_tls_key,omitempty"`

	// The PEM-format CA certificates that are acceptable for the CF API to present.
	CfApiTrustedCertificates []string `json:"cf_api_trusted_certificates,omitempty"`

	// The client id for CF’s API.
	CfClientId string `json:"cf_client_id,omitempty"`

	// The client secret for CF’s API.
	CfClientSecret string `json:"cf_client_secret,omitempty"`

	// The password for CF’s API.
	CfPassword string `json:"cf_password,omitempty"`

	// The username for CF’s API.
	CfUsername string `json:"cf_username,omitempty"`

	// The PEM-format CA certificates that are required to have issued the instance certificates presented for logging in.
	IdentityCaCertificates []string `json:"identity_ca_certificates,omitempty"`

	// Duration in seconds for the maximum acceptable length in the future a \"signing_time\" can be. Useful for clock drift. Set low to reduce the opportunity for replay attacks.
	LoginMaxSecondsNotAfter int32 `json:"login_max_seconds_not_after,omitempty"`

	// Duration in seconds for the maximum acceptable age of a \"signing_time\". Useful for clock drift. Set low to reduce the opportunity for replay attacks.
	LoginMaxSecondsNotBefore int32 `json:"login_max_seconds_not_before,omitempty"`

	// Deprecated. Please use \"cf_api_addr\".
	// Deprecated
	PcfApiAddr string `json:"pcf_api_addr,omitempty"`

	// Deprecated. Please use \"cf_api_trusted_certificates\".
	// Deprecated
	PcfApiTrustedCertificates []string `json:"pcf_api_trusted_certificates,omitempty"`

	// Deprecated. Please use \"cf_password\".
	// Deprecated
	PcfPassword string `json:"pcf_password,omitempty"`

	// Deprecated. Please use \"cf_username\".
	// Deprecated
	PcfUsername string `json:"pcf_username,omitempty"`
}

CloudFoundryConfigureRequest struct for CloudFoundryConfigureRequest

func NewCloudFoundryConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewCloudFoundryConfigureRequestWithDefaults() *CloudFoundryConfigureRequest

NewCloudFoundryConfigureRequestWithDefaults instantiates a new CloudFoundryConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CloudFoundryLoginRequest ¶ 

type CloudFoundryLoginRequest struct {
	// The full body of the file available at the CF_INSTANCE_CERT path on the CF instance.
	CfInstanceCert string `json:"cf_instance_cert"`

	// The name of the role to authenticate against.
	Role string `json:"role"`

	// The signature generated by the client certificate's private key.
	Signature string `json:"signature"`

	// The date and time used to construct the signature.
	SigningTime string `json:"signing_time"`
}

CloudFoundryLoginRequest struct for CloudFoundryLoginRequest

func NewCloudFoundryLoginRequestWithDefaults ¶ 

func NewCloudFoundryLoginRequestWithDefaults() *CloudFoundryLoginRequest

NewCloudFoundryLoginRequestWithDefaults instantiates a new CloudFoundryLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CloudFoundryWriteRoleRequest ¶ 

type CloudFoundryWriteRoleRequest struct {
	// Require that the client certificate presented has at least one of these app IDs.
	BoundApplicationIds []string `json:"bound_application_ids,omitempty"`

	// Use \"token_bound_cidrs\" instead. If this and \"token_bound_cidrs\" are both specified, only \"token_bound_cidrs\" will be used.
	// Deprecated
	BoundCidrs []string `json:"bound_cidrs,omitempty"`

	// Require that the client certificate presented has at least one of these instance IDs.
	BoundInstanceIds []string `json:"bound_instance_ids,omitempty"`

	// Require that the client certificate presented has at least one of these org IDs.
	BoundOrganizationIds []string `json:"bound_organization_ids,omitempty"`

	// Require that the client certificate presented has at least one of these space IDs.
	BoundSpaceIds []string `json:"bound_space_ids,omitempty"`

	// If set to true, disables the default behavior that logging in must be performed from an acceptable IP address described by the certificate presented.
	DisableIpMatching bool `json:"disable_ip_matching,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

CloudFoundryWriteRoleRequest struct for CloudFoundryWriteRoleRequest

func NewCloudFoundryWriteRoleRequestWithDefaults ¶ 

func NewCloudFoundryWriteRoleRequestWithDefaults() *CloudFoundryWriteRoleRequest

NewCloudFoundryWriteRoleRequestWithDefaults instantiates a new CloudFoundryWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CollectHostInformationResponse ¶ added in v0.3.0 

type CollectHostInformationResponse struct {
	Cpu []map[string]interface{} `json:"cpu,omitempty"`

	CpuTimes []map[string]interface{} `json:"cpu_times,omitempty"`

	Disk []map[string]interface{} `json:"disk,omitempty"`

	Host map[string]interface{} `json:"host,omitempty"`

	Memory map[string]interface{} `json:"memory,omitempty"`

	Timestamp time.Time `json:"timestamp,omitempty"`
}

CollectHostInformationResponse struct for CollectHostInformationResponse

func NewCollectHostInformationResponseWithDefaults ¶ added in v0.3.0 

func NewCollectHostInformationResponseWithDefaults() *CollectHostInformationResponse

NewCollectHostInformationResponseWithDefaults instantiates a new CollectHostInformationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type ConsulConfigureAccessRequest ¶ added in v0.3.0 

type ConsulConfigureAccessRequest struct {
	// Consul server address
	Address string `json:"address,omitempty"`

	// CA certificate to use when verifying Consul server certificate, must be x509 PEM encoded.
	CaCert string `json:"ca_cert,omitempty"`

	// Client certificate used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key.
	ClientCert string `json:"client_cert,omitempty"`

	// Client key used for Consul's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_cert.
	ClientKey string `json:"client_key,omitempty"`

	// URI scheme for the Consul address
	Scheme string `json:"scheme,omitempty"`

	// Token for API calls
	Token string `json:"token,omitempty"`
}

ConsulConfigureAccessRequest struct for ConsulConfigureAccessRequest

func NewConsulConfigureAccessRequestWithDefaults ¶ added in v0.3.0 

func NewConsulConfigureAccessRequestWithDefaults() *ConsulConfigureAccessRequest

NewConsulConfigureAccessRequestWithDefaults instantiates a new ConsulConfigureAccessRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type ConsulWriteRoleRequest ¶ 

type ConsulWriteRoleRequest struct {
	// Indicates which namespace that the token will be created within. Defaults to 'default'. Available in Consul 1.7 and above.
	ConsulNamespace string `json:"consul_namespace,omitempty"`

	// List of policies to attach to the token. Either \"consul_policies\" or \"consul_roles\" are required for Consul 1.5 and above, or just \"consul_policies\" if using Consul 1.4.
	ConsulPolicies []string `json:"consul_policies,omitempty"`

	// List of Consul roles to attach to the token. Either \"policies\" or \"consul_roles\" are required for Consul 1.5 and above.
	ConsulRoles []string `json:"consul_roles,omitempty"`

	// Use \"ttl\" instead.
	// Deprecated
	Lease int32 `json:"lease,omitempty"`

	// Indicates that the token should not be replicated globally and instead be local to the current datacenter. Available in Consul 1.4 and above.
	Local bool `json:"local,omitempty"`

	// Max TTL for the Consul token created from the role.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// List of Node Identities to attach to the token. Available in Consul 1.8.1 or above.
	NodeIdentities []string `json:"node_identities,omitempty"`

	// Indicates which admin partition that the token will be created within. Defaults to 'default'. Available in Consul 1.11 and above.
	Partition string `json:"partition,omitempty"`

	// Use \"consul_policies\" instead.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Policy document, base64 encoded. Required for 'client' tokens. Required for Consul pre-1.4.
	// Deprecated
	Policy string `json:"policy,omitempty"`

	// List of Service Identities to attach to the token, separated by semicolons. Available in Consul 1.5 or above.
	ServiceIdentities []string `json:"service_identities,omitempty"`

	// Which type of token to create: 'client' or 'management'. If a 'management' token, the \"policy\", \"policies\", and \"consul_roles\" parameters are not required. Defaults to 'client'.
	// Deprecated
	TokenType string `json:"token_type,omitempty"`

	// TTL for the Consul token created from the role.
	Ttl int32 `json:"ttl,omitempty"`
}

ConsulWriteRoleRequest struct for ConsulWriteRoleRequest

func NewConsulWriteRoleRequestWithDefaults ¶ 

func NewConsulWriteRoleRequestWithDefaults() *ConsulWriteRoleRequest

NewConsulWriteRoleRequestWithDefaults instantiates a new ConsulWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CorsConfigureRequest ¶ added in v0.3.0 

type CorsConfigureRequest struct {
	// A comma-separated string or array of strings indicating headers that are allowed on cross-origin requests.
	AllowedHeaders []string `json:"allowed_headers,omitempty"`

	// A comma-separated string or array of strings indicating origins that may make cross-origin requests.
	AllowedOrigins []string `json:"allowed_origins,omitempty"`

	// Enables or disables CORS headers on requests.
	Enable bool `json:"enable,omitempty"`
}

CorsConfigureRequest struct for CorsConfigureRequest

func NewCorsConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewCorsConfigureRequestWithDefaults() *CorsConfigureRequest

NewCorsConfigureRequestWithDefaults instantiates a new CorsConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type CorsReadConfigurationResponse ¶ added in v0.3.0 

type CorsReadConfigurationResponse struct {
	AllowedHeaders []string `json:"allowed_headers,omitempty"`

	AllowedOrigins []string `json:"allowed_origins,omitempty"`

	Enabled bool `json:"enabled,omitempty"`
}

CorsReadConfigurationResponse struct for CorsReadConfigurationResponse

func NewCorsReadConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewCorsReadConfigurationResponseWithDefaults() *CorsReadConfigurationResponse

NewCorsReadConfigurationResponseWithDefaults instantiates a new CorsReadConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type DatabaseConfigureConnectionRequest ¶ added in v0.3.0 

type DatabaseConfigureConnectionRequest struct {
	// Comma separated string or array of the role names allowed to get creds from this database connection. If empty no roles are allowed. If \"*\" all roles are allowed.
	AllowedRoles []string `json:"allowed_roles,omitempty"`

	// Password policy to use when generating passwords.
	PasswordPolicy string `json:"password_policy,omitempty"`

	// The name of a builtin or previously registered plugin known to vault. This endpoint will create an instance of that plugin type.
	PluginName string `json:"plugin_name,omitempty"`

	// The version of the plugin to use.
	PluginVersion string `json:"plugin_version,omitempty"`

	// Specifies the database statements to be executed to rotate the root user's credentials. See the plugin's API page for more information on support and formatting for this parameter.
	RootRotationStatements []string `json:"root_rotation_statements,omitempty"`

	// If true, the connection details are verified by actually connecting to the database. Defaults to true.
	VerifyConnection bool `json:"verify_connection,omitempty"`
}

DatabaseConfigureConnectionRequest struct for DatabaseConfigureConnectionRequest

func NewDatabaseConfigureConnectionRequestWithDefaults ¶ added in v0.3.0 

func NewDatabaseConfigureConnectionRequestWithDefaults() *DatabaseConfigureConnectionRequest

NewDatabaseConfigureConnectionRequestWithDefaults instantiates a new DatabaseConfigureConnectionRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type DatabaseWriteRoleRequest ¶ 

type DatabaseWriteRoleRequest struct {
	// Specifies the database statements executed to create and configure a user. See the plugin's API page for more information on support and formatting for this parameter.
	CreationStatements []string `json:"creation_statements,omitempty"`

	// The configuration for the given credential_type.
	CredentialConfig map[string]interface{} `json:"credential_config,omitempty"`

	// The type of credential to manage. Options include: 'password', 'rsa_private_key'. Defaults to 'password'.
	CredentialType string `json:"credential_type,omitempty"`

	// Name of the database this role acts on.
	DbName string `json:"db_name,omitempty"`

	// Default ttl for role.
	DefaultTtl int32 `json:"default_ttl,omitempty"`

	// Maximum time a credential is valid for
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Specifies the database statements to be executed to renew a user. Not every plugin type will support this functionality. See the plugin's API page for more information on support and formatting for this parameter.
	RenewStatements []string `json:"renew_statements,omitempty"`

	// Specifies the database statements to be executed to revoke a user. See the plugin's API page for more information on support and formatting for this parameter.
	RevocationStatements []string `json:"revocation_statements,omitempty"`

	// Specifies the database statements to be executed rollback a create operation in the event of an error. Not every plugin type will support this functionality. See the plugin's API page for more information on support and formatting for this parameter.
	RollbackStatements []string `json:"rollback_statements,omitempty"`
}

DatabaseWriteRoleRequest struct for DatabaseWriteRoleRequest

func NewDatabaseWriteRoleRequestWithDefaults ¶ 

func NewDatabaseWriteRoleRequestWithDefaults() *DatabaseWriteRoleRequest

NewDatabaseWriteRoleRequestWithDefaults instantiates a new DatabaseWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type DatabaseWriteStaticRoleRequest ¶ 

type DatabaseWriteStaticRoleRequest struct {
	// The configuration for the given credential_type.
	CredentialConfig map[string]interface{} `json:"credential_config,omitempty"`

	// The type of credential to manage. Options include: 'password', 'rsa_private_key'. Defaults to 'password'.
	CredentialType string `json:"credential_type,omitempty"`

	// Name of the database this role acts on.
	DbName string `json:"db_name,omitempty"`

	// Period for automatic credential rotation of the given username. Not valid unless used with \"username\".
	RotationPeriod int32 `json:"rotation_period,omitempty"`

	// Specifies the database statements to be executed to rotate the accounts credentials. Not every plugin type will support this functionality. See the plugin's API page for more information on support and formatting for this parameter.
	RotationStatements []string `json:"rotation_statements,omitempty"`

	// Name of the static user account for Vault to manage. Requires \"rotation_period\" to be specified
	Username string `json:"username,omitempty"`
}

DatabaseWriteStaticRoleRequest struct for DatabaseWriteStaticRoleRequest

func NewDatabaseWriteStaticRoleRequestWithDefaults ¶ 

func NewDatabaseWriteStaticRoleRequestWithDefaults() *DatabaseWriteStaticRoleRequest

NewDatabaseWriteStaticRoleRequestWithDefaults instantiates a new DatabaseWriteStaticRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EncryptionKeyConfigureRotationRequest ¶ added in v0.3.0 

type EncryptionKeyConfigureRotationRequest struct {
	// Whether automatic rotation is enabled.
	Enabled bool `json:"enabled,omitempty"`

	// How long after installation of an active key term that the key will be automatically rotated.
	Interval int32 `json:"interval,omitempty"`

	// The number of encryption operations performed before the barrier key is automatically rotated.
	MaxOperations int64 `json:"max_operations,omitempty"`
}

EncryptionKeyConfigureRotationRequest struct for EncryptionKeyConfigureRotationRequest

func NewEncryptionKeyConfigureRotationRequestWithDefaults ¶ added in v0.3.0 

func NewEncryptionKeyConfigureRotationRequestWithDefaults() *EncryptionKeyConfigureRotationRequest

NewEncryptionKeyConfigureRotationRequestWithDefaults instantiates a new EncryptionKeyConfigureRotationRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EncryptionKeyReadRotationConfigurationResponse ¶ added in v0.3.0 

type EncryptionKeyReadRotationConfigurationResponse struct {
	Enabled bool `json:"enabled,omitempty"`

	Interval int32 `json:"interval,omitempty"`

	MaxOperations int64 `json:"max_operations,omitempty"`
}

EncryptionKeyReadRotationConfigurationResponse struct for EncryptionKeyReadRotationConfigurationResponse

func NewEncryptionKeyReadRotationConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewEncryptionKeyReadRotationConfigurationResponseWithDefaults() *EncryptionKeyReadRotationConfigurationResponse

NewEncryptionKeyReadRotationConfigurationResponseWithDefaults instantiates a new EncryptionKeyReadRotationConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EntityBatchDeleteRequest ¶ 

type EntityBatchDeleteRequest struct {
	// Entity IDs to delete
	EntityIds []string `json:"entity_ids,omitempty"`
}

EntityBatchDeleteRequest struct for EntityBatchDeleteRequest

func NewEntityBatchDeleteRequestWithDefaults ¶ 

func NewEntityBatchDeleteRequestWithDefaults() *EntityBatchDeleteRequest

NewEntityBatchDeleteRequestWithDefaults instantiates a new EntityBatchDeleteRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EntityCreateAliasRequest ¶ added in v0.3.0 

type EntityCreateAliasRequest struct {
	// Entity ID to which this alias belongs
	CanonicalId string `json:"canonical_id,omitempty"`

	// User provided key-value pairs
	CustomMetadata map[string]interface{} `json:"custom_metadata,omitempty"`

	// Entity ID to which this alias belongs. This field is deprecated, use canonical_id.
	EntityId string `json:"entity_id,omitempty"`

	// ID of the entity alias. If set, updates the corresponding entity alias.
	Id string `json:"id,omitempty"`

	// Mount accessor to which this alias belongs to; unused for a modify
	MountAccessor string `json:"mount_accessor,omitempty"`

	// Name of the alias; unused for a modify
	Name string `json:"name,omitempty"`
}

EntityCreateAliasRequest struct for EntityCreateAliasRequest

func NewEntityCreateAliasRequestWithDefaults ¶ added in v0.3.0 

func NewEntityCreateAliasRequestWithDefaults() *EntityCreateAliasRequest

NewEntityCreateAliasRequestWithDefaults instantiates a new EntityCreateAliasRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EntityCreateRequest ¶ added in v0.3.0 

type EntityCreateRequest struct {
	// If set true, tokens tied to this identity will not be able to be used (but will not be revoked).
	Disabled bool `json:"disabled,omitempty"`

	// ID of the entity. If set, updates the corresponding existing entity.
	Id string `json:"id,omitempty"`

	// Metadata to be associated with the entity. In CLI, this parameter can be repeated multiple times, and it all gets merged together. For example: vault <command> <path> metadata=key1=value1 metadata=key2=value2
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Name of the entity
	Name string `json:"name,omitempty"`

	// Policies to be tied to the entity.
	Policies []string `json:"policies,omitempty"`
}

EntityCreateRequest struct for EntityCreateRequest

func NewEntityCreateRequestWithDefaults ¶ added in v0.3.0 

func NewEntityCreateRequestWithDefaults() *EntityCreateRequest

NewEntityCreateRequestWithDefaults instantiates a new EntityCreateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EntityLookUpRequest ¶ added in v0.3.0 

type EntityLookUpRequest struct {
	// ID of the alias.
	AliasId string `json:"alias_id,omitempty"`

	// Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with 'alias_name'.
	AliasMountAccessor string `json:"alias_mount_accessor,omitempty"`

	// Name of the alias. This should be supplied in conjunction with 'alias_mount_accessor'.
	AliasName string `json:"alias_name,omitempty"`

	// ID of the entity.
	Id string `json:"id,omitempty"`

	// Name of the entity.
	Name string `json:"name,omitempty"`
}

EntityLookUpRequest struct for EntityLookUpRequest

func NewEntityLookUpRequestWithDefaults ¶ added in v0.3.0 

func NewEntityLookUpRequestWithDefaults() *EntityLookUpRequest

NewEntityLookUpRequestWithDefaults instantiates a new EntityLookUpRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EntityMergeRequest ¶ 

type EntityMergeRequest struct {
	// Alias IDs to keep in case of conflicting aliases. Ignored if no conflicting aliases found
	ConflictingAliasIdsToKeep []string `json:"conflicting_alias_ids_to_keep,omitempty"`

	// Setting this will follow the 'mine' strategy for merging MFA secrets. If there are secrets of the same type both in entities that are merged from and in entity into which all others are getting merged, secrets in the destination will be unaltered. If not set, this API will throw an error containing all the conflicts.
	Force bool `json:"force,omitempty"`

	// Entity IDs which need to get merged
	FromEntityIds []string `json:"from_entity_ids,omitempty"`

	// Entity ID into which all the other entities need to get merged
	ToEntityId string `json:"to_entity_id,omitempty"`
}

EntityMergeRequest struct for EntityMergeRequest

func NewEntityMergeRequestWithDefaults ¶ 

func NewEntityMergeRequestWithDefaults() *EntityMergeRequest

NewEntityMergeRequestWithDefaults instantiates a new EntityMergeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EntityUpdateAliasByIdRequest ¶ added in v0.3.0 

type EntityUpdateAliasByIdRequest struct {
	// Entity ID to which this alias should be tied to
	CanonicalId string `json:"canonical_id,omitempty"`

	// User provided key-value pairs
	CustomMetadata map[string]interface{} `json:"custom_metadata,omitempty"`

	// Entity ID to which this alias belongs to. This field is deprecated, use canonical_id.
	EntityId string `json:"entity_id,omitempty"`

	// (Unused)
	MountAccessor string `json:"mount_accessor,omitempty"`

	// (Unused)
	Name string `json:"name,omitempty"`
}

EntityUpdateAliasByIdRequest struct for EntityUpdateAliasByIdRequest

func NewEntityUpdateAliasByIdRequestWithDefaults ¶ added in v0.3.0 

func NewEntityUpdateAliasByIdRequestWithDefaults() *EntityUpdateAliasByIdRequest

NewEntityUpdateAliasByIdRequestWithDefaults instantiates a new EntityUpdateAliasByIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EntityUpdateByIdRequest ¶ added in v0.3.0 

type EntityUpdateByIdRequest struct {
	// If set true, tokens tied to this identity will not be able to be used (but will not be revoked).
	Disabled bool `json:"disabled,omitempty"`

	// Metadata to be associated with the entity. In CLI, this parameter can be repeated multiple times, and it all gets merged together. For example: vault <command> <path> metadata=key1=value1 metadata=key2=value2
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Name of the entity
	Name string `json:"name,omitempty"`

	// Policies to be tied to the entity.
	Policies []string `json:"policies,omitempty"`
}

EntityUpdateByIdRequest struct for EntityUpdateByIdRequest

func NewEntityUpdateByIdRequestWithDefaults ¶ added in v0.3.0 

func NewEntityUpdateByIdRequestWithDefaults() *EntityUpdateByIdRequest

NewEntityUpdateByIdRequestWithDefaults instantiates a new EntityUpdateByIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type EntityUpdateByNameRequest ¶ added in v0.3.0 

type EntityUpdateByNameRequest struct {
	// If set true, tokens tied to this identity will not be able to be used (but will not be revoked).
	Disabled bool `json:"disabled,omitempty"`

	// ID of the entity. If set, updates the corresponding existing entity.
	Id string `json:"id,omitempty"`

	// Metadata to be associated with the entity. In CLI, this parameter can be repeated multiple times, and it all gets merged together. For example: vault <command> <path> metadata=key1=value1 metadata=key2=value2
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Policies to be tied to the entity.
	Policies []string `json:"policies,omitempty"`
}

EntityUpdateByNameRequest struct for EntityUpdateByNameRequest

func NewEntityUpdateByNameRequestWithDefaults ¶ added in v0.3.0 

func NewEntityUpdateByNameRequestWithDefaults() *EntityUpdateByNameRequest

NewEntityUpdateByNameRequestWithDefaults instantiates a new EntityUpdateByNameRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateHashRequest ¶ added in v0.3.0 

type GenerateHashRequest struct {
	// Algorithm to use (POST body parameter). Valid values are: * sha2-224 * sha2-256 * sha2-384 * sha2-512 Defaults to \"sha2-256\".
	Algorithm string `json:"algorithm,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"hex\".
	Format string `json:"format,omitempty"`

	// The base64-encoded input data
	Input string `json:"input,omitempty"`

	// Algorithm to use (POST URL parameter)
	Urlalgorithm string `json:"urlalgorithm,omitempty"`
}

GenerateHashRequest struct for GenerateHashRequest

func NewGenerateHashRequestWithDefaults ¶ added in v0.3.0 

func NewGenerateHashRequestWithDefaults() *GenerateHashRequest

NewGenerateHashRequestWithDefaults instantiates a new GenerateHashRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateHashResponse ¶ added in v0.3.0 

type GenerateHashResponse struct {
	Sum string `json:"sum,omitempty"`
}

GenerateHashResponse struct for GenerateHashResponse

func NewGenerateHashResponseWithDefaults ¶ added in v0.3.0 

func NewGenerateHashResponseWithDefaults() *GenerateHashResponse

NewGenerateHashResponseWithDefaults instantiates a new GenerateHashResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateHashWithAlgorithmRequest ¶ added in v0.3.0 

type GenerateHashWithAlgorithmRequest struct {
	// Algorithm to use (POST body parameter). Valid values are: * sha2-224 * sha2-256 * sha2-384 * sha2-512 Defaults to \"sha2-256\".
	Algorithm string `json:"algorithm,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"hex\".
	Format string `json:"format,omitempty"`

	// The base64-encoded input data
	Input string `json:"input,omitempty"`
}

GenerateHashWithAlgorithmRequest struct for GenerateHashWithAlgorithmRequest

func NewGenerateHashWithAlgorithmRequestWithDefaults ¶ added in v0.3.0 

func NewGenerateHashWithAlgorithmRequestWithDefaults() *GenerateHashWithAlgorithmRequest

NewGenerateHashWithAlgorithmRequestWithDefaults instantiates a new GenerateHashWithAlgorithmRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateHashWithAlgorithmResponse ¶ added in v0.3.0 

type GenerateHashWithAlgorithmResponse struct {
	Sum string `json:"sum,omitempty"`
}

GenerateHashWithAlgorithmResponse struct for GenerateHashWithAlgorithmResponse

func NewGenerateHashWithAlgorithmResponseWithDefaults ¶ added in v0.3.0 

func NewGenerateHashWithAlgorithmResponseWithDefaults() *GenerateHashWithAlgorithmResponse

NewGenerateHashWithAlgorithmResponseWithDefaults instantiates a new GenerateHashWithAlgorithmResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateRandomRequest ¶ added in v0.3.0 

type GenerateRandomRequest struct {
	// The number of bytes to generate (POST body parameter). Defaults to 32 (256 bits).
	Bytes int32 `json:"bytes,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"base64\".
	Format string `json:"format,omitempty"`

	// Which system to source random data from, ether \"platform\", \"seal\", or \"all\".
	Source string `json:"source,omitempty"`

	// The number of bytes to generate (POST URL parameter)
	Urlbytes string `json:"urlbytes,omitempty"`
}

GenerateRandomRequest struct for GenerateRandomRequest

func NewGenerateRandomRequestWithDefaults ¶ added in v0.3.0 

func NewGenerateRandomRequestWithDefaults() *GenerateRandomRequest

NewGenerateRandomRequestWithDefaults instantiates a new GenerateRandomRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateRandomResponse ¶ added in v0.3.0 

type GenerateRandomResponse struct {
	RandomBytes string `json:"random_bytes,omitempty"`
}

GenerateRandomResponse struct for GenerateRandomResponse

func NewGenerateRandomResponseWithDefaults ¶ added in v0.3.0 

func NewGenerateRandomResponseWithDefaults() *GenerateRandomResponse

NewGenerateRandomResponseWithDefaults instantiates a new GenerateRandomResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateRandomWithBytesRequest ¶ added in v0.3.0 

type GenerateRandomWithBytesRequest struct {
	// The number of bytes to generate (POST body parameter). Defaults to 32 (256 bits).
	Bytes int32 `json:"bytes,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"base64\".
	Format string `json:"format,omitempty"`

	// Which system to source random data from, ether \"platform\", \"seal\", or \"all\".
	Source string `json:"source,omitempty"`
}

GenerateRandomWithBytesRequest struct for GenerateRandomWithBytesRequest

func NewGenerateRandomWithBytesRequestWithDefaults ¶ added in v0.3.0 

func NewGenerateRandomWithBytesRequestWithDefaults() *GenerateRandomWithBytesRequest

NewGenerateRandomWithBytesRequestWithDefaults instantiates a new GenerateRandomWithBytesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateRandomWithBytesResponse ¶ added in v0.3.0 

type GenerateRandomWithBytesResponse struct {
	RandomBytes string `json:"random_bytes,omitempty"`
}

GenerateRandomWithBytesResponse struct for GenerateRandomWithBytesResponse

func NewGenerateRandomWithBytesResponseWithDefaults ¶ added in v0.3.0 

func NewGenerateRandomWithBytesResponseWithDefaults() *GenerateRandomWithBytesResponse

NewGenerateRandomWithBytesResponseWithDefaults instantiates a new GenerateRandomWithBytesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateRandomWithSourceAndBytesRequest ¶ added in v0.3.0 

type GenerateRandomWithSourceAndBytesRequest struct {
	// The number of bytes to generate (POST body parameter). Defaults to 32 (256 bits).
	Bytes int32 `json:"bytes,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"base64\".
	Format string `json:"format,omitempty"`
}

GenerateRandomWithSourceAndBytesRequest struct for GenerateRandomWithSourceAndBytesRequest

func NewGenerateRandomWithSourceAndBytesRequestWithDefaults ¶ added in v0.3.0 

func NewGenerateRandomWithSourceAndBytesRequestWithDefaults() *GenerateRandomWithSourceAndBytesRequest

NewGenerateRandomWithSourceAndBytesRequestWithDefaults instantiates a new GenerateRandomWithSourceAndBytesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateRandomWithSourceAndBytesResponse ¶ added in v0.3.0 

type GenerateRandomWithSourceAndBytesResponse struct {
	RandomBytes string `json:"random_bytes,omitempty"`
}

GenerateRandomWithSourceAndBytesResponse struct for GenerateRandomWithSourceAndBytesResponse

func NewGenerateRandomWithSourceAndBytesResponseWithDefaults ¶ added in v0.3.0 

func NewGenerateRandomWithSourceAndBytesResponseWithDefaults() *GenerateRandomWithSourceAndBytesResponse

NewGenerateRandomWithSourceAndBytesResponseWithDefaults instantiates a new GenerateRandomWithSourceAndBytesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateRandomWithSourceRequest ¶ added in v0.3.0 

type GenerateRandomWithSourceRequest struct {
	// The number of bytes to generate (POST body parameter). Defaults to 32 (256 bits).
	Bytes int32 `json:"bytes,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"base64\".
	Format string `json:"format,omitempty"`

	// The number of bytes to generate (POST URL parameter)
	Urlbytes string `json:"urlbytes,omitempty"`
}

GenerateRandomWithSourceRequest struct for GenerateRandomWithSourceRequest

func NewGenerateRandomWithSourceRequestWithDefaults ¶ added in v0.3.0 

func NewGenerateRandomWithSourceRequestWithDefaults() *GenerateRandomWithSourceRequest

NewGenerateRandomWithSourceRequestWithDefaults instantiates a new GenerateRandomWithSourceRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GenerateRandomWithSourceResponse ¶ added in v0.3.0 

type GenerateRandomWithSourceResponse struct {
	RandomBytes string `json:"random_bytes,omitempty"`
}

GenerateRandomWithSourceResponse struct for GenerateRandomWithSourceResponse

func NewGenerateRandomWithSourceResponseWithDefaults ¶ added in v0.3.0 

func NewGenerateRandomWithSourceResponseWithDefaults() *GenerateRandomWithSourceResponse

NewGenerateRandomWithSourceResponseWithDefaults instantiates a new GenerateRandomWithSourceResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GithubConfigureRequest ¶ added in v0.3.0 

type GithubConfigureRequest struct {
	// The API endpoint to use. Useful if you are running GitHub Enterprise or an API-compatible authentication server.
	BaseUrl string `json:"base_url,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// The organization users must be part of
	Organization string `json:"organization"`

	// The ID of the organization users must be part of
	OrganizationId int64 `json:"organization_id,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies. This will apply to all tokens generated by this auth method, in addition to any policies configured for specific users/groups.
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

GithubConfigureRequest struct for GithubConfigureRequest

func NewGithubConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewGithubConfigureRequestWithDefaults() *GithubConfigureRequest

NewGithubConfigureRequestWithDefaults instantiates a new GithubConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GithubLoginRequest ¶ added in v0.3.0 

type GithubLoginRequest struct {
	// GitHub personal API token
	Token string `json:"token,omitempty"`
}

GithubLoginRequest struct for GithubLoginRequest

func NewGithubLoginRequestWithDefaults ¶ added in v0.3.0 

func NewGithubLoginRequestWithDefaults() *GithubLoginRequest

NewGithubLoginRequestWithDefaults instantiates a new GithubLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GithubWriteTeamMappingRequest ¶ added in v0.3.0 

type GithubWriteTeamMappingRequest struct {
	// Value for teams mapping
	Value string `json:"value,omitempty"`
}

GithubWriteTeamMappingRequest struct for GithubWriteTeamMappingRequest

func NewGithubWriteTeamMappingRequestWithDefaults ¶ added in v0.3.0 

func NewGithubWriteTeamMappingRequestWithDefaults() *GithubWriteTeamMappingRequest

NewGithubWriteTeamMappingRequestWithDefaults instantiates a new GithubWriteTeamMappingRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GithubWriteUserMappingRequest ¶ added in v0.3.0 

type GithubWriteUserMappingRequest struct {
	// Value for users mapping
	Value string `json:"value,omitempty"`
}

GithubWriteUserMappingRequest struct for GithubWriteUserMappingRequest

func NewGithubWriteUserMappingRequestWithDefaults ¶ added in v0.3.0 

func NewGithubWriteUserMappingRequestWithDefaults() *GithubWriteUserMappingRequest

NewGithubWriteUserMappingRequestWithDefaults instantiates a new GithubWriteUserMappingRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudConfigureAuthRequest ¶ added in v0.3.0 

type GoogleCloudConfigureAuthRequest struct {
	// Google credentials JSON that Vault will use to verify users against GCP APIs. If not specified, will use application default credentials
	Credentials string `json:"credentials,omitempty"`

	// Specifies overrides for various Google API Service Endpoints used in requests.
	CustomEndpoint map[string]interface{} `json:"custom_endpoint,omitempty"`

	// Indicates what value to use when generating an alias for GCE authentications.
	GceAlias string `json:"gce_alias,omitempty"`

	// The metadata to include on the aliases and audit logs generated by this plugin. When set to 'default', includes: instance_creation_timestamp, instance_id, instance_name, project_id, project_number, role, service_account_id, service_account_email, zone. Not editing this field means the 'default' fields are included. Explicitly setting this field to empty overrides the 'default' and means no metadata will be included. If not using 'default', explicit fields must be sent like: 'field1,field2'.
	GceMetadata []string `json:"gce_metadata,omitempty"`

	// Deprecated. This field does nothing and be removed in a future release
	// Deprecated
	GoogleCertsEndpoint string `json:"google_certs_endpoint,omitempty"`

	// Indicates what value to use when generating an alias for IAM authentications.
	IamAlias string `json:"iam_alias,omitempty"`

	// The metadata to include on the aliases and audit logs generated by this plugin. When set to 'default', includes: project_id, role, service_account_id, service_account_email. Not editing this field means the 'default' fields are included. Explicitly setting this field to empty overrides the 'default' and means no metadata will be included. If not using 'default', explicit fields must be sent like: 'field1,field2'.
	IamMetadata []string `json:"iam_metadata,omitempty"`
}

GoogleCloudConfigureAuthRequest struct for GoogleCloudConfigureAuthRequest

func NewGoogleCloudConfigureAuthRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudConfigureAuthRequestWithDefaults() *GoogleCloudConfigureAuthRequest

NewGoogleCloudConfigureAuthRequestWithDefaults instantiates a new GoogleCloudConfigureAuthRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudConfigureRequest ¶ added in v0.3.0 

type GoogleCloudConfigureRequest struct {
	// GCP IAM service account credentials JSON with permissions to create new service accounts and set IAM policies
	Credentials string `json:"credentials,omitempty"`

	// Maximum time a service account key is valid for. If <= 0, will use system default.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Default lease for generated keys. If <= 0, will use system default.
	Ttl int32 `json:"ttl,omitempty"`
}

GoogleCloudConfigureRequest struct for GoogleCloudConfigureRequest

func NewGoogleCloudConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudConfigureRequestWithDefaults() *GoogleCloudConfigureRequest

NewGoogleCloudConfigureRequestWithDefaults instantiates a new GoogleCloudConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudEditLabelsForRoleRequest ¶ added in v0.3.0 

type GoogleCloudEditLabelsForRoleRequest struct {
	// BoundLabels to add (in $key:$value)
	Add []string `json:"add,omitempty"`

	// Label key values to remove
	Remove []string `json:"remove,omitempty"`
}

GoogleCloudEditLabelsForRoleRequest struct for GoogleCloudEditLabelsForRoleRequest

func NewGoogleCloudEditLabelsForRoleRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudEditLabelsForRoleRequestWithDefaults() *GoogleCloudEditLabelsForRoleRequest

NewGoogleCloudEditLabelsForRoleRequestWithDefaults instantiates a new GoogleCloudEditLabelsForRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudEditServiceAccountsForRoleRequest ¶ added in v0.3.0 

type GoogleCloudEditServiceAccountsForRoleRequest struct {
	// Service-account emails or IDs to add.
	Add []string `json:"add,omitempty"`

	// Service-account emails or IDs to remove.
	Remove []string `json:"remove,omitempty"`
}

GoogleCloudEditServiceAccountsForRoleRequest struct for GoogleCloudEditServiceAccountsForRoleRequest

func NewGoogleCloudEditServiceAccountsForRoleRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudEditServiceAccountsForRoleRequestWithDefaults() *GoogleCloudEditServiceAccountsForRoleRequest

NewGoogleCloudEditServiceAccountsForRoleRequestWithDefaults instantiates a new GoogleCloudEditServiceAccountsForRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudGenerateRolesetKeyWithParametersRequest ¶ added in v0.3.0 

type GoogleCloudGenerateRolesetKeyWithParametersRequest struct {
	// Private key algorithm for service account key - defaults to KEY_ALG_RSA_2048\"
	KeyAlgorithm string `json:"key_algorithm,omitempty"`

	// Private key type for service account key - defaults to TYPE_GOOGLE_CREDENTIALS_FILE\"
	KeyType string `json:"key_type,omitempty"`

	// Lifetime of the service account key
	Ttl int32 `json:"ttl,omitempty"`
}

GoogleCloudGenerateRolesetKeyWithParametersRequest struct for GoogleCloudGenerateRolesetKeyWithParametersRequest

func NewGoogleCloudGenerateRolesetKeyWithParametersRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudGenerateRolesetKeyWithParametersRequestWithDefaults() *GoogleCloudGenerateRolesetKeyWithParametersRequest

NewGoogleCloudGenerateRolesetKeyWithParametersRequestWithDefaults instantiates a new GoogleCloudGenerateRolesetKeyWithParametersRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudGenerateStaticAccountKeyWithParametersRequest ¶ added in v0.3.0 

type GoogleCloudGenerateStaticAccountKeyWithParametersRequest struct {
	// Private key algorithm for service account key. Defaults to KEY_ALG_RSA_2048.\"
	KeyAlgorithm string `json:"key_algorithm,omitempty"`

	// Private key type for service account key. Defaults to TYPE_GOOGLE_CREDENTIALS_FILE.\"
	KeyType string `json:"key_type,omitempty"`

	// Lifetime of the service account key
	Ttl int32 `json:"ttl,omitempty"`
}

GoogleCloudGenerateStaticAccountKeyWithParametersRequest struct for GoogleCloudGenerateStaticAccountKeyWithParametersRequest

func NewGoogleCloudGenerateStaticAccountKeyWithParametersRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudGenerateStaticAccountKeyWithParametersRequestWithDefaults() *GoogleCloudGenerateStaticAccountKeyWithParametersRequest

NewGoogleCloudGenerateStaticAccountKeyWithParametersRequestWithDefaults instantiates a new GoogleCloudGenerateStaticAccountKeyWithParametersRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsConfigureKeyRequest ¶ added in v0.3.0 

type GoogleCloudKmsConfigureKeyRequest struct {
	// Maximum allowed crypto key version. If set to a positive value, key versions greater than the given value are not permitted to be used. If set to 0 or a negative value, there is no maximum key version.
	MaxVersion int32 `json:"max_version,omitempty"`

	// Minimum allowed crypto key version. If set to a positive value, key versions less than the given value are not permitted to be used. If set to 0 or a negative value, there is no minimum key version. This value only affects encryption/re-encryption, not decryption. To restrict old values from being decrypted, increase this value and then perform a trim operation.
	MinVersion int32 `json:"min_version,omitempty"`
}

GoogleCloudKmsConfigureKeyRequest struct for GoogleCloudKmsConfigureKeyRequest

func NewGoogleCloudKmsConfigureKeyRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsConfigureKeyRequestWithDefaults() *GoogleCloudKmsConfigureKeyRequest

NewGoogleCloudKmsConfigureKeyRequestWithDefaults instantiates a new GoogleCloudKmsConfigureKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsConfigureRequest ¶ added in v0.3.0 

type GoogleCloudKmsConfigureRequest struct {
	// The credentials to use for authenticating to Google Cloud. Leave this blank to use the Default Application Credentials or instance metadata authentication.
	Credentials string `json:"credentials,omitempty"`

	// The list of full-URL scopes to request when authenticating. By default, this requests https://www.googleapis.com/auth/cloudkms.
	Scopes []string `json:"scopes,omitempty"`
}

GoogleCloudKmsConfigureRequest struct for GoogleCloudKmsConfigureRequest

func NewGoogleCloudKmsConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsConfigureRequestWithDefaults() *GoogleCloudKmsConfigureRequest

NewGoogleCloudKmsConfigureRequestWithDefaults instantiates a new GoogleCloudKmsConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsDecryptRequest ¶ added in v0.3.0 

type GoogleCloudKmsDecryptRequest struct {
	// Optional data that was specified during encryption of this payload.
	AdditionalAuthenticatedData string `json:"additional_authenticated_data,omitempty"`

	// Ciphertext to decrypt as previously returned from an encrypt operation. This must be base64-encoded ciphertext as previously returned from an encrypt operation.
	Ciphertext string `json:"ciphertext,omitempty"`

	// Integer version of the crypto key version to use for decryption. This is required for asymmetric keys. For symmetric keys, Cloud KMS will choose the correct version automatically.
	KeyVersion int32 `json:"key_version,omitempty"`
}

GoogleCloudKmsDecryptRequest struct for GoogleCloudKmsDecryptRequest

func NewGoogleCloudKmsDecryptRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsDecryptRequestWithDefaults() *GoogleCloudKmsDecryptRequest

NewGoogleCloudKmsDecryptRequestWithDefaults instantiates a new GoogleCloudKmsDecryptRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsEncryptRequest ¶ added in v0.3.0 

type GoogleCloudKmsEncryptRequest struct {
	// Optional base64-encoded data that, if specified, must also be provided to decrypt this payload.
	AdditionalAuthenticatedData string `json:"additional_authenticated_data,omitempty"`

	// Integer version of the crypto key version to use for encryption. If unspecified, this defaults to the latest active crypto key version.
	KeyVersion int32 `json:"key_version,omitempty"`

	// Plaintext value to be encrypted. This can be a string or binary, but the size is limited. See the Google Cloud KMS documentation for information on size limitations by key types.
	Plaintext string `json:"plaintext,omitempty"`
}

GoogleCloudKmsEncryptRequest struct for GoogleCloudKmsEncryptRequest

func NewGoogleCloudKmsEncryptRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsEncryptRequestWithDefaults() *GoogleCloudKmsEncryptRequest

NewGoogleCloudKmsEncryptRequestWithDefaults instantiates a new GoogleCloudKmsEncryptRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsReencryptRequest ¶ added in v0.3.0 

type GoogleCloudKmsReencryptRequest struct {
	// Optional data that, if specified, must also be provided during decryption.
	AdditionalAuthenticatedData string `json:"additional_authenticated_data,omitempty"`

	// Ciphertext to be re-encrypted to the latest key version. This must be ciphertext that Vault previously generated for this named key.
	Ciphertext string `json:"ciphertext,omitempty"`

	// Integer version of the crypto key version to use for the new encryption. If unspecified, this defaults to the latest active crypto key version.
	KeyVersion int32 `json:"key_version,omitempty"`
}

GoogleCloudKmsReencryptRequest struct for GoogleCloudKmsReencryptRequest

func NewGoogleCloudKmsReencryptRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsReencryptRequestWithDefaults() *GoogleCloudKmsReencryptRequest

NewGoogleCloudKmsReencryptRequestWithDefaults instantiates a new GoogleCloudKmsReencryptRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsRegisterKeyRequest ¶ added in v0.3.0 

type GoogleCloudKmsRegisterKeyRequest struct {
	// Full resource ID of the crypto key including the project, location, key ring, and crypto key like \"projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s\". This crypto key must already exist in Google Cloud KMS unless verify is set to \"false\".
	CryptoKey string `json:"crypto_key,omitempty"`

	// Verify that the given Google Cloud KMS crypto key exists and is accessible before creating the storage entry in Vault. Set this to \"false\" if the key will not exist at creation time.
	Verify bool `json:"verify,omitempty"`
}

GoogleCloudKmsRegisterKeyRequest struct for GoogleCloudKmsRegisterKeyRequest

func NewGoogleCloudKmsRegisterKeyRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsRegisterKeyRequestWithDefaults() *GoogleCloudKmsRegisterKeyRequest

NewGoogleCloudKmsRegisterKeyRequestWithDefaults instantiates a new GoogleCloudKmsRegisterKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsSignRequest ¶ added in v0.3.0 

type GoogleCloudKmsSignRequest struct {
	// Digest to sign. This digest must use the same SHA algorithm as the underlying Cloud KMS key. The digest must be the base64-encoded binary value. This field is required.
	Digest string `json:"digest,omitempty"`

	// Integer version of the crypto key version to use for signing. This field is required.
	KeyVersion int32 `json:"key_version,omitempty"`
}

GoogleCloudKmsSignRequest struct for GoogleCloudKmsSignRequest

func NewGoogleCloudKmsSignRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsSignRequestWithDefaults() *GoogleCloudKmsSignRequest

NewGoogleCloudKmsSignRequestWithDefaults instantiates a new GoogleCloudKmsSignRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsVerifyRequest ¶ added in v0.3.0 

type GoogleCloudKmsVerifyRequest struct {
	// Digest to verify. This digest must use the same SHA algorithm as the underlying Cloud KMS key. The digest must be the base64-encoded binary value. This field is required.
	Digest string `json:"digest,omitempty"`

	// Integer version of the crypto key version to use for verification. This field is required.
	KeyVersion int32 `json:"key_version,omitempty"`

	// Base64-encoded signature to use for verification. This field is required.
	Signature string `json:"signature,omitempty"`
}

GoogleCloudKmsVerifyRequest struct for GoogleCloudKmsVerifyRequest

func NewGoogleCloudKmsVerifyRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsVerifyRequestWithDefaults() *GoogleCloudKmsVerifyRequest

NewGoogleCloudKmsVerifyRequestWithDefaults instantiates a new GoogleCloudKmsVerifyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudKmsWriteKeyRequest ¶ added in v0.3.0 

type GoogleCloudKmsWriteKeyRequest struct {
	// Algorithm to use for encryption, decryption, or signing. The value depends on the key purpose. The value cannot be changed after creation. For a key purpose of \"encrypt_decrypt\", the valid values are: - symmetric_encryption (default) For a key purpose of \"asymmetric_sign\", valid values are: - rsa_sign_pss_2048_sha256 - rsa_sign_pss_3072_sha256 - rsa_sign_pss_4096_sha256 - rsa_sign_pkcs1_2048_sha256 - rsa_sign_pkcs1_3072_sha256 - rsa_sign_pkcs1_4096_sha256 - ec_sign_p256_sha256 - ec_sign_p384_sha384 For a key purpose of \"asymmetric_decrypt\", valid values are: - rsa_decrypt_oaep_2048_sha256 - rsa_decrypt_oaep_3072_sha256 - rsa_decrypt_oaep_4096_sha256
	Algorithm string `json:"algorithm,omitempty"`

	// Name of the crypto key to use. If the given crypto key does not exist, Vault will try to create it. This defaults to the name of the key given to Vault as the parameter if unspecified.
	CryptoKey string `json:"crypto_key,omitempty"`

	// Full Google Cloud resource ID of the key ring with the project and location (e.g. projects/my-project/locations/global/keyRings/my-keyring). If the given key ring does not exist, Vault will try to create it during a create operation.
	KeyRing string `json:"key_ring,omitempty"`

	// Arbitrary key=value label to apply to the crypto key. To specify multiple labels, specify this argument multiple times (e.g. labels=\"a=b\" labels=\"c=d\").
	Labels map[string]interface{} `json:"labels,omitempty"`

	// Level of protection to use for the key management. Valid values are \"software\" and \"hsm\". The default value is \"software\". The value cannot be changed after creation.
	ProtectionLevel string `json:"protection_level,omitempty"`

	// Purpose of the key. Valid options are \"asymmetric_decrypt\", \"asymmetric_sign\", and \"encrypt_decrypt\". The default value is \"encrypt_decrypt\". The value cannot be changed after creation.
	Purpose string `json:"purpose,omitempty"`

	// Amount of time between crypto key version rotations. This is specified as a time duration value like 72h (72 hours). The smallest possible value is 24h. This value only applies to keys with a purpose of \"encrypt_decrypt\".
	RotationPeriod int32 `json:"rotation_period,omitempty"`
}

GoogleCloudKmsWriteKeyRequest struct for GoogleCloudKmsWriteKeyRequest

func NewGoogleCloudKmsWriteKeyRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudKmsWriteKeyRequestWithDefaults() *GoogleCloudKmsWriteKeyRequest

NewGoogleCloudKmsWriteKeyRequestWithDefaults instantiates a new GoogleCloudKmsWriteKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudLoginRequest ¶ 

type GoogleCloudLoginRequest struct {
	// A signed JWT. This is either a self-signed service account JWT ('iam' roles only) or a GCE identity metadata token ('iam', 'gce' roles).
	Jwt string `json:"jwt,omitempty"`

	// Name of the role against which the login is being attempted. Required.
	Role string `json:"role,omitempty"`
}

GoogleCloudLoginRequest struct for GoogleCloudLoginRequest

func NewGoogleCloudLoginRequestWithDefaults ¶ 

func NewGoogleCloudLoginRequestWithDefaults() *GoogleCloudLoginRequest

NewGoogleCloudLoginRequestWithDefaults instantiates a new GoogleCloudLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudWriteImpersonatedAccountRequest ¶ added in v0.3.0 

type GoogleCloudWriteImpersonatedAccountRequest struct {
	// Required. Email of the GCP service account to manage. Cannot be updated.
	ServiceAccountEmail string `json:"service_account_email,omitempty"`

	// List of OAuth scopes to assign to access tokens generated under this account.
	TokenScopes []string `json:"token_scopes,omitempty"`

	// Lifetime of the token for the impersonated account.
	Ttl int32 `json:"ttl,omitempty"`
}

GoogleCloudWriteImpersonatedAccountRequest struct for GoogleCloudWriteImpersonatedAccountRequest

func NewGoogleCloudWriteImpersonatedAccountRequestWithDefaults ¶ added in v0.3.0 

func NewGoogleCloudWriteImpersonatedAccountRequestWithDefaults() *GoogleCloudWriteImpersonatedAccountRequest

NewGoogleCloudWriteImpersonatedAccountRequestWithDefaults instantiates a new GoogleCloudWriteImpersonatedAccountRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudWriteRoleRequest ¶ 

type GoogleCloudWriteRoleRequest struct {
	// If true, will add group aliases to auth tokens generated under this role. This will add the full list of ancestors (projects, folders, organizations) for the given entity's project. Requires IAM permission `resourcemanager.projects.get` on this project.
	AddGroupAliases bool `json:"add_group_aliases,omitempty"`

	// 'iam' roles only. If false, Vault will not not allow GCE instances to login in against this role
	AllowGceInference bool `json:"allow_gce_inference,omitempty"`

	// Deprecated: use \"bound_instance_groups\" instead.
	BoundInstanceGroup string `json:"bound_instance_group,omitempty"`

	// Comma-separated list of permitted instance groups to which the GCE instance must belong. This option only applies to \"gce\" roles.
	BoundInstanceGroups []string `json:"bound_instance_groups,omitempty"`

	// Comma-separated list of GCP labels formatted as\"key:value\" strings that must be present on the GCE instance in order to authenticate. This option only applies to \"gce\" roles.
	BoundLabels []string `json:"bound_labels,omitempty"`

	// GCP Projects that authenticating entities must belong to.
	BoundProjects []string `json:"bound_projects,omitempty"`

	// Deprecated: use \"bound_regions\" instead.
	BoundRegion string `json:"bound_region,omitempty"`

	// Comma-separated list of permitted regions to which the GCE instance must belong. If a group is provided, it is assumed to be a regional group. If \"zone\" is provided, this option is ignored. This can be a self-link or region name. This option only applies to \"gce\" roles.
	BoundRegions []string `json:"bound_regions,omitempty"`

	// Can be set for both 'iam' and 'gce' roles (required for 'iam'). A comma-seperated list of authorized service accounts. If the single value \"*\" is given, this is assumed to be all service accounts under the role's project. If this is set on a GCE role, the inferred service account from the instance metadata token will be used.
	BoundServiceAccounts []string `json:"bound_service_accounts,omitempty"`

	// Deprecated: use \"bound_zones\" instead.
	BoundZone string `json:"bound_zone,omitempty"`

	// Comma-separated list of permitted zones to which the GCE instance must belong. If a group is provided, it is assumed to be a zonal group. This can be a self-link or zone name. This option only applies to \"gce\" roles.
	BoundZones []string `json:"bound_zones,omitempty"`

	// Currently enabled for 'iam' only. Duration in seconds from time of validation that a JWT must expire within.
	MaxJwtExp int32 `json:"max_jwt_exp,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Deprecated: use \"bound_projects\" instead
	ProjectId string `json:"project_id,omitempty"`

	// Deprecated: use \"bound_service_accounts\" instead.
	ServiceAccounts []string `json:"service_accounts,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`

	// Type of the role. Currently supported: iam, gce
	Type string `json:"type,omitempty"`
}

GoogleCloudWriteRoleRequest struct for GoogleCloudWriteRoleRequest

func NewGoogleCloudWriteRoleRequestWithDefaults ¶ 

func NewGoogleCloudWriteRoleRequestWithDefaults() *GoogleCloudWriteRoleRequest

NewGoogleCloudWriteRoleRequestWithDefaults instantiates a new GoogleCloudWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudWriteRolesetRequest ¶ 

type GoogleCloudWriteRolesetRequest struct {
	// Bindings configuration string.
	Bindings string `json:"bindings,omitempty"`

	// Name of the GCP project that this roleset's service account will belong to.
	Project string `json:"project,omitempty"`

	// Type of secret generated for this role set. Defaults to 'access_token'
	SecretType string `json:"secret_type,omitempty"`

	// List of OAuth scopes to assign to credentials generated under this role set
	TokenScopes []string `json:"token_scopes,omitempty"`
}

GoogleCloudWriteRolesetRequest struct for GoogleCloudWriteRolesetRequest

func NewGoogleCloudWriteRolesetRequestWithDefaults ¶ 

func NewGoogleCloudWriteRolesetRequestWithDefaults() *GoogleCloudWriteRolesetRequest

NewGoogleCloudWriteRolesetRequestWithDefaults instantiates a new GoogleCloudWriteRolesetRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GoogleCloudWriteStaticAccountRequest ¶ 

type GoogleCloudWriteStaticAccountRequest struct {
	// Bindings configuration string.
	Bindings string `json:"bindings,omitempty"`

	// Type of secret generated for this account. Cannot be updated. Defaults to \"access_token\"
	SecretType string `json:"secret_type,omitempty"`

	// Required. Email of the GCP service account to manage. Cannot be updated.
	ServiceAccountEmail string `json:"service_account_email,omitempty"`

	// List of OAuth scopes to assign to access tokens generated under this account. Ignored if \"secret_type\" is not \"\"access_token\"\"
	TokenScopes []string `json:"token_scopes,omitempty"`
}

GoogleCloudWriteStaticAccountRequest struct for GoogleCloudWriteStaticAccountRequest

func NewGoogleCloudWriteStaticAccountRequestWithDefaults ¶ 

func NewGoogleCloudWriteStaticAccountRequestWithDefaults() *GoogleCloudWriteStaticAccountRequest

NewGoogleCloudWriteStaticAccountRequestWithDefaults instantiates a new GoogleCloudWriteStaticAccountRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GroupCreateAliasRequest ¶ added in v0.3.0 

type GroupCreateAliasRequest struct {
	// ID of the group to which this is an alias.
	CanonicalId string `json:"canonical_id,omitempty"`

	// ID of the group alias.
	Id string `json:"id,omitempty"`

	// Mount accessor to which this alias belongs to.
	MountAccessor string `json:"mount_accessor,omitempty"`

	// Alias of the group.
	Name string `json:"name,omitempty"`
}

GroupCreateAliasRequest struct for GroupCreateAliasRequest

func NewGroupCreateAliasRequestWithDefaults ¶ added in v0.3.0 

func NewGroupCreateAliasRequestWithDefaults() *GroupCreateAliasRequest

NewGroupCreateAliasRequestWithDefaults instantiates a new GroupCreateAliasRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GroupCreateRequest ¶ added in v0.3.0 

type GroupCreateRequest struct {
	// ID of the group. If set, updates the corresponding existing group.
	Id string `json:"id,omitempty"`

	// Entity IDs to be assigned as group members.
	MemberEntityIds []string `json:"member_entity_ids,omitempty"`

	// Group IDs to be assigned as group members.
	MemberGroupIds []string `json:"member_group_ids,omitempty"`

	// Metadata to be associated with the group. In CLI, this parameter can be repeated multiple times, and it all gets merged together. For example: vault <command> <path> metadata=key1=value1 metadata=key2=value2
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Name of the group.
	Name string `json:"name,omitempty"`

	// Policies to be tied to the group.
	Policies []string `json:"policies,omitempty"`

	// Type of the group, 'internal' or 'external'. Defaults to 'internal'
	Type string `json:"type,omitempty"`
}

GroupCreateRequest struct for GroupCreateRequest

func NewGroupCreateRequestWithDefaults ¶ added in v0.3.0 

func NewGroupCreateRequestWithDefaults() *GroupCreateRequest

NewGroupCreateRequestWithDefaults instantiates a new GroupCreateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GroupLookUpRequest ¶ added in v0.3.0 

type GroupLookUpRequest struct {
	// ID of the alias.
	AliasId string `json:"alias_id,omitempty"`

	// Accessor of the mount to which the alias belongs to. This should be supplied in conjunction with 'alias_name'.
	AliasMountAccessor string `json:"alias_mount_accessor,omitempty"`

	// Name of the alias. This should be supplied in conjunction with 'alias_mount_accessor'.
	AliasName string `json:"alias_name,omitempty"`

	// ID of the group.
	Id string `json:"id,omitempty"`

	// Name of the group.
	Name string `json:"name,omitempty"`
}

GroupLookUpRequest struct for GroupLookUpRequest

func NewGroupLookUpRequestWithDefaults ¶ added in v0.3.0 

func NewGroupLookUpRequestWithDefaults() *GroupLookUpRequest

NewGroupLookUpRequestWithDefaults instantiates a new GroupLookUpRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GroupUpdateAliasByIdRequest ¶ added in v0.3.0 

type GroupUpdateAliasByIdRequest struct {
	// ID of the group to which this is an alias.
	CanonicalId string `json:"canonical_id,omitempty"`

	// Mount accessor to which this alias belongs to.
	MountAccessor string `json:"mount_accessor,omitempty"`

	// Alias of the group.
	Name string `json:"name,omitempty"`
}

GroupUpdateAliasByIdRequest struct for GroupUpdateAliasByIdRequest

func NewGroupUpdateAliasByIdRequestWithDefaults ¶ added in v0.3.0 

func NewGroupUpdateAliasByIdRequestWithDefaults() *GroupUpdateAliasByIdRequest

NewGroupUpdateAliasByIdRequestWithDefaults instantiates a new GroupUpdateAliasByIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GroupUpdateByIdRequest ¶ added in v0.3.0 

type GroupUpdateByIdRequest struct {
	// Entity IDs to be assigned as group members.
	MemberEntityIds []string `json:"member_entity_ids,omitempty"`

	// Group IDs to be assigned as group members.
	MemberGroupIds []string `json:"member_group_ids,omitempty"`

	// Metadata to be associated with the group. In CLI, this parameter can be repeated multiple times, and it all gets merged together. For example: vault <command> <path> metadata=key1=value1 metadata=key2=value2
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Name of the group.
	Name string `json:"name,omitempty"`

	// Policies to be tied to the group.
	Policies []string `json:"policies,omitempty"`

	// Type of the group, 'internal' or 'external'. Defaults to 'internal'
	Type string `json:"type,omitempty"`
}

GroupUpdateByIdRequest struct for GroupUpdateByIdRequest

func NewGroupUpdateByIdRequestWithDefaults ¶ added in v0.3.0 

func NewGroupUpdateByIdRequestWithDefaults() *GroupUpdateByIdRequest

NewGroupUpdateByIdRequestWithDefaults instantiates a new GroupUpdateByIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type GroupUpdateByNameRequest ¶ added in v0.3.0 

type GroupUpdateByNameRequest struct {
	// ID of the group. If set, updates the corresponding existing group.
	Id string `json:"id,omitempty"`

	// Entity IDs to be assigned as group members.
	MemberEntityIds []string `json:"member_entity_ids,omitempty"`

	// Group IDs to be assigned as group members.
	MemberGroupIds []string `json:"member_group_ids,omitempty"`

	// Metadata to be associated with the group. In CLI, this parameter can be repeated multiple times, and it all gets merged together. For example: vault <command> <path> metadata=key1=value1 metadata=key2=value2
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Policies to be tied to the group.
	Policies []string `json:"policies,omitempty"`

	// Type of the group, 'internal' or 'external'. Defaults to 'internal'
	Type string `json:"type,omitempty"`
}

GroupUpdateByNameRequest struct for GroupUpdateByNameRequest

func NewGroupUpdateByNameRequestWithDefaults ¶ added in v0.3.0 

func NewGroupUpdateByNameRequestWithDefaults() *GroupUpdateByNameRequest

NewGroupUpdateByNameRequestWithDefaults instantiates a new GroupUpdateByNameRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type HaStatusResponse ¶ added in v0.3.0 

type HaStatusResponse struct {
	Nodes []map[string]interface{} `json:"nodes,omitempty"`
}

HaStatusResponse struct for HaStatusResponse

func NewHaStatusResponseWithDefaults ¶ added in v0.3.0 

func NewHaStatusResponseWithDefaults() *HaStatusResponse

NewHaStatusResponseWithDefaults instantiates a new HaStatusResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InitializeRequest ¶ added in v0.3.0 

type InitializeRequest struct {
	// Specifies an array of PGP public keys used to encrypt the output unseal keys. Ordering is preserved. The keys must be base64-encoded from their original binary representation. The size of this array must be the same as `secret_shares`.
	PgpKeys []string `json:"pgp_keys,omitempty"`

	// Specifies an array of PGP public keys used to encrypt the output recovery keys. Ordering is preserved. The keys must be base64-encoded from their original binary representation. The size of this array must be the same as `recovery_shares`.
	RecoveryPgpKeys []string `json:"recovery_pgp_keys,omitempty"`

	// Specifies the number of shares to split the recovery key into.
	RecoveryShares int32 `json:"recovery_shares,omitempty"`

	// Specifies the number of shares required to reconstruct the recovery key. This must be less than or equal to `recovery_shares`.
	RecoveryThreshold int32 `json:"recovery_threshold,omitempty"`

	// Specifies a PGP public key used to encrypt the initial root token. The key must be base64-encoded from its original binary representation.
	RootTokenPgpKey string `json:"root_token_pgp_key,omitempty"`

	// Specifies the number of shares to split the unseal key into.
	SecretShares int32 `json:"secret_shares,omitempty"`

	// Specifies the number of shares required to reconstruct the unseal key. This must be less than or equal secret_shares. If using Vault HSM with auto-unsealing, this value must be the same as `secret_shares`.
	SecretThreshold int32 `json:"secret_threshold,omitempty"`

	// Specifies the number of shares that should be encrypted by the HSM and stored for auto-unsealing. Currently must be the same as `secret_shares`.
	StoredShares int32 `json:"stored_shares,omitempty"`
}

InitializeRequest struct for InitializeRequest

func NewInitializeRequestWithDefaults ¶ added in v0.3.0 

func NewInitializeRequestWithDefaults() *InitializeRequest

NewInitializeRequestWithDefaults instantiates a new InitializeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InternalClientActivityConfigureRequest ¶ added in v0.3.0 

type InternalClientActivityConfigureRequest struct {
	// Number of months to report if no start date specified.
	DefaultReportMonths int32 `json:"default_report_months,omitempty"`

	// Enable or disable collection of client count: enable, disable, or default.
	Enabled string `json:"enabled,omitempty"`

	// Number of months of client data to retain. Setting to 0 will clear all existing data.
	RetentionMonths int32 `json:"retention_months,omitempty"`
}

InternalClientActivityConfigureRequest struct for InternalClientActivityConfigureRequest

func NewInternalClientActivityConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewInternalClientActivityConfigureRequestWithDefaults() *InternalClientActivityConfigureRequest

NewInternalClientActivityConfigureRequestWithDefaults instantiates a new InternalClientActivityConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InternalCountEntitiesResponse ¶ added in v0.3.0 

type InternalCountEntitiesResponse struct {
	Counters map[string]interface{} `json:"counters,omitempty"`
}

InternalCountEntitiesResponse struct for InternalCountEntitiesResponse

func NewInternalCountEntitiesResponseWithDefaults ¶ added in v0.3.0 

func NewInternalCountEntitiesResponseWithDefaults() *InternalCountEntitiesResponse

NewInternalCountEntitiesResponseWithDefaults instantiates a new InternalCountEntitiesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InternalCountTokensResponse ¶ added in v0.3.0 

type InternalCountTokensResponse struct {
	Counters map[string]interface{} `json:"counters,omitempty"`
}

InternalCountTokensResponse struct for InternalCountTokensResponse

func NewInternalCountTokensResponseWithDefaults ¶ added in v0.3.0 

func NewInternalCountTokensResponseWithDefaults() *InternalCountTokensResponse

NewInternalCountTokensResponseWithDefaults instantiates a new InternalCountTokensResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InternalUiListEnabledFeatureFlagsResponse ¶ added in v0.3.0 

type InternalUiListEnabledFeatureFlagsResponse struct {
	FeatureFlags []string `json:"feature_flags,omitempty"`
}

InternalUiListEnabledFeatureFlagsResponse struct for InternalUiListEnabledFeatureFlagsResponse

func NewInternalUiListEnabledFeatureFlagsResponseWithDefaults ¶ added in v0.3.0 

func NewInternalUiListEnabledFeatureFlagsResponseWithDefaults() *InternalUiListEnabledFeatureFlagsResponse

NewInternalUiListEnabledFeatureFlagsResponseWithDefaults instantiates a new InternalUiListEnabledFeatureFlagsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InternalUiListEnabledVisibleMountsResponse ¶ added in v0.3.0 

type InternalUiListEnabledVisibleMountsResponse struct {
	// auth mounts
	Auth map[string]interface{} `json:"auth,omitempty"`

	// secret mounts
	Secret map[string]interface{} `json:"secret,omitempty"`
}

InternalUiListEnabledVisibleMountsResponse struct for InternalUiListEnabledVisibleMountsResponse

func NewInternalUiListEnabledVisibleMountsResponseWithDefaults ¶ added in v0.3.0 

func NewInternalUiListEnabledVisibleMountsResponseWithDefaults() *InternalUiListEnabledVisibleMountsResponse

NewInternalUiListEnabledVisibleMountsResponseWithDefaults instantiates a new InternalUiListEnabledVisibleMountsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InternalUiListNamespacesResponse ¶ added in v0.3.0 

type InternalUiListNamespacesResponse struct {
	// field is only returned if there are one or more namespaces
	Keys []string `json:"keys,omitempty"`
}

InternalUiListNamespacesResponse struct for InternalUiListNamespacesResponse

func NewInternalUiListNamespacesResponseWithDefaults ¶ added in v0.3.0 

func NewInternalUiListNamespacesResponseWithDefaults() *InternalUiListNamespacesResponse

NewInternalUiListNamespacesResponseWithDefaults instantiates a new InternalUiListNamespacesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InternalUiReadMountInformationResponse ¶ added in v0.3.0 

type InternalUiReadMountInformationResponse struct {
	Accessor string `json:"accessor,omitempty"`

	Config map[string]interface{} `json:"config,omitempty"`

	Description string `json:"description,omitempty"`

	ExternalEntropyAccess bool `json:"external_entropy_access,omitempty"`

	Local bool `json:"local,omitempty"`

	Options map[string]interface{} `json:"options,omitempty"`

	Path string `json:"path,omitempty"`

	PluginVersion string `json:"plugin_version,omitempty"`

	RunningPluginVersion string `json:"running_plugin_version,omitempty"`

	RunningSha256 string `json:"running_sha256,omitempty"`

	SealWrap bool `json:"seal_wrap,omitempty"`

	Type string `json:"type,omitempty"`

	Uuid string `json:"uuid,omitempty"`
}

InternalUiReadMountInformationResponse struct for InternalUiReadMountInformationResponse

func NewInternalUiReadMountInformationResponseWithDefaults ¶ added in v0.3.0 

func NewInternalUiReadMountInformationResponseWithDefaults() *InternalUiReadMountInformationResponse

NewInternalUiReadMountInformationResponseWithDefaults instantiates a new InternalUiReadMountInformationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type InternalUiReadResultantAclResponse ¶ added in v0.3.0 

type InternalUiReadResultantAclResponse struct {
	ExactPaths map[string]interface{} `json:"exact_paths,omitempty"`

	GlobPaths map[string]interface{} `json:"glob_paths,omitempty"`

	Root bool `json:"root,omitempty"`
}

InternalUiReadResultantAclResponse struct for InternalUiReadResultantAclResponse

func NewInternalUiReadResultantAclResponseWithDefaults ¶ added in v0.3.0 

func NewInternalUiReadResultantAclResponseWithDefaults() *InternalUiReadResultantAclResponse

NewInternalUiReadResultantAclResponseWithDefaults instantiates a new InternalUiReadResultantAclResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type JwtConfigureRequest ¶ added in v0.3.0 

type JwtConfigureRequest struct {
	// The value against which to match the 'iss' claim in a JWT. Optional.
	BoundIssuer string `json:"bound_issuer,omitempty"`

	// The default role to use if none is provided during login. If not set, a role is required during login.
	DefaultRole string `json:"default_role,omitempty"`

	// The CA certificate or chain of certificates, in PEM format, to use to validate connections to the JWKS URL. If not set, system certificates are used.
	JwksCaPem string `json:"jwks_ca_pem,omitempty"`

	// JWKS URL to use to authenticate signatures. Cannot be used with \"oidc_discovery_url\" or \"jwt_validation_pubkeys\".
	JwksUrl string `json:"jwks_url,omitempty"`

	// A list of supported signing algorithms. Defaults to RS256.
	JwtSupportedAlgs []string `json:"jwt_supported_algs,omitempty"`

	// A list of PEM-encoded public keys to use to authenticate signatures locally. Cannot be used with \"jwks_url\" or \"oidc_discovery_url\".
	JwtValidationPubkeys []string `json:"jwt_validation_pubkeys,omitempty"`

	// Pass namespace in the OIDC state parameter instead of as a separate query parameter. With this setting, the allowed redirect URL(s) in Vault and on the provider side should not contain a namespace query parameter. This means only one redirect URL entry needs to be maintained on the provider side for all vault namespaces that will be authenticating against it. Defaults to true for new configs.
	NamespaceInState bool `json:"namespace_in_state,omitempty"`

	// The OAuth Client ID configured with your OIDC provider.
	OidcClientId string `json:"oidc_client_id,omitempty"`

	// The OAuth Client Secret configured with your OIDC provider.
	OidcClientSecret string `json:"oidc_client_secret,omitempty"`

	// The CA certificate or chain of certificates, in PEM format, to use to validate connections to the OIDC Discovery URL. If not set, system certificates are used.
	OidcDiscoveryCaPem string `json:"oidc_discovery_ca_pem,omitempty"`

	// OIDC Discovery URL, without any .well-known component (base path). Cannot be used with \"jwks_url\" or \"jwt_validation_pubkeys\".
	OidcDiscoveryUrl string `json:"oidc_discovery_url,omitempty"`

	// The response mode to be used in the OAuth2 request. Allowed values are 'query' and 'form_post'.
	OidcResponseMode string `json:"oidc_response_mode,omitempty"`

	// The response types to request. Allowed values are 'code' and 'id_token'. Defaults to 'code'.
	OidcResponseTypes []string `json:"oidc_response_types,omitempty"`

	// Provider-specific configuration. Optional.
	ProviderConfig map[string]interface{} `json:"provider_config,omitempty"`
}

JwtConfigureRequest struct for JwtConfigureRequest

func NewJwtConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewJwtConfigureRequestWithDefaults() *JwtConfigureRequest

NewJwtConfigureRequestWithDefaults instantiates a new JwtConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type JwtLoginRequest ¶ added in v0.3.0 

type JwtLoginRequest struct {
	// The signed JWT to validate.
	Jwt string `json:"jwt,omitempty"`

	// The role to log in against.
	Role string `json:"role,omitempty"`
}

JwtLoginRequest struct for JwtLoginRequest

func NewJwtLoginRequestWithDefaults ¶ added in v0.3.0 

func NewJwtLoginRequestWithDefaults() *JwtLoginRequest

NewJwtLoginRequestWithDefaults instantiates a new JwtLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type JwtOidcCallbackWithParametersRequest ¶ added in v0.3.0 

type JwtOidcCallbackWithParametersRequest struct {
	ClientNonce string `json:"client_nonce,omitempty"`

	Code string `json:"code,omitempty"`

	IdToken string `json:"id_token,omitempty"`

	State string `json:"state,omitempty"`
}

JwtOidcCallbackWithParametersRequest struct for JwtOidcCallbackWithParametersRequest

func NewJwtOidcCallbackWithParametersRequestWithDefaults ¶ added in v0.3.0 

func NewJwtOidcCallbackWithParametersRequestWithDefaults() *JwtOidcCallbackWithParametersRequest

NewJwtOidcCallbackWithParametersRequestWithDefaults instantiates a new JwtOidcCallbackWithParametersRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type JwtOidcRequestAuthorizationUrlRequest ¶ added in v0.3.0 

type JwtOidcRequestAuthorizationUrlRequest struct {
	// Optional client-provided nonce that must match during callback, if present.
	ClientNonce string `json:"client_nonce,omitempty"`

	// The OAuth redirect_uri to use in the authorization URL.
	RedirectUri string `json:"redirect_uri,omitempty"`

	// The role to issue an OIDC authorization URL against.
	Role string `json:"role,omitempty"`
}

JwtOidcRequestAuthorizationUrlRequest struct for JwtOidcRequestAuthorizationUrlRequest

func NewJwtOidcRequestAuthorizationUrlRequestWithDefaults ¶ added in v0.3.0 

func NewJwtOidcRequestAuthorizationUrlRequestWithDefaults() *JwtOidcRequestAuthorizationUrlRequest

NewJwtOidcRequestAuthorizationUrlRequestWithDefaults instantiates a new JwtOidcRequestAuthorizationUrlRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type JwtWriteRoleRequest ¶ added in v0.3.0 

type JwtWriteRoleRequest struct {
	// Comma-separated list of allowed values for redirect_uri
	AllowedRedirectUris []string `json:"allowed_redirect_uris,omitempty"`

	// Comma-separated list of 'aud' claims that are valid for login; any match is sufficient
	BoundAudiences []string `json:"bound_audiences,omitempty"`

	// Use \"token_bound_cidrs\" instead. If this and \"token_bound_cidrs\" are both specified, only \"token_bound_cidrs\" will be used.
	// Deprecated
	BoundCidrs []string `json:"bound_cidrs,omitempty"`

	// Map of claims/values which must match for login
	BoundClaims map[string]interface{} `json:"bound_claims,omitempty"`

	// How to interpret values in the map of claims/values (which must match for login): allowed values are 'string' or 'glob'
	BoundClaimsType string `json:"bound_claims_type,omitempty"`

	// The 'sub' claim that is valid for login. Optional.
	BoundSubject string `json:"bound_subject,omitempty"`

	// Mappings of claims (key) that will be copied to a metadata field (value)
	ClaimMappings map[string]interface{} `json:"claim_mappings,omitempty"`

	// Duration in seconds of leeway when validating all claims to account for clock skew. Defaults to 60 (1 minute) if set to 0 and can be disabled if set to -1.
	ClockSkewLeeway int32 `json:"clock_skew_leeway,omitempty"`

	// Duration in seconds of leeway when validating expiration of a token to account for clock skew. Defaults to 150 (2.5 minutes) if set to 0 and can be disabled if set to -1.
	ExpirationLeeway int32 `json:"expiration_leeway,omitempty"`

	// The claim to use for the Identity group alias names
	GroupsClaim string `json:"groups_claim,omitempty"`

	// Specifies the allowable elapsed time in seconds since the last time the user was actively authenticated.
	MaxAge int32 `json:"max_age,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Duration in seconds of leeway when validating not before values of a token to account for clock skew. Defaults to 150 (2.5 minutes) if set to 0 and can be disabled if set to -1.
	NotBeforeLeeway int32 `json:"not_before_leeway,omitempty"`

	// Use \"token_num_uses\" instead. If this and \"token_num_uses\" are both specified, only \"token_num_uses\" will be used.
	// Deprecated
	NumUses int32 `json:"num_uses,omitempty"`

	// Comma-separated list of OIDC scopes
	OidcScopes []string `json:"oidc_scopes,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Type of the role, either 'jwt' or 'oidc'.
	RoleType string `json:"role_type,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`

	// The claim to use for the Identity entity alias name
	UserClaim string `json:"user_claim,omitempty"`

	// If true, the user_claim value will use JSON pointer syntax for referencing claims.
	UserClaimJsonPointer bool `json:"user_claim_json_pointer,omitempty"`

	// Log received OIDC tokens and claims when debug-level logging is active. Not recommended in production since sensitive information may be present in OIDC responses.
	VerboseOidcLogging bool `json:"verbose_oidc_logging,omitempty"`
}

JwtWriteRoleRequest struct for JwtWriteRoleRequest

func NewJwtWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewJwtWriteRoleRequestWithDefaults() *JwtWriteRoleRequest

NewJwtWriteRoleRequestWithDefaults instantiates a new JwtWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KerberosConfigureLdapRequest ¶ added in v0.3.0 

type KerberosConfigureLdapRequest struct {
	// Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).
	AnonymousGroupSearch bool `json:"anonymous_group_search,omitempty"`

	// LDAP DN for searching for the user DN (optional)
	Binddn string `json:"binddn,omitempty"`

	// LDAP password for searching for the user DN (optional)
	Bindpass string `json:"bindpass,omitempty"`

	// If true, case sensitivity will be used when comparing usernames and groups for matching policies.
	CaseSensitiveNames bool `json:"case_sensitive_names,omitempty"`

	// CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded (optional)
	Certificate string `json:"certificate,omitempty"`

	// Client certificate to provide to the LDAP server, must be x509 PEM encoded (optional)
	ClientTlsCert string `json:"client_tls_cert,omitempty"`

	// Client certificate key to provide to the LDAP server, must be x509 PEM encoded (optional)
	ClientTlsKey string `json:"client_tls_key,omitempty"`

	// Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
	ConnectionTimeout int32 `json:"connection_timeout,omitempty"`

	// Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true
	DenyNullBind bool `json:"deny_null_bind,omitempty"`

	// When aliases should be dereferenced on search operations. Accepted values are 'never', 'finding', 'searching', 'always'. Defaults to 'never'.
	DereferenceAliases string `json:"dereference_aliases,omitempty"`

	// Use anonymous bind to discover the bind DN of a user (optional)
	Discoverdn bool `json:"discoverdn,omitempty"`

	// LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate user group membership. Examples: \"cn\" or \"memberOf\", etc. Default: cn
	Groupattr string `json:"groupattr,omitempty"`

	// LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org)
	Groupdn string `json:"groupdn,omitempty"`

	// Go template for querying group membership of user (optional) The template can access the following context variables: UserDN, Username Example: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}})) Default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))
	Groupfilter string `json:"groupfilter,omitempty"`

	// Skip LDAP server SSL Certificate verification - VERY insecure (optional)
	InsecureTls bool `json:"insecure_tls,omitempty"`

	// The maximum number of results to return for a single paged query. If not set, the server default will be used for paged searches. A requested max_page_size of 0 is interpreted as no limit by LDAP servers. If set to a negative value, search requests will not be paged.
	MaxPageSize int32 `json:"max_page_size,omitempty"`

	// Timeout, in seconds, for the connection when making requests against the server before returning back an error.
	RequestTimeout int32 `json:"request_timeout,omitempty"`

	// Issue a StartTLS command after establishing unencrypted connection (optional)
	Starttls bool `json:"starttls,omitempty"`

	// Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'
	TlsMaxVersion string `json:"tls_max_version,omitempty"`

	// Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'
	TlsMinVersion string `json:"tls_min_version,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies. This will apply to all tokens generated by this auth method, in addition to any configured for specific users/groups.
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Enables userPrincipalDomain login with [username]@UPNDomain (optional)
	Upndomain string `json:"upndomain,omitempty"`

	// LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.
	Url string `json:"url,omitempty"`

	// In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.
	UsePre111GroupCnBehavior bool `json:"use_pre111_group_cn_behavior,omitempty"`

	// If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships. This will find all security groups including nested ones.
	UseTokenGroups bool `json:"use_token_groups,omitempty"`

	// Attribute used for users (default: cn)
	Userattr string `json:"userattr,omitempty"`

	// LDAP domain to use for users (eg: ou=People,dc=example,dc=org)
	Userdn string `json:"userdn,omitempty"`

	// Go template for LDAP user search filer (optional) The template can access the following context variables: UserAttr, Username Default: ({{.UserAttr}}={{.Username}})
	Userfilter string `json:"userfilter,omitempty"`

	// If true, sets the alias name to the username
	UsernameAsAlias bool `json:"username_as_alias,omitempty"`
}

KerberosConfigureLdapRequest struct for KerberosConfigureLdapRequest

func NewKerberosConfigureLdapRequestWithDefaults ¶ added in v0.3.0 

func NewKerberosConfigureLdapRequestWithDefaults() *KerberosConfigureLdapRequest

NewKerberosConfigureLdapRequestWithDefaults instantiates a new KerberosConfigureLdapRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KerberosConfigureRequest ¶ added in v0.3.0 

type KerberosConfigureRequest struct {
	// If set to true, returns any groups found in LDAP as a group alias.
	AddGroupAliases bool `json:"add_group_aliases,omitempty"`

	// Base64 encoded keytab
	Keytab string `json:"keytab,omitempty"`

	// Remove instance/FQDN from keytab principal names.
	RemoveInstanceName bool `json:"remove_instance_name,omitempty"`

	// Service Account
	ServiceAccount string `json:"service_account,omitempty"`
}

KerberosConfigureRequest struct for KerberosConfigureRequest

func NewKerberosConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewKerberosConfigureRequestWithDefaults() *KerberosConfigureRequest

NewKerberosConfigureRequestWithDefaults instantiates a new KerberosConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KerberosLoginRequest ¶ 

type KerberosLoginRequest struct {
	// SPNEGO Authorization header. Required.
	Authorization string `json:"authorization,omitempty"`
}

KerberosLoginRequest struct for KerberosLoginRequest

func NewKerberosLoginRequestWithDefaults ¶ 

func NewKerberosLoginRequestWithDefaults() *KerberosLoginRequest

NewKerberosLoginRequestWithDefaults instantiates a new KerberosLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KerberosWriteGroupRequest ¶ 

type KerberosWriteGroupRequest struct {
	// Comma-separated list of policies associated to the group.
	Policies []string `json:"policies,omitempty"`
}

KerberosWriteGroupRequest struct for KerberosWriteGroupRequest

func NewKerberosWriteGroupRequestWithDefaults ¶ 

func NewKerberosWriteGroupRequestWithDefaults() *KerberosWriteGroupRequest

NewKerberosWriteGroupRequestWithDefaults instantiates a new KerberosWriteGroupRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KubernetesConfigureAuthRequest ¶ added in v0.3.0 

type KubernetesConfigureAuthRequest struct {
	// Disable JWT issuer validation (Deprecated, will be removed in a future release)
	// Deprecated
	DisableIssValidation bool `json:"disable_iss_validation,omitempty"`

	// Disable defaulting to the local CA cert and service account JWT when running in a Kubernetes pod
	DisableLocalCaJwt bool `json:"disable_local_ca_jwt,omitempty"`

	// Optional JWT issuer. If no issuer is specified, then this plugin will use kubernetes.io/serviceaccount as the default issuer. (Deprecated, will be removed in a future release)
	// Deprecated
	Issuer string `json:"issuer,omitempty"`

	// PEM encoded CA cert for use by the TLS client used to talk with the API.
	KubernetesCaCert string `json:"kubernetes_ca_cert,omitempty"`

	// Host must be a host string, a host:port pair, or a URL to the base of the Kubernetes API server.
	KubernetesHost string `json:"kubernetes_host,omitempty"`

	// Optional list of PEM-formated public keys or certificates used to verify the signatures of kubernetes service account JWTs. If a certificate is given, its public key will be extracted. Not every installation of Kubernetes exposes these keys.
	PemKeys []string `json:"pem_keys,omitempty"`

	// A service account JWT used to access the TokenReview API to validate other JWTs during login. If not set the JWT used for login will be used to access the API.
	TokenReviewerJwt string `json:"token_reviewer_jwt,omitempty"`
}

KubernetesConfigureAuthRequest struct for KubernetesConfigureAuthRequest

func NewKubernetesConfigureAuthRequestWithDefaults ¶ added in v0.3.0 

func NewKubernetesConfigureAuthRequestWithDefaults() *KubernetesConfigureAuthRequest

NewKubernetesConfigureAuthRequestWithDefaults instantiates a new KubernetesConfigureAuthRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KubernetesConfigureRequest ¶ added in v0.3.0 

type KubernetesConfigureRequest struct {
	// Disable defaulting to the local CA certificate and service account JWT when running in a Kubernetes pod.
	DisableLocalCaJwt bool `json:"disable_local_ca_jwt,omitempty"`

	// PEM encoded CA certificate to use to verify the Kubernetes API server certificate. Defaults to the local pod's CA if found.
	KubernetesCaCert string `json:"kubernetes_ca_cert,omitempty"`

	// Kubernetes API URL to connect to. Defaults to https://$KUBERNETES_SERVICE_HOST:KUBERNETES_SERVICE_PORT if those environment variables are set.
	KubernetesHost string `json:"kubernetes_host,omitempty"`

	// The JSON web token of the service account used by the secret engine to manage Kubernetes credentials. Defaults to the local pod's JWT if found.
	ServiceAccountJwt string `json:"service_account_jwt,omitempty"`
}

KubernetesConfigureRequest struct for KubernetesConfigureRequest

func NewKubernetesConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewKubernetesConfigureRequestWithDefaults() *KubernetesConfigureRequest

NewKubernetesConfigureRequestWithDefaults instantiates a new KubernetesConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KubernetesGenerateCredentialsRequest ¶ added in v0.3.0 

type KubernetesGenerateCredentialsRequest struct {
	// The intended audiences of the generated credentials
	Audiences []string `json:"audiences,omitempty"`

	// If true, generate a ClusterRoleBinding to grant permissions across the whole cluster instead of within a namespace. Requires the Vault role to have kubernetes_role_type set to ClusterRole.
	ClusterRoleBinding bool `json:"cluster_role_binding,omitempty"`

	// The name of the Kubernetes namespace in which to generate the credentials
	KubernetesNamespace string `json:"kubernetes_namespace"`

	// The TTL of the generated credentials
	Ttl int32 `json:"ttl,omitempty"`
}

KubernetesGenerateCredentialsRequest struct for KubernetesGenerateCredentialsRequest

func NewKubernetesGenerateCredentialsRequestWithDefaults ¶ added in v0.3.0 

func NewKubernetesGenerateCredentialsRequestWithDefaults() *KubernetesGenerateCredentialsRequest

NewKubernetesGenerateCredentialsRequestWithDefaults instantiates a new KubernetesGenerateCredentialsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KubernetesLoginRequest ¶ 

type KubernetesLoginRequest struct {
	// A signed JWT for authenticating a service account. This field is required.
	Jwt string `json:"jwt,omitempty"`

	// Name of the role against which the login is being attempted. This field is required
	Role string `json:"role,omitempty"`
}

KubernetesLoginRequest struct for KubernetesLoginRequest

func NewKubernetesLoginRequestWithDefaults ¶ 

func NewKubernetesLoginRequestWithDefaults() *KubernetesLoginRequest

NewKubernetesLoginRequestWithDefaults instantiates a new KubernetesLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KubernetesWriteAuthRoleRequest ¶ 

type KubernetesWriteAuthRoleRequest struct {
	// Source to use when deriving the Alias name. valid choices: \"serviceaccount_uid\" : <token.uid> e.g. 474b11b5-0f20-4f9d-8ca5-65715ab325e0 (most secure choice) \"serviceaccount_name\" : <namespace>/<serviceaccount> e.g. vault/vault-agent default: \"serviceaccount_uid\"
	AliasNameSource string `json:"alias_name_source,omitempty"`

	// Optional Audience claim to verify in the jwt.
	Audience string `json:"audience,omitempty"`

	// Use \"token_bound_cidrs\" instead. If this and \"token_bound_cidrs\" are both specified, only \"token_bound_cidrs\" will be used.
	// Deprecated
	BoundCidrs []string `json:"bound_cidrs,omitempty"`

	// List of service account names able to access this role. If set to \"*\" all names are allowed.
	BoundServiceAccountNames []string `json:"bound_service_account_names,omitempty"`

	// List of namespaces allowed to access this role. If set to \"*\" all namespaces are allowed.
	BoundServiceAccountNamespaces []string `json:"bound_service_account_namespaces,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Use \"token_num_uses\" instead. If this and \"token_num_uses\" are both specified, only \"token_num_uses\" will be used.
	// Deprecated
	NumUses int32 `json:"num_uses,omitempty"`

	// Use \"token_period\" instead. If this and \"token_period\" are both specified, only \"token_period\" will be used.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

KubernetesWriteAuthRoleRequest struct for KubernetesWriteAuthRoleRequest

func NewKubernetesWriteAuthRoleRequestWithDefaults ¶ 

func NewKubernetesWriteAuthRoleRequestWithDefaults() *KubernetesWriteAuthRoleRequest

NewKubernetesWriteAuthRoleRequestWithDefaults instantiates a new KubernetesWriteAuthRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KubernetesWriteRoleRequest ¶ 

type KubernetesWriteRoleRequest struct {
	// A label selector for Kubernetes namespaces in which credentials can be generated. Accepts either a JSON or YAML object. If set with allowed_kubernetes_namespaces, the conditions are conjuncted.
	AllowedKubernetesNamespaceSelector string `json:"allowed_kubernetes_namespace_selector,omitempty"`

	// A list of the Kubernetes namespaces in which credentials can be generated. If set to \"*\" all namespaces are allowed.
	AllowedKubernetesNamespaces []string `json:"allowed_kubernetes_namespaces,omitempty"`

	// Additional annotations to apply to all generated Kubernetes objects.
	ExtraAnnotations map[string]interface{} `json:"extra_annotations,omitempty"`

	// Additional labels to apply to all generated Kubernetes objects.
	ExtraLabels map[string]interface{} `json:"extra_labels,omitempty"`

	// The Role or ClusterRole rules to use when generating a role. Accepts either a JSON or YAML object. If set, the entire chain of Kubernetes objects will be generated.
	GeneratedRoleRules string `json:"generated_role_rules,omitempty"`

	// The pre-existing Role or ClusterRole to bind a generated service account to. If set, Kubernetes token, service account, and role binding objects will be created.
	KubernetesRoleName string `json:"kubernetes_role_name,omitempty"`

	// Specifies whether the Kubernetes role is a Role or ClusterRole.
	KubernetesRoleType string `json:"kubernetes_role_type,omitempty"`

	// The name template to use when generating service accounts, roles and role bindings. If unset, a default template is used.
	NameTemplate string `json:"name_template,omitempty"`

	// The pre-existing service account to generate tokens for. Mutually exclusive with all role parameters. If set, only a Kubernetes service account token will be created.
	ServiceAccountName string `json:"service_account_name,omitempty"`

	// The default audiences for generated Kubernetes service account tokens. If not set or set to \"\", will use k8s cluster default.
	TokenDefaultAudiences []string `json:"token_default_audiences,omitempty"`

	// The default ttl for generated Kubernetes service account tokens. If not set or set to 0, will use system default.
	TokenDefaultTtl int32 `json:"token_default_ttl,omitempty"`

	// The maximum ttl for generated Kubernetes service account tokens. If not set or set to 0, will use system default.
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`
}

KubernetesWriteRoleRequest struct for KubernetesWriteRoleRequest

func NewKubernetesWriteRoleRequestWithDefaults ¶ 

func NewKubernetesWriteRoleRequestWithDefaults() *KubernetesWriteRoleRequest

NewKubernetesWriteRoleRequestWithDefaults instantiates a new KubernetesWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2ConfigureRequest ¶ added in v0.3.0 

type KvV2ConfigureRequest struct {
	// If true, the backend will require the cas parameter to be set for each write
	CasRequired bool `json:"cas_required,omitempty"`

	// If set, the length of time before a version is deleted. A negative duration disables the use of delete_version_after on all keys. A zero duration clears the current setting. Accepts a Go duration format string.
	DeleteVersionAfter int32 `json:"delete_version_after,omitempty"`

	// The number of versions to keep for each key. Defaults to 10
	MaxVersions int32 `json:"max_versions,omitempty"`
}

KvV2ConfigureRequest struct for KvV2ConfigureRequest

func NewKvV2ConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewKvV2ConfigureRequestWithDefaults() *KvV2ConfigureRequest

NewKvV2ConfigureRequestWithDefaults instantiates a new KvV2ConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2DeleteVersionsRequest ¶ added in v0.3.0 

type KvV2DeleteVersionsRequest struct {
	// The versions to be archived. The versioned data will not be deleted, but it will no longer be returned in normal get requests.
	Versions []int32 `json:"versions,omitempty"`
}

KvV2DeleteVersionsRequest struct for KvV2DeleteVersionsRequest

func NewKvV2DeleteVersionsRequestWithDefaults ¶ added in v0.3.0 

func NewKvV2DeleteVersionsRequestWithDefaults() *KvV2DeleteVersionsRequest

NewKvV2DeleteVersionsRequestWithDefaults instantiates a new KvV2DeleteVersionsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2DestroyVersionsRequest ¶ added in v0.3.0 

type KvV2DestroyVersionsRequest struct {
	// The versions to destroy. Their data will be permanently deleted.
	Versions []int32 `json:"versions,omitempty"`
}

KvV2DestroyVersionsRequest struct for KvV2DestroyVersionsRequest

func NewKvV2DestroyVersionsRequestWithDefaults ¶ added in v0.3.0 

func NewKvV2DestroyVersionsRequestWithDefaults() *KvV2DestroyVersionsRequest

NewKvV2DestroyVersionsRequestWithDefaults instantiates a new KvV2DestroyVersionsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2PatchResponse ¶ added in v0.3.0 

type KvV2PatchResponse struct {
	CreatedTime time.Time `json:"created_time,omitempty"`

	CustomMetadata map[string]interface{} `json:"custom_metadata,omitempty"`

	DeletionTime string `json:"deletion_time,omitempty"`

	Destroyed bool `json:"destroyed,omitempty"`

	Version int64 `json:"version,omitempty"`
}

KvV2PatchResponse struct for KvV2PatchResponse

func NewKvV2PatchResponseWithDefaults ¶ added in v0.3.0 

func NewKvV2PatchResponseWithDefaults() *KvV2PatchResponse

NewKvV2PatchResponseWithDefaults instantiates a new KvV2PatchResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2ReadConfigurationResponse ¶ added in v0.3.0 

type KvV2ReadConfigurationResponse struct {
	// If true, the backend will require the cas parameter to be set for each write
	CasRequired bool `json:"cas_required,omitempty"`

	// The length of time before a version is deleted.
	DeleteVersionAfter int32 `json:"delete_version_after,omitempty"`

	// The number of versions to keep for each key.
	MaxVersions int32 `json:"max_versions,omitempty"`
}

KvV2ReadConfigurationResponse struct for KvV2ReadConfigurationResponse

func NewKvV2ReadConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewKvV2ReadConfigurationResponseWithDefaults() *KvV2ReadConfigurationResponse

NewKvV2ReadConfigurationResponseWithDefaults instantiates a new KvV2ReadConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2ReadMetadataResponse ¶ added in v0.3.0 

type KvV2ReadMetadataResponse struct {
	CasRequired bool `json:"cas_required,omitempty"`

	CreatedTime time.Time `json:"created_time,omitempty"`

	CurrentVersion int64 `json:"current_version,omitempty"`

	// User-provided key-value pairs that are used to describe arbitrary and version-agnostic information about a secret.
	CustomMetadata map[string]interface{} `json:"custom_metadata,omitempty"`

	// The length of time before a version is deleted.
	DeleteVersionAfter int32 `json:"delete_version_after,omitempty"`

	// The number of versions to keep
	MaxVersions int64 `json:"max_versions,omitempty"`

	OldestVersion int64 `json:"oldest_version,omitempty"`

	UpdatedTime time.Time `json:"updated_time,omitempty"`

	Versions map[string]interface{} `json:"versions,omitempty"`
}

KvV2ReadMetadataResponse struct for KvV2ReadMetadataResponse

func NewKvV2ReadMetadataResponseWithDefaults ¶ added in v0.3.0 

func NewKvV2ReadMetadataResponseWithDefaults() *KvV2ReadMetadataResponse

NewKvV2ReadMetadataResponseWithDefaults instantiates a new KvV2ReadMetadataResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2ReadResponse ¶ added in v0.3.0 

type KvV2ReadResponse struct {
	Data map[string]interface{} `json:"data,omitempty"`

	Metadata map[string]interface{} `json:"metadata,omitempty"`
}

KvV2ReadResponse struct for KvV2ReadResponse

func NewKvV2ReadResponseWithDefaults ¶ added in v0.3.0 

func NewKvV2ReadResponseWithDefaults() *KvV2ReadResponse

NewKvV2ReadResponseWithDefaults instantiates a new KvV2ReadResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2ReadSubkeysResponse ¶ added in v0.3.0 

type KvV2ReadSubkeysResponse struct {
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	Subkeys map[string]interface{} `json:"subkeys,omitempty"`
}

KvV2ReadSubkeysResponse struct for KvV2ReadSubkeysResponse

func NewKvV2ReadSubkeysResponseWithDefaults ¶ added in v0.3.0 

func NewKvV2ReadSubkeysResponseWithDefaults() *KvV2ReadSubkeysResponse

NewKvV2ReadSubkeysResponseWithDefaults instantiates a new KvV2ReadSubkeysResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2UndeleteVersionsRequest ¶ added in v0.3.0 

type KvV2UndeleteVersionsRequest struct {
	// The versions to unarchive. The versions will be restored and their data will be returned on normal get requests.
	Versions []int32 `json:"versions,omitempty"`
}

KvV2UndeleteVersionsRequest struct for KvV2UndeleteVersionsRequest

func NewKvV2UndeleteVersionsRequestWithDefaults ¶ added in v0.3.0 

func NewKvV2UndeleteVersionsRequestWithDefaults() *KvV2UndeleteVersionsRequest

NewKvV2UndeleteVersionsRequestWithDefaults instantiates a new KvV2UndeleteVersionsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2WriteMetadataRequest ¶ added in v0.3.0 

type KvV2WriteMetadataRequest struct {
	// If true the key will require the cas parameter to be set on all write requests. If false, the backend’s configuration will be used.
	CasRequired bool `json:"cas_required,omitempty"`

	// User-provided key-value pairs that are used to describe arbitrary and version-agnostic information about a secret.
	CustomMetadata map[string]interface{} `json:"custom_metadata,omitempty"`

	// The length of time before a version is deleted. If not set, the backend's configured delete_version_after is used. Cannot be greater than the backend's delete_version_after. A zero duration clears the current setting. A negative duration will cause an error.
	DeleteVersionAfter int32 `json:"delete_version_after,omitempty"`

	// The number of versions to keep. If not set, the backend’s configured max version is used.
	MaxVersions int32 `json:"max_versions,omitempty"`
}

KvV2WriteMetadataRequest struct for KvV2WriteMetadataRequest

func NewKvV2WriteMetadataRequestWithDefaults ¶ added in v0.3.0 

func NewKvV2WriteMetadataRequestWithDefaults() *KvV2WriteMetadataRequest

NewKvV2WriteMetadataRequestWithDefaults instantiates a new KvV2WriteMetadataRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2WriteRequest ¶ added in v0.3.0 

type KvV2WriteRequest struct {
	// The contents of the data map will be stored and returned on read.
	Data map[string]interface{} `json:"data,omitempty"`

	// Options for writing a KV entry. Set the \"cas\" value to use a Check-And-Set operation. If not set the write will be allowed. If set to 0 a write will only be allowed if the key doesn’t exist. If the index is non-zero the write will only be allowed if the key’s current version matches the version specified in the cas parameter.
	Options map[string]interface{} `json:"options,omitempty"`

	// If provided during a read, the value at the version number will be returned
	Version int32 `json:"version,omitempty"`
}

KvV2WriteRequest struct for KvV2WriteRequest

func NewKvV2WriteRequestWithDefaults ¶ added in v0.3.0 

func NewKvV2WriteRequestWithDefaults() *KvV2WriteRequest

NewKvV2WriteRequestWithDefaults instantiates a new KvV2WriteRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type KvV2WriteResponse ¶ added in v0.3.0 

type KvV2WriteResponse struct {
	CreatedTime time.Time `json:"created_time,omitempty"`

	CustomMetadata map[string]interface{} `json:"custom_metadata,omitempty"`

	DeletionTime string `json:"deletion_time,omitempty"`

	Destroyed bool `json:"destroyed,omitempty"`

	Version int64 `json:"version,omitempty"`
}

KvV2WriteResponse struct for KvV2WriteResponse

func NewKvV2WriteResponseWithDefaults ¶ added in v0.3.0 

func NewKvV2WriteResponseWithDefaults() *KvV2WriteResponse

NewKvV2WriteResponseWithDefaults instantiates a new KvV2WriteResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapConfigureAuthRequest ¶ added in v0.3.0 

type LdapConfigureAuthRequest struct {
	// Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).
	AnonymousGroupSearch bool `json:"anonymous_group_search,omitempty"`

	// LDAP DN for searching for the user DN (optional)
	Binddn string `json:"binddn,omitempty"`

	// LDAP password for searching for the user DN (optional)
	Bindpass string `json:"bindpass,omitempty"`

	// If true, case sensitivity will be used when comparing usernames and groups for matching policies.
	CaseSensitiveNames bool `json:"case_sensitive_names,omitempty"`

	// CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded (optional)
	Certificate string `json:"certificate,omitempty"`

	// Client certificate to provide to the LDAP server, must be x509 PEM encoded (optional)
	ClientTlsCert string `json:"client_tls_cert,omitempty"`

	// Client certificate key to provide to the LDAP server, must be x509 PEM encoded (optional)
	ClientTlsKey string `json:"client_tls_key,omitempty"`

	// Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
	ConnectionTimeout int32 `json:"connection_timeout,omitempty"`

	// Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true
	DenyNullBind bool `json:"deny_null_bind,omitempty"`

	// When aliases should be dereferenced on search operations. Accepted values are 'never', 'finding', 'searching', 'always'. Defaults to 'never'.
	DereferenceAliases string `json:"dereference_aliases,omitempty"`

	// Use anonymous bind to discover the bind DN of a user (optional)
	Discoverdn bool `json:"discoverdn,omitempty"`

	// LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate user group membership. Examples: \"cn\" or \"memberOf\", etc. Default: cn
	Groupattr string `json:"groupattr,omitempty"`

	// LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org)
	Groupdn string `json:"groupdn,omitempty"`

	// Go template for querying group membership of user (optional) The template can access the following context variables: UserDN, Username Example: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}})) Default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))
	Groupfilter string `json:"groupfilter,omitempty"`

	// Skip LDAP server SSL Certificate verification - VERY insecure (optional)
	InsecureTls bool `json:"insecure_tls,omitempty"`

	// The maximum number of results to return for a single paged query. If not set, the server default will be used for paged searches. A requested max_page_size of 0 is interpreted as no limit by LDAP servers. If set to a negative value, search requests will not be paged.
	MaxPageSize int32 `json:"max_page_size,omitempty"`

	// Timeout, in seconds, for the connection when making requests against the server before returning back an error.
	RequestTimeout int32 `json:"request_timeout,omitempty"`

	// Issue a StartTLS command after establishing unencrypted connection (optional)
	Starttls bool `json:"starttls,omitempty"`

	// Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'
	TlsMaxVersion string `json:"tls_max_version,omitempty"`

	// Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'
	TlsMinVersion string `json:"tls_min_version,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies. This will apply to all tokens generated by this auth method, in addition to any configured for specific users/groups.
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Enables userPrincipalDomain login with [username]@UPNDomain (optional)
	Upndomain string `json:"upndomain,omitempty"`

	// LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.
	Url string `json:"url,omitempty"`

	// In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.
	UsePre111GroupCnBehavior bool `json:"use_pre111_group_cn_behavior,omitempty"`

	// If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships. This will find all security groups including nested ones.
	UseTokenGroups bool `json:"use_token_groups,omitempty"`

	// Attribute used for users (default: cn)
	Userattr string `json:"userattr,omitempty"`

	// LDAP domain to use for users (eg: ou=People,dc=example,dc=org)
	Userdn string `json:"userdn,omitempty"`

	// Go template for LDAP user search filer (optional) The template can access the following context variables: UserAttr, Username Default: ({{.UserAttr}}={{.Username}})
	Userfilter string `json:"userfilter,omitempty"`

	// If true, sets the alias name to the username
	UsernameAsAlias bool `json:"username_as_alias,omitempty"`
}

LdapConfigureAuthRequest struct for LdapConfigureAuthRequest

func NewLdapConfigureAuthRequestWithDefaults ¶ added in v0.3.0 

func NewLdapConfigureAuthRequestWithDefaults() *LdapConfigureAuthRequest

NewLdapConfigureAuthRequestWithDefaults instantiates a new LdapConfigureAuthRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapConfigureRequest ¶ added in v0.3.0 

type LdapConfigureRequest struct {
	// Use anonymous binds when performing LDAP group searches (if true the initial credentials will still be used for the initial connection test).
	AnonymousGroupSearch bool `json:"anonymous_group_search,omitempty"`

	// LDAP DN for searching for the user DN (optional)
	Binddn string `json:"binddn,omitempty"`

	// LDAP password for searching for the user DN (optional)
	Bindpass string `json:"bindpass,omitempty"`

	// If true, case sensitivity will be used when comparing usernames and groups for matching policies.
	CaseSensitiveNames bool `json:"case_sensitive_names,omitempty"`

	// CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded (optional)
	Certificate string `json:"certificate,omitempty"`

	// Client certificate to provide to the LDAP server, must be x509 PEM encoded (optional)
	ClientTlsCert string `json:"client_tls_cert,omitempty"`

	// Client certificate key to provide to the LDAP server, must be x509 PEM encoded (optional)
	ClientTlsKey string `json:"client_tls_key,omitempty"`

	// Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.
	ConnectionTimeout int32 `json:"connection_timeout,omitempty"`

	// Denies an unauthenticated LDAP bind request if the user's password is empty; defaults to true
	DenyNullBind bool `json:"deny_null_bind,omitempty"`

	// When aliases should be dereferenced on search operations. Accepted values are 'never', 'finding', 'searching', 'always'. Defaults to 'never'.
	DereferenceAliases string `json:"dereference_aliases,omitempty"`

	// Use anonymous bind to discover the bind DN of a user (optional)
	Discoverdn bool `json:"discoverdn,omitempty"`

	// LDAP attribute to follow on objects returned by <groupfilter> in order to enumerate user group membership. Examples: \"cn\" or \"memberOf\", etc. Default: cn
	Groupattr string `json:"groupattr,omitempty"`

	// LDAP search base to use for group membership search (eg: ou=Groups,dc=example,dc=org)
	Groupdn string `json:"groupdn,omitempty"`

	// Go template for querying group membership of user (optional) The template can access the following context variables: UserDN, Username Example: (&(objectClass=group)(member:1.2.840.113556.1.4.1941:={{.UserDN}})) Default: (|(memberUid={{.Username}})(member={{.UserDN}})(uniqueMember={{.UserDN}}))
	Groupfilter string `json:"groupfilter,omitempty"`

	// Skip LDAP server SSL Certificate verification - VERY insecure (optional)
	InsecureTls bool `json:"insecure_tls,omitempty"`

	// The desired length of passwords that Vault generates.
	// Deprecated
	Length int32 `json:"length,omitempty"`

	// The maximum number of results to return for a single paged query. If not set, the server default will be used for paged searches. A requested max_page_size of 0 is interpreted as no limit by LDAP servers. If set to a negative value, search requests will not be paged.
	MaxPageSize int32 `json:"max_page_size,omitempty"`

	// The maximum password time-to-live.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Password policy to use to generate passwords
	PasswordPolicy string `json:"password_policy,omitempty"`

	// Timeout, in seconds, for the connection when making requests against the server before returning back an error.
	RequestTimeout int32 `json:"request_timeout,omitempty"`

	// The desired LDAP schema used when modifying user account passwords.
	Schema string `json:"schema,omitempty"`

	// Issue a StartTLS command after establishing unencrypted connection (optional)
	Starttls bool `json:"starttls,omitempty"`

	// Maximum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'
	TlsMaxVersion string `json:"tls_max_version,omitempty"`

	// Minimum TLS version to use. Accepted values are 'tls10', 'tls11', 'tls12' or 'tls13'. Defaults to 'tls12'
	TlsMinVersion string `json:"tls_min_version,omitempty"`

	// The default password time-to-live.
	Ttl int32 `json:"ttl,omitempty"`

	// Enables userPrincipalDomain login with [username]@UPNDomain (optional)
	Upndomain string `json:"upndomain,omitempty"`

	// LDAP URL to connect to (default: ldap://127.0.0.1). Multiple URLs can be specified by concatenating them with commas; they will be tried in-order.
	Url string `json:"url,omitempty"`

	// In Vault 1.1.1 a fix for handling group CN values of different cases unfortunately introduced a regression that could cause previously defined groups to not be found due to a change in the resulting name. If set true, the pre-1.1.1 behavior for matching group CNs will be used. This is only needed in some upgrade scenarios for backwards compatibility. It is enabled by default if the config is upgraded but disabled by default on new configurations.
	UsePre111GroupCnBehavior bool `json:"use_pre111_group_cn_behavior,omitempty"`

	// If true, use the Active Directory tokenGroups constructed attribute of the user to find the group memberships. This will find all security groups including nested ones.
	UseTokenGroups bool `json:"use_token_groups,omitempty"`

	// Attribute used for users (default: cn)
	Userattr string `json:"userattr,omitempty"`

	// LDAP domain to use for users (eg: ou=People,dc=example,dc=org)
	Userdn string `json:"userdn,omitempty"`

	// Go template for LDAP user search filer (optional) The template can access the following context variables: UserAttr, Username Default: ({{.UserAttr}}={{.Username}})
	Userfilter string `json:"userfilter,omitempty"`

	// If true, sets the alias name to the username
	UsernameAsAlias bool `json:"username_as_alias,omitempty"`
}

LdapConfigureRequest struct for LdapConfigureRequest

func NewLdapConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewLdapConfigureRequestWithDefaults() *LdapConfigureRequest

NewLdapConfigureRequestWithDefaults instantiates a new LdapConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapLibraryCheckInRequest ¶ added in v0.3.0 

type LdapLibraryCheckInRequest struct {
	// The username/logon name for the service accounts to check in.
	ServiceAccountNames []string `json:"service_account_names,omitempty"`
}

LdapLibraryCheckInRequest struct for LdapLibraryCheckInRequest

func NewLdapLibraryCheckInRequestWithDefaults ¶ added in v0.3.0 

func NewLdapLibraryCheckInRequestWithDefaults() *LdapLibraryCheckInRequest

NewLdapLibraryCheckInRequestWithDefaults instantiates a new LdapLibraryCheckInRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapLibraryCheckOutRequest ¶ added in v0.3.0 

type LdapLibraryCheckOutRequest struct {
	// The length of time before the check-out will expire, in seconds.
	Ttl int32 `json:"ttl,omitempty"`
}

LdapLibraryCheckOutRequest struct for LdapLibraryCheckOutRequest

func NewLdapLibraryCheckOutRequestWithDefaults ¶ added in v0.3.0 

func NewLdapLibraryCheckOutRequestWithDefaults() *LdapLibraryCheckOutRequest

NewLdapLibraryCheckOutRequestWithDefaults instantiates a new LdapLibraryCheckOutRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapLibraryConfigureRequest ¶ added in v0.3.0 

type LdapLibraryConfigureRequest struct {
	// Disable the default behavior of requiring that check-ins are performed by the entity that checked them out.
	DisableCheckInEnforcement bool `json:"disable_check_in_enforcement,omitempty"`

	// In seconds, the max amount of time a check-out's renewals should last. Defaults to 24 hours.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// The username/logon name for the service accounts with which this set will be associated.
	ServiceAccountNames []string `json:"service_account_names,omitempty"`

	// In seconds, the amount of time a check-out should last. Defaults to 24 hours.
	Ttl int32 `json:"ttl,omitempty"`
}

LdapLibraryConfigureRequest struct for LdapLibraryConfigureRequest

func NewLdapLibraryConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewLdapLibraryConfigureRequestWithDefaults() *LdapLibraryConfigureRequest

NewLdapLibraryConfigureRequestWithDefaults instantiates a new LdapLibraryConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapLibraryForceCheckInRequest ¶ added in v0.3.0 

type LdapLibraryForceCheckInRequest struct {
	// The username/logon name for the service accounts to check in.
	ServiceAccountNames []string `json:"service_account_names,omitempty"`
}

LdapLibraryForceCheckInRequest struct for LdapLibraryForceCheckInRequest

func NewLdapLibraryForceCheckInRequestWithDefaults ¶ added in v0.3.0 

func NewLdapLibraryForceCheckInRequestWithDefaults() *LdapLibraryForceCheckInRequest

NewLdapLibraryForceCheckInRequestWithDefaults instantiates a new LdapLibraryForceCheckInRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapLoginRequest ¶ added in v0.3.0 

type LdapLoginRequest struct {
	// Password for this user.
	Password string `json:"password,omitempty"`
}

LdapLoginRequest struct for LdapLoginRequest

func NewLdapLoginRequestWithDefaults ¶ added in v0.3.0 

func NewLdapLoginRequestWithDefaults() *LdapLoginRequest

NewLdapLoginRequestWithDefaults instantiates a new LdapLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapWriteDynamicRoleRequest ¶ added in v0.3.0 

type LdapWriteDynamicRoleRequest struct {
	// LDIF string used to create new entities within the LDAP system. This LDIF can be templated.
	CreationLdif string `json:"creation_ldif"`

	// Default TTL for dynamic credentials
	DefaultTtl int32 `json:"default_ttl,omitempty"`

	// LDIF string used to delete entities created within the LDAP system. This LDIF can be templated.
	DeletionLdif string `json:"deletion_ldif"`

	// Max TTL a dynamic credential can be extended to
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// LDIF string used to rollback changes in the event of a failure to create credentials. This LDIF can be templated.
	RollbackLdif string `json:"rollback_ldif,omitempty"`

	// The template used to create a username
	UsernameTemplate string `json:"username_template,omitempty"`
}

LdapWriteDynamicRoleRequest struct for LdapWriteDynamicRoleRequest

func NewLdapWriteDynamicRoleRequestWithDefaults ¶ added in v0.3.0 

func NewLdapWriteDynamicRoleRequestWithDefaults() *LdapWriteDynamicRoleRequest

NewLdapWriteDynamicRoleRequestWithDefaults instantiates a new LdapWriteDynamicRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapWriteGroupRequest ¶ added in v0.3.0 

type LdapWriteGroupRequest struct {
	// Comma-separated list of policies associated to the group.
	Policies []string `json:"policies,omitempty"`
}

LdapWriteGroupRequest struct for LdapWriteGroupRequest

func NewLdapWriteGroupRequestWithDefaults ¶ added in v0.3.0 

func NewLdapWriteGroupRequestWithDefaults() *LdapWriteGroupRequest

NewLdapWriteGroupRequestWithDefaults instantiates a new LdapWriteGroupRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapWriteStaticRoleRequest ¶ added in v0.3.0 

type LdapWriteStaticRoleRequest struct {
	// The distinguished name of the entry to manage.
	Dn string `json:"dn,omitempty"`

	// Period for automatic credential rotation of the given entry.
	RotationPeriod int32 `json:"rotation_period,omitempty"`

	// The username/logon name for the entry with which this role will be associated.
	Username string `json:"username,omitempty"`
}

LdapWriteStaticRoleRequest struct for LdapWriteStaticRoleRequest

func NewLdapWriteStaticRoleRequestWithDefaults ¶ added in v0.3.0 

func NewLdapWriteStaticRoleRequestWithDefaults() *LdapWriteStaticRoleRequest

NewLdapWriteStaticRoleRequestWithDefaults instantiates a new LdapWriteStaticRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LdapWriteUserRequest ¶ added in v0.3.0 

type LdapWriteUserRequest struct {
	// Comma-separated list of additional groups associated with the user.
	Groups []string `json:"groups,omitempty"`

	// Comma-separated list of policies associated with the user.
	Policies []string `json:"policies,omitempty"`
}

LdapWriteUserRequest struct for LdapWriteUserRequest

func NewLdapWriteUserRequestWithDefaults ¶ added in v0.3.0 

func NewLdapWriteUserRequestWithDefaults() *LdapWriteUserRequest

NewLdapWriteUserRequestWithDefaults instantiates a new LdapWriteUserRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeaderStatusResponse ¶ added in v0.3.0 

type LeaderStatusResponse struct {
	ActiveTime time.Time `json:"active_time,omitempty"`

	HaEnabled bool `json:"ha_enabled,omitempty"`

	IsSelf bool `json:"is_self,omitempty"`

	LastWal int64 `json:"last_wal,omitempty"`

	LeaderAddress string `json:"leader_address,omitempty"`

	LeaderClusterAddress string `json:"leader_cluster_address,omitempty"`

	PerformanceStandby bool `json:"performance_standby,omitempty"`

	PerformanceStandbyLastRemoteWal int64 `json:"performance_standby_last_remote_wal,omitempty"`

	RaftAppliedIndex int64 `json:"raft_applied_index,omitempty"`

	RaftCommittedIndex int64 `json:"raft_committed_index,omitempty"`
}

LeaderStatusResponse struct for LeaderStatusResponse

func NewLeaderStatusResponseWithDefaults ¶ added in v0.3.0 

func NewLeaderStatusResponseWithDefaults() *LeaderStatusResponse

NewLeaderStatusResponseWithDefaults instantiates a new LeaderStatusResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesCountResponse ¶ added in v0.3.0 

type LeasesCountResponse struct {
	// Number of matching leases per mount
	Counts int32 `json:"counts,omitempty"`

	// Number of matching leases
	LeaseCount int32 `json:"lease_count,omitempty"`
}

LeasesCountResponse struct for LeasesCountResponse

func NewLeasesCountResponseWithDefaults ¶ added in v0.3.0 

func NewLeasesCountResponseWithDefaults() *LeasesCountResponse

NewLeasesCountResponseWithDefaults instantiates a new LeasesCountResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesListResponse ¶ added in v0.3.0 

type LeasesListResponse struct {
	// Number of matching leases per mount
	Counts int32 `json:"counts,omitempty"`

	// Number of matching leases
	LeaseCount int32 `json:"lease_count,omitempty"`
}

LeasesListResponse struct for LeasesListResponse

func NewLeasesListResponseWithDefaults ¶ added in v0.3.0 

func NewLeasesListResponseWithDefaults() *LeasesListResponse

NewLeasesListResponseWithDefaults instantiates a new LeasesListResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesLookUpResponse ¶ added in v0.3.0 

type LeasesLookUpResponse struct {
	// A list of lease ids
	Keys []string `json:"keys,omitempty"`
}

LeasesLookUpResponse struct for LeasesLookUpResponse

func NewLeasesLookUpResponseWithDefaults ¶ added in v0.3.0 

func NewLeasesLookUpResponseWithDefaults() *LeasesLookUpResponse

NewLeasesLookUpResponseWithDefaults instantiates a new LeasesLookUpResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesLookUpWithPrefixResponse ¶ added in v0.3.0 

type LeasesLookUpWithPrefixResponse struct {
	// A list of lease ids
	Keys []string `json:"keys,omitempty"`
}

LeasesLookUpWithPrefixResponse struct for LeasesLookUpWithPrefixResponse

func NewLeasesLookUpWithPrefixResponseWithDefaults ¶ added in v0.3.0 

func NewLeasesLookUpWithPrefixResponseWithDefaults() *LeasesLookUpWithPrefixResponse

NewLeasesLookUpWithPrefixResponseWithDefaults instantiates a new LeasesLookUpWithPrefixResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesReadLeaseRequest ¶ added in v0.3.0 

type LeasesReadLeaseRequest struct {
	// The lease identifier to renew. This is included with a lease.
	LeaseId string `json:"lease_id,omitempty"`
}

LeasesReadLeaseRequest struct for LeasesReadLeaseRequest

func NewLeasesReadLeaseRequestWithDefaults ¶ added in v0.3.0 

func NewLeasesReadLeaseRequestWithDefaults() *LeasesReadLeaseRequest

NewLeasesReadLeaseRequestWithDefaults instantiates a new LeasesReadLeaseRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesReadLeaseResponse ¶ added in v0.3.0 

type LeasesReadLeaseResponse struct {
	// Optional lease expiry time
	ExpireTime time.Time `json:"expire_time,omitempty"`

	// Lease id
	Id string `json:"id,omitempty"`

	// Timestamp for the lease's issue time
	IssueTime time.Time `json:"issue_time,omitempty"`

	// Optional Timestamp of the last time the lease was renewed
	LastRenewal time.Time `json:"last_renewal,omitempty"`

	// True if the lease is able to be renewed
	Renewable bool `json:"renewable,omitempty"`

	// Time to Live set for the lease, returns 0 if unset
	Ttl int32 `json:"ttl,omitempty"`
}

LeasesReadLeaseResponse struct for LeasesReadLeaseResponse

func NewLeasesReadLeaseResponseWithDefaults ¶ added in v0.3.0 

func NewLeasesReadLeaseResponseWithDefaults() *LeasesReadLeaseResponse

NewLeasesReadLeaseResponseWithDefaults instantiates a new LeasesReadLeaseResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesRenewLeaseRequest ¶ added in v0.3.0 

type LeasesRenewLeaseRequest struct {
	// The desired increment in seconds to the lease
	Increment int32 `json:"increment,omitempty"`

	// The lease identifier to renew. This is included with a lease.
	LeaseId string `json:"lease_id,omitempty"`

	// The lease identifier to renew. This is included with a lease.
	UrlLeaseId string `json:"url_lease_id,omitempty"`
}

LeasesRenewLeaseRequest struct for LeasesRenewLeaseRequest

func NewLeasesRenewLeaseRequestWithDefaults ¶ added in v0.3.0 

func NewLeasesRenewLeaseRequestWithDefaults() *LeasesRenewLeaseRequest

NewLeasesRenewLeaseRequestWithDefaults instantiates a new LeasesRenewLeaseRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesRenewLeaseWithIdRequest ¶ added in v0.3.0 

type LeasesRenewLeaseWithIdRequest struct {
	// The desired increment in seconds to the lease
	Increment int32 `json:"increment,omitempty"`

	// The lease identifier to renew. This is included with a lease.
	LeaseId string `json:"lease_id,omitempty"`
}

LeasesRenewLeaseWithIdRequest struct for LeasesRenewLeaseWithIdRequest

func NewLeasesRenewLeaseWithIdRequestWithDefaults ¶ added in v0.3.0 

func NewLeasesRenewLeaseWithIdRequestWithDefaults() *LeasesRenewLeaseWithIdRequest

NewLeasesRenewLeaseWithIdRequestWithDefaults instantiates a new LeasesRenewLeaseWithIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesRevokeLeaseRequest ¶ added in v0.3.0 

type LeasesRevokeLeaseRequest struct {
	// The lease identifier to renew. This is included with a lease.
	LeaseId string `json:"lease_id,omitempty"`

	// Whether or not to perform the revocation synchronously
	Sync bool `json:"sync,omitempty"`

	// The lease identifier to renew. This is included with a lease.
	UrlLeaseId string `json:"url_lease_id,omitempty"`
}

LeasesRevokeLeaseRequest struct for LeasesRevokeLeaseRequest

func NewLeasesRevokeLeaseRequestWithDefaults ¶ added in v0.3.0 

func NewLeasesRevokeLeaseRequestWithDefaults() *LeasesRevokeLeaseRequest

NewLeasesRevokeLeaseRequestWithDefaults instantiates a new LeasesRevokeLeaseRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesRevokeLeaseWithIdRequest ¶ added in v0.3.0 

type LeasesRevokeLeaseWithIdRequest struct {
	// The lease identifier to renew. This is included with a lease.
	LeaseId string `json:"lease_id,omitempty"`

	// Whether or not to perform the revocation synchronously
	Sync bool `json:"sync,omitempty"`
}

LeasesRevokeLeaseWithIdRequest struct for LeasesRevokeLeaseWithIdRequest

func NewLeasesRevokeLeaseWithIdRequestWithDefaults ¶ added in v0.3.0 

func NewLeasesRevokeLeaseWithIdRequestWithDefaults() *LeasesRevokeLeaseWithIdRequest

NewLeasesRevokeLeaseWithIdRequestWithDefaults instantiates a new LeasesRevokeLeaseWithIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LeasesRevokeLeaseWithPrefixRequest ¶ added in v0.3.0 

type LeasesRevokeLeaseWithPrefixRequest struct {
	// Whether or not to perform the revocation synchronously
	Sync bool `json:"sync,omitempty"`
}

LeasesRevokeLeaseWithPrefixRequest struct for LeasesRevokeLeaseWithPrefixRequest

func NewLeasesRevokeLeaseWithPrefixRequestWithDefaults ¶ added in v0.3.0 

func NewLeasesRevokeLeaseWithPrefixRequestWithDefaults() *LeasesRevokeLeaseWithPrefixRequest

NewLeasesRevokeLeaseWithPrefixRequestWithDefaults instantiates a new LeasesRevokeLeaseWithPrefixRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LoggersUpdateVerbosityLevelForRequest ¶ added in v0.3.0 

type LoggersUpdateVerbosityLevelForRequest struct {
	// Log verbosity level. Supported values (in order of detail) are \"trace\", \"debug\", \"info\", \"warn\", and \"error\".
	Level string `json:"level,omitempty"`
}

LoggersUpdateVerbosityLevelForRequest struct for LoggersUpdateVerbosityLevelForRequest

func NewLoggersUpdateVerbosityLevelForRequestWithDefaults ¶ added in v0.3.0 

func NewLoggersUpdateVerbosityLevelForRequestWithDefaults() *LoggersUpdateVerbosityLevelForRequest

NewLoggersUpdateVerbosityLevelForRequestWithDefaults instantiates a new LoggersUpdateVerbosityLevelForRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type LoggersUpdateVerbosityLevelRequest ¶ added in v0.3.0 

type LoggersUpdateVerbosityLevelRequest struct {
	// Log verbosity level. Supported values (in order of detail) are \"trace\", \"debug\", \"info\", \"warn\", and \"error\".
	Level string `json:"level,omitempty"`
}

LoggersUpdateVerbosityLevelRequest struct for LoggersUpdateVerbosityLevelRequest

func NewLoggersUpdateVerbosityLevelRequestWithDefaults ¶ added in v0.3.0 

func NewLoggersUpdateVerbosityLevelRequestWithDefaults() *LoggersUpdateVerbosityLevelRequest

NewLoggersUpdateVerbosityLevelRequestWithDefaults instantiates a new LoggersUpdateVerbosityLevelRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaAdminDestroyTotpSecretRequest ¶ added in v0.3.0 

type MfaAdminDestroyTotpSecretRequest struct {
	// Identifier of the entity from which the MFA method secret needs to be removed.
	EntityId string `json:"entity_id"`

	// The unique identifier for this MFA method.
	MethodId string `json:"method_id"`
}

MfaAdminDestroyTotpSecretRequest struct for MfaAdminDestroyTotpSecretRequest

func NewMfaAdminDestroyTotpSecretRequestWithDefaults ¶ added in v0.3.0 

func NewMfaAdminDestroyTotpSecretRequestWithDefaults() *MfaAdminDestroyTotpSecretRequest

NewMfaAdminDestroyTotpSecretRequestWithDefaults instantiates a new MfaAdminDestroyTotpSecretRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaAdminGenerateTotpSecretRequest ¶ added in v0.3.0 

type MfaAdminGenerateTotpSecretRequest struct {
	// Entity ID on which the generated secret needs to get stored.
	EntityId string `json:"entity_id"`

	// The unique identifier for this MFA method.
	MethodId string `json:"method_id"`
}

MfaAdminGenerateTotpSecretRequest struct for MfaAdminGenerateTotpSecretRequest

func NewMfaAdminGenerateTotpSecretRequestWithDefaults ¶ added in v0.3.0 

func NewMfaAdminGenerateTotpSecretRequestWithDefaults() *MfaAdminGenerateTotpSecretRequest

NewMfaAdminGenerateTotpSecretRequestWithDefaults instantiates a new MfaAdminGenerateTotpSecretRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaConfigureDuoMethodRequest ¶ added in v0.3.0 

type MfaConfigureDuoMethodRequest struct {
	// API host name for Duo.
	ApiHostname string `json:"api_hostname,omitempty"`

	// Integration key for Duo.
	IntegrationKey string `json:"integration_key,omitempty"`

	// The unique name identifier for this MFA method.
	MethodName string `json:"method_name,omitempty"`

	// Push information for Duo.
	PushInfo string `json:"push_info,omitempty"`

	// Secret key for Duo.
	SecretKey string `json:"secret_key,omitempty"`

	// If true, the user is reminded to use the passcode upon MFA validation. This option does not enforce using the passcode. Defaults to false.
	UsePasscode bool `json:"use_passcode,omitempty"`

	// A template string for mapping Identity names to MFA method names. Values to subtitute should be placed in {{}}. For example, \"{{alias.name}}@example.com\". Currently-supported mappings: alias.name: The name returned by the mount configured via the mount_accessor parameter If blank, the Alias's name field will be used as-is.
	UsernameFormat string `json:"username_format,omitempty"`
}

MfaConfigureDuoMethodRequest struct for MfaConfigureDuoMethodRequest

func NewMfaConfigureDuoMethodRequestWithDefaults ¶ added in v0.3.0 

func NewMfaConfigureDuoMethodRequestWithDefaults() *MfaConfigureDuoMethodRequest

NewMfaConfigureDuoMethodRequestWithDefaults instantiates a new MfaConfigureDuoMethodRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaConfigureOktaMethodRequest ¶ added in v0.3.0 

type MfaConfigureOktaMethodRequest struct {
	// Okta API key.
	ApiToken string `json:"api_token,omitempty"`

	// The base domain to use for the Okta API. When not specified in the configuration, \"okta.com\" is used.
	BaseUrl string `json:"base_url,omitempty"`

	// The unique name identifier for this MFA method.
	MethodName string `json:"method_name,omitempty"`

	// Name of the organization to be used in the Okta API.
	OrgName string `json:"org_name,omitempty"`

	// If true, the username will only match the primary email for the account. Defaults to false.
	PrimaryEmail bool `json:"primary_email,omitempty"`

	// (DEPRECATED) Use base_url instead.
	Production bool `json:"production,omitempty"`

	// A template string for mapping Identity names to MFA method names. Values to substitute should be placed in {{}}. For example, \"{{entity.name}}@example.com\". If blank, the Entity's name field will be used as-is.
	UsernameFormat string `json:"username_format,omitempty"`
}

MfaConfigureOktaMethodRequest struct for MfaConfigureOktaMethodRequest

func NewMfaConfigureOktaMethodRequestWithDefaults ¶ added in v0.3.0 

func NewMfaConfigureOktaMethodRequestWithDefaults() *MfaConfigureOktaMethodRequest

NewMfaConfigureOktaMethodRequestWithDefaults instantiates a new MfaConfigureOktaMethodRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaConfigurePingIdMethodRequest ¶ added in v0.3.0 

type MfaConfigurePingIdMethodRequest struct {
	// The unique name identifier for this MFA method.
	MethodName string `json:"method_name,omitempty"`

	// The settings file provided by Ping, Base64-encoded. This must be a settings file suitable for third-party clients, not the PingID SDK or PingFederate.
	SettingsFileBase64 string `json:"settings_file_base64,omitempty"`

	// A template string for mapping Identity names to MFA method names. Values to subtitute should be placed in {{}}. For example, \"{{alias.name}}@example.com\". Currently-supported mappings: alias.name: The name returned by the mount configured via the mount_accessor parameter If blank, the Alias's name field will be used as-is.
	UsernameFormat string `json:"username_format,omitempty"`
}

MfaConfigurePingIdMethodRequest struct for MfaConfigurePingIdMethodRequest

func NewMfaConfigurePingIdMethodRequestWithDefaults ¶ added in v0.3.0 

func NewMfaConfigurePingIdMethodRequestWithDefaults() *MfaConfigurePingIdMethodRequest

NewMfaConfigurePingIdMethodRequestWithDefaults instantiates a new MfaConfigurePingIdMethodRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaConfigureTotpMethodRequest ¶ added in v0.3.0 

type MfaConfigureTotpMethodRequest struct {
	// The hashing algorithm used to generate the TOTP token. Options include SHA1, SHA256 and SHA512.
	Algorithm string `json:"algorithm,omitempty"`

	// The number of digits in the generated TOTP token. This value can either be 6 or 8.
	Digits int32 `json:"digits,omitempty"`

	// The name of the key's issuing organization.
	Issuer string `json:"issuer,omitempty"`

	// Determines the size in bytes of the generated key.
	KeySize int32 `json:"key_size,omitempty"`

	// Max number of allowed validation attempts.
	MaxValidationAttempts int32 `json:"max_validation_attempts,omitempty"`

	// The unique name identifier for this MFA method.
	MethodName string `json:"method_name,omitempty"`

	// The length of time used to generate a counter for the TOTP token calculation.
	Period int32 `json:"period,omitempty"`

	// The pixel size of the generated square QR code.
	QrSize int32 `json:"qr_size,omitempty"`

	// The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1.
	Skew int32 `json:"skew,omitempty"`
}

MfaConfigureTotpMethodRequest struct for MfaConfigureTotpMethodRequest

func NewMfaConfigureTotpMethodRequestWithDefaults ¶ added in v0.3.0 

func NewMfaConfigureTotpMethodRequestWithDefaults() *MfaConfigureTotpMethodRequest

NewMfaConfigureTotpMethodRequestWithDefaults instantiates a new MfaConfigureTotpMethodRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaGenerateTotpSecretRequest ¶ added in v0.3.0 

type MfaGenerateTotpSecretRequest struct {
	// The unique identifier for this MFA method.
	MethodId string `json:"method_id"`
}

MfaGenerateTotpSecretRequest struct for MfaGenerateTotpSecretRequest

func NewMfaGenerateTotpSecretRequestWithDefaults ¶ added in v0.3.0 

func NewMfaGenerateTotpSecretRequestWithDefaults() *MfaGenerateTotpSecretRequest

NewMfaGenerateTotpSecretRequestWithDefaults instantiates a new MfaGenerateTotpSecretRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaValidateRequest ¶ added in v0.3.0 

type MfaValidateRequest struct {
	// A map from MFA method ID to a slice of passcodes or an empty slice if the method does not use passcodes
	MfaPayload map[string]interface{} `json:"mfa_payload"`

	// ID for this MFA request
	MfaRequestId string `json:"mfa_request_id"`
}

MfaValidateRequest struct for MfaValidateRequest

func NewMfaValidateRequestWithDefaults ¶ added in v0.3.0 

func NewMfaValidateRequestWithDefaults() *MfaValidateRequest

NewMfaValidateRequestWithDefaults instantiates a new MfaValidateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MfaWriteLoginEnforcementRequest ¶ added in v0.3.0 

type MfaWriteLoginEnforcementRequest struct {
	// Array of auth mount accessor IDs
	AuthMethodAccessors []string `json:"auth_method_accessors,omitempty"`

	// Array of auth mount types
	AuthMethodTypes []string `json:"auth_method_types,omitempty"`

	// Array of identity entity IDs
	IdentityEntityIds []string `json:"identity_entity_ids,omitempty"`

	// Array of identity group IDs
	IdentityGroupIds []string `json:"identity_group_ids,omitempty"`

	// Array of Method IDs that determine what methods will be enforced
	MfaMethodIds []string `json:"mfa_method_ids"`
}

MfaWriteLoginEnforcementRequest struct for MfaWriteLoginEnforcementRequest

func NewMfaWriteLoginEnforcementRequestWithDefaults ¶ added in v0.3.0 

func NewMfaWriteLoginEnforcementRequestWithDefaults() *MfaWriteLoginEnforcementRequest

NewMfaWriteLoginEnforcementRequestWithDefaults instantiates a new MfaWriteLoginEnforcementRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MongoDbAtlasConfigureRequest ¶ added in v0.3.0 

type MongoDbAtlasConfigureRequest struct {
	// MongoDB Atlas Programmatic Private Key
	PrivateKey string `json:"private_key"`

	// MongoDB Atlas Programmatic Public Key
	PublicKey string `json:"public_key"`
}

MongoDbAtlasConfigureRequest struct for MongoDbAtlasConfigureRequest

func NewMongoDbAtlasConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewMongoDbAtlasConfigureRequestWithDefaults() *MongoDbAtlasConfigureRequest

NewMongoDbAtlasConfigureRequestWithDefaults instantiates a new MongoDbAtlasConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MongoDbAtlasWriteRoleRequest ¶ added in v0.3.0 

type MongoDbAtlasWriteRoleRequest struct {
	// Access list entry in CIDR notation to be added for the API key. Optional for organization and project keys.
	CidrBlocks []string `json:"cidr_blocks,omitempty"`

	// IP address to be added to the access list for the API key. Optional for organization and project keys.
	IpAddresses []string `json:"ip_addresses,omitempty"`

	// The maximum allowed lifetime of credentials issued using this role.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Organization ID required for an organization API key
	OrganizationId string `json:"organization_id,omitempty"`

	// Project ID the project API key belongs to.
	ProjectId string `json:"project_id,omitempty"`

	// Roles assigned when an organization API Key is assigned to a project API key
	ProjectRoles []string `json:"project_roles,omitempty"`

	// List of roles that the API Key should be granted. A minimum of one role must be provided. Any roles provided must be valid for the assigned Project, required for organization and project keys.
	Roles []string `json:"roles"`

	// Duration in seconds after which the issued credential should expire. Defaults to 0, in which case the value will fallback to the system/mount defaults.
	Ttl int32 `json:"ttl,omitempty"`
}

MongoDbAtlasWriteRoleRequest struct for MongoDbAtlasWriteRoleRequest

func NewMongoDbAtlasWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewMongoDbAtlasWriteRoleRequestWithDefaults() *MongoDbAtlasWriteRoleRequest

NewMongoDbAtlasWriteRoleRequestWithDefaults instantiates a new MongoDbAtlasWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MountsEnableSecretsEngineRequest ¶ added in v0.3.0 

type MountsEnableSecretsEngineRequest struct {
	// Configuration for this mount, such as default_lease_ttl and max_lease_ttl.
	Config map[string]interface{} `json:"config,omitempty"`

	// User-friendly description for this mount.
	Description string `json:"description,omitempty"`

	// Whether to give the mount access to Vault's external entropy.
	ExternalEntropyAccess bool `json:"external_entropy_access,omitempty"`

	// Mark the mount as a local mount, which is not replicated and is unaffected by replication.
	Local bool `json:"local,omitempty"`

	// The options to pass into the backend. Should be a json object with string keys and values.
	Options map[string]interface{} `json:"options,omitempty"`

	// Name of the plugin to mount based from the name registered in the plugin catalog.
	PluginName string `json:"plugin_name,omitempty"`

	// The semantic version of the plugin to use.
	PluginVersion string `json:"plugin_version,omitempty"`

	// Whether to turn on seal wrapping for the mount.
	SealWrap bool `json:"seal_wrap,omitempty"`

	// The type of the backend. Example: \"passthrough\"
	Type string `json:"type,omitempty"`
}

MountsEnableSecretsEngineRequest struct for MountsEnableSecretsEngineRequest

func NewMountsEnableSecretsEngineRequestWithDefaults ¶ added in v0.3.0 

func NewMountsEnableSecretsEngineRequestWithDefaults() *MountsEnableSecretsEngineRequest

NewMountsEnableSecretsEngineRequestWithDefaults instantiates a new MountsEnableSecretsEngineRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MountsReadConfigurationResponse ¶ added in v0.3.0 

type MountsReadConfigurationResponse struct {
	Accessor string `json:"accessor,omitempty"`

	// Configuration for this mount, such as default_lease_ttl and max_lease_ttl.
	Config map[string]interface{} `json:"config,omitempty"`

	DeprecationStatus string `json:"deprecation_status,omitempty"`

	// User-friendly description for this mount.
	Description string `json:"description,omitempty"`

	ExternalEntropyAccess bool `json:"external_entropy_access,omitempty"`

	// Mark the mount as a local mount, which is not replicated and is unaffected by replication.
	Local bool `json:"local,omitempty"`

	// The options to pass into the backend. Should be a json object with string keys and values.
	Options map[string]interface{} `json:"options,omitempty"`

	// The semantic version of the plugin to use.
	PluginVersion string `json:"plugin_version,omitempty"`

	RunningPluginVersion string `json:"running_plugin_version,omitempty"`

	RunningSha256 string `json:"running_sha256,omitempty"`

	// Whether to turn on seal wrapping for the mount.
	SealWrap bool `json:"seal_wrap,omitempty"`

	// The type of the backend. Example: \"passthrough\"
	Type string `json:"type,omitempty"`

	Uuid string `json:"uuid,omitempty"`
}

MountsReadConfigurationResponse struct for MountsReadConfigurationResponse

func NewMountsReadConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewMountsReadConfigurationResponseWithDefaults() *MountsReadConfigurationResponse

NewMountsReadConfigurationResponseWithDefaults instantiates a new MountsReadConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MountsReadTuningInformationResponse ¶ added in v0.3.0 

type MountsReadTuningInformationResponse struct {
	AllowedManagedKeys []string `json:"allowed_managed_keys,omitempty"`

	// A list of headers to whitelist and allow a plugin to set on responses.
	AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty"`

	AuditNonHmacRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty"`

	AuditNonHmacResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty"`

	// The default lease TTL for this mount.
	DefaultLeaseTtl int32 `json:"default_lease_ttl,omitempty"`

	// User-friendly description for this credential backend.
	Description string `json:"description,omitempty"`

	ExternalEntropyAccess bool `json:"external_entropy_access,omitempty"`

	ForceNoCache bool `json:"force_no_cache,omitempty"`

	ListingVisibility string `json:"listing_visibility,omitempty"`

	// The max lease TTL for this mount.
	MaxLeaseTtl int32 `json:"max_lease_ttl,omitempty"`

	// The options to pass into the backend. Should be a json object with string keys and values.
	Options map[string]interface{} `json:"options,omitempty"`

	PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty"`

	// The semantic version of the plugin to use.
	PluginVersion string `json:"plugin_version,omitempty"`

	// The type of token to issue (service or batch).
	TokenType string `json:"token_type,omitempty"`

	UserLockoutCounterResetDuration int64 `json:"user_lockout_counter_reset_duration,omitempty"`

	UserLockoutDisable bool `json:"user_lockout_disable,omitempty"`

	UserLockoutDuration int64 `json:"user_lockout_duration,omitempty"`

	UserLockoutThreshold int64 `json:"user_lockout_threshold,omitempty"`
}

MountsReadTuningInformationResponse struct for MountsReadTuningInformationResponse

func NewMountsReadTuningInformationResponseWithDefaults ¶ added in v0.3.0 

func NewMountsReadTuningInformationResponseWithDefaults() *MountsReadTuningInformationResponse

NewMountsReadTuningInformationResponseWithDefaults instantiates a new MountsReadTuningInformationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type MountsTuneConfigurationParametersRequest ¶ added in v0.3.0 

type MountsTuneConfigurationParametersRequest struct {
	AllowedManagedKeys []string `json:"allowed_managed_keys,omitempty"`

	// A list of headers to whitelist and allow a plugin to set on responses.
	AllowedResponseHeaders []string `json:"allowed_response_headers,omitempty"`

	// The list of keys in the request data object that will not be HMAC'ed by audit devices.
	AuditNonHmacRequestKeys []string `json:"audit_non_hmac_request_keys,omitempty"`

	// The list of keys in the response data object that will not be HMAC'ed by audit devices.
	AuditNonHmacResponseKeys []string `json:"audit_non_hmac_response_keys,omitempty"`

	// The default lease TTL for this mount.
	DefaultLeaseTtl string `json:"default_lease_ttl,omitempty"`

	// User-friendly description for this credential backend.
	Description string `json:"description,omitempty"`

	// Determines the visibility of the mount in the UI-specific listing endpoint. Accepted value are 'unauth' and 'hidden', with the empty default (”) behaving like 'hidden'.
	ListingVisibility string `json:"listing_visibility,omitempty"`

	// The max lease TTL for this mount.
	MaxLeaseTtl string `json:"max_lease_ttl,omitempty"`

	// The options to pass into the backend. Should be a json object with string keys and values.
	Options map[string]interface{} `json:"options,omitempty"`

	// A list of headers to whitelist and pass from the request to the plugin.
	PassthroughRequestHeaders []string `json:"passthrough_request_headers,omitempty"`

	// The semantic version of the plugin to use.
	PluginVersion string `json:"plugin_version,omitempty"`

	// The type of token to issue (service or batch).
	TokenType string `json:"token_type,omitempty"`

	// The user lockout configuration to pass into the backend. Should be a json object with string keys and values.
	UserLockoutConfig map[string]interface{} `json:"user_lockout_config,omitempty"`
}

MountsTuneConfigurationParametersRequest struct for MountsTuneConfigurationParametersRequest

func NewMountsTuneConfigurationParametersRequestWithDefaults ¶ added in v0.3.0 

func NewMountsTuneConfigurationParametersRequestWithDefaults() *MountsTuneConfigurationParametersRequest

NewMountsTuneConfigurationParametersRequestWithDefaults instantiates a new MountsTuneConfigurationParametersRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type NomadConfigureAccessRequest ¶ added in v0.3.0 

type NomadConfigureAccessRequest struct {
	// Nomad server address
	Address string `json:"address,omitempty"`

	// CA certificate to use when verifying Nomad server certificate, must be x509 PEM encoded.
	CaCert string `json:"ca_cert,omitempty"`

	// Client certificate used for Nomad's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_key.
	ClientCert string `json:"client_cert,omitempty"`

	// Client key used for Nomad's TLS communication, must be x509 PEM encoded and if this is set you need to also set client_cert.
	ClientKey string `json:"client_key,omitempty"`

	// Max length for name of generated Nomad tokens
	MaxTokenNameLength int32 `json:"max_token_name_length,omitempty"`

	// Token for API calls
	Token string `json:"token,omitempty"`
}

NomadConfigureAccessRequest struct for NomadConfigureAccessRequest

func NewNomadConfigureAccessRequestWithDefaults ¶ added in v0.3.0 

func NewNomadConfigureAccessRequestWithDefaults() *NomadConfigureAccessRequest

NewNomadConfigureAccessRequestWithDefaults instantiates a new NomadConfigureAccessRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type NomadConfigureLeaseRequest ¶ added in v0.3.0 

type NomadConfigureLeaseRequest struct {
	// Duration after which the issued token should not be allowed to be renewed
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Duration before which the issued token needs renewal
	Ttl int32 `json:"ttl,omitempty"`
}

NomadConfigureLeaseRequest struct for NomadConfigureLeaseRequest

func NewNomadConfigureLeaseRequestWithDefaults ¶ added in v0.3.0 

func NewNomadConfigureLeaseRequestWithDefaults() *NomadConfigureLeaseRequest

NewNomadConfigureLeaseRequestWithDefaults instantiates a new NomadConfigureLeaseRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type NomadWriteRoleRequest ¶ 

type NomadWriteRoleRequest struct {
	// Boolean value describing if the token should be global or not. Defaults to false.
	Global bool `json:"global,omitempty"`

	// Comma-separated string or list of policies as previously created in Nomad. Required for 'client' token.
	Policies []string `json:"policies,omitempty"`

	// Which type of token to create: 'client' or 'management'. If a 'management' token, the \"policies\" parameter is not required. Defaults to 'client'.
	Type string `json:"type,omitempty"`
}

NomadWriteRoleRequest struct for NomadWriteRoleRequest

func NewNomadWriteRoleRequestWithDefaults ¶ 

func NewNomadWriteRoleRequestWithDefaults() *NomadWriteRoleRequest

NewNomadWriteRoleRequestWithDefaults instantiates a new NomadWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OciConfigureRequest ¶ added in v0.3.0 

type OciConfigureRequest struct {
	// The tenancy id of the account.
	HomeTenancyId string `json:"home_tenancy_id,omitempty"`
}

OciConfigureRequest struct for OciConfigureRequest

func NewOciConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewOciConfigureRequestWithDefaults() *OciConfigureRequest

NewOciConfigureRequestWithDefaults instantiates a new OciConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OciLoginRequest ¶ added in v0.3.0 

type OciLoginRequest struct {
	// The signed headers of the client
	RequestHeaders string `json:"request_headers,omitempty"`
}

OciLoginRequest struct for OciLoginRequest

func NewOciLoginRequestWithDefaults ¶ added in v0.3.0 

func NewOciLoginRequestWithDefaults() *OciLoginRequest

NewOciLoginRequestWithDefaults instantiates a new OciLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OciWriteRoleRequest ¶ added in v0.3.0 

type OciWriteRoleRequest struct {
	// A comma separated list of Group or Dynamic Group OCIDs that are allowed to take this role.
	OcidList []string `json:"ocid_list,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`
}

OciWriteRoleRequest struct for OciWriteRoleRequest

func NewOciWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewOciWriteRoleRequestWithDefaults() *OciWriteRoleRequest

NewOciWriteRoleRequestWithDefaults instantiates a new OciWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcConfigureRequest ¶ added in v0.3.0 

type OidcConfigureRequest struct {
	// Issuer URL to be used in the iss claim of the token. If not set, Vault's app_addr will be used.
	Issuer string `json:"issuer,omitempty"`
}

OidcConfigureRequest struct for OidcConfigureRequest

func NewOidcConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewOidcConfigureRequestWithDefaults() *OidcConfigureRequest

NewOidcConfigureRequestWithDefaults instantiates a new OidcConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcIntrospectRequest ¶ added in v0.3.0 

type OidcIntrospectRequest struct {
	// Optional client_id to verify
	ClientId string `json:"client_id,omitempty"`

	// Token to verify
	Token string `json:"token,omitempty"`
}

OidcIntrospectRequest struct for OidcIntrospectRequest

func NewOidcIntrospectRequestWithDefaults ¶ added in v0.3.0 

func NewOidcIntrospectRequestWithDefaults() *OidcIntrospectRequest

NewOidcIntrospectRequestWithDefaults instantiates a new OidcIntrospectRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcProviderTokenRequest ¶ added in v0.3.0 

type OidcProviderTokenRequest struct {
	// The ID of the requesting client.
	ClientId string `json:"client_id,omitempty"`

	// The secret of the requesting client.
	ClientSecret string `json:"client_secret,omitempty"`

	// The authorization code received from the provider's authorization endpoint.
	Code string `json:"code"`

	// The code verifier associated with the authorization code.
	CodeVerifier string `json:"code_verifier,omitempty"`

	// The authorization grant type. The following grant types are supported: 'authorization_code'.
	GrantType string `json:"grant_type"`

	// The callback location where the authentication response was sent.
	RedirectUri string `json:"redirect_uri"`
}

OidcProviderTokenRequest struct for OidcProviderTokenRequest

func NewOidcProviderTokenRequestWithDefaults ¶ added in v0.3.0 

func NewOidcProviderTokenRequestWithDefaults() *OidcProviderTokenRequest

NewOidcProviderTokenRequestWithDefaults instantiates a new OidcProviderTokenRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcRotateKeyRequest ¶ added in v0.3.0 

type OidcRotateKeyRequest struct {
	// Controls how long the public portion of a key will be available for verification after being rotated. Setting verification_ttl here will override the verification_ttl set on the key.
	VerificationTtl int32 `json:"verification_ttl,omitempty"`
}

OidcRotateKeyRequest struct for OidcRotateKeyRequest

func NewOidcRotateKeyRequestWithDefaults ¶ added in v0.3.0 

func NewOidcRotateKeyRequestWithDefaults() *OidcRotateKeyRequest

NewOidcRotateKeyRequestWithDefaults instantiates a new OidcRotateKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcWriteAssignmentRequest ¶ added in v0.3.0 

type OidcWriteAssignmentRequest struct {
	// Comma separated string or array of identity entity IDs
	EntityIds []string `json:"entity_ids,omitempty"`

	// Comma separated string or array of identity group IDs
	GroupIds []string `json:"group_ids,omitempty"`
}

OidcWriteAssignmentRequest struct for OidcWriteAssignmentRequest

func NewOidcWriteAssignmentRequestWithDefaults ¶ added in v0.3.0 

func NewOidcWriteAssignmentRequestWithDefaults() *OidcWriteAssignmentRequest

NewOidcWriteAssignmentRequestWithDefaults instantiates a new OidcWriteAssignmentRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcWriteClientRequest ¶ added in v0.3.0 

type OidcWriteClientRequest struct {
	// The time-to-live for access tokens obtained by the client.
	AccessTokenTtl int32 `json:"access_token_ttl,omitempty"`

	// Comma separated string or array of assignment resources.
	Assignments []string `json:"assignments,omitempty"`

	// The client type based on its ability to maintain confidentiality of credentials. The following client types are supported: 'confidential', 'public'. Defaults to 'confidential'.
	ClientType string `json:"client_type,omitempty"`

	// The time-to-live for ID tokens obtained by the client.
	IdTokenTtl int32 `json:"id_token_ttl,omitempty"`

	// A reference to a named key resource. Cannot be modified after creation. Defaults to the 'default' key.
	Key string `json:"key,omitempty"`

	// Comma separated string or array of redirect URIs used by the client. One of these values must exactly match the redirect_uri parameter value used in each authentication request.
	RedirectUris []string `json:"redirect_uris,omitempty"`
}

OidcWriteClientRequest struct for OidcWriteClientRequest

func NewOidcWriteClientRequestWithDefaults ¶ added in v0.3.0 

func NewOidcWriteClientRequestWithDefaults() *OidcWriteClientRequest

NewOidcWriteClientRequestWithDefaults instantiates a new OidcWriteClientRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcWriteKeyRequest ¶ added in v0.3.0 

type OidcWriteKeyRequest struct {
	// Signing algorithm to use. This will default to RS256.
	Algorithm string `json:"algorithm,omitempty"`

	// Comma separated string or array of role client ids allowed to use this key for signing. If empty no roles are allowed. If \"*\" all roles are allowed.
	AllowedClientIds []string `json:"allowed_client_ids,omitempty"`

	// How often to generate a new keypair.
	RotationPeriod int32 `json:"rotation_period,omitempty"`

	// Controls how long the public portion of a key will be available for verification after being rotated.
	VerificationTtl int32 `json:"verification_ttl,omitempty"`
}

OidcWriteKeyRequest struct for OidcWriteKeyRequest

func NewOidcWriteKeyRequestWithDefaults ¶ added in v0.3.0 

func NewOidcWriteKeyRequestWithDefaults() *OidcWriteKeyRequest

NewOidcWriteKeyRequestWithDefaults instantiates a new OidcWriteKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcWriteProviderRequest ¶ added in v0.3.0 

type OidcWriteProviderRequest struct {
	// The client IDs that are permitted to use the provider
	AllowedClientIds []string `json:"allowed_client_ids,omitempty"`

	// Specifies what will be used for the iss claim of ID tokens.
	Issuer string `json:"issuer,omitempty"`

	// The scopes supported for requesting on the provider
	ScopesSupported []string `json:"scopes_supported,omitempty"`
}

OidcWriteProviderRequest struct for OidcWriteProviderRequest

func NewOidcWriteProviderRequestWithDefaults ¶ added in v0.3.0 

func NewOidcWriteProviderRequestWithDefaults() *OidcWriteProviderRequest

NewOidcWriteProviderRequestWithDefaults instantiates a new OidcWriteProviderRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcWriteRoleRequest ¶ added in v0.3.0 

type OidcWriteRoleRequest struct {
	// Optional client_id
	ClientId string `json:"client_id,omitempty"`

	// The OIDC key to use for generating tokens. The specified key must already exist.
	Key string `json:"key"`

	// The template string to use for generating tokens. This may be in string-ified JSON or base64 format.
	Template string `json:"template,omitempty"`

	// TTL of the tokens generated against the role.
	Ttl int32 `json:"ttl,omitempty"`
}

OidcWriteRoleRequest struct for OidcWriteRoleRequest

func NewOidcWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewOidcWriteRoleRequestWithDefaults() *OidcWriteRoleRequest

NewOidcWriteRoleRequestWithDefaults instantiates a new OidcWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OidcWriteScopeRequest ¶ added in v0.3.0 

type OidcWriteScopeRequest struct {
	// The description of the scope
	Description string `json:"description,omitempty"`

	// The template string to use for the scope. This may be in string-ified JSON or base64 format.
	Template string `json:"template,omitempty"`
}

OidcWriteScopeRequest struct for OidcWriteScopeRequest

func NewOidcWriteScopeRequestWithDefaults ¶ added in v0.3.0 

func NewOidcWriteScopeRequestWithDefaults() *OidcWriteScopeRequest

NewOidcWriteScopeRequestWithDefaults instantiates a new OidcWriteScopeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OktaConfigureRequest ¶ added in v0.3.0 

type OktaConfigureRequest struct {
	// Okta API key.
	ApiToken string `json:"api_token,omitempty"`

	// The base domain to use for the Okta API. When not specified in the configuration, \"okta.com\" is used.
	BaseUrl string `json:"base_url,omitempty"`

	// When set true, requests by Okta for a MFA check will be bypassed. This also disallows certain status checks on the account, such as whether the password is expired.
	BypassOktaMfa bool `json:"bypass_okta_mfa,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Name of the organization to be used in the Okta API.
	OrgName string `json:"org_name,omitempty"`

	// Use org_name instead.
	// Deprecated
	Organization string `json:"organization,omitempty"`

	// Use base_url instead.
	// Deprecated
	Production bool `json:"production,omitempty"`

	// Use api_token instead.
	// Deprecated
	Token string `json:"token,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies. This will apply to all tokens generated by this auth method, in addition to any configured for specific users/groups.
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

OktaConfigureRequest struct for OktaConfigureRequest

func NewOktaConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewOktaConfigureRequestWithDefaults() *OktaConfigureRequest

NewOktaConfigureRequestWithDefaults instantiates a new OktaConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OktaLoginRequest ¶ 

type OktaLoginRequest struct {
	// Nonce provided if performing login that requires number verification challenge. Logins through the vault login CLI command will automatically generate a nonce.
	Nonce string `json:"nonce,omitempty"`

	// Password for this user.
	Password string `json:"password,omitempty"`

	// Preferred factor provider.
	Provider string `json:"provider,omitempty"`

	// TOTP passcode.
	Totp string `json:"totp,omitempty"`
}

OktaLoginRequest struct for OktaLoginRequest

func NewOktaLoginRequestWithDefaults ¶ 

func NewOktaLoginRequestWithDefaults() *OktaLoginRequest

NewOktaLoginRequestWithDefaults instantiates a new OktaLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OktaWriteGroupRequest ¶ 

type OktaWriteGroupRequest struct {
	// Comma-separated list of policies associated to the group.
	Policies []string `json:"policies,omitempty"`
}

OktaWriteGroupRequest struct for OktaWriteGroupRequest

func NewOktaWriteGroupRequestWithDefaults ¶ 

func NewOktaWriteGroupRequestWithDefaults() *OktaWriteGroupRequest

NewOktaWriteGroupRequestWithDefaults instantiates a new OktaWriteGroupRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type OktaWriteUserRequest ¶ 

type OktaWriteUserRequest struct {
	// List of groups associated with the user.
	Groups []string `json:"groups,omitempty"`

	// List of policies associated with the user.
	Policies []string `json:"policies,omitempty"`
}

OktaWriteUserRequest struct for OktaWriteUserRequest

func NewOktaWriteUserRequestWithDefaults ¶ 

func NewOktaWriteUserRequestWithDefaults() *OktaWriteUserRequest

NewOktaWriteUserRequestWithDefaults instantiates a new OktaWriteUserRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PersonaCreateRequest ¶ added in v0.3.0 

type PersonaCreateRequest struct {
	// Entity ID to which this persona belongs to
	EntityId string `json:"entity_id,omitempty"`

	// ID of the persona
	Id string `json:"id,omitempty"`

	// Metadata to be associated with the persona. In CLI, this parameter can be repeated multiple times, and it all gets merged together. For example: vault <command> <path> metadata=key1=value1 metadata=key2=value2
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Mount accessor to which this persona belongs to
	MountAccessor string `json:"mount_accessor,omitempty"`

	// Name of the persona
	Name string `json:"name,omitempty"`
}

PersonaCreateRequest struct for PersonaCreateRequest

func NewPersonaCreateRequestWithDefaults ¶ added in v0.3.0 

func NewPersonaCreateRequestWithDefaults() *PersonaCreateRequest

NewPersonaCreateRequestWithDefaults instantiates a new PersonaCreateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PersonaUpdateByIdRequest ¶ added in v0.3.0 

type PersonaUpdateByIdRequest struct {
	// Entity ID to which this persona should be tied to
	EntityId string `json:"entity_id,omitempty"`

	// Metadata to be associated with the persona. In CLI, this parameter can be repeated multiple times, and it all gets merged together. For example: vault <command> <path> metadata=key1=value1 metadata=key2=value2
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Mount accessor to which this persona belongs to
	MountAccessor string `json:"mount_accessor,omitempty"`

	// Name of the persona
	Name string `json:"name,omitempty"`
}

PersonaUpdateByIdRequest struct for PersonaUpdateByIdRequest

func NewPersonaUpdateByIdRequestWithDefaults ¶ added in v0.3.0 

func NewPersonaUpdateByIdRequestWithDefaults() *PersonaUpdateByIdRequest

NewPersonaUpdateByIdRequestWithDefaults instantiates a new PersonaUpdateByIdRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureAutoTidyRequest ¶ added in v0.3.0 

type PkiConfigureAutoTidyRequest struct {
	// Set to true to enable automatic tidy operations.
	Enabled bool `json:"enabled,omitempty"`

	// Interval at which to run an auto-tidy operation. This is the time between tidy invocations (after one finishes to the start of the next). Running a manual tidy will reset this duration.
	IntervalDuration int32 `json:"interval_duration,omitempty"`

	// The amount of extra time that must have passed beyond issuer's expiration before it is removed from the backend storage. Defaults to 8760 hours (1 year).
	IssuerSafetyBuffer int32 `json:"issuer_safety_buffer,omitempty"`

	// This configures whether stored certificates are counted upon initialization of the backend, and whether during normal operation, a running count of certificates stored is maintained.
	MaintainStoredCertificateCounts bool `json:"maintain_stored_certificate_counts,omitempty"`

	// The amount of time to wait between processing certificates. This allows operators to change the execution profile of tidy to take consume less resources by slowing down how long it takes to run. Note that the entire list of certificates will be stored in memory during the entire tidy operation, but resources to read/process/update existing entries will be spread out over a greater period of time. By default this is zero seconds.
	PauseDuration string `json:"pause_duration,omitempty"`

	// This configures whether the stored certificate count is published to the metrics consumer. It does not affect if the stored certificate count is maintained, and if maintained, it will be available on the tidy-status endpoint.
	PublishStoredCertificateCountMetrics bool `json:"publish_stored_certificate_count_metrics,omitempty"`

	// The amount of time that must pass from the cross-cluster revocation request being initiated to when it will be slated for removal. Setting this too low may remove valid revocation requests before the owning cluster has a chance to process them, especially if the cluster is offline.
	RevocationQueueSafetyBuffer int32 `json:"revocation_queue_safety_buffer,omitempty"`

	// The amount of extra time that must have passed beyond certificate expiration before it is removed from the backend storage and/or revocation list. Defaults to 72 hours.
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`

	// Set to true to enable tidying up the certificate store
	TidyCertStore bool `json:"tidy_cert_store,omitempty"`

	// Set to true to enable tidying up the cross-cluster revoked certificate store. Only runs on the active primary node.
	TidyCrossClusterRevokedCerts bool `json:"tidy_cross_cluster_revoked_certs,omitempty"`

	// Set to true to automatically remove expired issuers past the issuer_safety_buffer. No keys will be removed as part of this operation.
	TidyExpiredIssuers bool `json:"tidy_expired_issuers,omitempty"`

	// Set to true to move the legacy ca_bundle from /config/ca_bundle to /config/ca_bundle.bak. This prevents downgrades to pre-Vault 1.11 versions (as older PKI engines do not know about the new multi-issuer storage layout), but improves the performance on seal wrapped PKI mounts. This will only occur if at least issuer_safety_buffer time has occurred after the initial storage migration. This backup is saved in case of an issue in future migrations. Operators may consider removing it via sys/raw if they desire. The backup will be removed via a DELETE /root call, but note that this removes ALL issuers within the mount (and is thus not desirable in most operational scenarios).
	TidyMoveLegacyCaBundle bool `json:"tidy_move_legacy_ca_bundle,omitempty"`

	// Deprecated; synonym for 'tidy_revoked_certs
	TidyRevocationList bool `json:"tidy_revocation_list,omitempty"`

	// Set to true to remove stale revocation queue entries that haven't been confirmed by any active cluster. Only runs on the active primary node
	TidyRevocationQueue bool `json:"tidy_revocation_queue,omitempty"`

	// Set to true to validate issuer associations on revocation entries. This helps increase the performance of CRL building and OCSP responses.
	TidyRevokedCertIssuerAssociations bool `json:"tidy_revoked_cert_issuer_associations,omitempty"`

	// Set to true to expire all revoked and expired certificates, removing them both from the CRL and from storage. The CRL will be rotated if this causes any values to be removed.
	TidyRevokedCerts bool `json:"tidy_revoked_certs,omitempty"`
}

PkiConfigureAutoTidyRequest struct for PkiConfigureAutoTidyRequest

func NewPkiConfigureAutoTidyRequestWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureAutoTidyRequestWithDefaults() *PkiConfigureAutoTidyRequest

NewPkiConfigureAutoTidyRequestWithDefaults instantiates a new PkiConfigureAutoTidyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureAutoTidyResponse ¶ added in v0.3.0 

type PkiConfigureAutoTidyResponse struct {
	// Specifies whether automatic tidy is enabled or not
	Enabled bool `json:"enabled,omitempty"`

	// Specifies the duration between automatic tidy operation
	IntervalDuration int32 `json:"interval_duration,omitempty"`

	// Issuer safety buffer
	IssuerSafetyBuffer int32 `json:"issuer_safety_buffer,omitempty"`

	// Duration to pause between tidying certificates
	PauseDuration string `json:"pause_duration,omitempty"`

	RevocationQueueSafetyBuffer int32 `json:"revocation_queue_safety_buffer,omitempty"`

	// Safety buffer time duration
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`

	// Specifies whether to tidy up the certificate store
	TidyCertStore bool `json:"tidy_cert_store,omitempty"`

	TidyCrossClusterRevokedCerts bool `json:"tidy_cross_cluster_revoked_certs,omitempty"`

	// Specifies whether tidy expired issuers
	TidyExpiredIssuers bool `json:"tidy_expired_issuers,omitempty"`

	TidyMoveLegacyCaBundle bool `json:"tidy_move_legacy_ca_bundle,omitempty"`

	TidyRevocationQueue bool `json:"tidy_revocation_queue,omitempty"`

	// Specifies whether to associate revoked certificates with their corresponding issuers
	TidyRevokedCertIssuerAssociations bool `json:"tidy_revoked_cert_issuer_associations,omitempty"`

	// Specifies whether to remove all invalid and expired certificates from storage
	TidyRevokedCerts bool `json:"tidy_revoked_certs,omitempty"`
}

PkiConfigureAutoTidyResponse struct for PkiConfigureAutoTidyResponse

func NewPkiConfigureAutoTidyResponseWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureAutoTidyResponseWithDefaults() *PkiConfigureAutoTidyResponse

NewPkiConfigureAutoTidyResponseWithDefaults instantiates a new PkiConfigureAutoTidyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureCaRequest ¶ added in v0.3.0 

type PkiConfigureCaRequest struct {
	// PEM-format, concatenated unencrypted secret key and certificate.
	PemBundle string `json:"pem_bundle,omitempty"`
}

PkiConfigureCaRequest struct for PkiConfigureCaRequest

func NewPkiConfigureCaRequestWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureCaRequestWithDefaults() *PkiConfigureCaRequest

NewPkiConfigureCaRequestWithDefaults instantiates a new PkiConfigureCaRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureCaResponse ¶ added in v0.3.0 

type PkiConfigureCaResponse struct {
	// Net-new issuers imported as a part of this request
	ImportedIssuers []string `json:"imported_issuers,omitempty"`

	// Net-new keys imported as a part of this request
	ImportedKeys []string `json:"imported_keys,omitempty"`

	// A mapping of issuer_id to key_id for all issuers included in this request
	Mapping map[string]interface{} `json:"mapping,omitempty"`
}

PkiConfigureCaResponse struct for PkiConfigureCaResponse

func NewPkiConfigureCaResponseWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureCaResponseWithDefaults() *PkiConfigureCaResponse

NewPkiConfigureCaResponseWithDefaults instantiates a new PkiConfigureCaResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureClusterRequest ¶ added in v0.3.0 

type PkiConfigureClusterRequest struct {
	// Optional URI to this mount's AIA distribution point; may refer to an external non-Vault responder. This is for resolving AIA URLs and providing the {{cluster_aia_path}} template parameter and will not be used for other purposes. As such, unlike path above, this could safely be an insecure transit mechanism (like HTTP without TLS). For example: http://cdn.example.com/pr1/pki
	AiaPath string `json:"aia_path,omitempty"`

	// Canonical URI to this mount on this performance replication cluster's external address. This is for resolving AIA URLs and providing the {{cluster_path}} template parameter but might be used for other purposes in the future. This should only point back to this particular PR replica and should not ever point to another PR cluster. It may point to any node in the PR replica, including standby nodes, and need not always point to the active node. For example: https://pr1.vault.example.com:8200/v1/pki
	Path string `json:"path,omitempty"`
}

PkiConfigureClusterRequest struct for PkiConfigureClusterRequest

func NewPkiConfigureClusterRequestWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureClusterRequestWithDefaults() *PkiConfigureClusterRequest

NewPkiConfigureClusterRequestWithDefaults instantiates a new PkiConfigureClusterRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureClusterResponse ¶ added in v0.3.0 

type PkiConfigureClusterResponse struct {
	// Optional URI to this mount's AIA distribution point; may refer to an external non-Vault responder. This is for resolving AIA URLs and providing the {{cluster_aia_path}} template parameter and will not be used for other purposes. As such, unlike path above, this could safely be an insecure transit mechanism (like HTTP without TLS). For example: http://cdn.example.com/pr1/pki
	AiaPath string `json:"aia_path,omitempty"`

	// Canonical URI to this mount on this performance replication cluster's external address. This is for resolving AIA URLs and providing the {{cluster_path}} template parameter but might be used for other purposes in the future. This should only point back to this particular PR replica and should not ever point to another PR cluster. It may point to any node in the PR replica, including standby nodes, and need not always point to the active node. For example: https://pr1.vault.example.com:8200/v1/pki
	Path string `json:"path,omitempty"`
}

PkiConfigureClusterResponse struct for PkiConfigureClusterResponse

func NewPkiConfigureClusterResponseWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureClusterResponseWithDefaults() *PkiConfigureClusterResponse

NewPkiConfigureClusterResponseWithDefaults instantiates a new PkiConfigureClusterResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureCrlRequest ¶ added in v0.3.0 

type PkiConfigureCrlRequest struct {
	// If set to true, enables automatic rebuilding of the CRL
	AutoRebuild bool `json:"auto_rebuild,omitempty"`

	// The time before the CRL expires to automatically rebuild it, when enabled. Must be shorter than the CRL expiry. Defaults to 12h.
	AutoRebuildGracePeriod string `json:"auto_rebuild_grace_period,omitempty"`

	// Whether to enable a global, cross-cluster revocation queue. Must be used with auto_rebuild=true.
	CrossClusterRevocation bool `json:"cross_cluster_revocation,omitempty"`

	// The time between delta CRL rebuilds if a new revocation has occurred. Must be shorter than the CRL expiry. Defaults to 15m.
	DeltaRebuildInterval string `json:"delta_rebuild_interval,omitempty"`

	// If set to true, disables generating the CRL entirely.
	Disable bool `json:"disable,omitempty"`

	// Whether to enable delta CRLs between authoritative CRL rebuilds
	EnableDelta bool `json:"enable_delta,omitempty"`

	// The amount of time the generated CRL should be valid; defaults to 72 hours
	Expiry string `json:"expiry,omitempty"`

	// If set to true, ocsp unauthorized responses will be returned.
	OcspDisable bool `json:"ocsp_disable,omitempty"`

	// The amount of time an OCSP response will be valid (controls the NextUpdate field); defaults to 12 hours
	OcspExpiry string `json:"ocsp_expiry,omitempty"`

	// If set to true enables global replication of revocation entries, also enabling unified versions of OCSP and CRLs if their respective features are enabled. disable for CRLs and ocsp_disable for OCSP.
	UnifiedCrl bool `json:"unified_crl,omitempty"`

	// If set to true, existing CRL and OCSP paths will return the unified CRL instead of a response based on cluster-local data
	UnifiedCrlOnExistingPaths bool `json:"unified_crl_on_existing_paths,omitempty"`
}

PkiConfigureCrlRequest struct for PkiConfigureCrlRequest

func NewPkiConfigureCrlRequestWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureCrlRequestWithDefaults() *PkiConfigureCrlRequest

NewPkiConfigureCrlRequestWithDefaults instantiates a new PkiConfigureCrlRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureCrlResponse ¶ added in v0.3.0 

type PkiConfigureCrlResponse struct {
	// If set to true, enables automatic rebuilding of the CRL
	AutoRebuild bool `json:"auto_rebuild,omitempty"`

	// The time before the CRL expires to automatically rebuild it, when enabled. Must be shorter than the CRL expiry. Defaults to 12h.
	AutoRebuildGracePeriod string `json:"auto_rebuild_grace_period,omitempty"`

	// Whether to enable a global, cross-cluster revocation queue. Must be used with auto_rebuild=true.
	CrossClusterRevocation bool `json:"cross_cluster_revocation,omitempty"`

	// The time between delta CRL rebuilds if a new revocation has occurred. Must be shorter than the CRL expiry. Defaults to 15m.
	DeltaRebuildInterval string `json:"delta_rebuild_interval,omitempty"`

	// If set to true, disables generating the CRL entirely.
	Disable bool `json:"disable,omitempty"`

	// Whether to enable delta CRLs between authoritative CRL rebuilds
	EnableDelta bool `json:"enable_delta,omitempty"`

	// The amount of time the generated CRL should be valid; defaults to 72 hours
	Expiry string `json:"expiry,omitempty"`

	// If set to true, ocsp unauthorized responses will be returned.
	OcspDisable bool `json:"ocsp_disable,omitempty"`

	// The amount of time an OCSP response will be valid (controls the NextUpdate field); defaults to 12 hours
	OcspExpiry string `json:"ocsp_expiry,omitempty"`

	// If set to true enables global replication of revocation entries, also enabling unified versions of OCSP and CRLs if their respective features are enabled. disable for CRLs and ocsp_disable for OCSP.
	UnifiedCrl bool `json:"unified_crl,omitempty"`

	// If set to true, existing CRL and OCSP paths will return the unified CRL instead of a response based on cluster-local data
	UnifiedCrlOnExistingPaths bool `json:"unified_crl_on_existing_paths,omitempty"`
}

PkiConfigureCrlResponse struct for PkiConfigureCrlResponse

func NewPkiConfigureCrlResponseWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureCrlResponseWithDefaults() *PkiConfigureCrlResponse

NewPkiConfigureCrlResponseWithDefaults instantiates a new PkiConfigureCrlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureIssuersRequest ¶ added in v0.3.0 

type PkiConfigureIssuersRequest struct {
	// Reference (name or identifier) to the default issuer.
	Default string `json:"default,omitempty"`

	// Whether the default issuer should automatically follow the latest generated or imported issuer. Defaults to false.
	DefaultFollowsLatestIssuer bool `json:"default_follows_latest_issuer,omitempty"`
}

PkiConfigureIssuersRequest struct for PkiConfigureIssuersRequest

func NewPkiConfigureIssuersRequestWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureIssuersRequestWithDefaults() *PkiConfigureIssuersRequest

NewPkiConfigureIssuersRequestWithDefaults instantiates a new PkiConfigureIssuersRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureIssuersResponse ¶ added in v0.3.0 

type PkiConfigureIssuersResponse struct {
	// Reference (name or identifier) to the default issuer.
	Default string `json:"default,omitempty"`

	// Whether the default issuer should automatically follow the latest generated or imported issuer. Defaults to false.
	DefaultFollowsLatestIssuer bool `json:"default_follows_latest_issuer,omitempty"`
}

PkiConfigureIssuersResponse struct for PkiConfigureIssuersResponse

func NewPkiConfigureIssuersResponseWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureIssuersResponseWithDefaults() *PkiConfigureIssuersResponse

NewPkiConfigureIssuersResponseWithDefaults instantiates a new PkiConfigureIssuersResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureKeysRequest ¶ added in v0.3.0 

type PkiConfigureKeysRequest struct {
	// Reference (name or identifier) of the default key.
	Default string `json:"default,omitempty"`
}

PkiConfigureKeysRequest struct for PkiConfigureKeysRequest

func NewPkiConfigureKeysRequestWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureKeysRequestWithDefaults() *PkiConfigureKeysRequest

NewPkiConfigureKeysRequestWithDefaults instantiates a new PkiConfigureKeysRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureKeysResponse ¶ added in v0.3.0 

type PkiConfigureKeysResponse struct {
	// Reference (name or identifier) to the default issuer.
	Default string `json:"default,omitempty"`
}

PkiConfigureKeysResponse struct for PkiConfigureKeysResponse

func NewPkiConfigureKeysResponseWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureKeysResponseWithDefaults() *PkiConfigureKeysResponse

NewPkiConfigureKeysResponseWithDefaults instantiates a new PkiConfigureKeysResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureUrlsRequest ¶ added in v0.3.0 

type PkiConfigureUrlsRequest struct {
	// Comma-separated list of URLs to be used for the CRL distribution points attribute. See also RFC 5280 Section 4.2.1.13.
	CrlDistributionPoints []string `json:"crl_distribution_points,omitempty"`

	// Whether or not to enabling templating of the above AIA fields. When templating is enabled the special values '{{issuer_id}}', '{{cluster_path}}', and '{{cluster_aia_path}}' are available, but the addresses are not checked for URI validity until issuance time. Using '{{cluster_path}}' requires /config/cluster's 'path' member to be set on all PR Secondary clusters and using '{{cluster_aia_path}}' requires /config/cluster's 'aia_path' member to be set on all PR secondary clusters.
	EnableTemplating bool `json:"enable_templating,omitempty"`

	// Comma-separated list of URLs to be used for the issuing certificate attribute. See also RFC 5280 Section 4.2.2.1.
	IssuingCertificates []string `json:"issuing_certificates,omitempty"`

	// Comma-separated list of URLs to be used for the OCSP servers attribute. See also RFC 5280 Section 4.2.2.1.
	OcspServers []string `json:"ocsp_servers,omitempty"`
}

PkiConfigureUrlsRequest struct for PkiConfigureUrlsRequest

func NewPkiConfigureUrlsRequestWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureUrlsRequestWithDefaults() *PkiConfigureUrlsRequest

NewPkiConfigureUrlsRequestWithDefaults instantiates a new PkiConfigureUrlsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiConfigureUrlsResponse ¶ added in v0.3.0 

type PkiConfigureUrlsResponse struct {
	// Comma-separated list of URLs to be used for the CRL distribution points attribute. See also RFC 5280 Section 4.2.1.13.
	CrlDistributionPoints []string `json:"crl_distribution_points,omitempty"`

	// Whether or not to enabling templating of the above AIA fields. When templating is enabled the special values '{{issuer_id}}' and '{{cluster_path}}' are available, but the addresses are not checked for URI validity until issuance time. This requires /config/cluster's path to be set on all PR Secondary clusters.
	EnableTemplating bool `json:"enable_templating,omitempty"`

	// Comma-separated list of URLs to be used for the issuing certificate attribute. See also RFC 5280 Section 4.2.2.1.
	IssuingCertificates []string `json:"issuing_certificates,omitempty"`

	// Comma-separated list of URLs to be used for the OCSP servers attribute. See also RFC 5280 Section 4.2.2.1.
	OcspServers []string `json:"ocsp_servers,omitempty"`
}

PkiConfigureUrlsResponse struct for PkiConfigureUrlsResponse

func NewPkiConfigureUrlsResponseWithDefaults ¶ added in v0.3.0 

func NewPkiConfigureUrlsResponseWithDefaults() *PkiConfigureUrlsResponse

NewPkiConfigureUrlsResponseWithDefaults instantiates a new PkiConfigureUrlsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiCrossSignIntermediateRequest ¶ added in v0.3.0 

type PkiCrossSignIntermediateRequest struct {
	// Whether to add a Basic Constraints extension with CA: true. Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services.
	AddBasicConstraints bool `json:"add_basic_constraints,omitempty"`

	// The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans.
	CommonName string `json:"common_name,omitempty"`

	// If set, Country will be set to this value.
	Country []string `json:"country,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Must be \"internal\", \"exported\" or \"kms\". If set to \"exported\", the generated private key will be returned. This is your *only* chance to retrieve the private key!
	Exported string `json:"exported,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Provide a name to the generated or existing key, the name must be unique across all keys and not be the reserved value 'default'
	KeyName string `json:"key_name,omitempty"`

	// Reference to a existing key; either \"default\" for the configured default key, an identifier or the name assigned to the key.
	KeyRef string `json:"key_ref,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// If set, Locality will be set to this value.
	Locality []string `json:"locality,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value.
	Organization []string `json:"organization,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value.
	Ou []string `json:"ou,omitempty"`

	// If set, Postal Code will be set to this value.
	PostalCode []string `json:"postal_code,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// If set, Province will be set to this value.
	Province []string `json:"province,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value.
	StreetAddress []string `json:"street_address,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`
}

PkiCrossSignIntermediateRequest struct for PkiCrossSignIntermediateRequest

func NewPkiCrossSignIntermediateRequestWithDefaults ¶ added in v0.3.0 

func NewPkiCrossSignIntermediateRequestWithDefaults() *PkiCrossSignIntermediateRequest

NewPkiCrossSignIntermediateRequestWithDefaults instantiates a new PkiCrossSignIntermediateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiCrossSignIntermediateResponse ¶ added in v0.3.0 

type PkiCrossSignIntermediateResponse struct {
	// Certificate signing request.
	Csr string `json:"csr,omitempty"`

	// Id of the key.
	KeyId string `json:"key_id,omitempty"`

	// Generated private key.
	PrivateKey string `json:"private_key,omitempty"`

	// Specifies the format used for marshaling the private key.
	PrivateKeyType string `json:"private_key_type,omitempty"`
}

PkiCrossSignIntermediateResponse struct for PkiCrossSignIntermediateResponse

func NewPkiCrossSignIntermediateResponseWithDefaults ¶ added in v0.3.0 

func NewPkiCrossSignIntermediateResponseWithDefaults() *PkiCrossSignIntermediateResponse

NewPkiCrossSignIntermediateResponseWithDefaults instantiates a new PkiCrossSignIntermediateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateExportedKeyRequest ¶ added in v0.3.0 

type PkiGenerateExportedKeyRequest struct {
	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Optional name to be used for this key
	KeyName string `json:"key_name,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`
}

PkiGenerateExportedKeyRequest struct for PkiGenerateExportedKeyRequest

func NewPkiGenerateExportedKeyRequestWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateExportedKeyRequestWithDefaults() *PkiGenerateExportedKeyRequest

NewPkiGenerateExportedKeyRequestWithDefaults instantiates a new PkiGenerateExportedKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateExportedKeyResponse ¶ added in v0.3.0 

type PkiGenerateExportedKeyResponse struct {
	// ID assigned to this key.
	KeyId string `json:"key_id,omitempty"`

	// Name assigned to this key.
	KeyName string `json:"key_name,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// The private key string
	PrivateKey string `json:"private_key,omitempty"`
}

PkiGenerateExportedKeyResponse struct for PkiGenerateExportedKeyResponse

func NewPkiGenerateExportedKeyResponseWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateExportedKeyResponseWithDefaults() *PkiGenerateExportedKeyResponse

NewPkiGenerateExportedKeyResponseWithDefaults instantiates a new PkiGenerateExportedKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateIntermediateRequest ¶ added in v0.3.0 

type PkiGenerateIntermediateRequest struct {
	// Whether to add a Basic Constraints extension with CA: true. Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services.
	AddBasicConstraints bool `json:"add_basic_constraints,omitempty"`

	// The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans.
	CommonName string `json:"common_name,omitempty"`

	// If set, Country will be set to this value.
	Country []string `json:"country,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Provide a name to the generated or existing key, the name must be unique across all keys and not be the reserved value 'default'
	KeyName string `json:"key_name,omitempty"`

	// Reference to a existing key; either \"default\" for the configured default key, an identifier or the name assigned to the key.
	KeyRef string `json:"key_ref,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// If set, Locality will be set to this value.
	Locality []string `json:"locality,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value.
	Organization []string `json:"organization,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value.
	Ou []string `json:"ou,omitempty"`

	// If set, Postal Code will be set to this value.
	PostalCode []string `json:"postal_code,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// If set, Province will be set to this value.
	Province []string `json:"province,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value.
	StreetAddress []string `json:"street_address,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`
}

PkiGenerateIntermediateRequest struct for PkiGenerateIntermediateRequest

func NewPkiGenerateIntermediateRequestWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateIntermediateRequestWithDefaults() *PkiGenerateIntermediateRequest

NewPkiGenerateIntermediateRequestWithDefaults instantiates a new PkiGenerateIntermediateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateIntermediateResponse ¶ added in v0.3.0 

type PkiGenerateIntermediateResponse struct {
	// Certificate signing request.
	Csr string `json:"csr,omitempty"`

	// Id of the key.
	KeyId string `json:"key_id,omitempty"`

	// Generated private key.
	PrivateKey string `json:"private_key,omitempty"`

	// Specifies the format used for marshaling the private key.
	PrivateKeyType string `json:"private_key_type,omitempty"`
}

PkiGenerateIntermediateResponse struct for PkiGenerateIntermediateResponse

func NewPkiGenerateIntermediateResponseWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateIntermediateResponseWithDefaults() *PkiGenerateIntermediateResponse

NewPkiGenerateIntermediateResponseWithDefaults instantiates a new PkiGenerateIntermediateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateInternalKeyRequest ¶ added in v0.3.0 

type PkiGenerateInternalKeyRequest struct {
	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Optional name to be used for this key
	KeyName string `json:"key_name,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`
}

PkiGenerateInternalKeyRequest struct for PkiGenerateInternalKeyRequest

func NewPkiGenerateInternalKeyRequestWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateInternalKeyRequestWithDefaults() *PkiGenerateInternalKeyRequest

NewPkiGenerateInternalKeyRequestWithDefaults instantiates a new PkiGenerateInternalKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateInternalKeyResponse ¶ added in v0.3.0 

type PkiGenerateInternalKeyResponse struct {
	// ID assigned to this key.
	KeyId string `json:"key_id,omitempty"`

	// Name assigned to this key.
	KeyName string `json:"key_name,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// The private key string
	PrivateKey string `json:"private_key,omitempty"`
}

PkiGenerateInternalKeyResponse struct for PkiGenerateInternalKeyResponse

func NewPkiGenerateInternalKeyResponseWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateInternalKeyResponseWithDefaults() *PkiGenerateInternalKeyResponse

NewPkiGenerateInternalKeyResponseWithDefaults instantiates a new PkiGenerateInternalKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateKmsKeyRequest ¶ added in v0.3.0 

type PkiGenerateKmsKeyRequest struct {
	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Optional name to be used for this key
	KeyName string `json:"key_name,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`
}

PkiGenerateKmsKeyRequest struct for PkiGenerateKmsKeyRequest

func NewPkiGenerateKmsKeyRequestWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateKmsKeyRequestWithDefaults() *PkiGenerateKmsKeyRequest

NewPkiGenerateKmsKeyRequestWithDefaults instantiates a new PkiGenerateKmsKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateKmsKeyResponse ¶ added in v0.3.0 

type PkiGenerateKmsKeyResponse struct {
	// ID assigned to this key.
	KeyId string `json:"key_id,omitempty"`

	// Name assigned to this key.
	KeyName string `json:"key_name,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// The private key string
	PrivateKey string `json:"private_key,omitempty"`
}

PkiGenerateKmsKeyResponse struct for PkiGenerateKmsKeyResponse

func NewPkiGenerateKmsKeyResponseWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateKmsKeyResponseWithDefaults() *PkiGenerateKmsKeyResponse

NewPkiGenerateKmsKeyResponseWithDefaults instantiates a new PkiGenerateKmsKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateRootRequest ¶ added in v0.3.0 

type PkiGenerateRootRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans.
	CommonName string `json:"common_name,omitempty"`

	// If set, Country will be set to this value.
	Country []string `json:"country,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Provide a name to the generated or existing issuer, the name must be unique across all issuers and not be the reserved value 'default'
	IssuerName string `json:"issuer_name,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Provide a name to the generated or existing key, the name must be unique across all keys and not be the reserved value 'default'
	KeyName string `json:"key_name,omitempty"`

	// Reference to a existing key; either \"default\" for the configured default key, an identifier or the name assigned to the key.
	KeyRef string `json:"key_ref,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// If set, Locality will be set to this value.
	Locality []string `json:"locality,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`

	// The maximum allowable path length
	MaxPathLength int32 `json:"max_path_length,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value.
	Organization []string `json:"organization,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value.
	Ou []string `json:"ou,omitempty"`

	// Domains for which this certificate is allowed to sign or issue child certificates. If set, all DNS names (subject and alt) on child certs must be exact matches or subsets of the given domains (see https://tools.ietf.org/html/rfc5280#section-4.2.1.10).
	PermittedDnsDomains []string `json:"permitted_dns_domains,omitempty"`

	// If set, Postal Code will be set to this value.
	PostalCode []string `json:"postal_code,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// If set, Province will be set to this value.
	Province []string `json:"province,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value.
	StreetAddress []string `json:"street_address,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiGenerateRootRequest struct for PkiGenerateRootRequest

func NewPkiGenerateRootRequestWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateRootRequestWithDefaults() *PkiGenerateRootRequest

NewPkiGenerateRootRequestWithDefaults instantiates a new PkiGenerateRootRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiGenerateRootResponse ¶ added in v0.3.0 

type PkiGenerateRootResponse struct {
	// The generated self-signed CA certificate.
	Certificate string `json:"certificate,omitempty"`

	// The expiration of the given.
	Expiration string `json:"expiration,omitempty"`

	// The ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// The name of the issuer.
	IssuerName string `json:"issuer_name,omitempty"`

	// The issuing certificate authority.
	IssuingCa string `json:"issuing_ca,omitempty"`

	// The ID of the key.
	KeyId string `json:"key_id,omitempty"`

	// The key name if given.
	KeyName string `json:"key_name,omitempty"`

	// The private key if exported was specified.
	PrivateKey string `json:"private_key,omitempty"`

	// The requested Subject's named serial number.
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiGenerateRootResponse struct for PkiGenerateRootResponse

func NewPkiGenerateRootResponseWithDefaults ¶ added in v0.3.0 

func NewPkiGenerateRootResponseWithDefaults() *PkiGenerateRootResponse

NewPkiGenerateRootResponseWithDefaults instantiates a new PkiGenerateRootResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiImportKeyRequest ¶ added in v0.3.0 

type PkiImportKeyRequest struct {
	// Optional name to be used for this key
	KeyName string `json:"key_name,omitempty"`

	// PEM-format, unencrypted secret key
	PemBundle string `json:"pem_bundle,omitempty"`
}

PkiImportKeyRequest struct for PkiImportKeyRequest

func NewPkiImportKeyRequestWithDefaults ¶ added in v0.3.0 

func NewPkiImportKeyRequestWithDefaults() *PkiImportKeyRequest

NewPkiImportKeyRequestWithDefaults instantiates a new PkiImportKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiImportKeyResponse ¶ added in v0.3.0 

type PkiImportKeyResponse struct {
	// ID assigned to this key.
	KeyId string `json:"key_id,omitempty"`

	// Name assigned to this key.
	KeyName string `json:"key_name,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`
}

PkiImportKeyResponse struct for PkiImportKeyResponse

func NewPkiImportKeyResponseWithDefaults ¶ added in v0.3.0 

func NewPkiImportKeyResponseWithDefaults() *PkiImportKeyResponse

NewPkiImportKeyResponseWithDefaults instantiates a new PkiImportKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssueWithRoleRequest ¶ added in v0.3.0 

type PkiIssueWithRoleRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address.
	CommonName string `json:"common_name,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// Whether or not to remove self-signed CA certificates in the output of the ca_chain field.
	RemoveRootsFromChain bool `json:"remove_roots_from_chain,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1.
	UserIds []string `json:"user_ids,omitempty"`
}

PkiIssueWithRoleRequest struct for PkiIssueWithRoleRequest

func NewPkiIssueWithRoleRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssueWithRoleRequestWithDefaults() *PkiIssueWithRoleRequest

NewPkiIssueWithRoleRequestWithDefaults instantiates a new PkiIssueWithRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssueWithRoleResponse ¶ added in v0.3.0 

type PkiIssueWithRoleResponse struct {
	// Certificate Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Time of expiration
	Expiration string `json:"expiration,omitempty"`

	// Issuing Certificate Authority
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Private key
	PrivateKey string `json:"private_key,omitempty"`

	// Private key type
	PrivateKeyType string `json:"private_key_type,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiIssueWithRoleResponse struct for PkiIssueWithRoleResponse

func NewPkiIssueWithRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssueWithRoleResponseWithDefaults() *PkiIssueWithRoleResponse

NewPkiIssueWithRoleResponseWithDefaults instantiates a new PkiIssueWithRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerIssueWithRoleRequest ¶ added in v0.3.0 

type PkiIssuerIssueWithRoleRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address.
	CommonName string `json:"common_name,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// Whether or not to remove self-signed CA certificates in the output of the ca_chain field.
	RemoveRootsFromChain bool `json:"remove_roots_from_chain,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1.
	UserIds []string `json:"user_ids,omitempty"`
}

PkiIssuerIssueWithRoleRequest struct for PkiIssuerIssueWithRoleRequest

func NewPkiIssuerIssueWithRoleRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerIssueWithRoleRequestWithDefaults() *PkiIssuerIssueWithRoleRequest

NewPkiIssuerIssueWithRoleRequestWithDefaults instantiates a new PkiIssuerIssueWithRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerIssueWithRoleResponse ¶ added in v0.3.0 

type PkiIssuerIssueWithRoleResponse struct {
	// Certificate Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Time of expiration
	Expiration string `json:"expiration,omitempty"`

	// Issuing Certificate Authority
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Private key
	PrivateKey string `json:"private_key,omitempty"`

	// Private key type
	PrivateKeyType string `json:"private_key_type,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiIssuerIssueWithRoleResponse struct for PkiIssuerIssueWithRoleResponse

func NewPkiIssuerIssueWithRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerIssueWithRoleResponseWithDefaults() *PkiIssuerIssueWithRoleResponse

NewPkiIssuerIssueWithRoleResponseWithDefaults instantiates a new PkiIssuerIssueWithRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerReadCrlDeltaDerResponse ¶ added in v0.3.0 

type PkiIssuerReadCrlDeltaDerResponse struct {
	Crl string `json:"crl,omitempty"`
}

PkiIssuerReadCrlDeltaDerResponse struct for PkiIssuerReadCrlDeltaDerResponse

func NewPkiIssuerReadCrlDeltaDerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerReadCrlDeltaDerResponseWithDefaults() *PkiIssuerReadCrlDeltaDerResponse

NewPkiIssuerReadCrlDeltaDerResponseWithDefaults instantiates a new PkiIssuerReadCrlDeltaDerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerReadCrlDeltaPemResponse ¶ added in v0.3.0 

type PkiIssuerReadCrlDeltaPemResponse struct {
	Crl string `json:"crl,omitempty"`
}

PkiIssuerReadCrlDeltaPemResponse struct for PkiIssuerReadCrlDeltaPemResponse

func NewPkiIssuerReadCrlDeltaPemResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerReadCrlDeltaPemResponseWithDefaults() *PkiIssuerReadCrlDeltaPemResponse

NewPkiIssuerReadCrlDeltaPemResponseWithDefaults instantiates a new PkiIssuerReadCrlDeltaPemResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerReadCrlDeltaResponse ¶ added in v0.3.0 

type PkiIssuerReadCrlDeltaResponse struct {
	Crl string `json:"crl,omitempty"`
}

PkiIssuerReadCrlDeltaResponse struct for PkiIssuerReadCrlDeltaResponse

func NewPkiIssuerReadCrlDeltaResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerReadCrlDeltaResponseWithDefaults() *PkiIssuerReadCrlDeltaResponse

NewPkiIssuerReadCrlDeltaResponseWithDefaults instantiates a new PkiIssuerReadCrlDeltaResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerReadCrlDerResponse ¶ added in v0.3.0 

type PkiIssuerReadCrlDerResponse struct {
	Crl string `json:"crl,omitempty"`
}

PkiIssuerReadCrlDerResponse struct for PkiIssuerReadCrlDerResponse

func NewPkiIssuerReadCrlDerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerReadCrlDerResponseWithDefaults() *PkiIssuerReadCrlDerResponse

NewPkiIssuerReadCrlDerResponseWithDefaults instantiates a new PkiIssuerReadCrlDerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerReadCrlPemResponse ¶ added in v0.3.0 

type PkiIssuerReadCrlPemResponse struct {
	Crl string `json:"crl,omitempty"`
}

PkiIssuerReadCrlPemResponse struct for PkiIssuerReadCrlPemResponse

func NewPkiIssuerReadCrlPemResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerReadCrlPemResponseWithDefaults() *PkiIssuerReadCrlPemResponse

NewPkiIssuerReadCrlPemResponseWithDefaults instantiates a new PkiIssuerReadCrlPemResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerReadCrlResponse ¶ added in v0.3.0 

type PkiIssuerReadCrlResponse struct {
	Crl string `json:"crl,omitempty"`
}

PkiIssuerReadCrlResponse struct for PkiIssuerReadCrlResponse

func NewPkiIssuerReadCrlResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerReadCrlResponseWithDefaults() *PkiIssuerReadCrlResponse

NewPkiIssuerReadCrlResponseWithDefaults instantiates a new PkiIssuerReadCrlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerResignCrlsRequest ¶ added in v0.3.0 

type PkiIssuerResignCrlsRequest struct {
	// The sequence number to be written within the CRL Number extension.
	CrlNumber int32 `json:"crl_number,omitempty"`

	// A list of PEM encoded CRLs to combine, originally signed by the requested issuer.
	Crls []string `json:"crls,omitempty"`

	// Using a zero or greater value specifies the base CRL revision number to encode within a Delta CRL indicator extension, otherwise the extension will not be added.
	DeltaCrlBaseNumber int32 `json:"delta_crl_base_number,omitempty"`

	// The format of the combined CRL, can be \"pem\" or \"der\". If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The amount of time the generated CRL should be valid; defaults to 72 hours.
	NextUpdate string `json:"next_update,omitempty"`
}

PkiIssuerResignCrlsRequest struct for PkiIssuerResignCrlsRequest

func NewPkiIssuerResignCrlsRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerResignCrlsRequestWithDefaults() *PkiIssuerResignCrlsRequest

NewPkiIssuerResignCrlsRequestWithDefaults instantiates a new PkiIssuerResignCrlsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerResignCrlsResponse ¶ added in v0.3.0 

type PkiIssuerResignCrlsResponse struct {
	// CRL
	Crl string `json:"crl,omitempty"`
}

PkiIssuerResignCrlsResponse struct for PkiIssuerResignCrlsResponse

func NewPkiIssuerResignCrlsResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerResignCrlsResponseWithDefaults() *PkiIssuerResignCrlsResponse

NewPkiIssuerResignCrlsResponseWithDefaults instantiates a new PkiIssuerResignCrlsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignIntermediateRequest ¶ added in v0.3.0 

type PkiIssuerSignIntermediateRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans.
	CommonName string `json:"common_name,omitempty"`

	// If set, Country will be set to this value.
	Country []string `json:"country,omitempty"`

	// PEM-format CSR to be signed.
	Csr string `json:"csr,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Provide a name to the generated or existing issuer, the name must be unique across all issuers and not be the reserved value 'default'
	IssuerName string `json:"issuer_name,omitempty"`

	// If set, Locality will be set to this value.
	Locality []string `json:"locality,omitempty"`

	// The maximum allowable path length
	MaxPathLength int32 `json:"max_path_length,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value.
	Organization []string `json:"organization,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value.
	Ou []string `json:"ou,omitempty"`

	// Domains for which this certificate is allowed to sign or issue child certificates. If set, all DNS names (subject and alt) on child certs must be exact matches or subsets of the given domains (see https://tools.ietf.org/html/rfc5280#section-4.2.1.10).
	PermittedDnsDomains []string `json:"permitted_dns_domains,omitempty"`

	// If set, Postal Code will be set to this value.
	PostalCode []string `json:"postal_code,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// If set, Province will be set to this value.
	Province []string `json:"province,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). This value should ONLY be used when cross-signing to mimic the existing certificate's SKID value; this is necessary to allow certain TLS implementations (such as OpenSSL) which use SKID/AKID matches in chain building to restrict possible valid chains. Specified as a string in hex format. Default is empty, allowing Vault to automatically calculate the SKID according to method one in the above RFC section.
	Skid string `json:"skid,omitempty"`

	// If set, Street Address will be set to this value.
	StreetAddress []string `json:"street_address,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// If true, then: 1) Subject information, including names and alternate names, will be preserved from the CSR rather than using values provided in the other parameters to this path; 2) Any key usages requested in the CSR will be added to the basic set of key usages used for CA certs signed by this path; for instance, the non-repudiation flag; 3) Extensions requested in the CSR will be copied into the issued certificate.
	UseCsrValues bool `json:"use_csr_values,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiIssuerSignIntermediateRequest struct for PkiIssuerSignIntermediateRequest

func NewPkiIssuerSignIntermediateRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignIntermediateRequestWithDefaults() *PkiIssuerSignIntermediateRequest

NewPkiIssuerSignIntermediateRequestWithDefaults instantiates a new PkiIssuerSignIntermediateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignIntermediateResponse ¶ added in v0.3.0 

type PkiIssuerSignIntermediateResponse struct {
	// CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Expiration Time
	Expiration int64 `json:"expiration,omitempty"`

	// Issuing CA
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiIssuerSignIntermediateResponse struct for PkiIssuerSignIntermediateResponse

func NewPkiIssuerSignIntermediateResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignIntermediateResponseWithDefaults() *PkiIssuerSignIntermediateResponse

NewPkiIssuerSignIntermediateResponseWithDefaults instantiates a new PkiIssuerSignIntermediateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignRevocationListRequest ¶ added in v0.3.0 

type PkiIssuerSignRevocationListRequest struct {
	// The sequence number to be written within the CRL Number extension.
	CrlNumber int32 `json:"crl_number,omitempty"`

	// Using a zero or greater value specifies the base CRL revision number to encode within a Delta CRL indicator extension, otherwise the extension will not be added.
	DeltaCrlBaseNumber int32 `json:"delta_crl_base_number,omitempty"`

	// A list of maps containing extensions with keys id (string), critical (bool), value (string)
	Extensions []map[string]interface{} `json:"extensions,omitempty"`

	// The format of the combined CRL, can be \"pem\" or \"der\". If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The amount of time the generated CRL should be valid; defaults to 72 hours.
	NextUpdate string `json:"next_update,omitempty"`

	// A list of maps containing the keys serial_number (string), revocation_time (string), and extensions (map with keys id (string), critical (bool), value (string))
	RevokedCerts []map[string]interface{} `json:"revoked_certs,omitempty"`
}

PkiIssuerSignRevocationListRequest struct for PkiIssuerSignRevocationListRequest

func NewPkiIssuerSignRevocationListRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignRevocationListRequestWithDefaults() *PkiIssuerSignRevocationListRequest

NewPkiIssuerSignRevocationListRequestWithDefaults instantiates a new PkiIssuerSignRevocationListRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignRevocationListResponse ¶ added in v0.3.0 

type PkiIssuerSignRevocationListResponse struct {
	// CRL
	Crl string `json:"crl,omitempty"`
}

PkiIssuerSignRevocationListResponse struct for PkiIssuerSignRevocationListResponse

func NewPkiIssuerSignRevocationListResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignRevocationListResponseWithDefaults() *PkiIssuerSignRevocationListResponse

NewPkiIssuerSignRevocationListResponseWithDefaults instantiates a new PkiIssuerSignRevocationListResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignSelfIssuedRequest ¶ added in v0.3.0 

type PkiIssuerSignSelfIssuedRequest struct {
	// PEM-format self-issued certificate to be signed.
	Certificate string `json:"certificate,omitempty"`

	// If true, require the public key algorithm of the signer to match that of the self issued certificate.
	RequireMatchingCertificateAlgorithms bool `json:"require_matching_certificate_algorithms,omitempty"`
}

PkiIssuerSignSelfIssuedRequest struct for PkiIssuerSignSelfIssuedRequest

func NewPkiIssuerSignSelfIssuedRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignSelfIssuedRequestWithDefaults() *PkiIssuerSignSelfIssuedRequest

NewPkiIssuerSignSelfIssuedRequestWithDefaults instantiates a new PkiIssuerSignSelfIssuedRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignSelfIssuedResponse ¶ added in v0.3.0 

type PkiIssuerSignSelfIssuedResponse struct {
	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Issuing CA
	IssuingCa string `json:"issuing_ca,omitempty"`
}

PkiIssuerSignSelfIssuedResponse struct for PkiIssuerSignSelfIssuedResponse

func NewPkiIssuerSignSelfIssuedResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignSelfIssuedResponseWithDefaults() *PkiIssuerSignSelfIssuedResponse

NewPkiIssuerSignSelfIssuedResponseWithDefaults instantiates a new PkiIssuerSignSelfIssuedResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignVerbatimRequest ¶ added in v0.3.0 

type PkiIssuerSignVerbatimRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address.
	CommonName string `json:"common_name,omitempty"`

	// PEM-format CSR to be signed. Values will be taken verbatim from the CSR, except for basic constraints.
	Csr string `json:"csr,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list.
	ExtKeyUsage []string `json:"ext_key_usage,omitempty"`

	// A comma-separated string or list of extended key usage oids.
	ExtKeyUsageOids []string `json:"ext_key_usage_oids,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list.
	KeyUsage []string `json:"key_usage,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// Whether or not to remove self-signed CA certificates in the output of the ca_chain field.
	RemoveRootsFromChain bool `json:"remove_roots_from_chain,omitempty"`

	// The desired role with configuration for this request
	Role string `json:"role,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`

	// The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1.
	UserIds []string `json:"user_ids,omitempty"`
}

PkiIssuerSignVerbatimRequest struct for PkiIssuerSignVerbatimRequest

func NewPkiIssuerSignVerbatimRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignVerbatimRequestWithDefaults() *PkiIssuerSignVerbatimRequest

NewPkiIssuerSignVerbatimRequestWithDefaults instantiates a new PkiIssuerSignVerbatimRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignVerbatimResponse ¶ added in v0.3.0 

type PkiIssuerSignVerbatimResponse struct {
	// Certificate Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Time of expiration
	Expiration string `json:"expiration,omitempty"`

	// Issuing Certificate Authority
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Private key
	PrivateKey string `json:"private_key,omitempty"`

	// Private key type
	PrivateKeyType string `json:"private_key_type,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiIssuerSignVerbatimResponse struct for PkiIssuerSignVerbatimResponse

func NewPkiIssuerSignVerbatimResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignVerbatimResponseWithDefaults() *PkiIssuerSignVerbatimResponse

NewPkiIssuerSignVerbatimResponseWithDefaults instantiates a new PkiIssuerSignVerbatimResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignVerbatimWithRoleRequest ¶ added in v0.3.0 

type PkiIssuerSignVerbatimWithRoleRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address.
	CommonName string `json:"common_name,omitempty"`

	// PEM-format CSR to be signed. Values will be taken verbatim from the CSR, except for basic constraints.
	Csr string `json:"csr,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list.
	ExtKeyUsage []string `json:"ext_key_usage,omitempty"`

	// A comma-separated string or list of extended key usage oids.
	ExtKeyUsageOids []string `json:"ext_key_usage_oids,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list.
	KeyUsage []string `json:"key_usage,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// Whether or not to remove self-signed CA certificates in the output of the ca_chain field.
	RemoveRootsFromChain bool `json:"remove_roots_from_chain,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`

	// The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1.
	UserIds []string `json:"user_ids,omitempty"`
}

PkiIssuerSignVerbatimWithRoleRequest struct for PkiIssuerSignVerbatimWithRoleRequest

func NewPkiIssuerSignVerbatimWithRoleRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignVerbatimWithRoleRequestWithDefaults() *PkiIssuerSignVerbatimWithRoleRequest

NewPkiIssuerSignVerbatimWithRoleRequestWithDefaults instantiates a new PkiIssuerSignVerbatimWithRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignVerbatimWithRoleResponse ¶ added in v0.3.0 

type PkiIssuerSignVerbatimWithRoleResponse struct {
	// Certificate Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Time of expiration
	Expiration string `json:"expiration,omitempty"`

	// Issuing Certificate Authority
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Private key
	PrivateKey string `json:"private_key,omitempty"`

	// Private key type
	PrivateKeyType string `json:"private_key_type,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiIssuerSignVerbatimWithRoleResponse struct for PkiIssuerSignVerbatimWithRoleResponse

func NewPkiIssuerSignVerbatimWithRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignVerbatimWithRoleResponseWithDefaults() *PkiIssuerSignVerbatimWithRoleResponse

NewPkiIssuerSignVerbatimWithRoleResponseWithDefaults instantiates a new PkiIssuerSignVerbatimWithRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignWithRoleRequest ¶ added in v0.3.0 

type PkiIssuerSignWithRoleRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address.
	CommonName string `json:"common_name,omitempty"`

	// PEM-format CSR to be signed.
	Csr string `json:"csr,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// Whether or not to remove self-signed CA certificates in the output of the ca_chain field.
	RemoveRootsFromChain bool `json:"remove_roots_from_chain,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1.
	UserIds []string `json:"user_ids,omitempty"`
}

PkiIssuerSignWithRoleRequest struct for PkiIssuerSignWithRoleRequest

func NewPkiIssuerSignWithRoleRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignWithRoleRequestWithDefaults() *PkiIssuerSignWithRoleRequest

NewPkiIssuerSignWithRoleRequestWithDefaults instantiates a new PkiIssuerSignWithRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuerSignWithRoleResponse ¶ added in v0.3.0 

type PkiIssuerSignWithRoleResponse struct {
	// Certificate Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Time of expiration
	Expiration string `json:"expiration,omitempty"`

	// Issuing Certificate Authority
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Private key
	PrivateKey string `json:"private_key,omitempty"`

	// Private key type
	PrivateKeyType string `json:"private_key_type,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiIssuerSignWithRoleResponse struct for PkiIssuerSignWithRoleResponse

func NewPkiIssuerSignWithRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuerSignWithRoleResponseWithDefaults() *PkiIssuerSignWithRoleResponse

NewPkiIssuerSignWithRoleResponseWithDefaults instantiates a new PkiIssuerSignWithRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersGenerateIntermediateRequest ¶ added in v0.3.0 

type PkiIssuersGenerateIntermediateRequest struct {
	// Whether to add a Basic Constraints extension with CA: true. Only needed as a workaround in some compatibility scenarios with Active Directory Certificate Services.
	AddBasicConstraints bool `json:"add_basic_constraints,omitempty"`

	// The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans.
	CommonName string `json:"common_name,omitempty"`

	// If set, Country will be set to this value.
	Country []string `json:"country,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Provide a name to the generated or existing key, the name must be unique across all keys and not be the reserved value 'default'
	KeyName string `json:"key_name,omitempty"`

	// Reference to a existing key; either \"default\" for the configured default key, an identifier or the name assigned to the key.
	KeyRef string `json:"key_ref,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// If set, Locality will be set to this value.
	Locality []string `json:"locality,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value.
	Organization []string `json:"organization,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value.
	Ou []string `json:"ou,omitempty"`

	// If set, Postal Code will be set to this value.
	PostalCode []string `json:"postal_code,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// If set, Province will be set to this value.
	Province []string `json:"province,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value.
	StreetAddress []string `json:"street_address,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`
}

PkiIssuersGenerateIntermediateRequest struct for PkiIssuersGenerateIntermediateRequest

func NewPkiIssuersGenerateIntermediateRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersGenerateIntermediateRequestWithDefaults() *PkiIssuersGenerateIntermediateRequest

NewPkiIssuersGenerateIntermediateRequestWithDefaults instantiates a new PkiIssuersGenerateIntermediateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersGenerateIntermediateResponse ¶ added in v0.3.0 

type PkiIssuersGenerateIntermediateResponse struct {
	// Certificate signing request.
	Csr string `json:"csr,omitempty"`

	// Id of the key.
	KeyId string `json:"key_id,omitempty"`

	// Generated private key.
	PrivateKey string `json:"private_key,omitempty"`

	// Specifies the format used for marshaling the private key.
	PrivateKeyType string `json:"private_key_type,omitempty"`
}

PkiIssuersGenerateIntermediateResponse struct for PkiIssuersGenerateIntermediateResponse

func NewPkiIssuersGenerateIntermediateResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersGenerateIntermediateResponseWithDefaults() *PkiIssuersGenerateIntermediateResponse

NewPkiIssuersGenerateIntermediateResponseWithDefaults instantiates a new PkiIssuersGenerateIntermediateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersGenerateRootRequest ¶ added in v0.3.0 

type PkiIssuersGenerateRootRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans.
	CommonName string `json:"common_name,omitempty"`

	// If set, Country will be set to this value.
	Country []string `json:"country,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Provide a name to the generated or existing issuer, the name must be unique across all issuers and not be the reserved value 'default'
	IssuerName string `json:"issuer_name,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Provide a name to the generated or existing key, the name must be unique across all keys and not be the reserved value 'default'
	KeyName string `json:"key_name,omitempty"`

	// Reference to a existing key; either \"default\" for the configured default key, an identifier or the name assigned to the key.
	KeyRef string `json:"key_ref,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// If set, Locality will be set to this value.
	Locality []string `json:"locality,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`

	// The maximum allowable path length
	MaxPathLength int32 `json:"max_path_length,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value.
	Organization []string `json:"organization,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value.
	Ou []string `json:"ou,omitempty"`

	// Domains for which this certificate is allowed to sign or issue child certificates. If set, all DNS names (subject and alt) on child certs must be exact matches or subsets of the given domains (see https://tools.ietf.org/html/rfc5280#section-4.2.1.10).
	PermittedDnsDomains []string `json:"permitted_dns_domains,omitempty"`

	// If set, Postal Code will be set to this value.
	PostalCode []string `json:"postal_code,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// If set, Province will be set to this value.
	Province []string `json:"province,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value.
	StreetAddress []string `json:"street_address,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiIssuersGenerateRootRequest struct for PkiIssuersGenerateRootRequest

func NewPkiIssuersGenerateRootRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersGenerateRootRequestWithDefaults() *PkiIssuersGenerateRootRequest

NewPkiIssuersGenerateRootRequestWithDefaults instantiates a new PkiIssuersGenerateRootRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersGenerateRootResponse ¶ added in v0.3.0 

type PkiIssuersGenerateRootResponse struct {
	// The generated self-signed CA certificate.
	Certificate string `json:"certificate,omitempty"`

	// The expiration of the given.
	Expiration string `json:"expiration,omitempty"`

	// The ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// The name of the issuer.
	IssuerName string `json:"issuer_name,omitempty"`

	// The issuing certificate authority.
	IssuingCa string `json:"issuing_ca,omitempty"`

	// The ID of the key.
	KeyId string `json:"key_id,omitempty"`

	// The key name if given.
	KeyName string `json:"key_name,omitempty"`

	// The private key if exported was specified.
	PrivateKey string `json:"private_key,omitempty"`

	// The requested Subject's named serial number.
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiIssuersGenerateRootResponse struct for PkiIssuersGenerateRootResponse

func NewPkiIssuersGenerateRootResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersGenerateRootResponseWithDefaults() *PkiIssuersGenerateRootResponse

NewPkiIssuersGenerateRootResponseWithDefaults instantiates a new PkiIssuersGenerateRootResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersImportBundleRequest ¶ added in v0.3.0 

type PkiIssuersImportBundleRequest struct {
	// PEM-format, concatenated unencrypted secret-key (optional) and certificates.
	PemBundle string `json:"pem_bundle,omitempty"`
}

PkiIssuersImportBundleRequest struct for PkiIssuersImportBundleRequest

func NewPkiIssuersImportBundleRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersImportBundleRequestWithDefaults() *PkiIssuersImportBundleRequest

NewPkiIssuersImportBundleRequestWithDefaults instantiates a new PkiIssuersImportBundleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersImportBundleResponse ¶ added in v0.3.0 

type PkiIssuersImportBundleResponse struct {
	// Net-new issuers imported as a part of this request
	ImportedIssuers []string `json:"imported_issuers,omitempty"`

	// Net-new keys imported as a part of this request
	ImportedKeys []string `json:"imported_keys,omitempty"`

	// A mapping of issuer_id to key_id for all issuers included in this request
	Mapping map[string]interface{} `json:"mapping,omitempty"`
}

PkiIssuersImportBundleResponse struct for PkiIssuersImportBundleResponse

func NewPkiIssuersImportBundleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersImportBundleResponseWithDefaults() *PkiIssuersImportBundleResponse

NewPkiIssuersImportBundleResponseWithDefaults instantiates a new PkiIssuersImportBundleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersImportCertRequest ¶ added in v0.3.0 

type PkiIssuersImportCertRequest struct {
	// PEM-format, concatenated unencrypted secret-key (optional) and certificates.
	PemBundle string `json:"pem_bundle,omitempty"`
}

PkiIssuersImportCertRequest struct for PkiIssuersImportCertRequest

func NewPkiIssuersImportCertRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersImportCertRequestWithDefaults() *PkiIssuersImportCertRequest

NewPkiIssuersImportCertRequestWithDefaults instantiates a new PkiIssuersImportCertRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersImportCertResponse ¶ added in v0.3.0 

type PkiIssuersImportCertResponse struct {
	// Net-new issuers imported as a part of this request
	ImportedIssuers []string `json:"imported_issuers,omitempty"`

	// Net-new keys imported as a part of this request
	ImportedKeys []string `json:"imported_keys,omitempty"`

	// A mapping of issuer_id to key_id for all issuers included in this request
	Mapping map[string]interface{} `json:"mapping,omitempty"`
}

PkiIssuersImportCertResponse struct for PkiIssuersImportCertResponse

func NewPkiIssuersImportCertResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersImportCertResponseWithDefaults() *PkiIssuersImportCertResponse

NewPkiIssuersImportCertResponseWithDefaults instantiates a new PkiIssuersImportCertResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersRotateRootRequest ¶ added in v0.3.0 

type PkiIssuersRotateRootRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans.
	CommonName string `json:"common_name,omitempty"`

	// If set, Country will be set to this value.
	Country []string `json:"country,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Provide a name to the generated or existing issuer, the name must be unique across all issuers and not be the reserved value 'default'
	IssuerName string `json:"issuer_name,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Provide a name to the generated or existing key, the name must be unique across all keys and not be the reserved value 'default'
	KeyName string `json:"key_name,omitempty"`

	// Reference to a existing key; either \"default\" for the configured default key, an identifier or the name assigned to the key.
	KeyRef string `json:"key_ref,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\" and \"ed25519\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// If set, Locality will be set to this value.
	Locality []string `json:"locality,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_name is required. Ignored for other types.
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use when the exported type is kms. When kms type is the key type, this field or managed_key_id is required. Ignored for other types.
	ManagedKeyName string `json:"managed_key_name,omitempty"`

	// The maximum allowable path length
	MaxPathLength int32 `json:"max_path_length,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value.
	Organization []string `json:"organization,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value.
	Ou []string `json:"ou,omitempty"`

	// Domains for which this certificate is allowed to sign or issue child certificates. If set, all DNS names (subject and alt) on child certs must be exact matches or subsets of the given domains (see https://tools.ietf.org/html/rfc5280#section-4.2.1.10).
	PermittedDnsDomains []string `json:"permitted_dns_domains,omitempty"`

	// If set, Postal Code will be set to this value.
	PostalCode []string `json:"postal_code,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// If set, Province will be set to this value.
	Province []string `json:"province,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value.
	StreetAddress []string `json:"street_address,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiIssuersRotateRootRequest struct for PkiIssuersRotateRootRequest

func NewPkiIssuersRotateRootRequestWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersRotateRootRequestWithDefaults() *PkiIssuersRotateRootRequest

NewPkiIssuersRotateRootRequestWithDefaults instantiates a new PkiIssuersRotateRootRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiIssuersRotateRootResponse ¶ added in v0.3.0 

type PkiIssuersRotateRootResponse struct {
	// The generated self-signed CA certificate.
	Certificate string `json:"certificate,omitempty"`

	// The expiration of the given.
	Expiration string `json:"expiration,omitempty"`

	// The ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// The name of the issuer.
	IssuerName string `json:"issuer_name,omitempty"`

	// The issuing certificate authority.
	IssuingCa string `json:"issuing_ca,omitempty"`

	// The ID of the key.
	KeyId string `json:"key_id,omitempty"`

	// The key name if given.
	KeyName string `json:"key_name,omitempty"`

	// The private key if exported was specified.
	PrivateKey string `json:"private_key,omitempty"`

	// The requested Subject's named serial number.
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiIssuersRotateRootResponse struct for PkiIssuersRotateRootResponse

func NewPkiIssuersRotateRootResponseWithDefaults ¶ added in v0.3.0 

func NewPkiIssuersRotateRootResponseWithDefaults() *PkiIssuersRotateRootResponse

NewPkiIssuersRotateRootResponseWithDefaults instantiates a new PkiIssuersRotateRootResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiListCertsResponse ¶ added in v0.3.0 

type PkiListCertsResponse struct {
	// A list of keys
	Keys []string `json:"keys,omitempty"`
}

PkiListCertsResponse struct for PkiListCertsResponse

func NewPkiListCertsResponseWithDefaults ¶ added in v0.3.0 

func NewPkiListCertsResponseWithDefaults() *PkiListCertsResponse

NewPkiListCertsResponseWithDefaults instantiates a new PkiListCertsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiListIssuersResponse ¶ added in v0.3.0 

type PkiListIssuersResponse struct {
	// Key info with issuer name
	KeyInfo map[string]interface{} `json:"key_info,omitempty"`

	// A list of keys
	Keys []string `json:"keys,omitempty"`
}

PkiListIssuersResponse struct for PkiListIssuersResponse

func NewPkiListIssuersResponseWithDefaults ¶ added in v0.3.0 

func NewPkiListIssuersResponseWithDefaults() *PkiListIssuersResponse

NewPkiListIssuersResponseWithDefaults instantiates a new PkiListIssuersResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiListKeysResponse ¶ added in v0.3.0 

type PkiListKeysResponse struct {
	// Key info with issuer name
	KeyInfo map[string]interface{} `json:"key_info,omitempty"`

	// A list of keys
	Keys []string `json:"keys,omitempty"`
}

PkiListKeysResponse struct for PkiListKeysResponse

func NewPkiListKeysResponseWithDefaults ¶ added in v0.3.0 

func NewPkiListKeysResponseWithDefaults() *PkiListKeysResponse

NewPkiListKeysResponseWithDefaults instantiates a new PkiListKeysResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiListRevokedCertsResponse ¶ added in v0.3.0 

type PkiListRevokedCertsResponse struct {
	// List of Keys
	Keys []string `json:"keys,omitempty"`
}

PkiListRevokedCertsResponse struct for PkiListRevokedCertsResponse

func NewPkiListRevokedCertsResponseWithDefaults ¶ added in v0.3.0 

func NewPkiListRevokedCertsResponseWithDefaults() *PkiListRevokedCertsResponse

NewPkiListRevokedCertsResponseWithDefaults instantiates a new PkiListRevokedCertsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiListRolesResponse ¶ added in v0.3.0 

type PkiListRolesResponse struct {
	// List of keys
	Keys map[string]interface{} `json:"keys,omitempty"`
}

PkiListRolesResponse struct for PkiListRolesResponse

func NewPkiListRolesResponseWithDefaults ¶ added in v0.3.0 

func NewPkiListRolesResponseWithDefaults() *PkiListRolesResponse

NewPkiListRolesResponseWithDefaults instantiates a new PkiListRolesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiPatchIssuerResponse ¶ added in v0.3.0 

type PkiPatchIssuerResponse struct {
	// CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// CRL Distribution Points
	CrlDistributionPoints []string `json:"crl_distribution_points,omitempty"`

	// Issuer Id
	IssuerId string `json:"issuer_id,omitempty"`

	// Issuer Name
	IssuerName string `json:"issuer_name,omitempty"`

	// Issuing Certificates
	IssuingCertificates []string `json:"issuing_certificates,omitempty"`

	// Key Id
	KeyId string `json:"key_id,omitempty"`

	// Leaf Not After Behavior
	LeafNotAfterBehavior string `json:"leaf_not_after_behavior,omitempty"`

	// Manual Chain
	ManualChain []string `json:"manual_chain,omitempty"`

	// OSCP Servers
	OcspServers []string `json:"ocsp_servers,omitempty"`

	// Revocation Signature Alogrithm
	RevocationSignatureAlgorithm string `json:"revocation_signature_algorithm,omitempty"`

	RevocationTime int32 `json:"revocation_time,omitempty"`

	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`

	// Revoked
	Revoked bool `json:"revoked,omitempty"`

	// Usage
	Usage []string `json:"usage,omitempty"`
}

PkiPatchIssuerResponse struct for PkiPatchIssuerResponse

func NewPkiPatchIssuerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiPatchIssuerResponseWithDefaults() *PkiPatchIssuerResponse

NewPkiPatchIssuerResponseWithDefaults instantiates a new PkiPatchIssuerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiPatchRoleResponse ¶ added in v0.3.0 

type PkiPatchRoleResponse struct {
	// If set, clients can request certificates for any domain, regardless of allowed_domains restrictions. See the documentation for more information.
	AllowAnyName bool `json:"allow_any_name,omitempty"`

	// If set, clients can request certificates for the base domains themselves, e.g. \"example.com\" of domains listed in allowed_domains. This is a separate option as in some cases this can be considered a security threat. See the documentation for more information.
	AllowBareDomains bool `json:"allow_bare_domains,omitempty"`

	// If set, domains specified in allowed_domains can include shell-style glob patterns, e.g. \"ftp*.example.com\". See the documentation for more information.
	AllowGlobDomains bool `json:"allow_glob_domains,omitempty"`

	// If set, IP Subject Alternative Names are allowed. Any valid IP is accepted and No authorization checking is performed.
	AllowIpSans bool `json:"allow_ip_sans,omitempty"`

	// Whether to allow \"localhost\" and \"localdomain\" as a valid common name in a request, independent of allowed_domains value.
	AllowLocalhost bool `json:"allow_localhost,omitempty"`

	// If set, clients can request certificates for subdomains of domains listed in allowed_domains, including wildcard subdomains. See the documentation for more information.
	AllowSubdomains bool `json:"allow_subdomains,omitempty"`

	// Whether to allow \"localhost\" and \"localdomain\" as a valid common name in a request, independent of allowed_domains value.
	AllowTokenDisplayname bool `json:"allow_token_displayname,omitempty"`

	// If set, allows certificates with wildcards in the common name to be issued, conforming to RFC 6125's Section 6.4.3; e.g., \"*.example.net\" or \"b*z.example.net\". See the documentation for more information.
	AllowWildcardCertificates bool `json:"allow_wildcard_certificates,omitempty"`

	// Specifies the domains this role is allowed to issue certificates for. This is used with the allow_bare_domains, allow_subdomains, and allow_glob_domains to determine matches for the common name, DNS-typed SAN entries, and Email-typed SAN entries of certificates. See the documentation for more information. This parameter accepts a comma-separated string or list of domains.
	AllowedDomains []string `json:"allowed_domains,omitempty"`

	// If set, Allowed domains can be specified using identity template policies. Non-templated domains are also permitted.
	AllowedDomainsTemplate bool `json:"allowed_domains_template,omitempty"`

	// If set, an array of allowed other names to put in SANs. These values support globbing and must be in the format <oid>;<type>:<value>. Currently only \"utf8\" is a valid type. All values, including globbing values, must use this syntax, with the exception being a single \"*\" which allows any OID and any value (but type must still be utf8).
	AllowedOtherSans []string `json:"allowed_other_sans,omitempty"`

	// If set, an array of allowed serial numbers to put in Subject. These values support globbing.
	AllowedSerialNumbers []string `json:"allowed_serial_numbers,omitempty"`

	// If set, an array of allowed URIs for URI Subject Alternative Names. Any valid URI is accepted, these values support globbing.
	AllowedUriSans []string `json:"allowed_uri_sans,omitempty"`

	// If set, Allowed URI SANs can be specified using identity template policies. Non-templated URI SANs are also permitted.
	AllowedUriSansTemplate bool `json:"allowed_uri_sans_template,omitempty"`

	// If set, an array of allowed user-ids to put in user system login name specified here: https://www.rfc-editor.org/rfc/rfc1274#section-9.3.1
	AllowedUserIds []string `json:"allowed_user_ids,omitempty"`

	// Mark Basic Constraints valid when issuing non-CA certificates.
	BasicConstraintsValidForNonCa bool `json:"basic_constraints_valid_for_non_ca,omitempty"`

	// If set, certificates are flagged for client auth use. Defaults to true. See also RFC 5280 Section 4.2.1.12.
	ClientFlag bool `json:"client_flag,omitempty"`

	// List of allowed validations to run against the Common Name field. Values can include 'email' to validate the CN is a email address, 'hostname' to validate the CN is a valid hostname (potentially including wildcards). When multiple validations are specified, these take OR semantics (either email OR hostname are allowed). The special value 'disabled' allows disabling all CN name validations, allowing for arbitrary non-Hostname, non-Email address CNs.
	CnValidations []string `json:"cn_validations,omitempty"`

	// If set, certificates are flagged for code signing use. Defaults to false. See also RFC 5280 Section 4.2.1.12.
	CodeSigningFlag bool `json:"code_signing_flag,omitempty"`

	// If set, Country will be set to this value in certificates issued by this role.
	Country []string `json:"country,omitempty"`

	// If set, certificates are flagged for email protection use. Defaults to false. See also RFC 5280 Section 4.2.1.12.
	EmailProtectionFlag bool `json:"email_protection_flag,omitempty"`

	// If set, only valid host names are allowed for CN and DNS SANs, and the host part of email addresses. Defaults to true.
	EnforceHostnames bool `json:"enforce_hostnames,omitempty"`

	// A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. See also RFC 5280 Section 4.2.1.12.
	ExtKeyUsage []string `json:"ext_key_usage,omitempty"`

	// A comma-separated string or list of extended key usage oids.
	ExtKeyUsageOids []string `json:"ext_key_usage_oids,omitempty"`

	// If set, certificates issued/signed against this role will have Vault leases attached to them. Defaults to \"false\". Certificates can be added to the CRL by \"vault revoke <lease_id>\" when certificates are associated with leases. It can also be done using the \"pki/revoke\" endpoint. However, when lease generation is disabled, invoking \"pki/revoke\" would be the only way to add the certificates to the CRL. When large number of certificates are generated with long lifetimes, it is recommended that lease generation be disabled, as large amount of leases adversely affect the startup time of Vault.
	GenerateLease bool `json:"generate_lease,omitempty"`

	// Reference to the issuer used to sign requests serviced by this role.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\", \"ed25519\" and \"any\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. See also RFC 5280 Section 4.2.1.3.
	KeyUsage []string `json:"key_usage,omitempty"`

	// If set, Locality will be set to this value in certificates issued by this role.
	Locality []string `json:"locality,omitempty"`

	// The maximum allowed lease duration. If not set, defaults to the system maximum lease TTL.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// If set, certificates issued/signed against this role will not be stored in the storage backend. This can improve performance when issuing large numbers of certificates. However, certificates issued in this way cannot be enumerated or revoked, so this option is recommended only for certificates that are non-sensitive, or extremely short-lived. This option implies a value of \"false\" for \"generate_lease\".
	NoStore bool `json:"no_store,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ.
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value in certificates issued by this role.
	Organization []string `json:"organization,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value in certificates issued by this role.
	Ou []string `json:"ou,omitempty"`

	// A comma-separated string or list of policy OIDs, or a JSON list of qualified policy information, which must include an oid, and may include a notice and/or cps url, using the form [{\"oid\"=\"1.3.6.1.4.1.7.8\",\"notice\"=\"I am a user Notice\"}, {\"oid\"=\"1.3.6.1.4.1.44947.1.2.4 \",\"cps\"=\"https://example.com\"}].
	PolicyIdentifiers []string `json:"policy_identifiers,omitempty"`

	// If set, Postal Code will be set to this value in certificates issued by this role.
	PostalCode []string `json:"postal_code,omitempty"`

	// If set, Province will be set to this value in certificates issued by this role.
	Province []string `json:"province,omitempty"`

	// If set to false, makes the 'common_name' field optional while generating a certificate.
	RequireCn bool `json:"require_cn,omitempty"`

	// If set, certificates are flagged for server auth use. Defaults to true. See also RFC 5280 Section 4.2.1.12.
	ServerFlag bool `json:"server_flag,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value in certificates issued by this role.
	StreetAddress []string `json:"street_address,omitempty"`

	// The lease duration (validity period of the certificate) if no specific lease duration is requested. The lease duration controls the expiration of certificates issued by this backend. Defaults to the system default value or the value of max_ttl, whichever is shorter.
	Ttl int32 `json:"ttl,omitempty"`

	// If set, when used with a signing profile, the common name in the CSR will be used. This does *not* include any requested Subject Alternative Names; use use_csr_sans for that. Defaults to true.
	UseCsrCommonName bool `json:"use_csr_common_name,omitempty"`

	// If set, when used with a signing profile, the SANs in the CSR will be used. This does *not* include the Common Name (cn); use use_csr_common_name for that. Defaults to true.
	UseCsrSans bool `json:"use_csr_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiPatchRoleResponse struct for PkiPatchRoleResponse

func NewPkiPatchRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiPatchRoleResponseWithDefaults() *PkiPatchRoleResponse

NewPkiPatchRoleResponseWithDefaults instantiates a new PkiPatchRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadAutoTidyConfigurationResponse ¶ added in v0.3.0 

type PkiReadAutoTidyConfigurationResponse struct {
	// Specifies whether automatic tidy is enabled or not
	Enabled bool `json:"enabled,omitempty"`

	// Specifies the duration between automatic tidy operation
	IntervalDuration int32 `json:"interval_duration,omitempty"`

	// Issuer safety buffer
	IssuerSafetyBuffer int32 `json:"issuer_safety_buffer,omitempty"`

	MaintainStoredCertificateCounts bool `json:"maintain_stored_certificate_counts,omitempty"`

	// Duration to pause between tidying certificates
	PauseDuration string `json:"pause_duration,omitempty"`

	PublishStoredCertificateCountMetrics bool `json:"publish_stored_certificate_count_metrics,omitempty"`

	RevocationQueueSafetyBuffer int32 `json:"revocation_queue_safety_buffer,omitempty"`

	// Safety buffer time duration
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`

	// Specifies whether to tidy up the certificate store
	TidyCertStore bool `json:"tidy_cert_store,omitempty"`

	TidyCrossClusterRevokedCerts bool `json:"tidy_cross_cluster_revoked_certs,omitempty"`

	// Specifies whether tidy expired issuers
	TidyExpiredIssuers bool `json:"tidy_expired_issuers,omitempty"`

	TidyMoveLegacyCaBundle bool `json:"tidy_move_legacy_ca_bundle,omitempty"`

	TidyRevocationQueue bool `json:"tidy_revocation_queue,omitempty"`

	// Specifies whether to associate revoked certificates with their corresponding issuers
	TidyRevokedCertIssuerAssociations bool `json:"tidy_revoked_cert_issuer_associations,omitempty"`

	// Specifies whether to remove all invalid and expired certificates from storage
	TidyRevokedCerts bool `json:"tidy_revoked_certs,omitempty"`
}

PkiReadAutoTidyConfigurationResponse struct for PkiReadAutoTidyConfigurationResponse

func NewPkiReadAutoTidyConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadAutoTidyConfigurationResponseWithDefaults() *PkiReadAutoTidyConfigurationResponse

NewPkiReadAutoTidyConfigurationResponseWithDefaults instantiates a new PkiReadAutoTidyConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCaChainPemResponse ¶ added in v0.3.0 

type PkiReadCaChainPemResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCaChainPemResponse struct for PkiReadCaChainPemResponse

func NewPkiReadCaChainPemResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCaChainPemResponseWithDefaults() *PkiReadCaChainPemResponse

NewPkiReadCaChainPemResponseWithDefaults instantiates a new PkiReadCaChainPemResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCaDerResponse ¶ added in v0.3.0 

type PkiReadCaDerResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCaDerResponse struct for PkiReadCaDerResponse

func NewPkiReadCaDerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCaDerResponseWithDefaults() *PkiReadCaDerResponse

NewPkiReadCaDerResponseWithDefaults instantiates a new PkiReadCaDerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCaPemResponse ¶ added in v0.3.0 

type PkiReadCaPemResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCaPemResponse struct for PkiReadCaPemResponse

func NewPkiReadCaPemResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCaPemResponseWithDefaults() *PkiReadCaPemResponse

NewPkiReadCaPemResponseWithDefaults instantiates a new PkiReadCaPemResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCertCaChainResponse ¶ added in v0.3.0 

type PkiReadCertCaChainResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCertCaChainResponse struct for PkiReadCertCaChainResponse

func NewPkiReadCertCaChainResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCertCaChainResponseWithDefaults() *PkiReadCertCaChainResponse

NewPkiReadCertCaChainResponseWithDefaults instantiates a new PkiReadCertCaChainResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCertCrlResponse ¶ added in v0.3.0 

type PkiReadCertCrlResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCertCrlResponse struct for PkiReadCertCrlResponse

func NewPkiReadCertCrlResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCertCrlResponseWithDefaults() *PkiReadCertCrlResponse

NewPkiReadCertCrlResponseWithDefaults instantiates a new PkiReadCertCrlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCertDeltaCrlResponse ¶ added in v0.3.0 

type PkiReadCertDeltaCrlResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCertDeltaCrlResponse struct for PkiReadCertDeltaCrlResponse

func NewPkiReadCertDeltaCrlResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCertDeltaCrlResponseWithDefaults() *PkiReadCertDeltaCrlResponse

NewPkiReadCertDeltaCrlResponseWithDefaults instantiates a new PkiReadCertDeltaCrlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCertRawDerResponse ¶ added in v0.3.0 

type PkiReadCertRawDerResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCertRawDerResponse struct for PkiReadCertRawDerResponse

func NewPkiReadCertRawDerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCertRawDerResponseWithDefaults() *PkiReadCertRawDerResponse

NewPkiReadCertRawDerResponseWithDefaults instantiates a new PkiReadCertRawDerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCertRawPemResponse ¶ added in v0.3.0 

type PkiReadCertRawPemResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCertRawPemResponse struct for PkiReadCertRawPemResponse

func NewPkiReadCertRawPemResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCertRawPemResponseWithDefaults() *PkiReadCertRawPemResponse

NewPkiReadCertRawPemResponseWithDefaults instantiates a new PkiReadCertRawPemResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCertResponse ¶ added in v0.3.0 

type PkiReadCertResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCertResponse struct for PkiReadCertResponse

func NewPkiReadCertResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCertResponseWithDefaults() *PkiReadCertResponse

NewPkiReadCertResponseWithDefaults instantiates a new PkiReadCertResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadClusterConfigurationResponse ¶ added in v0.3.0 

type PkiReadClusterConfigurationResponse struct {
	// Optional URI to this mount's AIA distribution point; may refer to an external non-Vault responder. This is for resolving AIA URLs and providing the {{cluster_aia_path}} template parameter and will not be used for other purposes. As such, unlike path above, this could safely be an insecure transit mechanism (like HTTP without TLS). For example: http://cdn.example.com/pr1/pki
	AiaPath string `json:"aia_path,omitempty"`

	// Canonical URI to this mount on this performance replication cluster's external address. This is for resolving AIA URLs and providing the {{cluster_path}} template parameter but might be used for other purposes in the future. This should only point back to this particular PR replica and should not ever point to another PR cluster. It may point to any node in the PR replica, including standby nodes, and need not always point to the active node. For example: https://pr1.vault.example.com:8200/v1/pki
	Path string `json:"path,omitempty"`
}

PkiReadClusterConfigurationResponse struct for PkiReadClusterConfigurationResponse

func NewPkiReadClusterConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadClusterConfigurationResponseWithDefaults() *PkiReadClusterConfigurationResponse

NewPkiReadClusterConfigurationResponseWithDefaults instantiates a new PkiReadClusterConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCrlConfigurationResponse ¶ added in v0.3.0 

type PkiReadCrlConfigurationResponse struct {
	// If set to true, enables automatic rebuilding of the CRL
	AutoRebuild bool `json:"auto_rebuild,omitempty"`

	// The time before the CRL expires to automatically rebuild it, when enabled. Must be shorter than the CRL expiry. Defaults to 12h.
	AutoRebuildGracePeriod string `json:"auto_rebuild_grace_period,omitempty"`

	// Whether to enable a global, cross-cluster revocation queue. Must be used with auto_rebuild=true.
	CrossClusterRevocation bool `json:"cross_cluster_revocation,omitempty"`

	// The time between delta CRL rebuilds if a new revocation has occurred. Must be shorter than the CRL expiry. Defaults to 15m.
	DeltaRebuildInterval string `json:"delta_rebuild_interval,omitempty"`

	// If set to true, disables generating the CRL entirely.
	Disable bool `json:"disable,omitempty"`

	// Whether to enable delta CRLs between authoritative CRL rebuilds
	EnableDelta bool `json:"enable_delta,omitempty"`

	// The amount of time the generated CRL should be valid; defaults to 72 hours
	Expiry string `json:"expiry,omitempty"`

	// If set to true, ocsp unauthorized responses will be returned.
	OcspDisable bool `json:"ocsp_disable,omitempty"`

	// The amount of time an OCSP response will be valid (controls the NextUpdate field); defaults to 12 hours
	OcspExpiry string `json:"ocsp_expiry,omitempty"`

	// If set to true enables global replication of revocation entries, also enabling unified versions of OCSP and CRLs if their respective features are enabled. disable for CRLs and ocsp_disable for OCSP.
	UnifiedCrl bool `json:"unified_crl,omitempty"`

	// If set to true, existing CRL and OCSP paths will return the unified CRL instead of a response based on cluster-local data
	UnifiedCrlOnExistingPaths bool `json:"unified_crl_on_existing_paths,omitempty"`
}

PkiReadCrlConfigurationResponse struct for PkiReadCrlConfigurationResponse

func NewPkiReadCrlConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCrlConfigurationResponseWithDefaults() *PkiReadCrlConfigurationResponse

NewPkiReadCrlConfigurationResponseWithDefaults instantiates a new PkiReadCrlConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCrlDeltaPemResponse ¶ added in v0.3.0 

type PkiReadCrlDeltaPemResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCrlDeltaPemResponse struct for PkiReadCrlDeltaPemResponse

func NewPkiReadCrlDeltaPemResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCrlDeltaPemResponseWithDefaults() *PkiReadCrlDeltaPemResponse

NewPkiReadCrlDeltaPemResponseWithDefaults instantiates a new PkiReadCrlDeltaPemResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCrlDeltaResponse ¶ added in v0.3.0 

type PkiReadCrlDeltaResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCrlDeltaResponse struct for PkiReadCrlDeltaResponse

func NewPkiReadCrlDeltaResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCrlDeltaResponseWithDefaults() *PkiReadCrlDeltaResponse

NewPkiReadCrlDeltaResponseWithDefaults instantiates a new PkiReadCrlDeltaResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCrlDerResponse ¶ added in v0.3.0 

type PkiReadCrlDerResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCrlDerResponse struct for PkiReadCrlDerResponse

func NewPkiReadCrlDerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCrlDerResponseWithDefaults() *PkiReadCrlDerResponse

NewPkiReadCrlDerResponseWithDefaults instantiates a new PkiReadCrlDerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadCrlPemResponse ¶ added in v0.3.0 

type PkiReadCrlPemResponse struct {
	// Issuing CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Revocation time
	RevocationTime string `json:"revocation_time,omitempty"`

	// Revocation time RFC 3339 formatted
	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`
}

PkiReadCrlPemResponse struct for PkiReadCrlPemResponse

func NewPkiReadCrlPemResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadCrlPemResponseWithDefaults() *PkiReadCrlPemResponse

NewPkiReadCrlPemResponseWithDefaults instantiates a new PkiReadCrlPemResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadIssuerDerResponse ¶ added in v0.3.0 

type PkiReadIssuerDerResponse struct {
	// CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Issuer Id
	IssuerId string `json:"issuer_id,omitempty"`

	// Issuer Name
	IssuerName string `json:"issuer_name,omitempty"`
}

PkiReadIssuerDerResponse struct for PkiReadIssuerDerResponse

func NewPkiReadIssuerDerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadIssuerDerResponseWithDefaults() *PkiReadIssuerDerResponse

NewPkiReadIssuerDerResponseWithDefaults instantiates a new PkiReadIssuerDerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadIssuerJsonResponse ¶ added in v0.3.0 

type PkiReadIssuerJsonResponse struct {
	// CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Issuer Id
	IssuerId string `json:"issuer_id,omitempty"`

	// Issuer Name
	IssuerName string `json:"issuer_name,omitempty"`
}

PkiReadIssuerJsonResponse struct for PkiReadIssuerJsonResponse

func NewPkiReadIssuerJsonResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadIssuerJsonResponseWithDefaults() *PkiReadIssuerJsonResponse

NewPkiReadIssuerJsonResponseWithDefaults instantiates a new PkiReadIssuerJsonResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadIssuerPemResponse ¶ added in v0.3.0 

type PkiReadIssuerPemResponse struct {
	// CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Issuer Id
	IssuerId string `json:"issuer_id,omitempty"`

	// Issuer Name
	IssuerName string `json:"issuer_name,omitempty"`
}

PkiReadIssuerPemResponse struct for PkiReadIssuerPemResponse

func NewPkiReadIssuerPemResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadIssuerPemResponseWithDefaults() *PkiReadIssuerPemResponse

NewPkiReadIssuerPemResponseWithDefaults instantiates a new PkiReadIssuerPemResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadIssuerResponse ¶ added in v0.3.0 

type PkiReadIssuerResponse struct {
	// CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// CRL Distribution Points
	CrlDistributionPoints []string `json:"crl_distribution_points,omitempty"`

	// Issuer Id
	IssuerId string `json:"issuer_id,omitempty"`

	// Issuer Name
	IssuerName string `json:"issuer_name,omitempty"`

	// Issuing Certificates
	IssuingCertificates []string `json:"issuing_certificates,omitempty"`

	// Key Id
	KeyId string `json:"key_id,omitempty"`

	// Leaf Not After Behavior
	LeafNotAfterBehavior string `json:"leaf_not_after_behavior,omitempty"`

	// Manual Chain
	ManualChain []string `json:"manual_chain,omitempty"`

	// OSCP Servers
	OcspServers []string `json:"ocsp_servers,omitempty"`

	// Revocation Signature Alogrithm
	RevocationSignatureAlgorithm string `json:"revocation_signature_algorithm,omitempty"`

	RevocationTime int32 `json:"revocation_time,omitempty"`

	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`

	// Revoked
	Revoked bool `json:"revoked,omitempty"`

	// Usage
	Usage []string `json:"usage,omitempty"`
}

PkiReadIssuerResponse struct for PkiReadIssuerResponse

func NewPkiReadIssuerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadIssuerResponseWithDefaults() *PkiReadIssuerResponse

NewPkiReadIssuerResponseWithDefaults instantiates a new PkiReadIssuerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadIssuersConfigurationResponse ¶ added in v0.3.0 

type PkiReadIssuersConfigurationResponse struct {
	// Reference (name or identifier) to the default issuer.
	Default string `json:"default,omitempty"`

	// Whether the default issuer should automatically follow the latest generated or imported issuer. Defaults to false.
	DefaultFollowsLatestIssuer bool `json:"default_follows_latest_issuer,omitempty"`
}

PkiReadIssuersConfigurationResponse struct for PkiReadIssuersConfigurationResponse

func NewPkiReadIssuersConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadIssuersConfigurationResponseWithDefaults() *PkiReadIssuersConfigurationResponse

NewPkiReadIssuersConfigurationResponseWithDefaults instantiates a new PkiReadIssuersConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadKeyResponse ¶ added in v0.3.0 

type PkiReadKeyResponse struct {
	// Key Id
	KeyId string `json:"key_id,omitempty"`

	// Key Name
	KeyName string `json:"key_name,omitempty"`

	// Key Type
	KeyType string `json:"key_type,omitempty"`

	// Managed Key Id
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// Managed Key Name
	ManagedKeyName string `json:"managed_key_name,omitempty"`
}

PkiReadKeyResponse struct for PkiReadKeyResponse

func NewPkiReadKeyResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadKeyResponseWithDefaults() *PkiReadKeyResponse

NewPkiReadKeyResponseWithDefaults instantiates a new PkiReadKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadKeysConfigurationResponse ¶ added in v0.3.0 

type PkiReadKeysConfigurationResponse struct {
	// Reference (name or identifier) to the default issuer.
	Default string `json:"default,omitempty"`
}

PkiReadKeysConfigurationResponse struct for PkiReadKeysConfigurationResponse

func NewPkiReadKeysConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadKeysConfigurationResponseWithDefaults() *PkiReadKeysConfigurationResponse

NewPkiReadKeysConfigurationResponseWithDefaults instantiates a new PkiReadKeysConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadRoleResponse ¶ added in v0.3.0 

type PkiReadRoleResponse struct {
	// If set, clients can request certificates for any domain, regardless of allowed_domains restrictions. See the documentation for more information.
	AllowAnyName bool `json:"allow_any_name,omitempty"`

	// If set, clients can request certificates for the base domains themselves, e.g. \"example.com\" of domains listed in allowed_domains. This is a separate option as in some cases this can be considered a security threat. See the documentation for more information.
	AllowBareDomains bool `json:"allow_bare_domains,omitempty"`

	// If set, domains specified in allowed_domains can include shell-style glob patterns, e.g. \"ftp*.example.com\". See the documentation for more information.
	AllowGlobDomains bool `json:"allow_glob_domains,omitempty"`

	// If set, IP Subject Alternative Names are allowed. Any valid IP is accepted and No authorization checking is performed.
	AllowIpSans bool `json:"allow_ip_sans,omitempty"`

	// Whether to allow \"localhost\" and \"localdomain\" as a valid common name in a request, independent of allowed_domains value.
	AllowLocalhost bool `json:"allow_localhost,omitempty"`

	// If set, clients can request certificates for subdomains of domains listed in allowed_domains, including wildcard subdomains. See the documentation for more information.
	AllowSubdomains bool `json:"allow_subdomains,omitempty"`

	// Whether to allow \"localhost\" and \"localdomain\" as a valid common name in a request, independent of allowed_domains value.
	AllowTokenDisplayname bool `json:"allow_token_displayname,omitempty"`

	// If set, allows certificates with wildcards in the common name to be issued, conforming to RFC 6125's Section 6.4.3; e.g., \"*.example.net\" or \"b*z.example.net\". See the documentation for more information.
	AllowWildcardCertificates bool `json:"allow_wildcard_certificates,omitempty"`

	// Specifies the domains this role is allowed to issue certificates for. This is used with the allow_bare_domains, allow_subdomains, and allow_glob_domains to determine matches for the common name, DNS-typed SAN entries, and Email-typed SAN entries of certificates. See the documentation for more information. This parameter accepts a comma-separated string or list of domains.
	AllowedDomains []string `json:"allowed_domains,omitempty"`

	// If set, Allowed domains can be specified using identity template policies. Non-templated domains are also permitted.
	AllowedDomainsTemplate bool `json:"allowed_domains_template,omitempty"`

	// If set, an array of allowed other names to put in SANs. These values support globbing and must be in the format <oid>;<type>:<value>. Currently only \"utf8\" is a valid type. All values, including globbing values, must use this syntax, with the exception being a single \"*\" which allows any OID and any value (but type must still be utf8).
	AllowedOtherSans []string `json:"allowed_other_sans,omitempty"`

	// If set, an array of allowed serial numbers to put in Subject. These values support globbing.
	AllowedSerialNumbers []string `json:"allowed_serial_numbers,omitempty"`

	// If set, an array of allowed URIs for URI Subject Alternative Names. Any valid URI is accepted, these values support globbing.
	AllowedUriSans []string `json:"allowed_uri_sans,omitempty"`

	// If set, Allowed URI SANs can be specified using identity template policies. Non-templated URI SANs are also permitted.
	AllowedUriSansTemplate bool `json:"allowed_uri_sans_template,omitempty"`

	// If set, an array of allowed user-ids to put in user system login name specified here: https://www.rfc-editor.org/rfc/rfc1274#section-9.3.1
	AllowedUserIds []string `json:"allowed_user_ids,omitempty"`

	// Mark Basic Constraints valid when issuing non-CA certificates.
	BasicConstraintsValidForNonCa bool `json:"basic_constraints_valid_for_non_ca,omitempty"`

	// If set, certificates are flagged for client auth use. Defaults to true. See also RFC 5280 Section 4.2.1.12.
	ClientFlag bool `json:"client_flag,omitempty"`

	// List of allowed validations to run against the Common Name field. Values can include 'email' to validate the CN is a email address, 'hostname' to validate the CN is a valid hostname (potentially including wildcards). When multiple validations are specified, these take OR semantics (either email OR hostname are allowed). The special value 'disabled' allows disabling all CN name validations, allowing for arbitrary non-Hostname, non-Email address CNs.
	CnValidations []string `json:"cn_validations,omitempty"`

	// If set, certificates are flagged for code signing use. Defaults to false. See also RFC 5280 Section 4.2.1.12.
	CodeSigningFlag bool `json:"code_signing_flag,omitempty"`

	// If set, Country will be set to this value in certificates issued by this role.
	Country []string `json:"country,omitempty"`

	// If set, certificates are flagged for email protection use. Defaults to false. See also RFC 5280 Section 4.2.1.12.
	EmailProtectionFlag bool `json:"email_protection_flag,omitempty"`

	// If set, only valid host names are allowed for CN and DNS SANs, and the host part of email addresses. Defaults to true.
	EnforceHostnames bool `json:"enforce_hostnames,omitempty"`

	// A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. See also RFC 5280 Section 4.2.1.12.
	ExtKeyUsage []string `json:"ext_key_usage,omitempty"`

	// A comma-separated string or list of extended key usage oids.
	ExtKeyUsageOids []string `json:"ext_key_usage_oids,omitempty"`

	// If set, certificates issued/signed against this role will have Vault leases attached to them. Defaults to \"false\". Certificates can be added to the CRL by \"vault revoke <lease_id>\" when certificates are associated with leases. It can also be done using the \"pki/revoke\" endpoint. However, when lease generation is disabled, invoking \"pki/revoke\" would be the only way to add the certificates to the CRL. When large number of certificates are generated with long lifetimes, it is recommended that lease generation be disabled, as large amount of leases adversely affect the startup time of Vault.
	GenerateLease bool `json:"generate_lease,omitempty"`

	// Reference to the issuer used to sign requests serviced by this role.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\", \"ed25519\" and \"any\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. See also RFC 5280 Section 4.2.1.3.
	KeyUsage []string `json:"key_usage,omitempty"`

	// If set, Locality will be set to this value in certificates issued by this role.
	Locality []string `json:"locality,omitempty"`

	// The maximum allowed lease duration. If not set, defaults to the system maximum lease TTL.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// If set, certificates issued/signed against this role will not be stored in the storage backend. This can improve performance when issuing large numbers of certificates. However, certificates issued in this way cannot be enumerated or revoked, so this option is recommended only for certificates that are non-sensitive, or extremely short-lived. This option implies a value of \"false\" for \"generate_lease\".
	NoStore bool `json:"no_store,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ.
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value in certificates issued by this role.
	Organization []string `json:"organization,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value in certificates issued by this role.
	Ou []string `json:"ou,omitempty"`

	// A comma-separated string or list of policy OIDs, or a JSON list of qualified policy information, which must include an oid, and may include a notice and/or cps url, using the form [{\"oid\"=\"1.3.6.1.4.1.7.8\",\"notice\"=\"I am a user Notice\"}, {\"oid\"=\"1.3.6.1.4.1.44947.1.2.4 \",\"cps\"=\"https://example.com\"}].
	PolicyIdentifiers []string `json:"policy_identifiers,omitempty"`

	// If set, Postal Code will be set to this value in certificates issued by this role.
	PostalCode []string `json:"postal_code,omitempty"`

	// If set, Province will be set to this value in certificates issued by this role.
	Province []string `json:"province,omitempty"`

	// If set to false, makes the 'common_name' field optional while generating a certificate.
	RequireCn bool `json:"require_cn,omitempty"`

	// If set, certificates are flagged for server auth use. Defaults to true. See also RFC 5280 Section 4.2.1.12.
	ServerFlag bool `json:"server_flag,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value in certificates issued by this role.
	StreetAddress []string `json:"street_address,omitempty"`

	// The lease duration (validity period of the certificate) if no specific lease duration is requested. The lease duration controls the expiration of certificates issued by this backend. Defaults to the system default value or the value of max_ttl, whichever is shorter.
	Ttl int32 `json:"ttl,omitempty"`

	// If set, when used with a signing profile, the common name in the CSR will be used. This does *not* include any requested Subject Alternative Names; use use_csr_sans for that. Defaults to true.
	UseCsrCommonName bool `json:"use_csr_common_name,omitempty"`

	// If set, when used with a signing profile, the SANs in the CSR will be used. This does *not* include the Common Name (cn); use use_csr_common_name for that. Defaults to true.
	UseCsrSans bool `json:"use_csr_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiReadRoleResponse struct for PkiReadRoleResponse

func NewPkiReadRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadRoleResponseWithDefaults() *PkiReadRoleResponse

NewPkiReadRoleResponseWithDefaults instantiates a new PkiReadRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReadUrlsConfigurationResponse ¶ added in v0.3.0 

type PkiReadUrlsConfigurationResponse struct {
	// Comma-separated list of URLs to be used for the CRL distribution points attribute. See also RFC 5280 Section 4.2.1.13.
	CrlDistributionPoints []string `json:"crl_distribution_points,omitempty"`

	// Whether or not to enable templating of the above AIA fields. When templating is enabled the special values '{{issuer_id}}' and '{{cluster_path}}' are available, but the addresses are not checked for URI validity until issuance time. This requires /config/cluster's path to be set on all PR Secondary clusters.
	EnableTemplating bool `json:"enable_templating,omitempty"`

	// Comma-separated list of URLs to be used for the issuing certificate attribute. See also RFC 5280 Section 4.2.2.1.
	IssuingCertificates []string `json:"issuing_certificates,omitempty"`

	// Comma-separated list of URLs to be used for the OCSP servers attribute. See also RFC 5280 Section 4.2.2.1.
	OcspServers []string `json:"ocsp_servers,omitempty"`
}

PkiReadUrlsConfigurationResponse struct for PkiReadUrlsConfigurationResponse

func NewPkiReadUrlsConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReadUrlsConfigurationResponseWithDefaults() *PkiReadUrlsConfigurationResponse

NewPkiReadUrlsConfigurationResponseWithDefaults instantiates a new PkiReadUrlsConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReplaceRootRequest ¶ added in v0.3.0 

type PkiReplaceRootRequest struct {
	// Reference (name or identifier) to the default issuer.
	Default string `json:"default,omitempty"`
}

PkiReplaceRootRequest struct for PkiReplaceRootRequest

func NewPkiReplaceRootRequestWithDefaults ¶ added in v0.3.0 

func NewPkiReplaceRootRequestWithDefaults() *PkiReplaceRootRequest

NewPkiReplaceRootRequestWithDefaults instantiates a new PkiReplaceRootRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiReplaceRootResponse ¶ added in v0.3.0 

type PkiReplaceRootResponse struct {
	// Reference (name or identifier) to the default issuer.
	Default string `json:"default,omitempty"`

	// Whether the default issuer should automatically follow the latest generated or imported issuer. Defaults to false.
	DefaultFollowsLatestIssuer bool `json:"default_follows_latest_issuer,omitempty"`
}

PkiReplaceRootResponse struct for PkiReplaceRootResponse

func NewPkiReplaceRootResponseWithDefaults ¶ added in v0.3.0 

func NewPkiReplaceRootResponseWithDefaults() *PkiReplaceRootResponse

NewPkiReplaceRootResponseWithDefaults instantiates a new PkiReplaceRootResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRevokeIssuerResponse ¶ added in v0.3.0 

type PkiRevokeIssuerResponse struct {
	// Certificate Authority Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Specifies the URL values for the CRL Distribution Points field
	CrlDistributionPoints []string `json:"crl_distribution_points,omitempty"`

	// ID of the issuer
	IssuerId string `json:"issuer_id,omitempty"`

	// Name of the issuer
	IssuerName string `json:"issuer_name,omitempty"`

	// Specifies the URL values for the Issuing Certificate field
	IssuingCertificates []string `json:"issuing_certificates,omitempty"`

	// ID of the Key
	KeyId string `json:"key_id,omitempty"`

	LeafNotAfterBehavior string `json:"leaf_not_after_behavior,omitempty"`

	// Manual Chain
	ManualChain []string `json:"manual_chain,omitempty"`

	// Specifies the URL values for the OCSP Servers field
	OcspServers []string `json:"ocsp_servers,omitempty"`

	// Which signature algorithm to use when building CRLs
	RevocationSignatureAlgorithm string `json:"revocation_signature_algorithm,omitempty"`

	// Time of revocation
	RevocationTime int64 `json:"revocation_time,omitempty"`

	// RFC formatted time of revocation
	RevocationTimeRfc3339 time.Time `json:"revocation_time_rfc3339,omitempty"`

	// Whether the issuer was revoked
	Revoked bool `json:"revoked,omitempty"`

	// Allowed usage
	Usage string `json:"usage,omitempty"`
}

PkiRevokeIssuerResponse struct for PkiRevokeIssuerResponse

func NewPkiRevokeIssuerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiRevokeIssuerResponseWithDefaults() *PkiRevokeIssuerResponse

NewPkiRevokeIssuerResponseWithDefaults instantiates a new PkiRevokeIssuerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRevokeRequest ¶ added in v0.3.0 

type PkiRevokeRequest struct {
	// Certificate to revoke in PEM format; must be signed by an issuer in this mount.
	Certificate string `json:"certificate,omitempty"`

	// Certificate serial number, in colon- or hyphen-separated octal
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiRevokeRequest struct for PkiRevokeRequest

func NewPkiRevokeRequestWithDefaults ¶ added in v0.3.0 

func NewPkiRevokeRequestWithDefaults() *PkiRevokeRequest

NewPkiRevokeRequestWithDefaults instantiates a new PkiRevokeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRevokeResponse ¶ added in v0.3.0 

type PkiRevokeResponse struct {
	// Revocation Time
	RevocationTime int32 `json:"revocation_time,omitempty"`

	// Revocation Time
	RevocationTimeRfc3339 time.Time `json:"revocation_time_rfc3339,omitempty"`

	// Revocation State
	State string `json:"state,omitempty"`
}

PkiRevokeResponse struct for PkiRevokeResponse

func NewPkiRevokeResponseWithDefaults ¶ added in v0.3.0 

func NewPkiRevokeResponseWithDefaults() *PkiRevokeResponse

NewPkiRevokeResponseWithDefaults instantiates a new PkiRevokeResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRevokeWithKeyRequest ¶ added in v0.3.0 

type PkiRevokeWithKeyRequest struct {
	// Certificate to revoke in PEM format; must be signed by an issuer in this mount.
	Certificate string `json:"certificate,omitempty"`

	// Key to use to verify revocation permission; must be in PEM format.
	PrivateKey string `json:"private_key,omitempty"`

	// Certificate serial number, in colon- or hyphen-separated octal
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiRevokeWithKeyRequest struct for PkiRevokeWithKeyRequest

func NewPkiRevokeWithKeyRequestWithDefaults ¶ added in v0.3.0 

func NewPkiRevokeWithKeyRequestWithDefaults() *PkiRevokeWithKeyRequest

NewPkiRevokeWithKeyRequestWithDefaults instantiates a new PkiRevokeWithKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRevokeWithKeyResponse ¶ added in v0.3.0 

type PkiRevokeWithKeyResponse struct {
	// Revocation Time
	RevocationTime int32 `json:"revocation_time,omitempty"`

	// Revocation Time
	RevocationTimeRfc3339 time.Time `json:"revocation_time_rfc3339,omitempty"`

	// Revocation State
	State string `json:"state,omitempty"`
}

PkiRevokeWithKeyResponse struct for PkiRevokeWithKeyResponse

func NewPkiRevokeWithKeyResponseWithDefaults ¶ added in v0.3.0 

func NewPkiRevokeWithKeyResponseWithDefaults() *PkiRevokeWithKeyResponse

NewPkiRevokeWithKeyResponseWithDefaults instantiates a new PkiRevokeWithKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRootSignIntermediateRequest ¶ added in v0.3.0 

type PkiRootSignIntermediateRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. May contain both DNS names and email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If not specified when signing, the common name will be taken from the CSR; other names must still be specified in alt_names or ip_sans.
	CommonName string `json:"common_name,omitempty"`

	// If set, Country will be set to this value.
	Country []string `json:"country,omitempty"`

	// PEM-format CSR to be signed.
	Csr string `json:"csr,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Provide a name to the generated or existing issuer, the name must be unique across all issuers and not be the reserved value 'default'
	IssuerName string `json:"issuer_name,omitempty"`

	// Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// If set, Locality will be set to this value.
	Locality []string `json:"locality,omitempty"`

	// The maximum allowable path length
	MaxPathLength int32 `json:"max_path_length,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value.
	Organization []string `json:"organization,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value.
	Ou []string `json:"ou,omitempty"`

	// Domains for which this certificate is allowed to sign or issue child certificates. If set, all DNS names (subject and alt) on child certs must be exact matches or subsets of the given domains (see https://tools.ietf.org/html/rfc5280#section-4.2.1.10).
	PermittedDnsDomains []string `json:"permitted_dns_domains,omitempty"`

	// If set, Postal Code will be set to this value.
	PostalCode []string `json:"postal_code,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// If set, Province will be set to this value.
	Province []string `json:"province,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// Value for the Subject Key Identifier field (RFC 5280 Section 4.2.1.2). This value should ONLY be used when cross-signing to mimic the existing certificate's SKID value; this is necessary to allow certain TLS implementations (such as OpenSSL) which use SKID/AKID matches in chain building to restrict possible valid chains. Specified as a string in hex format. Default is empty, allowing Vault to automatically calculate the SKID according to method one in the above RFC section.
	Skid string `json:"skid,omitempty"`

	// If set, Street Address will be set to this value.
	StreetAddress []string `json:"street_address,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// If true, then: 1) Subject information, including names and alternate names, will be preserved from the CSR rather than using values provided in the other parameters to this path; 2) Any key usages requested in the CSR will be added to the basic set of key usages used for CA certs signed by this path; for instance, the non-repudiation flag; 3) Extensions requested in the CSR will be copied into the issued certificate.
	UseCsrValues bool `json:"use_csr_values,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiRootSignIntermediateRequest struct for PkiRootSignIntermediateRequest

func NewPkiRootSignIntermediateRequestWithDefaults ¶ added in v0.3.0 

func NewPkiRootSignIntermediateRequestWithDefaults() *PkiRootSignIntermediateRequest

NewPkiRootSignIntermediateRequestWithDefaults instantiates a new PkiRootSignIntermediateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRootSignIntermediateResponse ¶ added in v0.3.0 

type PkiRootSignIntermediateResponse struct {
	// CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Expiration Time
	Expiration int64 `json:"expiration,omitempty"`

	// Issuing CA
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiRootSignIntermediateResponse struct for PkiRootSignIntermediateResponse

func NewPkiRootSignIntermediateResponseWithDefaults ¶ added in v0.3.0 

func NewPkiRootSignIntermediateResponseWithDefaults() *PkiRootSignIntermediateResponse

NewPkiRootSignIntermediateResponseWithDefaults instantiates a new PkiRootSignIntermediateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRootSignSelfIssuedRequest ¶ added in v0.3.0 

type PkiRootSignSelfIssuedRequest struct {
	// PEM-format self-issued certificate to be signed.
	Certificate string `json:"certificate,omitempty"`

	// Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// If true, require the public key algorithm of the signer to match that of the self issued certificate.
	RequireMatchingCertificateAlgorithms bool `json:"require_matching_certificate_algorithms,omitempty"`
}

PkiRootSignSelfIssuedRequest struct for PkiRootSignSelfIssuedRequest

func NewPkiRootSignSelfIssuedRequestWithDefaults ¶ added in v0.3.0 

func NewPkiRootSignSelfIssuedRequestWithDefaults() *PkiRootSignSelfIssuedRequest

NewPkiRootSignSelfIssuedRequestWithDefaults instantiates a new PkiRootSignSelfIssuedRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRootSignSelfIssuedResponse ¶ added in v0.3.0 

type PkiRootSignSelfIssuedResponse struct {
	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Issuing CA
	IssuingCa string `json:"issuing_ca,omitempty"`
}

PkiRootSignSelfIssuedResponse struct for PkiRootSignSelfIssuedResponse

func NewPkiRootSignSelfIssuedResponseWithDefaults ¶ added in v0.3.0 

func NewPkiRootSignSelfIssuedResponseWithDefaults() *PkiRootSignSelfIssuedResponse

NewPkiRootSignSelfIssuedResponseWithDefaults instantiates a new PkiRootSignSelfIssuedResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRotateCrlResponse ¶ added in v0.3.0 

type PkiRotateCrlResponse struct {
	// Whether rotation was successful
	Success bool `json:"success,omitempty"`
}

PkiRotateCrlResponse struct for PkiRotateCrlResponse

func NewPkiRotateCrlResponseWithDefaults ¶ added in v0.3.0 

func NewPkiRotateCrlResponseWithDefaults() *PkiRotateCrlResponse

NewPkiRotateCrlResponseWithDefaults instantiates a new PkiRotateCrlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiRotateDeltaCrlResponse ¶ added in v0.3.0 

type PkiRotateDeltaCrlResponse struct {
	// Whether rotation was successful
	Success bool `json:"success,omitempty"`
}

PkiRotateDeltaCrlResponse struct for PkiRotateDeltaCrlResponse

func NewPkiRotateDeltaCrlResponseWithDefaults ¶ added in v0.3.0 

func NewPkiRotateDeltaCrlResponseWithDefaults() *PkiRotateDeltaCrlResponse

NewPkiRotateDeltaCrlResponseWithDefaults instantiates a new PkiRotateDeltaCrlResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiSetSignedIntermediateRequest ¶ added in v0.3.0 

type PkiSetSignedIntermediateRequest struct {
	// PEM-format certificate. This must be a CA certificate with a public key matching the previously-generated key from the generation endpoint. Additional parent CAs may be optionally appended to the bundle.
	Certificate string `json:"certificate,omitempty"`
}

PkiSetSignedIntermediateRequest struct for PkiSetSignedIntermediateRequest

func NewPkiSetSignedIntermediateRequestWithDefaults ¶ added in v0.3.0 

func NewPkiSetSignedIntermediateRequestWithDefaults() *PkiSetSignedIntermediateRequest

NewPkiSetSignedIntermediateRequestWithDefaults instantiates a new PkiSetSignedIntermediateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiSetSignedIntermediateResponse ¶ added in v0.3.0 

type PkiSetSignedIntermediateResponse struct {
	// Net-new issuers imported as a part of this request
	ImportedIssuers []string `json:"imported_issuers,omitempty"`

	// Net-new keys imported as a part of this request
	ImportedKeys []string `json:"imported_keys,omitempty"`

	// A mapping of issuer_id to key_id for all issuers included in this request
	Mapping map[string]interface{} `json:"mapping,omitempty"`
}

PkiSetSignedIntermediateResponse struct for PkiSetSignedIntermediateResponse

func NewPkiSetSignedIntermediateResponseWithDefaults ¶ added in v0.3.0 

func NewPkiSetSignedIntermediateResponseWithDefaults() *PkiSetSignedIntermediateResponse

NewPkiSetSignedIntermediateResponseWithDefaults instantiates a new PkiSetSignedIntermediateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiSignVerbatimRequest ¶ added in v0.3.0 

type PkiSignVerbatimRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address.
	CommonName string `json:"common_name,omitempty"`

	// PEM-format CSR to be signed. Values will be taken verbatim from the CSR, except for basic constraints.
	Csr string `json:"csr,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list.
	ExtKeyUsage []string `json:"ext_key_usage,omitempty"`

	// A comma-separated string or list of extended key usage oids.
	ExtKeyUsageOids []string `json:"ext_key_usage_oids,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list.
	KeyUsage []string `json:"key_usage,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// Whether or not to remove self-signed CA certificates in the output of the ca_chain field.
	RemoveRootsFromChain bool `json:"remove_roots_from_chain,omitempty"`

	// The desired role with configuration for this request
	Role string `json:"role,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`

	// The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1.
	UserIds []string `json:"user_ids,omitempty"`
}

PkiSignVerbatimRequest struct for PkiSignVerbatimRequest

func NewPkiSignVerbatimRequestWithDefaults ¶ added in v0.3.0 

func NewPkiSignVerbatimRequestWithDefaults() *PkiSignVerbatimRequest

NewPkiSignVerbatimRequestWithDefaults instantiates a new PkiSignVerbatimRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiSignVerbatimResponse ¶ added in v0.3.0 

type PkiSignVerbatimResponse struct {
	// Certificate Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Time of expiration
	Expiration string `json:"expiration,omitempty"`

	// Issuing Certificate Authority
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Private key
	PrivateKey string `json:"private_key,omitempty"`

	// Private key type
	PrivateKeyType string `json:"private_key_type,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiSignVerbatimResponse struct for PkiSignVerbatimResponse

func NewPkiSignVerbatimResponseWithDefaults ¶ added in v0.3.0 

func NewPkiSignVerbatimResponseWithDefaults() *PkiSignVerbatimResponse

NewPkiSignVerbatimResponseWithDefaults instantiates a new PkiSignVerbatimResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiSignVerbatimWithRoleRequest ¶ added in v0.3.0 

type PkiSignVerbatimWithRoleRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address.
	CommonName string `json:"common_name,omitempty"`

	// PEM-format CSR to be signed. Values will be taken verbatim from the CSR, except for basic constraints.
	Csr string `json:"csr,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list.
	ExtKeyUsage []string `json:"ext_key_usage,omitempty"`

	// A comma-separated string or list of extended key usage oids.
	ExtKeyUsageOids []string `json:"ext_key_usage_oids,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list.
	KeyUsage []string `json:"key_usage,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// Whether or not to remove self-signed CA certificates in the output of the ca_chain field.
	RemoveRootsFromChain bool `json:"remove_roots_from_chain,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`

	// The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1.
	UserIds []string `json:"user_ids,omitempty"`
}

PkiSignVerbatimWithRoleRequest struct for PkiSignVerbatimWithRoleRequest

func NewPkiSignVerbatimWithRoleRequestWithDefaults ¶ added in v0.3.0 

func NewPkiSignVerbatimWithRoleRequestWithDefaults() *PkiSignVerbatimWithRoleRequest

NewPkiSignVerbatimWithRoleRequestWithDefaults instantiates a new PkiSignVerbatimWithRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiSignVerbatimWithRoleResponse ¶ added in v0.3.0 

type PkiSignVerbatimWithRoleResponse struct {
	// Certificate Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Time of expiration
	Expiration string `json:"expiration,omitempty"`

	// Issuing Certificate Authority
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Private key
	PrivateKey string `json:"private_key,omitempty"`

	// Private key type
	PrivateKeyType string `json:"private_key_type,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiSignVerbatimWithRoleResponse struct for PkiSignVerbatimWithRoleResponse

func NewPkiSignVerbatimWithRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiSignVerbatimWithRoleResponseWithDefaults() *PkiSignVerbatimWithRoleResponse

NewPkiSignVerbatimWithRoleResponseWithDefaults instantiates a new PkiSignVerbatimWithRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiSignWithRoleRequest ¶ added in v0.3.0 

type PkiSignWithRoleRequest struct {
	// The requested Subject Alternative Names, if any, in a comma-delimited list. If email protection is enabled for the role, this may contain email addresses.
	AltNames string `json:"alt_names,omitempty"`

	// The requested common name; if you want more than one, specify the alternative names in the alt_names map. If email protection is enabled in the role, this may be an email address.
	CommonName string `json:"common_name,omitempty"`

	// PEM-format CSR to be signed.
	Csr string `json:"csr,omitempty"`

	// If true, the Common Name will not be included in DNS or Email Subject Alternate Names. Defaults to false (CN is included).
	ExcludeCnFromSans bool `json:"exclude_cn_from_sans,omitempty"`

	// Format for returned data. Can be \"pem\", \"der\", or \"pem_bundle\". If \"pem_bundle\", any private key and issuing cert will be appended to the certificate pem. If \"der\", the value will be base64 encoded. Defaults to \"pem\".
	Format string `json:"format,omitempty"`

	// The requested IP SANs, if any, in a comma-delimited list
	IpSans []string `json:"ip_sans,omitempty"`

	// Reference to a existing issuer; either \"default\" for the configured default issuer, an identifier or the name assigned to the issuer.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
	NotAfter string `json:"not_after,omitempty"`

	// Requested other SANs, in an array with the format <oid>;UTF8:<utf8 string value> for each entry.
	OtherSans []string `json:"other_sans,omitempty"`

	// Format for the returned private key. Generally the default will be controlled by the \"format\" parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to \"pkcs8\" to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Defaults to \"der\".
	PrivateKeyFormat string `json:"private_key_format,omitempty"`

	// Whether or not to remove self-signed CA certificates in the output of the ca_chain field.
	RemoveRootsFromChain bool `json:"remove_roots_from_chain,omitempty"`

	// The Subject's requested serial number, if any. See RFC 4519 Section 2.31 'serialNumber' for a description of this field. If you want more than one, specify alternative names in the alt_names map using OID 2.5.4.5. This has no impact on the final certificate's Serial Number field.
	SerialNumber string `json:"serial_number,omitempty"`

	// The requested Time To Live for the certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be larger than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// The requested URI SANs, if any, in a comma-delimited list.
	UriSans []string `json:"uri_sans,omitempty"`

	// The requested user_ids value to place in the subject, if any, in a comma-delimited list. Restricted by allowed_user_ids. Any values are added with OID 0.9.2342.19200300.100.1.1.
	UserIds []string `json:"user_ids,omitempty"`
}

PkiSignWithRoleRequest struct for PkiSignWithRoleRequest

func NewPkiSignWithRoleRequestWithDefaults ¶ added in v0.3.0 

func NewPkiSignWithRoleRequestWithDefaults() *PkiSignWithRoleRequest

NewPkiSignWithRoleRequestWithDefaults instantiates a new PkiSignWithRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiSignWithRoleResponse ¶ added in v0.3.0 

type PkiSignWithRoleResponse struct {
	// Certificate Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// Time of expiration
	Expiration string `json:"expiration,omitempty"`

	// Issuing Certificate Authority
	IssuingCa string `json:"issuing_ca,omitempty"`

	// Private key
	PrivateKey string `json:"private_key,omitempty"`

	// Private key type
	PrivateKeyType string `json:"private_key_type,omitempty"`

	// Serial Number
	SerialNumber string `json:"serial_number,omitempty"`
}

PkiSignWithRoleResponse struct for PkiSignWithRoleResponse

func NewPkiSignWithRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiSignWithRoleResponseWithDefaults() *PkiSignWithRoleResponse

NewPkiSignWithRoleResponseWithDefaults instantiates a new PkiSignWithRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiTidyCancelResponse ¶ added in v0.3.0 

type PkiTidyCancelResponse struct {
	// The number of certificate storage entries deleted
	CertStoreDeletedCount int32 `json:"cert_store_deleted_count,omitempty"`

	CrossRevokedCertDeletedCount int32 `json:"cross_revoked_cert_deleted_count,omitempty"`

	// The number of revoked certificate entries deleted
	CurrentCertStoreCount int32 `json:"current_cert_store_count,omitempty"`

	// The number of revoked certificate entries deleted
	CurrentRevokedCertCount int32 `json:"current_revoked_cert_count,omitempty"`

	// The error message
	Error string `json:"error,omitempty"`

	InternalBackendUuid string `json:"internal_backend_uuid,omitempty"`

	// Issuer safety buffer
	IssuerSafetyBuffer int32 `json:"issuer_safety_buffer,omitempty"`

	// Message of the operation
	Message string `json:"message,omitempty"`

	MissingIssuerCertCount int32 `json:"missing_issuer_cert_count,omitempty"`

	// Duration to pause between tidying certificates
	PauseDuration string `json:"pause_duration,omitempty"`

	RevocationQueueDeletedCount int32 `json:"revocation_queue_deleted_count,omitempty"`

	// The number of revoked certificate entries deleted
	RevokedCertDeletedCount int32 `json:"revoked_cert_deleted_count,omitempty"`

	// Safety buffer time duration
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`

	// One of Inactive, Running, Finished, or Error
	State string `json:"state,omitempty"`

	// Tidy certificate store
	TidyCertStore bool `json:"tidy_cert_store,omitempty"`

	TidyCrossClusterRevokedCerts bool `json:"tidy_cross_cluster_revoked_certs,omitempty"`

	// Tidy expired issuers
	TidyExpiredIssuers bool `json:"tidy_expired_issuers,omitempty"`

	TidyMoveLegacyCaBundle bool `json:"tidy_move_legacy_ca_bundle,omitempty"`

	TidyRevocationQueue bool `json:"tidy_revocation_queue,omitempty"`

	// Tidy revoked certificate issuer associations
	TidyRevokedCertIssuerAssociations bool `json:"tidy_revoked_cert_issuer_associations,omitempty"`

	// Tidy revoked certificates
	TidyRevokedCerts bool `json:"tidy_revoked_certs,omitempty"`

	// Time the operation finished
	TimeFinished string `json:"time_finished,omitempty"`

	// Time the operation started
	TimeStarted string `json:"time_started,omitempty"`
}

PkiTidyCancelResponse struct for PkiTidyCancelResponse

func NewPkiTidyCancelResponseWithDefaults ¶ added in v0.3.0 

func NewPkiTidyCancelResponseWithDefaults() *PkiTidyCancelResponse

NewPkiTidyCancelResponseWithDefaults instantiates a new PkiTidyCancelResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiTidyRequest ¶ added in v0.3.0 

type PkiTidyRequest struct {
	// The amount of extra time that must have passed beyond issuer's expiration before it is removed from the backend storage. Defaults to 8760 hours (1 year).
	IssuerSafetyBuffer int32 `json:"issuer_safety_buffer,omitempty"`

	// This configures whether stored certificates are counted upon initialization of the backend, and whether during normal operation, a running count of certificates stored is maintained.
	MaintainStoredCertificateCounts bool `json:"maintain_stored_certificate_counts,omitempty"`

	// The amount of time to wait between processing certificates. This allows operators to change the execution profile of tidy to take consume less resources by slowing down how long it takes to run. Note that the entire list of certificates will be stored in memory during the entire tidy operation, but resources to read/process/update existing entries will be spread out over a greater period of time. By default this is zero seconds.
	PauseDuration string `json:"pause_duration,omitempty"`

	// This configures whether the stored certificate count is published to the metrics consumer. It does not affect if the stored certificate count is maintained, and if maintained, it will be available on the tidy-status endpoint.
	PublishStoredCertificateCountMetrics bool `json:"publish_stored_certificate_count_metrics,omitempty"`

	// The amount of time that must pass from the cross-cluster revocation request being initiated to when it will be slated for removal. Setting this too low may remove valid revocation requests before the owning cluster has a chance to process them, especially if the cluster is offline.
	RevocationQueueSafetyBuffer int32 `json:"revocation_queue_safety_buffer,omitempty"`

	// The amount of extra time that must have passed beyond certificate expiration before it is removed from the backend storage and/or revocation list. Defaults to 72 hours.
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`

	// Set to true to enable tidying up the certificate store
	TidyCertStore bool `json:"tidy_cert_store,omitempty"`

	// Set to true to enable tidying up the cross-cluster revoked certificate store. Only runs on the active primary node.
	TidyCrossClusterRevokedCerts bool `json:"tidy_cross_cluster_revoked_certs,omitempty"`

	// Set to true to automatically remove expired issuers past the issuer_safety_buffer. No keys will be removed as part of this operation.
	TidyExpiredIssuers bool `json:"tidy_expired_issuers,omitempty"`

	// Set to true to move the legacy ca_bundle from /config/ca_bundle to /config/ca_bundle.bak. This prevents downgrades to pre-Vault 1.11 versions (as older PKI engines do not know about the new multi-issuer storage layout), but improves the performance on seal wrapped PKI mounts. This will only occur if at least issuer_safety_buffer time has occurred after the initial storage migration. This backup is saved in case of an issue in future migrations. Operators may consider removing it via sys/raw if they desire. The backup will be removed via a DELETE /root call, but note that this removes ALL issuers within the mount (and is thus not desirable in most operational scenarios).
	TidyMoveLegacyCaBundle bool `json:"tidy_move_legacy_ca_bundle,omitempty"`

	// Deprecated; synonym for 'tidy_revoked_certs
	TidyRevocationList bool `json:"tidy_revocation_list,omitempty"`

	// Set to true to remove stale revocation queue entries that haven't been confirmed by any active cluster. Only runs on the active primary node
	TidyRevocationQueue bool `json:"tidy_revocation_queue,omitempty"`

	// Set to true to validate issuer associations on revocation entries. This helps increase the performance of CRL building and OCSP responses.
	TidyRevokedCertIssuerAssociations bool `json:"tidy_revoked_cert_issuer_associations,omitempty"`

	// Set to true to expire all revoked and expired certificates, removing them both from the CRL and from storage. The CRL will be rotated if this causes any values to be removed.
	TidyRevokedCerts bool `json:"tidy_revoked_certs,omitempty"`
}

PkiTidyRequest struct for PkiTidyRequest

func NewPkiTidyRequestWithDefaults ¶ added in v0.3.0 

func NewPkiTidyRequestWithDefaults() *PkiTidyRequest

NewPkiTidyRequestWithDefaults instantiates a new PkiTidyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiTidyStatusResponse ¶ added in v0.3.0 

type PkiTidyStatusResponse struct {
	// The number of certificate storage entries deleted
	CertStoreDeletedCount int32 `json:"cert_store_deleted_count,omitempty"`

	CrossRevokedCertDeletedCount int32 `json:"cross_revoked_cert_deleted_count,omitempty"`

	// The number of revoked certificate entries deleted
	CurrentCertStoreCount int32 `json:"current_cert_store_count,omitempty"`

	// The number of revoked certificate entries deleted
	CurrentRevokedCertCount int32 `json:"current_revoked_cert_count,omitempty"`

	// The error message
	Error string `json:"error,omitempty"`

	InternalBackendUuid string `json:"internal_backend_uuid,omitempty"`

	// Issuer safety buffer
	IssuerSafetyBuffer int32 `json:"issuer_safety_buffer,omitempty"`

	// Message of the operation
	Message string `json:"message,omitempty"`

	MissingIssuerCertCount int32 `json:"missing_issuer_cert_count,omitempty"`

	// Duration to pause between tidying certificates
	PauseDuration string `json:"pause_duration,omitempty"`

	RevocationQueueDeletedCount int32 `json:"revocation_queue_deleted_count,omitempty"`

	// The number of revoked certificate entries deleted
	RevokedCertDeletedCount int32 `json:"revoked_cert_deleted_count,omitempty"`

	// Safety buffer time duration
	SafetyBuffer int32 `json:"safety_buffer,omitempty"`

	// One of Inactive, Running, Finished, or Error
	State string `json:"state,omitempty"`

	// Tidy certificate store
	TidyCertStore bool `json:"tidy_cert_store,omitempty"`

	TidyCrossClusterRevokedCerts string `json:"tidy_cross_cluster_revoked_certs,omitempty"`

	// Tidy expired issuers
	TidyExpiredIssuers bool `json:"tidy_expired_issuers,omitempty"`

	TidyMoveLegacyCaBundle bool `json:"tidy_move_legacy_ca_bundle,omitempty"`

	TidyRevocationQueue bool `json:"tidy_revocation_queue,omitempty"`

	// Tidy revoked certificate issuer associations
	TidyRevokedCertIssuerAssociations bool `json:"tidy_revoked_cert_issuer_associations,omitempty"`

	// Tidy revoked certificates
	TidyRevokedCerts bool `json:"tidy_revoked_certs,omitempty"`

	// Time the operation finished
	TimeFinished string `json:"time_finished,omitempty"`

	// Time the operation started
	TimeStarted string `json:"time_started,omitempty"`
}

PkiTidyStatusResponse struct for PkiTidyStatusResponse

func NewPkiTidyStatusResponseWithDefaults ¶ added in v0.3.0 

func NewPkiTidyStatusResponseWithDefaults() *PkiTidyStatusResponse

NewPkiTidyStatusResponseWithDefaults instantiates a new PkiTidyStatusResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiWriteIssuerRequest ¶ added in v0.3.0 

type PkiWriteIssuerRequest struct {
	// Comma-separated list of URLs to be used for the CRL distribution points attribute. See also RFC 5280 Section 4.2.1.13.
	CrlDistributionPoints []string `json:"crl_distribution_points,omitempty"`

	// Whether or not to enabling templating of the above AIA fields. When templating is enabled the special values '{{issuer_id}}', '{{cluster_path}}', '{{cluster_aia_path}}' are available, but the addresses are not checked for URL validity until issuance time. Using '{{cluster_path}}' requires /config/cluster's 'path' member to be set on all PR Secondary clusters and using '{{cluster_aia_path}}' requires /config/cluster's 'aia_path' member to be set on all PR secondary clusters.
	EnableAiaUrlTemplating bool `json:"enable_aia_url_templating,omitempty"`

	// Provide a name to the generated or existing issuer, the name must be unique across all issuers and not be the reserved value 'default'
	IssuerName string `json:"issuer_name,omitempty"`

	// Comma-separated list of URLs to be used for the issuing certificate attribute. See also RFC 5280 Section 4.2.2.1.
	IssuingCertificates []string `json:"issuing_certificates,omitempty"`

	// Behavior of leaf's NotAfter fields: \"err\" to error if the computed NotAfter date exceeds that of this issuer; \"truncate\" to silently truncate to that of this issuer; or \"permit\" to allow this issuance to succeed (with NotAfter exceeding that of an issuer). Note that not all values will results in certificates that can be validated through the entire validity period. It is suggested to use \"truncate\" for intermediate CAs and \"permit\" only for root CAs.
	LeafNotAfterBehavior string `json:"leaf_not_after_behavior,omitempty"`

	// Chain of issuer references to use to build this issuer's computed CAChain field, when non-empty.
	ManualChain []string `json:"manual_chain,omitempty"`

	// Comma-separated list of URLs to be used for the OCSP servers attribute. See also RFC 5280 Section 4.2.2.1.
	OcspServers []string `json:"ocsp_servers,omitempty"`

	// Which x509.SignatureAlgorithm name to use for signing CRLs. This parameter allows differentiation between PKCS#1v1.5 and PSS keys and choice of signature hash algorithm. The default (empty string) value is for Go to select the signature algorithm. This can fail if the underlying key does not support the requested signature algorithm, which may not be known at modification time (such as with PKCS#11 managed RSA keys).
	RevocationSignatureAlgorithm string `json:"revocation_signature_algorithm,omitempty"`

	// Comma-separated list (or string slice) of usages for this issuer; valid values are \"read-only\", \"issuing-certificates\", \"crl-signing\", and \"ocsp-signing\". Multiple values may be specified. Read-only is implicit and always set.
	Usage []string `json:"usage,omitempty"`
}

PkiWriteIssuerRequest struct for PkiWriteIssuerRequest

func NewPkiWriteIssuerRequestWithDefaults ¶ added in v0.3.0 

func NewPkiWriteIssuerRequestWithDefaults() *PkiWriteIssuerRequest

NewPkiWriteIssuerRequestWithDefaults instantiates a new PkiWriteIssuerRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiWriteIssuerResponse ¶ added in v0.3.0 

type PkiWriteIssuerResponse struct {
	// CA Chain
	CaChain []string `json:"ca_chain,omitempty"`

	// Certificate
	Certificate string `json:"certificate,omitempty"`

	// CRL Distribution Points
	CrlDistributionPoints []string `json:"crl_distribution_points,omitempty"`

	// Issuer Id
	IssuerId string `json:"issuer_id,omitempty"`

	// Issuer Name
	IssuerName string `json:"issuer_name,omitempty"`

	// Issuing Certificates
	IssuingCertificates []string `json:"issuing_certificates,omitempty"`

	// Key Id
	KeyId string `json:"key_id,omitempty"`

	// Leaf Not After Behavior
	LeafNotAfterBehavior string `json:"leaf_not_after_behavior,omitempty"`

	// Manual Chain
	ManualChain []string `json:"manual_chain,omitempty"`

	// OSCP Servers
	OcspServers []string `json:"ocsp_servers,omitempty"`

	// Revocation Signature Alogrithm
	RevocationSignatureAlgorithm string `json:"revocation_signature_algorithm,omitempty"`

	RevocationTime int32 `json:"revocation_time,omitempty"`

	RevocationTimeRfc3339 string `json:"revocation_time_rfc3339,omitempty"`

	// Revoked
	Revoked bool `json:"revoked,omitempty"`

	// Usage
	Usage []string `json:"usage,omitempty"`
}

PkiWriteIssuerResponse struct for PkiWriteIssuerResponse

func NewPkiWriteIssuerResponseWithDefaults ¶ added in v0.3.0 

func NewPkiWriteIssuerResponseWithDefaults() *PkiWriteIssuerResponse

NewPkiWriteIssuerResponseWithDefaults instantiates a new PkiWriteIssuerResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiWriteKeyRequest ¶ added in v0.3.0 

type PkiWriteKeyRequest struct {
	// Human-readable name for this key.
	KeyName string `json:"key_name,omitempty"`
}

PkiWriteKeyRequest struct for PkiWriteKeyRequest

func NewPkiWriteKeyRequestWithDefaults ¶ added in v0.3.0 

func NewPkiWriteKeyRequestWithDefaults() *PkiWriteKeyRequest

NewPkiWriteKeyRequestWithDefaults instantiates a new PkiWriteKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiWriteKeyResponse ¶ added in v0.3.0 

type PkiWriteKeyResponse struct {
	// Key Id
	KeyId string `json:"key_id,omitempty"`

	// Key Name
	KeyName string `json:"key_name,omitempty"`

	// Key Type
	KeyType string `json:"key_type,omitempty"`
}

PkiWriteKeyResponse struct for PkiWriteKeyResponse

func NewPkiWriteKeyResponseWithDefaults ¶ added in v0.3.0 

func NewPkiWriteKeyResponseWithDefaults() *PkiWriteKeyResponse

NewPkiWriteKeyResponseWithDefaults instantiates a new PkiWriteKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiWriteRoleRequest ¶ added in v0.3.0 

type PkiWriteRoleRequest struct {
	// If set, clients can request certificates for any domain, regardless of allowed_domains restrictions. See the documentation for more information.
	AllowAnyName bool `json:"allow_any_name,omitempty"`

	// If set, clients can request certificates for the base domains themselves, e.g. \"example.com\" of domains listed in allowed_domains. This is a separate option as in some cases this can be considered a security threat. See the documentation for more information.
	AllowBareDomains bool `json:"allow_bare_domains,omitempty"`

	// If set, domains specified in allowed_domains can include shell-style glob patterns, e.g. \"ftp*.example.com\". See the documentation for more information.
	AllowGlobDomains bool `json:"allow_glob_domains,omitempty"`

	// If set, IP Subject Alternative Names are allowed. Any valid IP is accepted and No authorization checking is performed.
	AllowIpSans bool `json:"allow_ip_sans,omitempty"`

	// Whether to allow \"localhost\" and \"localdomain\" as a valid common name in a request, independent of allowed_domains value.
	AllowLocalhost bool `json:"allow_localhost,omitempty"`

	// If set, clients can request certificates for subdomains of domains listed in allowed_domains, including wildcard subdomains. See the documentation for more information.
	AllowSubdomains bool `json:"allow_subdomains,omitempty"`

	// If set, allows certificates with wildcards in the common name to be issued, conforming to RFC 6125's Section 6.4.3; e.g., \"*.example.net\" or \"b*z.example.net\". See the documentation for more information.
	AllowWildcardCertificates bool `json:"allow_wildcard_certificates,omitempty"`

	// Specifies the domains this role is allowed to issue certificates for. This is used with the allow_bare_domains, allow_subdomains, and allow_glob_domains to determine matches for the common name, DNS-typed SAN entries, and Email-typed SAN entries of certificates. See the documentation for more information. This parameter accepts a comma-separated string or list of domains.
	AllowedDomains []string `json:"allowed_domains,omitempty"`

	// If set, Allowed domains can be specified using identity template policies. Non-templated domains are also permitted.
	AllowedDomainsTemplate bool `json:"allowed_domains_template,omitempty"`

	// If set, an array of allowed other names to put in SANs. These values support globbing and must be in the format <oid>;<type>:<value>. Currently only \"utf8\" is a valid type. All values, including globbing values, must use this syntax, with the exception being a single \"*\" which allows any OID and any value (but type must still be utf8).
	AllowedOtherSans []string `json:"allowed_other_sans,omitempty"`

	// If set, an array of allowed serial numbers to put in Subject. These values support globbing.
	AllowedSerialNumbers []string `json:"allowed_serial_numbers,omitempty"`

	// If set, an array of allowed URIs for URI Subject Alternative Names. Any valid URI is accepted, these values support globbing.
	AllowedUriSans []string `json:"allowed_uri_sans,omitempty"`

	// If set, Allowed URI SANs can be specified using identity template policies. Non-templated URI SANs are also permitted.
	AllowedUriSansTemplate bool `json:"allowed_uri_sans_template,omitempty"`

	// If set, an array of allowed user-ids to put in user system login name specified here: https://www.rfc-editor.org/rfc/rfc1274#section-9.3.1
	AllowedUserIds []string `json:"allowed_user_ids,omitempty"`

	// Backend Type
	Backend string `json:"backend,omitempty"`

	// Mark Basic Constraints valid when issuing non-CA certificates.
	BasicConstraintsValidForNonCa bool `json:"basic_constraints_valid_for_non_ca,omitempty"`

	// If set, certificates are flagged for client auth use. Defaults to true. See also RFC 5280 Section 4.2.1.12.
	ClientFlag bool `json:"client_flag,omitempty"`

	// List of allowed validations to run against the Common Name field. Values can include 'email' to validate the CN is a email address, 'hostname' to validate the CN is a valid hostname (potentially including wildcards). When multiple validations are specified, these take OR semantics (either email OR hostname are allowed). The special value 'disabled' allows disabling all CN name validations, allowing for arbitrary non-Hostname, non-Email address CNs.
	CnValidations []string `json:"cn_validations,omitempty"`

	// If set, certificates are flagged for code signing use. Defaults to false. See also RFC 5280 Section 4.2.1.12.
	CodeSigningFlag bool `json:"code_signing_flag,omitempty"`

	// If set, Country will be set to this value in certificates issued by this role.
	Country []string `json:"country,omitempty"`

	// If set, certificates are flagged for email protection use. Defaults to false. See also RFC 5280 Section 4.2.1.12.
	EmailProtectionFlag bool `json:"email_protection_flag,omitempty"`

	// If set, only valid host names are allowed for CN and DNS SANs, and the host part of email addresses. Defaults to true.
	EnforceHostnames bool `json:"enforce_hostnames,omitempty"`

	// A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. See also RFC 5280 Section 4.2.1.12.
	ExtKeyUsage []string `json:"ext_key_usage,omitempty"`

	// A comma-separated string or list of extended key usage oids.
	ExtKeyUsageOids []string `json:"ext_key_usage_oids,omitempty"`

	// If set, certificates issued/signed against this role will have Vault leases attached to them. Defaults to \"false\". Certificates can be added to the CRL by \"vault revoke <lease_id>\" when certificates are associated with leases. It can also be done using the \"pki/revoke\" endpoint. However, when lease generation is disabled, invoking \"pki/revoke\" would be the only way to add the certificates to the CRL. When large number of certificates are generated with long lifetimes, it is recommended that lease generation be disabled, as large amount of leases adversely affect the startup time of Vault.
	GenerateLease bool `json:"generate_lease,omitempty"`

	// Reference to the issuer used to sign requests serviced by this role.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\", \"ed25519\" and \"any\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. See also RFC 5280 Section 4.2.1.3.
	KeyUsage []string `json:"key_usage,omitempty"`

	// If set, Locality will be set to this value in certificates issued by this role.
	Locality []string `json:"locality,omitempty"`

	// The maximum allowed lease duration. If not set, defaults to the system maximum lease TTL.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// If set, certificates issued/signed against this role will not be stored in the storage backend. This can improve performance when issuing large numbers of certificates. However, certificates issued in this way cannot be enumerated or revoked, so this option is recommended only for certificates that are non-sensitive, or extremely short-lived. This option implies a value of \"false\" for \"generate_lease\".
	NoStore bool `json:"no_store,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ.
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value in certificates issued by this role.
	Organization []string `json:"organization,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value in certificates issued by this role.
	Ou []string `json:"ou,omitempty"`

	// A comma-separated string or list of policy OIDs, or a JSON list of qualified policy information, which must include an oid, and may include a notice and/or cps url, using the form [{\"oid\"=\"1.3.6.1.4.1.7.8\",\"notice\"=\"I am a user Notice\"}, {\"oid\"=\"1.3.6.1.4.1.44947.1.2.4 \",\"cps\"=\"https://example.com\"}].
	PolicyIdentifiers []string `json:"policy_identifiers,omitempty"`

	// If set, Postal Code will be set to this value in certificates issued by this role.
	PostalCode []string `json:"postal_code,omitempty"`

	// If set, Province will be set to this value in certificates issued by this role.
	Province []string `json:"province,omitempty"`

	// If set to false, makes the 'common_name' field optional while generating a certificate.
	RequireCn bool `json:"require_cn,omitempty"`

	// If set, certificates are flagged for server auth use. Defaults to true. See also RFC 5280 Section 4.2.1.12.
	ServerFlag bool `json:"server_flag,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value in certificates issued by this role.
	StreetAddress []string `json:"street_address,omitempty"`

	// The lease duration (validity period of the certificate) if no specific lease duration is requested. The lease duration controls the expiration of certificates issued by this backend. Defaults to the system default value or the value of max_ttl, whichever is shorter.
	Ttl int32 `json:"ttl,omitempty"`

	// If set, when used with a signing profile, the common name in the CSR will be used. This does *not* include any requested Subject Alternative Names; use use_csr_sans for that. Defaults to true.
	UseCsrCommonName bool `json:"use_csr_common_name,omitempty"`

	// If set, when used with a signing profile, the SANs in the CSR will be used. This does *not* include the Common Name (cn); use use_csr_common_name for that. Defaults to true.
	UseCsrSans bool `json:"use_csr_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiWriteRoleRequest struct for PkiWriteRoleRequest

func NewPkiWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewPkiWriteRoleRequestWithDefaults() *PkiWriteRoleRequest

NewPkiWriteRoleRequestWithDefaults instantiates a new PkiWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PkiWriteRoleResponse ¶ added in v0.3.0 

type PkiWriteRoleResponse struct {
	// If set, clients can request certificates for any domain, regardless of allowed_domains restrictions. See the documentation for more information.
	AllowAnyName bool `json:"allow_any_name,omitempty"`

	// If set, clients can request certificates for the base domains themselves, e.g. \"example.com\" of domains listed in allowed_domains. This is a separate option as in some cases this can be considered a security threat. See the documentation for more information.
	AllowBareDomains bool `json:"allow_bare_domains,omitempty"`

	// If set, domains specified in allowed_domains can include shell-style glob patterns, e.g. \"ftp*.example.com\". See the documentation for more information.
	AllowGlobDomains bool `json:"allow_glob_domains,omitempty"`

	// If set, IP Subject Alternative Names are allowed. Any valid IP is accepted and No authorization checking is performed.
	AllowIpSans bool `json:"allow_ip_sans,omitempty"`

	// Whether to allow \"localhost\" and \"localdomain\" as a valid common name in a request, independent of allowed_domains value.
	AllowLocalhost bool `json:"allow_localhost,omitempty"`

	// If set, clients can request certificates for subdomains of domains listed in allowed_domains, including wildcard subdomains. See the documentation for more information.
	AllowSubdomains bool `json:"allow_subdomains,omitempty"`

	// Whether to allow \"localhost\" and \"localdomain\" as a valid common name in a request, independent of allowed_domains value.
	AllowTokenDisplayname bool `json:"allow_token_displayname,omitempty"`

	// If set, allows certificates with wildcards in the common name to be issued, conforming to RFC 6125's Section 6.4.3; e.g., \"*.example.net\" or \"b*z.example.net\". See the documentation for more information.
	AllowWildcardCertificates bool `json:"allow_wildcard_certificates,omitempty"`

	// Specifies the domains this role is allowed to issue certificates for. This is used with the allow_bare_domains, allow_subdomains, and allow_glob_domains to determine matches for the common name, DNS-typed SAN entries, and Email-typed SAN entries of certificates. See the documentation for more information. This parameter accepts a comma-separated string or list of domains.
	AllowedDomains []string `json:"allowed_domains,omitempty"`

	// If set, Allowed domains can be specified using identity template policies. Non-templated domains are also permitted.
	AllowedDomainsTemplate bool `json:"allowed_domains_template,omitempty"`

	// If set, an array of allowed other names to put in SANs. These values support globbing and must be in the format <oid>;<type>:<value>. Currently only \"utf8\" is a valid type. All values, including globbing values, must use this syntax, with the exception being a single \"*\" which allows any OID and any value (but type must still be utf8).
	AllowedOtherSans []string `json:"allowed_other_sans,omitempty"`

	// If set, an array of allowed serial numbers to put in Subject. These values support globbing.
	AllowedSerialNumbers []string `json:"allowed_serial_numbers,omitempty"`

	// If set, an array of allowed URIs for URI Subject Alternative Names. Any valid URI is accepted, these values support globbing.
	AllowedUriSans []string `json:"allowed_uri_sans,omitempty"`

	// If set, Allowed URI SANs can be specified using identity template policies. Non-templated URI SANs are also permitted.
	AllowedUriSansTemplate bool `json:"allowed_uri_sans_template,omitempty"`

	// If set, an array of allowed user-ids to put in user system login name specified here: https://www.rfc-editor.org/rfc/rfc1274#section-9.3.1
	AllowedUserIds []string `json:"allowed_user_ids,omitempty"`

	// Mark Basic Constraints valid when issuing non-CA certificates.
	BasicConstraintsValidForNonCa bool `json:"basic_constraints_valid_for_non_ca,omitempty"`

	// If set, certificates are flagged for client auth use. Defaults to true. See also RFC 5280 Section 4.2.1.12.
	ClientFlag bool `json:"client_flag,omitempty"`

	// List of allowed validations to run against the Common Name field. Values can include 'email' to validate the CN is a email address, 'hostname' to validate the CN is a valid hostname (potentially including wildcards). When multiple validations are specified, these take OR semantics (either email OR hostname are allowed). The special value 'disabled' allows disabling all CN name validations, allowing for arbitrary non-Hostname, non-Email address CNs.
	CnValidations []string `json:"cn_validations,omitempty"`

	// If set, certificates are flagged for code signing use. Defaults to false. See also RFC 5280 Section 4.2.1.12.
	CodeSigningFlag bool `json:"code_signing_flag,omitempty"`

	// If set, Country will be set to this value in certificates issued by this role.
	Country []string `json:"country,omitempty"`

	// If set, certificates are flagged for email protection use. Defaults to false. See also RFC 5280 Section 4.2.1.12.
	EmailProtectionFlag bool `json:"email_protection_flag,omitempty"`

	// If set, only valid host names are allowed for CN and DNS SANs, and the host part of email addresses. Defaults to true.
	EnforceHostnames bool `json:"enforce_hostnames,omitempty"`

	// A comma-separated string or list of extended key usages. Valid values can be found at https://golang.org/pkg/crypto/x509/#ExtKeyUsage -- simply drop the \"ExtKeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. See also RFC 5280 Section 4.2.1.12.
	ExtKeyUsage []string `json:"ext_key_usage,omitempty"`

	// A comma-separated string or list of extended key usage oids.
	ExtKeyUsageOids []string `json:"ext_key_usage_oids,omitempty"`

	// If set, certificates issued/signed against this role will have Vault leases attached to them. Defaults to \"false\". Certificates can be added to the CRL by \"vault revoke <lease_id>\" when certificates are associated with leases. It can also be done using the \"pki/revoke\" endpoint. However, when lease generation is disabled, invoking \"pki/revoke\" would be the only way to add the certificates to the CRL. When large number of certificates are generated with long lifetimes, it is recommended that lease generation be disabled, as large amount of leases adversely affect the startup time of Vault.
	GenerateLease bool `json:"generate_lease,omitempty"`

	// Reference to the issuer used to sign requests serviced by this role.
	IssuerRef string `json:"issuer_ref,omitempty"`

	// The number of bits to use. Allowed values are 0 (universal default); with rsa key_type: 2048 (default), 3072, or 4096; with ec key_type: 224, 256 (default), 384, or 521; ignored with ed25519.
	KeyBits int32 `json:"key_bits,omitempty"`

	// The type of key to use; defaults to RSA. \"rsa\" \"ec\", \"ed25519\" and \"any\" are the only valid values.
	KeyType string `json:"key_type,omitempty"`

	// A comma-separated string or list of key usages (not extended key usages). Valid values can be found at https://golang.org/pkg/crypto/x509/#KeyUsage -- simply drop the \"KeyUsage\" part of the name. To remove all key usages from being set, set this value to an empty list. See also RFC 5280 Section 4.2.1.3.
	KeyUsage []string `json:"key_usage,omitempty"`

	// If set, Locality will be set to this value in certificates issued by this role.
	Locality []string `json:"locality,omitempty"`

	// The maximum allowed lease duration. If not set, defaults to the system maximum lease TTL.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// If set, certificates issued/signed against this role will not be stored in the storage backend. This can improve performance when issuing large numbers of certificates. However, certificates issued in this way cannot be enumerated or revoked, so this option is recommended only for certificates that are non-sensitive, or extremely short-lived. This option implies a value of \"false\" for \"generate_lease\".
	NoStore bool `json:"no_store,omitempty"`

	// Set the not after field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ.
	NotAfter string `json:"not_after,omitempty"`

	// The duration before now which the certificate needs to be backdated by.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// If set, O (Organization) will be set to this value in certificates issued by this role.
	Organization []string `json:"organization,omitempty"`

	// If set, OU (OrganizationalUnit) will be set to this value in certificates issued by this role.
	Ou []string `json:"ou,omitempty"`

	// A comma-separated string or list of policy OIDs, or a JSON list of qualified policy information, which must include an oid, and may include a notice and/or cps url, using the form [{\"oid\"=\"1.3.6.1.4.1.7.8\",\"notice\"=\"I am a user Notice\"}, {\"oid\"=\"1.3.6.1.4.1.44947.1.2.4 \",\"cps\"=\"https://example.com\"}].
	PolicyIdentifiers []string `json:"policy_identifiers,omitempty"`

	// If set, Postal Code will be set to this value in certificates issued by this role.
	PostalCode []string `json:"postal_code,omitempty"`

	// If set, Province will be set to this value in certificates issued by this role.
	Province []string `json:"province,omitempty"`

	// If set to false, makes the 'common_name' field optional while generating a certificate.
	RequireCn bool `json:"require_cn,omitempty"`

	// If set, certificates are flagged for server auth use. Defaults to true. See also RFC 5280 Section 4.2.1.12.
	ServerFlag bool `json:"server_flag,omitempty"`

	// The number of bits to use in the signature algorithm; accepts 256 for SHA-2-256, 384 for SHA-2-384, and 512 for SHA-2-512. Defaults to 0 to automatically detect based on key length (SHA-2-256 for RSA keys, and matching the curve size for NIST P-Curves).
	SignatureBits int32 `json:"signature_bits,omitempty"`

	// If set, Street Address will be set to this value in certificates issued by this role.
	StreetAddress []string `json:"street_address,omitempty"`

	// The lease duration (validity period of the certificate) if no specific lease duration is requested. The lease duration controls the expiration of certificates issued by this backend. Defaults to the system default value or the value of max_ttl, whichever is shorter.
	Ttl int32 `json:"ttl,omitempty"`

	// If set, when used with a signing profile, the common name in the CSR will be used. This does *not* include any requested Subject Alternative Names; use use_csr_sans for that. Defaults to true.
	UseCsrCommonName bool `json:"use_csr_common_name,omitempty"`

	// If set, when used with a signing profile, the SANs in the CSR will be used. This does *not* include the Common Name (cn); use use_csr_common_name for that. Defaults to true.
	UseCsrSans bool `json:"use_csr_sans,omitempty"`

	// Whether or not to use PSS signatures when using a RSA key-type issuer. Defaults to false.
	UsePss bool `json:"use_pss,omitempty"`
}

PkiWriteRoleResponse struct for PkiWriteRoleResponse

func NewPkiWriteRoleResponseWithDefaults ¶ added in v0.3.0 

func NewPkiWriteRoleResponseWithDefaults() *PkiWriteRoleResponse

NewPkiWriteRoleResponseWithDefaults instantiates a new PkiWriteRoleResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PluginsCatalogListPluginsResponse ¶ added in v0.3.0 

type PluginsCatalogListPluginsResponse struct {
	Detailed map[string]interface{} `json:"detailed,omitempty"`
}

PluginsCatalogListPluginsResponse struct for PluginsCatalogListPluginsResponse

func NewPluginsCatalogListPluginsResponseWithDefaults ¶ added in v0.3.0 

func NewPluginsCatalogListPluginsResponseWithDefaults() *PluginsCatalogListPluginsResponse

NewPluginsCatalogListPluginsResponseWithDefaults instantiates a new PluginsCatalogListPluginsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PluginsCatalogListPluginsWithTypeResponse ¶ added in v0.3.0 

type PluginsCatalogListPluginsWithTypeResponse struct {
	// List of plugin names in the catalog
	Keys []string `json:"keys,omitempty"`
}

PluginsCatalogListPluginsWithTypeResponse struct for PluginsCatalogListPluginsWithTypeResponse

func NewPluginsCatalogListPluginsWithTypeResponseWithDefaults ¶ added in v0.3.0 

func NewPluginsCatalogListPluginsWithTypeResponseWithDefaults() *PluginsCatalogListPluginsWithTypeResponse

NewPluginsCatalogListPluginsWithTypeResponseWithDefaults instantiates a new PluginsCatalogListPluginsWithTypeResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PluginsCatalogReadPluginConfigurationResponse ¶ added in v0.3.0 

type PluginsCatalogReadPluginConfigurationResponse struct {
	// The args passed to plugin command.
	Args []string `json:"args,omitempty"`

	Builtin bool `json:"builtin,omitempty"`

	// The command used to start the plugin. The executable defined in this command must exist in vault's plugin directory.
	Command string `json:"command,omitempty"`

	DeprecationStatus string `json:"deprecation_status,omitempty"`

	// The name of the plugin
	Name string `json:"name,omitempty"`

	// The SHA256 sum of the executable used in the command field. This should be HEX encoded.
	Sha256 string `json:"sha256,omitempty"`

	// The semantic version of the plugin to use.
	Version string `json:"version,omitempty"`
}

PluginsCatalogReadPluginConfigurationResponse struct for PluginsCatalogReadPluginConfigurationResponse

func NewPluginsCatalogReadPluginConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewPluginsCatalogReadPluginConfigurationResponseWithDefaults() *PluginsCatalogReadPluginConfigurationResponse

NewPluginsCatalogReadPluginConfigurationResponseWithDefaults instantiates a new PluginsCatalogReadPluginConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PluginsCatalogReadPluginConfigurationWithTypeResponse ¶ added in v0.3.0 

type PluginsCatalogReadPluginConfigurationWithTypeResponse struct {
	// The args passed to plugin command.
	Args []string `json:"args,omitempty"`

	Builtin bool `json:"builtin,omitempty"`

	// The command used to start the plugin. The executable defined in this command must exist in vault's plugin directory.
	Command string `json:"command,omitempty"`

	DeprecationStatus string `json:"deprecation_status,omitempty"`

	// The name of the plugin
	Name string `json:"name,omitempty"`

	// The SHA256 sum of the executable used in the command field. This should be HEX encoded.
	Sha256 string `json:"sha256,omitempty"`

	// The semantic version of the plugin to use.
	Version string `json:"version,omitempty"`
}

PluginsCatalogReadPluginConfigurationWithTypeResponse struct for PluginsCatalogReadPluginConfigurationWithTypeResponse

func NewPluginsCatalogReadPluginConfigurationWithTypeResponseWithDefaults ¶ added in v0.3.0 

func NewPluginsCatalogReadPluginConfigurationWithTypeResponseWithDefaults() *PluginsCatalogReadPluginConfigurationWithTypeResponse

NewPluginsCatalogReadPluginConfigurationWithTypeResponseWithDefaults instantiates a new PluginsCatalogReadPluginConfigurationWithTypeResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PluginsCatalogRegisterPluginRequest ¶ added in v0.3.0 

type PluginsCatalogRegisterPluginRequest struct {
	// The args passed to plugin command.
	Args []string `json:"args,omitempty"`

	// The command used to start the plugin. The executable defined in this command must exist in vault's plugin directory.
	Command string `json:"command,omitempty"`

	// The environment variables passed to plugin command. Each entry is of the form \"key=value\".
	Env []string `json:"env,omitempty"`

	// The SHA256 sum of the executable used in the command field. This should be HEX encoded.
	Sha256 string `json:"sha256,omitempty"`

	// The type of the plugin, may be auth, secret, or database
	Type string `json:"type,omitempty"`

	// The semantic version of the plugin to use.
	Version string `json:"version,omitempty"`
}

PluginsCatalogRegisterPluginRequest struct for PluginsCatalogRegisterPluginRequest

func NewPluginsCatalogRegisterPluginRequestWithDefaults ¶ added in v0.3.0 

func NewPluginsCatalogRegisterPluginRequestWithDefaults() *PluginsCatalogRegisterPluginRequest

NewPluginsCatalogRegisterPluginRequestWithDefaults instantiates a new PluginsCatalogRegisterPluginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PluginsCatalogRegisterPluginWithTypeRequest ¶ added in v0.3.0 

type PluginsCatalogRegisterPluginWithTypeRequest struct {
	// The args passed to plugin command.
	Args []string `json:"args,omitempty"`

	// The command used to start the plugin. The executable defined in this command must exist in vault's plugin directory.
	Command string `json:"command,omitempty"`

	// The environment variables passed to plugin command. Each entry is of the form \"key=value\".
	Env []string `json:"env,omitempty"`

	// The SHA256 sum of the executable used in the command field. This should be HEX encoded.
	Sha256 string `json:"sha256,omitempty"`

	// The semantic version of the plugin to use.
	Version string `json:"version,omitempty"`
}

PluginsCatalogRegisterPluginWithTypeRequest struct for PluginsCatalogRegisterPluginWithTypeRequest

func NewPluginsCatalogRegisterPluginWithTypeRequestWithDefaults ¶ added in v0.3.0 

func NewPluginsCatalogRegisterPluginWithTypeRequestWithDefaults() *PluginsCatalogRegisterPluginWithTypeRequest

NewPluginsCatalogRegisterPluginWithTypeRequestWithDefaults instantiates a new PluginsCatalogRegisterPluginWithTypeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PluginsReloadBackendsRequest ¶ added in v0.3.0 

type PluginsReloadBackendsRequest struct {
	// The mount paths of the plugin backends to reload.
	Mounts []string `json:"mounts,omitempty"`

	// The name of the plugin to reload, as registered in the plugin catalog.
	Plugin string `json:"plugin,omitempty"`

	Scope string `json:"scope,omitempty"`
}

PluginsReloadBackendsRequest struct for PluginsReloadBackendsRequest

func NewPluginsReloadBackendsRequestWithDefaults ¶ added in v0.3.0 

func NewPluginsReloadBackendsRequestWithDefaults() *PluginsReloadBackendsRequest

NewPluginsReloadBackendsRequestWithDefaults instantiates a new PluginsReloadBackendsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PluginsReloadBackendsResponse ¶ added in v0.3.0 

type PluginsReloadBackendsResponse struct {
	ReloadId string `json:"reload_id,omitempty"`
}

PluginsReloadBackendsResponse struct for PluginsReloadBackendsResponse

func NewPluginsReloadBackendsResponseWithDefaults ¶ added in v0.3.0 

func NewPluginsReloadBackendsResponseWithDefaults() *PluginsReloadBackendsResponse

NewPluginsReloadBackendsResponseWithDefaults instantiates a new PluginsReloadBackendsResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PoliciesGeneratePasswordFromPasswordPolicyResponse ¶ added in v0.3.0 

type PoliciesGeneratePasswordFromPasswordPolicyResponse struct {
	Password string `json:"password,omitempty"`
}

PoliciesGeneratePasswordFromPasswordPolicyResponse struct for PoliciesGeneratePasswordFromPasswordPolicyResponse

func NewPoliciesGeneratePasswordFromPasswordPolicyResponseWithDefaults ¶ added in v0.3.0 

func NewPoliciesGeneratePasswordFromPasswordPolicyResponseWithDefaults() *PoliciesGeneratePasswordFromPasswordPolicyResponse

NewPoliciesGeneratePasswordFromPasswordPolicyResponseWithDefaults instantiates a new PoliciesGeneratePasswordFromPasswordPolicyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PoliciesListAclPoliciesResponse ¶ added in v0.3.0 

type PoliciesListAclPoliciesResponse struct {
	Keys []string `json:"keys,omitempty"`

	Policies []string `json:"policies,omitempty"`
}

PoliciesListAclPoliciesResponse struct for PoliciesListAclPoliciesResponse

func NewPoliciesListAclPoliciesResponseWithDefaults ¶ added in v0.3.0 

func NewPoliciesListAclPoliciesResponseWithDefaults() *PoliciesListAclPoliciesResponse

NewPoliciesListAclPoliciesResponseWithDefaults instantiates a new PoliciesListAclPoliciesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PoliciesListPasswordPoliciesResponse ¶ added in v0.3.0 

type PoliciesListPasswordPoliciesResponse struct {
	Keys []string `json:"keys,omitempty"`
}

PoliciesListPasswordPoliciesResponse struct for PoliciesListPasswordPoliciesResponse

func NewPoliciesListPasswordPoliciesResponseWithDefaults ¶ added in v0.3.0 

func NewPoliciesListPasswordPoliciesResponseWithDefaults() *PoliciesListPasswordPoliciesResponse

NewPoliciesListPasswordPoliciesResponseWithDefaults instantiates a new PoliciesListPasswordPoliciesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PoliciesListResponse ¶ added in v0.3.0 

type PoliciesListResponse struct {
	Keys []string `json:"keys,omitempty"`

	Policies []string `json:"policies,omitempty"`
}

PoliciesListResponse struct for PoliciesListResponse

func NewPoliciesListResponseWithDefaults ¶ added in v0.3.0 

func NewPoliciesListResponseWithDefaults() *PoliciesListResponse

NewPoliciesListResponseWithDefaults instantiates a new PoliciesListResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PoliciesReadAclPolicyResponse ¶ added in v0.3.0 

type PoliciesReadAclPolicyResponse struct {
	Name string `json:"name,omitempty"`

	Policy string `json:"policy,omitempty"`

	Rules string `json:"rules,omitempty"`
}

PoliciesReadAclPolicyResponse struct for PoliciesReadAclPolicyResponse

func NewPoliciesReadAclPolicyResponseWithDefaults ¶ added in v0.3.0 

func NewPoliciesReadAclPolicyResponseWithDefaults() *PoliciesReadAclPolicyResponse

NewPoliciesReadAclPolicyResponseWithDefaults instantiates a new PoliciesReadAclPolicyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PoliciesReadPasswordPolicyResponse ¶ added in v0.3.0 

type PoliciesReadPasswordPolicyResponse struct {
	Policy string `json:"policy,omitempty"`
}

PoliciesReadPasswordPolicyResponse struct for PoliciesReadPasswordPolicyResponse

func NewPoliciesReadPasswordPolicyResponseWithDefaults ¶ added in v0.3.0 

func NewPoliciesReadPasswordPolicyResponseWithDefaults() *PoliciesReadPasswordPolicyResponse

NewPoliciesReadPasswordPolicyResponseWithDefaults instantiates a new PoliciesReadPasswordPolicyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PoliciesWriteAclPolicyRequest ¶ added in v0.3.0 

type PoliciesWriteAclPolicyRequest struct {
	// The rules of the policy.
	Policy string `json:"policy,omitempty"`
}

PoliciesWriteAclPolicyRequest struct for PoliciesWriteAclPolicyRequest

func NewPoliciesWriteAclPolicyRequestWithDefaults ¶ added in v0.3.0 

func NewPoliciesWriteAclPolicyRequestWithDefaults() *PoliciesWriteAclPolicyRequest

NewPoliciesWriteAclPolicyRequestWithDefaults instantiates a new PoliciesWriteAclPolicyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type PoliciesWritePasswordPolicyRequest ¶ added in v0.3.0 

type PoliciesWritePasswordPolicyRequest struct {
	// The password policy
	Policy string `json:"policy,omitempty"`
}

PoliciesWritePasswordPolicyRequest struct for PoliciesWritePasswordPolicyRequest

func NewPoliciesWritePasswordPolicyRequestWithDefaults ¶ added in v0.3.0 

func NewPoliciesWritePasswordPolicyRequestWithDefaults() *PoliciesWritePasswordPolicyRequest

NewPoliciesWritePasswordPolicyRequestWithDefaults instantiates a new PoliciesWritePasswordPolicyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type QueryTokenAccessorCapabilitiesRequest ¶ added in v0.3.0 

type QueryTokenAccessorCapabilitiesRequest struct {
	// Accessor of the token for which capabilities are being queried.
	Accessor string `json:"accessor,omitempty"`

	// Use 'paths' instead.
	// Deprecated
	Path []string `json:"path,omitempty"`

	// Paths on which capabilities are being queried.
	Paths []string `json:"paths,omitempty"`
}

QueryTokenAccessorCapabilitiesRequest struct for QueryTokenAccessorCapabilitiesRequest

func NewQueryTokenAccessorCapabilitiesRequestWithDefaults ¶ added in v0.3.0 

func NewQueryTokenAccessorCapabilitiesRequestWithDefaults() *QueryTokenAccessorCapabilitiesRequest

NewQueryTokenAccessorCapabilitiesRequestWithDefaults instantiates a new QueryTokenAccessorCapabilitiesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type QueryTokenCapabilitiesRequest ¶ added in v0.3.0 

type QueryTokenCapabilitiesRequest struct {
	// Use 'paths' instead.
	// Deprecated
	Path []string `json:"path,omitempty"`

	// Paths on which capabilities are being queried.
	Paths []string `json:"paths,omitempty"`

	// Token for which capabilities are being queried.
	Token string `json:"token,omitempty"`
}

QueryTokenCapabilitiesRequest struct for QueryTokenCapabilitiesRequest

func NewQueryTokenCapabilitiesRequestWithDefaults ¶ added in v0.3.0 

func NewQueryTokenCapabilitiesRequestWithDefaults() *QueryTokenCapabilitiesRequest

NewQueryTokenCapabilitiesRequestWithDefaults instantiates a new QueryTokenCapabilitiesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type QueryTokenSelfCapabilitiesRequest ¶ added in v0.3.0 

type QueryTokenSelfCapabilitiesRequest struct {
	// Use 'paths' instead.
	// Deprecated
	Path []string `json:"path,omitempty"`

	// Paths on which capabilities are being queried.
	Paths []string `json:"paths,omitempty"`

	// Token for which capabilities are being queried.
	Token string `json:"token,omitempty"`
}

QueryTokenSelfCapabilitiesRequest struct for QueryTokenSelfCapabilitiesRequest

func NewQueryTokenSelfCapabilitiesRequestWithDefaults ¶ added in v0.3.0 

func NewQueryTokenSelfCapabilitiesRequestWithDefaults() *QueryTokenSelfCapabilitiesRequest

NewQueryTokenSelfCapabilitiesRequestWithDefaults instantiates a new QueryTokenSelfCapabilitiesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RabbitMqConfigureConnectionRequest ¶ added in v0.3.0 

type RabbitMqConfigureConnectionRequest struct {
	// RabbitMQ Management URI
	ConnectionUri string `json:"connection_uri,omitempty"`

	// Password of the provided RabbitMQ management user
	Password string `json:"password,omitempty"`

	// Name of the password policy to use to generate passwords for dynamic credentials.
	PasswordPolicy string `json:"password_policy,omitempty"`

	// Username of a RabbitMQ management administrator
	Username string `json:"username,omitempty"`

	// Template describing how dynamic usernames are generated.
	UsernameTemplate string `json:"username_template,omitempty"`

	// If set, connection_uri is verified by actually connecting to the RabbitMQ management API
	VerifyConnection bool `json:"verify_connection,omitempty"`
}

RabbitMqConfigureConnectionRequest struct for RabbitMqConfigureConnectionRequest

func NewRabbitMqConfigureConnectionRequestWithDefaults ¶ added in v0.3.0 

func NewRabbitMqConfigureConnectionRequestWithDefaults() *RabbitMqConfigureConnectionRequest

NewRabbitMqConfigureConnectionRequestWithDefaults instantiates a new RabbitMqConfigureConnectionRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RabbitMqConfigureLeaseRequest ¶ added in v0.3.0 

type RabbitMqConfigureLeaseRequest struct {
	// Duration after which the issued credentials should not be allowed to be renewed
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Duration before which the issued credentials needs renewal
	Ttl int32 `json:"ttl,omitempty"`
}

RabbitMqConfigureLeaseRequest struct for RabbitMqConfigureLeaseRequest

func NewRabbitMqConfigureLeaseRequestWithDefaults ¶ added in v0.3.0 

func NewRabbitMqConfigureLeaseRequestWithDefaults() *RabbitMqConfigureLeaseRequest

NewRabbitMqConfigureLeaseRequestWithDefaults instantiates a new RabbitMqConfigureLeaseRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RabbitMqWriteRoleRequest ¶ added in v0.3.0 

type RabbitMqWriteRoleRequest struct {
	// Comma-separated list of tags for this role.
	Tags string `json:"tags,omitempty"`

	// A nested map of virtual hosts and exchanges to topic permissions.
	VhostTopics string `json:"vhost_topics,omitempty"`

	// A map of virtual hosts to permissions.
	Vhosts string `json:"vhosts,omitempty"`
}

RabbitMqWriteRoleRequest struct for RabbitMqWriteRoleRequest

func NewRabbitMqWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewRabbitMqWriteRoleRequestWithDefaults() *RabbitMqWriteRoleRequest

NewRabbitMqWriteRoleRequestWithDefaults instantiates a new RabbitMqWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RadiusConfigureRequest ¶ added in v0.3.0 

type RadiusConfigureRequest struct {
	// Number of seconds before connect times out (default: 10)
	DialTimeout int32 `json:"dial_timeout,omitempty"`

	// RADIUS server host
	Host string `json:"host,omitempty"`

	// RADIUS NAS Identifier field (optional)
	NasIdentifier string `json:"nas_identifier,omitempty"`

	// RADIUS NAS port field (default: 10)
	NasPort int32 `json:"nas_port,omitempty"`

	// RADIUS server port (default: 1812)
	Port int32 `json:"port,omitempty"`

	// Number of seconds before response times out (default: 10)
	ReadTimeout int32 `json:"read_timeout,omitempty"`

	// Secret shared with the RADIUS server
	Secret string `json:"secret,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies. This will apply to all tokens generated by this auth method, in addition to any configured for specific users.
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Comma-separated list of policies to grant upon successful RADIUS authentication of an unregistered user (default: empty)
	UnregisteredUserPolicies string `json:"unregistered_user_policies,omitempty"`
}

RadiusConfigureRequest struct for RadiusConfigureRequest

func NewRadiusConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewRadiusConfigureRequestWithDefaults() *RadiusConfigureRequest

NewRadiusConfigureRequestWithDefaults instantiates a new RadiusConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RadiusLoginRequest ¶ 

type RadiusLoginRequest struct {
	// Password for this user.
	Password string `json:"password,omitempty"`

	// Username to be used for login. (URL parameter)
	Urlusername string `json:"urlusername,omitempty"`

	// Username to be used for login. (POST request body)
	Username string `json:"username,omitempty"`
}

RadiusLoginRequest struct for RadiusLoginRequest

func NewRadiusLoginRequestWithDefaults ¶ 

func NewRadiusLoginRequestWithDefaults() *RadiusLoginRequest

NewRadiusLoginRequestWithDefaults instantiates a new RadiusLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RadiusLoginWithUsernameRequest ¶ 

type RadiusLoginWithUsernameRequest struct {
	// Password for this user.
	Password string `json:"password,omitempty"`

	// Username to be used for login. (POST request body)
	Username string `json:"username,omitempty"`
}

RadiusLoginWithUsernameRequest struct for RadiusLoginWithUsernameRequest

func NewRadiusLoginWithUsernameRequestWithDefaults ¶ 

func NewRadiusLoginWithUsernameRequestWithDefaults() *RadiusLoginWithUsernameRequest

NewRadiusLoginWithUsernameRequestWithDefaults instantiates a new RadiusLoginWithUsernameRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RadiusWriteUserRequest ¶ 

type RadiusWriteUserRequest struct {
	// Comma-separated list of policies associated to the user.
	Policies []string `json:"policies,omitempty"`
}

RadiusWriteUserRequest struct for RadiusWriteUserRequest

func NewRadiusWriteUserRequestWithDefaults ¶ 

func NewRadiusWriteUserRequestWithDefaults() *RadiusWriteUserRequest

NewRadiusWriteUserRequestWithDefaults instantiates a new RadiusWriteUserRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RateLimitQuotasConfigureRequest ¶ added in v0.3.0 

type RateLimitQuotasConfigureRequest struct {
	// If set, starts audit logging of requests that get rejected due to rate limit quota rule violations.
	EnableRateLimitAuditLogging bool `json:"enable_rate_limit_audit_logging,omitempty"`

	// If set, additional rate limit quota HTTP headers will be added to responses.
	EnableRateLimitResponseHeaders bool `json:"enable_rate_limit_response_headers,omitempty"`

	// Specifies the list of exempt paths from all rate limit quotas. If empty no paths will be exempt.
	RateLimitExemptPaths []string `json:"rate_limit_exempt_paths,omitempty"`
}

RateLimitQuotasConfigureRequest struct for RateLimitQuotasConfigureRequest

func NewRateLimitQuotasConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewRateLimitQuotasConfigureRequestWithDefaults() *RateLimitQuotasConfigureRequest

NewRateLimitQuotasConfigureRequestWithDefaults instantiates a new RateLimitQuotasConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RateLimitQuotasListResponse ¶ added in v0.3.0 

type RateLimitQuotasListResponse struct {
	Keys []string `json:"keys,omitempty"`
}

RateLimitQuotasListResponse struct for RateLimitQuotasListResponse

func NewRateLimitQuotasListResponseWithDefaults ¶ added in v0.3.0 

func NewRateLimitQuotasListResponseWithDefaults() *RateLimitQuotasListResponse

NewRateLimitQuotasListResponseWithDefaults instantiates a new RateLimitQuotasListResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RateLimitQuotasReadConfigurationResponse ¶ added in v0.3.0 

type RateLimitQuotasReadConfigurationResponse struct {
	EnableRateLimitAuditLogging bool `json:"enable_rate_limit_audit_logging,omitempty"`

	EnableRateLimitResponseHeaders bool `json:"enable_rate_limit_response_headers,omitempty"`

	RateLimitExemptPaths []string `json:"rate_limit_exempt_paths,omitempty"`
}

RateLimitQuotasReadConfigurationResponse struct for RateLimitQuotasReadConfigurationResponse

func NewRateLimitQuotasReadConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewRateLimitQuotasReadConfigurationResponseWithDefaults() *RateLimitQuotasReadConfigurationResponse

NewRateLimitQuotasReadConfigurationResponseWithDefaults instantiates a new RateLimitQuotasReadConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RateLimitQuotasReadResponse ¶ added in v0.3.0 

type RateLimitQuotasReadResponse struct {
	BlockInterval int32 `json:"block_interval,omitempty"`

	Interval int32 `json:"interval,omitempty"`

	Name string `json:"name,omitempty"`

	Path string `json:"path,omitempty"`

	Rate float32 `json:"rate,omitempty"`

	Role string `json:"role,omitempty"`

	Type string `json:"type,omitempty"`
}

RateLimitQuotasReadResponse struct for RateLimitQuotasReadResponse

func NewRateLimitQuotasReadResponseWithDefaults ¶ added in v0.3.0 

func NewRateLimitQuotasReadResponseWithDefaults() *RateLimitQuotasReadResponse

NewRateLimitQuotasReadResponseWithDefaults instantiates a new RateLimitQuotasReadResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RateLimitQuotasWriteRequest ¶ added in v0.3.0 

type RateLimitQuotasWriteRequest struct {
	// If set, when a client reaches a rate limit threshold, the client will be prohibited from any further requests until after the 'block_interval' has elapsed.
	BlockInterval int32 `json:"block_interval,omitempty"`

	// The duration to enforce rate limiting for (default '1s').
	Interval int32 `json:"interval,omitempty"`

	// Path of the mount or namespace to apply the quota. A blank path configures a global quota. For example namespace1/ adds a quota to a full namespace, namespace1/auth/userpass adds a quota to userpass in namespace1.
	Path string `json:"path,omitempty"`

	// The maximum number of requests in a given interval to be allowed by the quota rule. The 'rate' must be positive.
	Rate float32 `json:"rate,omitempty"`

	// Login role to apply this quota to. Note that when set, path must be configured to a valid auth method with a concept of roles.
	Role string `json:"role,omitempty"`

	// Type of the quota rule.
	Type string `json:"type,omitempty"`
}

RateLimitQuotasWriteRequest struct for RateLimitQuotasWriteRequest

func NewRateLimitQuotasWriteRequestWithDefaults ¶ added in v0.3.0 

func NewRateLimitQuotasWriteRequestWithDefaults() *RateLimitQuotasWriteRequest

NewRateLimitQuotasWriteRequestWithDefaults instantiates a new RateLimitQuotasWriteRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type ReadWrappingPropertiesRequest ¶ added in v0.3.0 

type ReadWrappingPropertiesRequest struct {
	Token string `json:"token,omitempty"`
}

ReadWrappingPropertiesRequest struct for ReadWrappingPropertiesRequest

func NewReadWrappingPropertiesRequestWithDefaults ¶ added in v0.3.0 

func NewReadWrappingPropertiesRequestWithDefaults() *ReadWrappingPropertiesRequest

NewReadWrappingPropertiesRequestWithDefaults instantiates a new ReadWrappingPropertiesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type ReadWrappingPropertiesResponse ¶ added in v0.3.0 

type ReadWrappingPropertiesResponse struct {
	CreationPath string `json:"creation_path,omitempty"`

	CreationTime time.Time `json:"creation_time,omitempty"`

	CreationTtl int32 `json:"creation_ttl,omitempty"`
}

ReadWrappingPropertiesResponse struct for ReadWrappingPropertiesResponse

func NewReadWrappingPropertiesResponseWithDefaults ¶ added in v0.3.0 

func NewReadWrappingPropertiesResponseWithDefaults() *ReadWrappingPropertiesResponse

NewReadWrappingPropertiesResponseWithDefaults instantiates a new ReadWrappingPropertiesResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyAttemptInitializeRequest ¶ added in v0.3.0 

type RekeyAttemptInitializeRequest struct {
	// Specifies if using PGP-encrypted keys, whether Vault should also store a plaintext backup of the PGP-encrypted keys.
	Backup bool `json:"backup,omitempty"`

	// Specifies an array of PGP public keys used to encrypt the output unseal keys. Ordering is preserved. The keys must be base64-encoded from their original binary representation. The size of this array must be the same as secret_shares.
	PgpKeys []string `json:"pgp_keys,omitempty"`

	// Turns on verification functionality
	RequireVerification bool `json:"require_verification,omitempty"`

	// Specifies the number of shares to split the unseal key into.
	SecretShares int32 `json:"secret_shares,omitempty"`

	// Specifies the number of shares required to reconstruct the unseal key. This must be less than or equal secret_shares. If using Vault HSM with auto-unsealing, this value must be the same as secret_shares.
	SecretThreshold int32 `json:"secret_threshold,omitempty"`
}

RekeyAttemptInitializeRequest struct for RekeyAttemptInitializeRequest

func NewRekeyAttemptInitializeRequestWithDefaults ¶ added in v0.3.0 

func NewRekeyAttemptInitializeRequestWithDefaults() *RekeyAttemptInitializeRequest

NewRekeyAttemptInitializeRequestWithDefaults instantiates a new RekeyAttemptInitializeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyAttemptInitializeResponse ¶ added in v0.3.0 

type RekeyAttemptInitializeResponse struct {
	Backup bool `json:"backup,omitempty"`

	N int32 `json:"n,omitempty"`

	Nounce string `json:"nounce,omitempty"`

	PgpFingerprints []string `json:"pgp_fingerprints,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	Required int32 `json:"required,omitempty"`

	Started string `json:"started,omitempty"`

	T int32 `json:"t,omitempty"`

	VerificationNonce string `json:"verification_nonce,omitempty"`

	VerificationRequired bool `json:"verification_required,omitempty"`
}

RekeyAttemptInitializeResponse struct for RekeyAttemptInitializeResponse

func NewRekeyAttemptInitializeResponseWithDefaults ¶ added in v0.3.0 

func NewRekeyAttemptInitializeResponseWithDefaults() *RekeyAttemptInitializeResponse

NewRekeyAttemptInitializeResponseWithDefaults instantiates a new RekeyAttemptInitializeResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyAttemptReadProgressResponse ¶ added in v0.3.0 

type RekeyAttemptReadProgressResponse struct {
	Backup bool `json:"backup,omitempty"`

	N int32 `json:"n,omitempty"`

	Nounce string `json:"nounce,omitempty"`

	PgpFingerprints []string `json:"pgp_fingerprints,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	Required int32 `json:"required,omitempty"`

	Started string `json:"started,omitempty"`

	T int32 `json:"t,omitempty"`

	VerificationNonce string `json:"verification_nonce,omitempty"`

	VerificationRequired bool `json:"verification_required,omitempty"`
}

RekeyAttemptReadProgressResponse struct for RekeyAttemptReadProgressResponse

func NewRekeyAttemptReadProgressResponseWithDefaults ¶ added in v0.3.0 

func NewRekeyAttemptReadProgressResponseWithDefaults() *RekeyAttemptReadProgressResponse

NewRekeyAttemptReadProgressResponseWithDefaults instantiates a new RekeyAttemptReadProgressResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyAttemptUpdateRequest ¶ added in v0.3.0 

type RekeyAttemptUpdateRequest struct {
	// Specifies a single unseal key share.
	Key string `json:"key,omitempty"`

	// Specifies the nonce of the rekey attempt.
	Nonce string `json:"nonce,omitempty"`
}

RekeyAttemptUpdateRequest struct for RekeyAttemptUpdateRequest

func NewRekeyAttemptUpdateRequestWithDefaults ¶ added in v0.3.0 

func NewRekeyAttemptUpdateRequestWithDefaults() *RekeyAttemptUpdateRequest

NewRekeyAttemptUpdateRequestWithDefaults instantiates a new RekeyAttemptUpdateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyAttemptUpdateResponse ¶ added in v0.3.0 

type RekeyAttemptUpdateResponse struct {
	Backup bool `json:"backup,omitempty"`

	Complete bool `json:"complete,omitempty"`

	Keys []string `json:"keys,omitempty"`

	KeysBase64 []string `json:"keys_base64,omitempty"`

	N int32 `json:"n,omitempty"`

	Nounce string `json:"nounce,omitempty"`

	PgpFingerprints []string `json:"pgp_fingerprints,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	Required int32 `json:"required,omitempty"`

	Started string `json:"started,omitempty"`

	T int32 `json:"t,omitempty"`

	VerificationNonce string `json:"verification_nonce,omitempty"`

	VerificationRequired bool `json:"verification_required,omitempty"`
}

RekeyAttemptUpdateResponse struct for RekeyAttemptUpdateResponse

func NewRekeyAttemptUpdateResponseWithDefaults ¶ added in v0.3.0 

func NewRekeyAttemptUpdateResponseWithDefaults() *RekeyAttemptUpdateResponse

NewRekeyAttemptUpdateResponseWithDefaults instantiates a new RekeyAttemptUpdateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyReadBackupKeyResponse ¶ added in v0.3.0 

type RekeyReadBackupKeyResponse struct {
	Keys map[string]interface{} `json:"keys,omitempty"`

	KeysBase64 map[string]interface{} `json:"keys_base64,omitempty"`

	Nonce string `json:"nonce,omitempty"`
}

RekeyReadBackupKeyResponse struct for RekeyReadBackupKeyResponse

func NewRekeyReadBackupKeyResponseWithDefaults ¶ added in v0.3.0 

func NewRekeyReadBackupKeyResponseWithDefaults() *RekeyReadBackupKeyResponse

NewRekeyReadBackupKeyResponseWithDefaults instantiates a new RekeyReadBackupKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyReadBackupRecoveryKeyResponse ¶ added in v0.3.0 

type RekeyReadBackupRecoveryKeyResponse struct {
	Keys map[string]interface{} `json:"keys,omitempty"`

	KeysBase64 map[string]interface{} `json:"keys_base64,omitempty"`

	Nonce string `json:"nonce,omitempty"`
}

RekeyReadBackupRecoveryKeyResponse struct for RekeyReadBackupRecoveryKeyResponse

func NewRekeyReadBackupRecoveryKeyResponseWithDefaults ¶ added in v0.3.0 

func NewRekeyReadBackupRecoveryKeyResponseWithDefaults() *RekeyReadBackupRecoveryKeyResponse

NewRekeyReadBackupRecoveryKeyResponseWithDefaults instantiates a new RekeyReadBackupRecoveryKeyResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyVerificationCancelResponse ¶ added in v0.3.0 

type RekeyVerificationCancelResponse struct {
	N int32 `json:"n,omitempty"`

	Nounce string `json:"nounce,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	Started string `json:"started,omitempty"`

	T int32 `json:"t,omitempty"`
}

RekeyVerificationCancelResponse struct for RekeyVerificationCancelResponse

func NewRekeyVerificationCancelResponseWithDefaults ¶ added in v0.3.0 

func NewRekeyVerificationCancelResponseWithDefaults() *RekeyVerificationCancelResponse

NewRekeyVerificationCancelResponseWithDefaults instantiates a new RekeyVerificationCancelResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyVerificationReadProgressResponse ¶ added in v0.3.0 

type RekeyVerificationReadProgressResponse struct {
	N int32 `json:"n,omitempty"`

	Nounce string `json:"nounce,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	Started string `json:"started,omitempty"`

	T int32 `json:"t,omitempty"`
}

RekeyVerificationReadProgressResponse struct for RekeyVerificationReadProgressResponse

func NewRekeyVerificationReadProgressResponseWithDefaults ¶ added in v0.3.0 

func NewRekeyVerificationReadProgressResponseWithDefaults() *RekeyVerificationReadProgressResponse

NewRekeyVerificationReadProgressResponseWithDefaults instantiates a new RekeyVerificationReadProgressResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyVerificationUpdateRequest ¶ added in v0.3.0 

type RekeyVerificationUpdateRequest struct {
	// Specifies a single unseal share key from the new set of shares.
	Key string `json:"key,omitempty"`

	// Specifies the nonce of the rekey verification operation.
	Nonce string `json:"nonce,omitempty"`
}

RekeyVerificationUpdateRequest struct for RekeyVerificationUpdateRequest

func NewRekeyVerificationUpdateRequestWithDefaults ¶ added in v0.3.0 

func NewRekeyVerificationUpdateRequestWithDefaults() *RekeyVerificationUpdateRequest

NewRekeyVerificationUpdateRequestWithDefaults instantiates a new RekeyVerificationUpdateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RekeyVerificationUpdateResponse ¶ added in v0.3.0 

type RekeyVerificationUpdateResponse struct {
	Complete bool `json:"complete,omitempty"`

	Nounce string `json:"nounce,omitempty"`
}

RekeyVerificationUpdateResponse struct for RekeyVerificationUpdateResponse

func NewRekeyVerificationUpdateResponseWithDefaults ¶ added in v0.3.0 

func NewRekeyVerificationUpdateResponseWithDefaults() *RekeyVerificationUpdateResponse

NewRekeyVerificationUpdateResponseWithDefaults instantiates a new RekeyVerificationUpdateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RemountRequest ¶ 

type RemountRequest struct {
	// The previous mount point.
	From string `json:"from,omitempty"`

	// The new mount point.
	To string `json:"to,omitempty"`
}

RemountRequest struct for RemountRequest

func NewRemountRequestWithDefaults ¶ 

func NewRemountRequestWithDefaults() *RemountRequest

NewRemountRequestWithDefaults instantiates a new RemountRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RemountResponse ¶ added in v0.3.0 

type RemountResponse struct {
	MigrationId string `json:"migration_id,omitempty"`
}

RemountResponse struct for RemountResponse

func NewRemountResponseWithDefaults ¶ added in v0.3.0 

func NewRemountResponseWithDefaults() *RemountResponse

NewRemountResponseWithDefaults instantiates a new RemountResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RemountStatusResponse ¶ added in v0.3.0 

type RemountStatusResponse struct {
	MigrationId string `json:"migration_id,omitempty"`

	MigrationInfo map[string]interface{} `json:"migration_info,omitempty"`
}

RemountStatusResponse struct for RemountStatusResponse

func NewRemountStatusResponseWithDefaults ¶ added in v0.3.0 

func NewRemountStatusResponseWithDefaults() *RemountStatusResponse

NewRemountStatusResponseWithDefaults instantiates a new RemountStatusResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RewrapRequest ¶ added in v0.3.0 

type RewrapRequest struct {
	Token string `json:"token,omitempty"`
}

RewrapRequest struct for RewrapRequest

func NewRewrapRequestWithDefaults ¶ added in v0.3.0 

func NewRewrapRequestWithDefaults() *RewrapRequest

NewRewrapRequestWithDefaults instantiates a new RewrapRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RootTokenGenerationInitializeRequest ¶ added in v0.3.0 

type RootTokenGenerationInitializeRequest struct {
	// Specifies a base64-encoded PGP public key.
	PgpKey string `json:"pgp_key,omitempty"`
}

RootTokenGenerationInitializeRequest struct for RootTokenGenerationInitializeRequest

func NewRootTokenGenerationInitializeRequestWithDefaults ¶ added in v0.3.0 

func NewRootTokenGenerationInitializeRequestWithDefaults() *RootTokenGenerationInitializeRequest

NewRootTokenGenerationInitializeRequestWithDefaults instantiates a new RootTokenGenerationInitializeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RootTokenGenerationInitializeResponse ¶ added in v0.3.0 

type RootTokenGenerationInitializeResponse struct {
	Complete bool `json:"complete,omitempty"`

	EncodedRootToken string `json:"encoded_root_token,omitempty"`

	EncodedToken string `json:"encoded_token,omitempty"`

	Nonce string `json:"nonce,omitempty"`

	Otp string `json:"otp,omitempty"`

	OtpLength int32 `json:"otp_length,omitempty"`

	PgpFingerprint string `json:"pgp_fingerprint,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	Required int32 `json:"required,omitempty"`

	Started bool `json:"started,omitempty"`
}

RootTokenGenerationInitializeResponse struct for RootTokenGenerationInitializeResponse

func NewRootTokenGenerationInitializeResponseWithDefaults ¶ added in v0.3.0 

func NewRootTokenGenerationInitializeResponseWithDefaults() *RootTokenGenerationInitializeResponse

NewRootTokenGenerationInitializeResponseWithDefaults instantiates a new RootTokenGenerationInitializeResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RootTokenGenerationReadProgressResponse ¶ added in v0.3.0 

type RootTokenGenerationReadProgressResponse struct {
	Complete bool `json:"complete,omitempty"`

	EncodedRootToken string `json:"encoded_root_token,omitempty"`

	EncodedToken string `json:"encoded_token,omitempty"`

	Nonce string `json:"nonce,omitempty"`

	Otp string `json:"otp,omitempty"`

	OtpLength int32 `json:"otp_length,omitempty"`

	PgpFingerprint string `json:"pgp_fingerprint,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	Required int32 `json:"required,omitempty"`

	Started bool `json:"started,omitempty"`
}

RootTokenGenerationReadProgressResponse struct for RootTokenGenerationReadProgressResponse

func NewRootTokenGenerationReadProgressResponseWithDefaults ¶ added in v0.3.0 

func NewRootTokenGenerationReadProgressResponseWithDefaults() *RootTokenGenerationReadProgressResponse

NewRootTokenGenerationReadProgressResponseWithDefaults instantiates a new RootTokenGenerationReadProgressResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RootTokenGenerationUpdateRequest ¶ added in v0.3.0 

type RootTokenGenerationUpdateRequest struct {
	// Specifies a single unseal key share.
	Key string `json:"key,omitempty"`

	// Specifies the nonce of the attempt.
	Nonce string `json:"nonce,omitempty"`
}

RootTokenGenerationUpdateRequest struct for RootTokenGenerationUpdateRequest

func NewRootTokenGenerationUpdateRequestWithDefaults ¶ added in v0.3.0 

func NewRootTokenGenerationUpdateRequestWithDefaults() *RootTokenGenerationUpdateRequest

NewRootTokenGenerationUpdateRequestWithDefaults instantiates a new RootTokenGenerationUpdateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type RootTokenGenerationUpdateResponse ¶ added in v0.3.0 

type RootTokenGenerationUpdateResponse struct {
	Complete bool `json:"complete,omitempty"`

	EncodedRootToken string `json:"encoded_root_token,omitempty"`

	EncodedToken string `json:"encoded_token,omitempty"`

	Nonce string `json:"nonce,omitempty"`

	Otp string `json:"otp,omitempty"`

	OtpLength int32 `json:"otp_length,omitempty"`

	PgpFingerprint string `json:"pgp_fingerprint,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	Required int32 `json:"required,omitempty"`

	Started bool `json:"started,omitempty"`
}

RootTokenGenerationUpdateResponse struct for RootTokenGenerationUpdateResponse

func NewRootTokenGenerationUpdateResponseWithDefaults ¶ added in v0.3.0 

func NewRootTokenGenerationUpdateResponseWithDefaults() *RootTokenGenerationUpdateResponse

NewRootTokenGenerationUpdateResponseWithDefaults instantiates a new RootTokenGenerationUpdateResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SealStatusResponse ¶ added in v0.3.0 

type SealStatusResponse struct {
	BuildDate string `json:"build_date,omitempty"`

	ClusterId string `json:"cluster_id,omitempty"`

	ClusterName string `json:"cluster_name,omitempty"`

	HcpLinkResourceID string `json:"hcp_link_resource_ID,omitempty"`

	HcpLinkStatus string `json:"hcp_link_status,omitempty"`

	Initialized bool `json:"initialized,omitempty"`

	Migration bool `json:"migration,omitempty"`

	N int32 `json:"n,omitempty"`

	Nonce string `json:"nonce,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	RecoverySeal bool `json:"recovery_seal,omitempty"`

	Sealed bool `json:"sealed,omitempty"`

	StorageType string `json:"storage_type,omitempty"`

	T int32 `json:"t,omitempty"`

	Type string `json:"type,omitempty"`

	Version string `json:"version,omitempty"`
}

SealStatusResponse struct for SealStatusResponse

func NewSealStatusResponseWithDefaults ¶ added in v0.3.0 

func NewSealStatusResponseWithDefaults() *SealStatusResponse

NewSealStatusResponseWithDefaults instantiates a new SealStatusResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SshConfigureCaRequest ¶ added in v0.3.0 

type SshConfigureCaRequest struct {
	// Generate SSH key pair internally rather than use the private_key and public_key fields.
	GenerateSigningKey bool `json:"generate_signing_key,omitempty"`

	// Specifies the desired key bits when generating variable-length keys (such as when key_type=\"ssh-rsa\") or which NIST P-curve to use when key_type=\"ec\" (256, 384, or 521).
	KeyBits int32 `json:"key_bits,omitempty"`

	// Specifies the desired key type when generating; could be a OpenSSH key type identifier (ssh-rsa, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, or ssh-ed25519) or an algorithm (rsa, ec, ed25519).
	KeyType string `json:"key_type,omitempty"`

	// Private half of the SSH key that will be used to sign certificates.
	PrivateKey string `json:"private_key,omitempty"`

	// Public half of the SSH key that will be used to sign certificates.
	PublicKey string `json:"public_key,omitempty"`
}

SshConfigureCaRequest struct for SshConfigureCaRequest

func NewSshConfigureCaRequestWithDefaults ¶ added in v0.3.0 

func NewSshConfigureCaRequestWithDefaults() *SshConfigureCaRequest

NewSshConfigureCaRequestWithDefaults instantiates a new SshConfigureCaRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SshConfigureZeroAddressRequest ¶ added in v0.3.0 

type SshConfigureZeroAddressRequest struct {
	// [Required] Comma separated list of role names which allows credentials to be requested for any IP address. CIDR blocks previously registered under these roles will be ignored.
	Roles []string `json:"roles,omitempty"`
}

SshConfigureZeroAddressRequest struct for SshConfigureZeroAddressRequest

func NewSshConfigureZeroAddressRequestWithDefaults ¶ added in v0.3.0 

func NewSshConfigureZeroAddressRequestWithDefaults() *SshConfigureZeroAddressRequest

NewSshConfigureZeroAddressRequestWithDefaults instantiates a new SshConfigureZeroAddressRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SshGenerateCredentialsRequest ¶ added in v0.3.0 

type SshGenerateCredentialsRequest struct {
	// [Required] IP of the remote host
	Ip string `json:"ip,omitempty"`

	// [Optional] Username in remote host
	Username string `json:"username,omitempty"`
}

SshGenerateCredentialsRequest struct for SshGenerateCredentialsRequest

func NewSshGenerateCredentialsRequestWithDefaults ¶ added in v0.3.0 

func NewSshGenerateCredentialsRequestWithDefaults() *SshGenerateCredentialsRequest

NewSshGenerateCredentialsRequestWithDefaults instantiates a new SshGenerateCredentialsRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SshIssueCertificateRequest ¶ added in v0.3.0 

type SshIssueCertificateRequest struct {
	// Type of certificate to be created; either \"user\" or \"host\".
	CertType string `json:"cert_type,omitempty"`

	// Critical options that the certificate should be signed for.
	CriticalOptions map[string]interface{} `json:"critical_options,omitempty"`

	// Extensions that the certificate should be signed for.
	Extensions map[string]interface{} `json:"extensions,omitempty"`

	// Specifies the number of bits to use for the generated keys.
	KeyBits int32 `json:"key_bits,omitempty"`

	// Key id that the created certificate should have. If not specified, the display name of the token will be used.
	KeyId string `json:"key_id,omitempty"`

	// Specifies the desired key type; must be `rsa`, `ed25519` or `ec`
	KeyType string `json:"key_type,omitempty"`

	// The requested Time To Live for the SSH certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be later than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// Valid principals, either usernames or hostnames, that the certificate should be signed for.
	ValidPrincipals string `json:"valid_principals,omitempty"`
}

SshIssueCertificateRequest struct for SshIssueCertificateRequest

func NewSshIssueCertificateRequestWithDefaults ¶ added in v0.3.0 

func NewSshIssueCertificateRequestWithDefaults() *SshIssueCertificateRequest

NewSshIssueCertificateRequestWithDefaults instantiates a new SshIssueCertificateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SshListRolesByIpRequest ¶ added in v0.3.0 

type SshListRolesByIpRequest struct {
	// [Required] IP address of remote host
	Ip string `json:"ip,omitempty"`
}

SshListRolesByIpRequest struct for SshListRolesByIpRequest

func NewSshListRolesByIpRequestWithDefaults ¶ added in v0.3.0 

func NewSshListRolesByIpRequestWithDefaults() *SshListRolesByIpRequest

NewSshListRolesByIpRequestWithDefaults instantiates a new SshListRolesByIpRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SshSignCertificateRequest ¶ added in v0.3.0 

type SshSignCertificateRequest struct {
	// Type of certificate to be created; either \"user\" or \"host\".
	CertType string `json:"cert_type,omitempty"`

	// Critical options that the certificate should be signed for.
	CriticalOptions map[string]interface{} `json:"critical_options,omitempty"`

	// Extensions that the certificate should be signed for.
	Extensions map[string]interface{} `json:"extensions,omitempty"`

	// Key id that the created certificate should have. If not specified, the display name of the token will be used.
	KeyId string `json:"key_id,omitempty"`

	// SSH public key that should be signed.
	PublicKey string `json:"public_key,omitempty"`

	// The requested Time To Live for the SSH certificate; sets the expiration date. If not specified the role default, backend default, or system default TTL is used, in that order. Cannot be later than the role max TTL.
	Ttl int32 `json:"ttl,omitempty"`

	// Valid principals, either usernames or hostnames, that the certificate should be signed for.
	ValidPrincipals string `json:"valid_principals,omitempty"`
}

SshSignCertificateRequest struct for SshSignCertificateRequest

func NewSshSignCertificateRequestWithDefaults ¶ added in v0.3.0 

func NewSshSignCertificateRequestWithDefaults() *SshSignCertificateRequest

NewSshSignCertificateRequestWithDefaults instantiates a new SshSignCertificateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SshVerifyOtpRequest ¶ added in v0.3.0 

type SshVerifyOtpRequest struct {
	// [Required] One-Time-Key that needs to be validated
	Otp string `json:"otp,omitempty"`
}

SshVerifyOtpRequest struct for SshVerifyOtpRequest

func NewSshVerifyOtpRequestWithDefaults ¶ added in v0.3.0 

func NewSshVerifyOtpRequestWithDefaults() *SshVerifyOtpRequest

NewSshVerifyOtpRequestWithDefaults instantiates a new SshVerifyOtpRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type SshWriteRoleRequest ¶ added in v0.3.0 

type SshWriteRoleRequest struct {
	// [Not applicable for OTP type] [Optional for CA type] When supplied, this value specifies a signing algorithm for the key. Possible values: ssh-rsa, rsa-sha2-256, rsa-sha2-512, default, or the empty string.
	AlgorithmSigner string `json:"algorithm_signer,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, host certificates that are requested are allowed to use the base domains listed in \"allowed_domains\", e.g. \"example.com\". This is a separate option as in some cases this can be considered a security threat.
	AllowBareDomains bool `json:"allow_bare_domains,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, certificates are allowed to be signed for use as a 'host'.
	AllowHostCertificates bool `json:"allow_host_certificates,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, host certificates that are requested are allowed to use subdomains of those listed in \"allowed_domains\".
	AllowSubdomains bool `json:"allow_subdomains,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, certificates are allowed to be signed for use as a 'user'.
	AllowUserCertificates bool `json:"allow_user_certificates,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If true, users can override the key ID for a signed certificate with the \"key_id\" field. When false, the key ID will always be the token display name. The key ID is logged by the SSH server and can be useful for auditing.
	AllowUserKeyIds bool `json:"allow_user_key_ids,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] A comma-separated list of critical options that certificates can have when signed. To allow any critical options, set this to an empty string.
	AllowedCriticalOptions string `json:"allowed_critical_options,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If this option is not specified, client can request for a signed certificate for any valid host. If only certain domains are allowed, then this list enforces it.
	AllowedDomains string `json:"allowed_domains,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, Allowed domains can be specified using identity template policies. Non-templated domains are also permitted.
	AllowedDomainsTemplate bool `json:"allowed_domains_template,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] A comma-separated list of extensions that certificates can have when signed. An empty list means that no extension overrides are allowed by an end-user; explicitly specify '*' to allow any extensions to be set.
	AllowedExtensions string `json:"allowed_extensions,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, allows the enforcement of key types and minimum key sizes to be signed.
	AllowedUserKeyLengths map[string]interface{} `json:"allowed_user_key_lengths,omitempty"`

	// [Optional for all types] [Works differently for CA type] If this option is not specified, or is '*', client can request a credential for any valid user at the remote host, including the admin user. If only certain usernames are to be allowed, then this list enforces it. If this field is set, then credentials can only be created for default_user and usernames present in this list. Setting this option will enable all the users with access to this role to fetch credentials for all other usernames in this list. Use with caution. N.B.: with the CA type, an empty list means that no users are allowed; explicitly specify '*' to allow any user.
	AllowedUsers string `json:"allowed_users,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, Allowed users can be specified using identity template policies. Non-templated users are also permitted.
	AllowedUsersTemplate bool `json:"allowed_users_template,omitempty"`

	// [Optional for OTP type] [Not applicable for CA type] Comma separated list of CIDR blocks for which the role is applicable for. CIDR blocks can belong to more than one role.
	CidrList string `json:"cidr_list,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] Critical options certificates should have if none are provided when signing. This field takes in key value pairs in JSON format. Note that these are not restricted by \"allowed_critical_options\". Defaults to none.
	DefaultCriticalOptions map[string]interface{} `json:"default_critical_options,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] Extensions certificates should have if none are provided when signing. This field takes in key value pairs in JSON format. Note that these are not restricted by \"allowed_extensions\". Defaults to none.
	DefaultExtensions map[string]interface{} `json:"default_extensions,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, Default extension values can be specified using identity template policies. Non-templated extension values are also permitted.
	DefaultExtensionsTemplate bool `json:"default_extensions_template,omitempty"`

	// [Required for OTP type] [Optional for CA type] Default username for which a credential will be generated. When the endpoint 'creds/' is used without a username, this value will be used as default username.
	DefaultUser string `json:"default_user,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] If set, Default user can be specified using identity template policies. Non-templated users are also permitted.
	DefaultUserTemplate bool `json:"default_user_template,omitempty"`

	// [Optional for OTP type] [Not applicable for CA type] Comma separated list of CIDR blocks. IP addresses belonging to these blocks are not accepted by the role. This is particularly useful when big CIDR blocks are being used by the role and certain parts of it needs to be kept out.
	ExcludeCidrList string `json:"exclude_cidr_list,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] When supplied, this value specifies a custom format for the key id of a signed certificate. The following variables are available for use: '{{token_display_name}}' - The display name of the token used to make the request. '{{role_name}}' - The name of the role signing the request. '{{public_key_hash}}' - A SHA256 checksum of the public key that is being signed.
	KeyIdFormat string `json:"key_id_format,omitempty"`

	// [Required for all types] Type of key used to login to hosts. It can be either 'otp' or 'ca'. 'otp' type requires agent to be installed in remote hosts.
	KeyType string `json:"key_type,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] The maximum allowed lease duration
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] The duration that the SSH certificate should be backdated by at issuance.
	NotBeforeDuration int32 `json:"not_before_duration,omitempty"`

	// [Optional for OTP type] [Not applicable for CA type] Port number for SSH connection. Default is '22'. Port number does not play any role in creation of OTP. For 'otp' type, this is just a way to inform client about the port number to use. Port number will be returned to client by Vault server along with OTP.
	Port int32 `json:"port,omitempty"`

	// [Not applicable for OTP type] [Optional for CA type] The lease duration if no specific lease duration is requested. The lease duration controls the expiration of certificates issued by this backend. Defaults to the value of max_ttl.
	Ttl int32 `json:"ttl,omitempty"`
}

SshWriteRoleRequest struct for SshWriteRoleRequest

func NewSshWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewSshWriteRoleRequestWithDefaults() *SshWriteRoleRequest

NewSshWriteRoleRequestWithDefaults instantiates a new SshWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TerraformCloudConfigureRequest ¶ added in v0.3.0 

type TerraformCloudConfigureRequest struct {
	// The address to access Terraform Cloud or Enterprise. Default is \"https://app.terraform.io\".
	Address string `json:"address,omitempty"`

	// The base path for the Terraform Cloud or Enterprise API. Default is \"/api/v2/\".
	BasePath string `json:"base_path,omitempty"`

	// The token to access Terraform Cloud
	Token string `json:"token"`
}

TerraformCloudConfigureRequest struct for TerraformCloudConfigureRequest

func NewTerraformCloudConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewTerraformCloudConfigureRequestWithDefaults() *TerraformCloudConfigureRequest

NewTerraformCloudConfigureRequestWithDefaults instantiates a new TerraformCloudConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TerraformCloudWriteRoleRequest ¶ added in v0.3.0 

type TerraformCloudWriteRoleRequest struct {
	// Maximum time for role. If not set or set to 0, will use system default.
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Name of the Terraform Cloud or Enterprise organization
	Organization string `json:"organization,omitempty"`

	// ID of the Terraform Cloud or Enterprise team under organization (e.g., settings/teams/team-xxxxxxxxxxxxx)
	TeamId string `json:"team_id,omitempty"`

	// Default lease for generated credentials. If not set or set to 0, will use system default.
	Ttl int32 `json:"ttl,omitempty"`

	// ID of the Terraform Cloud or Enterprise user (e.g., user-xxxxxxxxxxxxxxxx)
	UserId string `json:"user_id,omitempty"`
}

TerraformCloudWriteRoleRequest struct for TerraformCloudWriteRoleRequest

func NewTerraformCloudWriteRoleRequestWithDefaults ¶ added in v0.3.0 

func NewTerraformCloudWriteRoleRequestWithDefaults() *TerraformCloudWriteRoleRequest

NewTerraformCloudWriteRoleRequestWithDefaults instantiates a new TerraformCloudWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenCreateAgainstRoleRequest ¶ added in v0.3.0 

type TokenCreateAgainstRoleRequest struct {
	// Name to associate with this token
	DisplayName string `json:"display_name,omitempty"`

	// Name of the entity alias to associate with this token
	EntityAlias string `json:"entity_alias,omitempty"`

	// Explicit Max TTL of this token
	ExplicitMaxTtl string `json:"explicit_max_ttl,omitempty"`

	// Value for the token
	Id string `json:"id,omitempty"`

	// Arbitrary key=value metadata to associate with the token
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Do not include default policy for this token
	NoDefaultPolicy bool `json:"no_default_policy,omitempty"`

	// Create the token with no parent
	NoParent bool `json:"no_parent,omitempty"`

	// Max number of uses for this token
	NumUses int32 `json:"num_uses,omitempty"`

	// Renew period
	Period string `json:"period,omitempty"`

	// List of policies for the token
	Policies []string `json:"policies,omitempty"`

	// Allow token to be renewed past its initial TTL up to system/mount maximum TTL
	Renewable bool `json:"renewable,omitempty"`

	// Time to live for this token
	Ttl string `json:"ttl,omitempty"`

	// Token type
	Type string `json:"type,omitempty"`
}

TokenCreateAgainstRoleRequest struct for TokenCreateAgainstRoleRequest

func NewTokenCreateAgainstRoleRequestWithDefaults ¶ added in v0.3.0 

func NewTokenCreateAgainstRoleRequestWithDefaults() *TokenCreateAgainstRoleRequest

NewTokenCreateAgainstRoleRequestWithDefaults instantiates a new TokenCreateAgainstRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenCreateOrphanRequest ¶ added in v0.3.0 

type TokenCreateOrphanRequest struct {
	// Name to associate with this token
	DisplayName string `json:"display_name,omitempty"`

	// Name of the entity alias to associate with this token
	EntityAlias string `json:"entity_alias,omitempty"`

	// Explicit Max TTL of this token
	ExplicitMaxTtl string `json:"explicit_max_ttl,omitempty"`

	// Value for the token
	Id string `json:"id,omitempty"`

	// Arbitrary key=value metadata to associate with the token
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Do not include default policy for this token
	NoDefaultPolicy bool `json:"no_default_policy,omitempty"`

	// Create the token with no parent
	NoParent bool `json:"no_parent,omitempty"`

	// Max number of uses for this token
	NumUses int32 `json:"num_uses,omitempty"`

	// Renew period
	Period string `json:"period,omitempty"`

	// List of policies for the token
	Policies []string `json:"policies,omitempty"`

	// Allow token to be renewed past its initial TTL up to system/mount maximum TTL
	Renewable bool `json:"renewable,omitempty"`

	// Name of the role
	RoleName string `json:"role_name,omitempty"`

	// Time to live for this token
	Ttl string `json:"ttl,omitempty"`

	// Token type
	Type string `json:"type,omitempty"`
}

TokenCreateOrphanRequest struct for TokenCreateOrphanRequest

func NewTokenCreateOrphanRequestWithDefaults ¶ added in v0.3.0 

func NewTokenCreateOrphanRequestWithDefaults() *TokenCreateOrphanRequest

NewTokenCreateOrphanRequestWithDefaults instantiates a new TokenCreateOrphanRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenCreateRequest ¶ added in v0.3.0 

type TokenCreateRequest struct {
	// Name to associate with this token
	DisplayName string `json:"display_name,omitempty"`

	// Name of the entity alias to associate with this token
	EntityAlias string `json:"entity_alias,omitempty"`

	// Explicit Max TTL of this token
	ExplicitMaxTtl string `json:"explicit_max_ttl,omitempty"`

	// Value for the token
	Id string `json:"id,omitempty"`

	// Arbitrary key=value metadata to associate with the token
	Metadata map[string]interface{} `json:"metadata,omitempty"`

	// Do not include default policy for this token
	NoDefaultPolicy bool `json:"no_default_policy,omitempty"`

	// Create the token with no parent
	NoParent bool `json:"no_parent,omitempty"`

	// Max number of uses for this token
	NumUses int32 `json:"num_uses,omitempty"`

	// Renew period
	Period string `json:"period,omitempty"`

	// List of policies for the token
	Policies []string `json:"policies,omitempty"`

	// Allow token to be renewed past its initial TTL up to system/mount maximum TTL
	Renewable bool `json:"renewable,omitempty"`

	// Time to live for this token
	Ttl string `json:"ttl,omitempty"`

	// Token type
	Type string `json:"type,omitempty"`
}

TokenCreateRequest struct for TokenCreateRequest

func NewTokenCreateRequestWithDefaults ¶ added in v0.3.0 

func NewTokenCreateRequestWithDefaults() *TokenCreateRequest

NewTokenCreateRequestWithDefaults instantiates a new TokenCreateRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenLookUpAccessorRequest ¶ added in v0.3.0 

type TokenLookUpAccessorRequest struct {
	// Accessor of the token to look up (request body)
	Accessor string `json:"accessor,omitempty"`
}

TokenLookUpAccessorRequest struct for TokenLookUpAccessorRequest

func NewTokenLookUpAccessorRequestWithDefaults ¶ added in v0.3.0 

func NewTokenLookUpAccessorRequestWithDefaults() *TokenLookUpAccessorRequest

NewTokenLookUpAccessorRequestWithDefaults instantiates a new TokenLookUpAccessorRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenLookUpRequest ¶ added in v0.3.0 

type TokenLookUpRequest struct {
	// Token to lookup (POST request body)
	Token string `json:"token,omitempty"`
}

TokenLookUpRequest struct for TokenLookUpRequest

func NewTokenLookUpRequestWithDefaults ¶ added in v0.3.0 

func NewTokenLookUpRequestWithDefaults() *TokenLookUpRequest

NewTokenLookUpRequestWithDefaults instantiates a new TokenLookUpRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenRenewAccessorRequest ¶ 

type TokenRenewAccessorRequest struct {
	// Accessor of the token to renew (request body)
	Accessor string `json:"accessor,omitempty"`

	// The desired increment in seconds to the token expiration
	Increment int32 `json:"increment,omitempty"`
}

TokenRenewAccessorRequest struct for TokenRenewAccessorRequest

func NewTokenRenewAccessorRequestWithDefaults ¶ 

func NewTokenRenewAccessorRequestWithDefaults() *TokenRenewAccessorRequest

NewTokenRenewAccessorRequestWithDefaults instantiates a new TokenRenewAccessorRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenRenewRequest ¶ 

type TokenRenewRequest struct {
	// The desired increment in seconds to the token expiration
	Increment int32 `json:"increment,omitempty"`

	// Token to renew (request body)
	Token string `json:"token,omitempty"`
}

TokenRenewRequest struct for TokenRenewRequest

func NewTokenRenewRequestWithDefaults ¶ 

func NewTokenRenewRequestWithDefaults() *TokenRenewRequest

NewTokenRenewRequestWithDefaults instantiates a new TokenRenewRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenRenewSelfRequest ¶ 

type TokenRenewSelfRequest struct {
	// The desired increment in seconds to the token expiration
	Increment int32 `json:"increment,omitempty"`

	// Token to renew (unused, does not need to be set)
	Token string `json:"token,omitempty"`
}

TokenRenewSelfRequest struct for TokenRenewSelfRequest

func NewTokenRenewSelfRequestWithDefaults ¶ 

func NewTokenRenewSelfRequestWithDefaults() *TokenRenewSelfRequest

NewTokenRenewSelfRequestWithDefaults instantiates a new TokenRenewSelfRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenRevokeAccessorRequest ¶ 

type TokenRevokeAccessorRequest struct {
	// Accessor of the token (request body)
	Accessor string `json:"accessor,omitempty"`
}

TokenRevokeAccessorRequest struct for TokenRevokeAccessorRequest

func NewTokenRevokeAccessorRequestWithDefaults ¶ 

func NewTokenRevokeAccessorRequestWithDefaults() *TokenRevokeAccessorRequest

NewTokenRevokeAccessorRequestWithDefaults instantiates a new TokenRevokeAccessorRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenRevokeOrphanRequest ¶ 

type TokenRevokeOrphanRequest struct {
	// Token to revoke (request body)
	Token string `json:"token,omitempty"`
}

TokenRevokeOrphanRequest struct for TokenRevokeOrphanRequest

func NewTokenRevokeOrphanRequestWithDefaults ¶ 

func NewTokenRevokeOrphanRequestWithDefaults() *TokenRevokeOrphanRequest

NewTokenRevokeOrphanRequestWithDefaults instantiates a new TokenRevokeOrphanRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenRevokeRequest ¶ 

type TokenRevokeRequest struct {
	// Token to revoke (request body)
	Token string `json:"token,omitempty"`
}

TokenRevokeRequest struct for TokenRevokeRequest

func NewTokenRevokeRequestWithDefaults ¶ 

func NewTokenRevokeRequestWithDefaults() *TokenRevokeRequest

NewTokenRevokeRequestWithDefaults instantiates a new TokenRevokeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TokenWriteRoleRequest ¶ 

type TokenWriteRoleRequest struct {
	// String or JSON list of allowed entity aliases. If set, specifies the entity aliases which are allowed to be used during token generation. This field supports globbing.
	AllowedEntityAliases []string `json:"allowed_entity_aliases,omitempty"`

	// If set, tokens can be created with any subset of the policies in this list, rather than the normal semantics of tokens being a subset of the calling token's policies. The parameter is a comma-delimited string of policy names.
	AllowedPolicies []string `json:"allowed_policies,omitempty"`

	// If set, tokens can be created with any subset of glob matched policies in this list, rather than the normal semantics of tokens being a subset of the calling token's policies. The parameter is a comma-delimited string of policy name globs.
	AllowedPoliciesGlob []string `json:"allowed_policies_glob,omitempty"`

	// Use 'token_bound_cidrs' instead.
	// Deprecated
	BoundCidrs []string `json:"bound_cidrs,omitempty"`

	// If set, successful token creation via this role will require that no policies in the given list are requested. The parameter is a comma-delimited string of policy names.
	DisallowedPolicies []string `json:"disallowed_policies,omitempty"`

	// If set, successful token creation via this role will require that no requested policies glob match any of policies in this list. The parameter is a comma-delimited string of policy name globs.
	DisallowedPoliciesGlob []string `json:"disallowed_policies_glob,omitempty"`

	// Use 'token_explicit_max_ttl' instead.
	// Deprecated
	ExplicitMaxTtl int32 `json:"explicit_max_ttl,omitempty"`

	// If true, tokens created via this role will be orphan tokens (have no parent)
	Orphan bool `json:"orphan,omitempty"`

	// If set, tokens created via this role will contain the given suffix as a part of their path. This can be used to assist use of the 'revoke-prefix' endpoint later on. The given suffix must match the regular expression.\\w[\\w-.]+\\w
	PathSuffix string `json:"path_suffix,omitempty"`

	// Use 'token_period' instead.
	// Deprecated
	Period int32 `json:"period,omitempty"`

	// Tokens created via this role will be renewable or not according to this value. Defaults to \"true\".
	Renewable bool `json:"renewable,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`
}

TokenWriteRoleRequest struct for TokenWriteRoleRequest

func NewTokenWriteRoleRequestWithDefaults ¶ 

func NewTokenWriteRoleRequestWithDefaults() *TokenWriteRoleRequest

NewTokenWriteRoleRequestWithDefaults instantiates a new TokenWriteRoleRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TotpCreateKeyRequest ¶ added in v0.3.0 

type TotpCreateKeyRequest struct {
	// The name of the account associated with the key. Required if generate is true.
	AccountName string `json:"account_name,omitempty"`

	// The hashing algorithm used to generate the TOTP token. Options include SHA1, SHA256 and SHA512.
	Algorithm string `json:"algorithm,omitempty"`

	// The number of digits in the generated TOTP token. This value can either be 6 or 8.
	Digits int32 `json:"digits,omitempty"`

	// Determines if a QR code and url are returned upon generating a key. Only used if generate is true.
	Exported bool `json:"exported,omitempty"`

	// Determines if a key should be generated by Vault or if a key is being passed from another service.
	Generate bool `json:"generate,omitempty"`

	// The name of the key's issuing organization. Required if generate is true.
	Issuer string `json:"issuer,omitempty"`

	// The shared master key used to generate a TOTP token. Only used if generate is false.
	Key string `json:"key,omitempty"`

	// Determines the size in bytes of the generated key. Only used if generate is true.
	KeySize int32 `json:"key_size,omitempty"`

	// The length of time used to generate a counter for the TOTP token calculation.
	Period int32 `json:"period,omitempty"`

	// The pixel size of the generated square QR code. Only used if generate is true and exported is true. If this value is 0, a QR code will not be returned.
	QrSize int32 `json:"qr_size,omitempty"`

	// The number of delay periods that are allowed when validating a TOTP token. This value can either be 0 or 1. Only used if generate is true.
	Skew int32 `json:"skew,omitempty"`

	// A TOTP url string containing all of the parameters for key setup. Only used if generate is false.
	Url string `json:"url,omitempty"`
}

TotpCreateKeyRequest struct for TotpCreateKeyRequest

func NewTotpCreateKeyRequestWithDefaults ¶ added in v0.3.0 

func NewTotpCreateKeyRequestWithDefaults() *TotpCreateKeyRequest

NewTotpCreateKeyRequestWithDefaults instantiates a new TotpCreateKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TotpValidateCodeRequest ¶ added in v0.3.0 

type TotpValidateCodeRequest struct {
	// TOTP code to be validated.
	Code string `json:"code,omitempty"`
}

TotpValidateCodeRequest struct for TotpValidateCodeRequest

func NewTotpValidateCodeRequestWithDefaults ¶ added in v0.3.0 

func NewTotpValidateCodeRequestWithDefaults() *TotpValidateCodeRequest

NewTotpValidateCodeRequestWithDefaults instantiates a new TotpValidateCodeRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitConfigureCacheRequest ¶ added in v0.3.0 

type TransitConfigureCacheRequest struct {
	// Size of cache, use 0 for an unlimited cache size, defaults to 0
	Size int32 `json:"size,omitempty"`
}

TransitConfigureCacheRequest struct for TransitConfigureCacheRequest

func NewTransitConfigureCacheRequestWithDefaults ¶ added in v0.3.0 

func NewTransitConfigureCacheRequestWithDefaults() *TransitConfigureCacheRequest

NewTransitConfigureCacheRequestWithDefaults instantiates a new TransitConfigureCacheRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitConfigureKeyRequest ¶ added in v0.3.0 

type TransitConfigureKeyRequest struct {
	// Enables taking a backup of the named key in plaintext format. Once set, this cannot be disabled.
	AllowPlaintextBackup bool `json:"allow_plaintext_backup,omitempty"`

	// Amount of time the key should live before being automatically rotated. A value of 0 disables automatic rotation for the key.
	AutoRotatePeriod int32 `json:"auto_rotate_period,omitempty"`

	// Whether to allow deletion of the key
	DeletionAllowed bool `json:"deletion_allowed,omitempty"`

	// Enables export of the key. Once set, this cannot be disabled.
	Exportable bool `json:"exportable,omitempty"`

	// If set, the minimum version of the key allowed to be decrypted. For signing keys, the minimum version allowed to be used for verification.
	MinDecryptionVersion int32 `json:"min_decryption_version,omitempty"`

	// If set, the minimum version of the key allowed to be used for encryption; or for signing keys, to be used for signing. If set to zero, only the latest version of the key is allowed.
	MinEncryptionVersion int32 `json:"min_encryption_version,omitempty"`
}

TransitConfigureKeyRequest struct for TransitConfigureKeyRequest

func NewTransitConfigureKeyRequestWithDefaults ¶ added in v0.3.0 

func NewTransitConfigureKeyRequestWithDefaults() *TransitConfigureKeyRequest

NewTransitConfigureKeyRequestWithDefaults instantiates a new TransitConfigureKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitConfigureKeysRequest ¶ added in v0.3.0 

type TransitConfigureKeysRequest struct {
	// Whether to allow automatic upserting (creation) of keys on the encrypt endpoint.
	DisableUpsert bool `json:"disable_upsert,omitempty"`
}

TransitConfigureKeysRequest struct for TransitConfigureKeysRequest

func NewTransitConfigureKeysRequestWithDefaults ¶ added in v0.3.0 

func NewTransitConfigureKeysRequestWithDefaults() *TransitConfigureKeysRequest

NewTransitConfigureKeysRequestWithDefaults instantiates a new TransitConfigureKeysRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitCreateKeyRequest ¶ added in v0.3.0 

type TransitCreateKeyRequest struct {
	// Enables taking a backup of the named key in plaintext format. Once set, this cannot be disabled.
	AllowPlaintextBackup bool `json:"allow_plaintext_backup,omitempty"`

	// Amount of time the key should live before being automatically rotated. A value of 0 (default) disables automatic rotation for the key.
	AutoRotatePeriod int32 `json:"auto_rotate_period,omitempty"`

	// Base64 encoded context for key derivation. When reading a key with key derivation enabled, if the key type supports public keys, this will return the public key for the given context.
	Context string `json:"context,omitempty"`

	// Whether to support convergent encryption. This is only supported when using a key with key derivation enabled and will require all requests to carry both a context and 96-bit (12-byte) nonce. The given nonce will be used in place of a randomly generated nonce. As a result, when the same context and nonce are supplied, the same ciphertext is generated. It is *very important* when using this mode that you ensure that all nonces are unique for a given context. Failing to do so will severely impact the ciphertext's security.
	ConvergentEncryption bool `json:"convergent_encryption,omitempty"`

	// Enables key derivation mode. This allows for per-transaction unique keys for encryption operations.
	Derived bool `json:"derived,omitempty"`

	// Enables keys to be exportable. This allows for all the valid keys in the key ring to be exported.
	Exportable bool `json:"exportable,omitempty"`

	// The key size in bytes for the algorithm. Only applies to HMAC and must be no fewer than 32 bytes and no more than 512
	KeySize int32 `json:"key_size,omitempty"`

	// The UUID of the managed key to use for this transit key
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use for this transit key
	ManagedKeyName string `json:"managed_key_name,omitempty"`

	// The type of key to create. Currently, \"aes128-gcm96\" (symmetric), \"aes256-gcm96\" (symmetric), \"ecdsa-p256\" (asymmetric), \"ecdsa-p384\" (asymmetric), \"ecdsa-p521\" (asymmetric), \"ed25519\" (asymmetric), \"rsa-2048\" (asymmetric), \"rsa-3072\" (asymmetric), \"rsa-4096\" (asymmetric) are supported. Defaults to \"aes256-gcm96\".
	Type string `json:"type,omitempty"`
}

TransitCreateKeyRequest struct for TransitCreateKeyRequest

func NewTransitCreateKeyRequestWithDefaults ¶ added in v0.3.0 

func NewTransitCreateKeyRequestWithDefaults() *TransitCreateKeyRequest

NewTransitCreateKeyRequestWithDefaults instantiates a new TransitCreateKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitDecryptRequest ¶ 

type TransitDecryptRequest struct {
	// When using an AEAD cipher mode, such as AES-GCM, this parameter allows passing associated data (AD/AAD) into the encryption function; this data must be passed on subsequent decryption requests but can be transited in plaintext. On successful decryption, both the ciphertext and the associated data are attested not to have been tampered with.
	AssociatedData string `json:"associated_data,omitempty"`

	// Specifies a list of items to be decrypted in a single batch. When this parameter is set, if the parameters 'ciphertext', 'context' and 'nonce' are also set, they will be ignored. Any batch output will preserve the order of the batch input.
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// The ciphertext to decrypt, provided as returned by encrypt.
	Ciphertext string `json:"ciphertext,omitempty"`

	// Base64 encoded context for key derivation. Required if key derivation is enabled.
	Context string `json:"context,omitempty"`

	// Base64 encoded nonce value used during encryption. Must be provided if convergent encryption is enabled for this key and the key was generated with Vault 0.6.1. Not required for keys created in 0.6.2+.
	Nonce string `json:"nonce,omitempty"`

	// Ordinarily, if a batch item fails to decrypt due to a bad input, but other batch items succeed, the HTTP response code is 400 (Bad Request). Some applications may want to treat partial failures differently. Providing the parameter returns the given response code integer instead of a 400 in this case. If all values fail HTTP 400 is still returned.
	PartialFailureResponseCode int32 `json:"partial_failure_response_code,omitempty"`
}

TransitDecryptRequest struct for TransitDecryptRequest

func NewTransitDecryptRequestWithDefaults ¶ 

func NewTransitDecryptRequestWithDefaults() *TransitDecryptRequest

NewTransitDecryptRequestWithDefaults instantiates a new TransitDecryptRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitEncryptRequest ¶ 

type TransitEncryptRequest struct {
	// When using an AEAD cipher mode, such as AES-GCM, this parameter allows passing associated data (AD/AAD) into the encryption function; this data must be passed on subsequent decryption requests but can be transited in plaintext. On successful decryption, both the ciphertext and the associated data are attested not to have been tampered with.
	AssociatedData string `json:"associated_data,omitempty"`

	// Specifies a list of items to be encrypted in a single batch. When this parameter is set, if the parameters 'plaintext', 'context' and 'nonce' are also set, they will be ignored. Any batch output will preserve the order of the batch input.
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// Base64 encoded context for key derivation. Required if key derivation is enabled
	Context string `json:"context,omitempty"`

	// This parameter will only be used when a key is expected to be created. Whether to support convergent encryption. This is only supported when using a key with key derivation enabled and will require all requests to carry both a context and 96-bit (12-byte) nonce. The given nonce will be used in place of a randomly generated nonce. As a result, when the same context and nonce are supplied, the same ciphertext is generated. It is *very important* when using this mode that you ensure that all nonces are unique for a given context. Failing to do so will severely impact the ciphertext's security.
	ConvergentEncryption bool `json:"convergent_encryption,omitempty"`

	// The version of the key to use for encryption. Must be 0 (for latest) or a value greater than or equal to the min_encryption_version configured on the key.
	KeyVersion int32 `json:"key_version,omitempty"`

	// Base64 encoded nonce value. Must be provided if convergent encryption is enabled for this key and the key was generated with Vault 0.6.1. Not required for keys created in 0.6.2+. The value must be exactly 96 bits (12 bytes) long and the user must ensure that for any given context (and thus, any given encryption key) this nonce value is **never reused**.
	Nonce string `json:"nonce,omitempty"`

	// Ordinarily, if a batch item fails to encrypt due to a bad input, but other batch items succeed, the HTTP response code is 400 (Bad Request). Some applications may want to treat partial failures differently. Providing the parameter returns the given response code integer instead of a 400 in this case. If all values fail HTTP 400 is still returned.
	PartialFailureResponseCode int32 `json:"partial_failure_response_code,omitempty"`

	// Base64 encoded plaintext value to be encrypted
	Plaintext string `json:"plaintext,omitempty"`

	// This parameter is required when encryption key is expected to be created. When performing an upsert operation, the type of key to create. Currently, \"aes128-gcm96\" (symmetric) and \"aes256-gcm96\" (symmetric) are the only types supported. Defaults to \"aes256-gcm96\".
	Type string `json:"type,omitempty"`
}

TransitEncryptRequest struct for TransitEncryptRequest

func NewTransitEncryptRequestWithDefaults ¶ 

func NewTransitEncryptRequestWithDefaults() *TransitEncryptRequest

NewTransitEncryptRequestWithDefaults instantiates a new TransitEncryptRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitGenerateDataKeyRequest ¶ 

type TransitGenerateDataKeyRequest struct {
	// Number of bits for the key; currently 128, 256, and 512 bits are supported. Defaults to 256.
	Bits int32 `json:"bits,omitempty"`

	// Context for key derivation. Required for derived keys.
	Context string `json:"context,omitempty"`

	// The version of the Vault key to use for encryption of the data key. Must be 0 (for latest) or a value greater than or equal to the min_encryption_version configured on the key.
	KeyVersion int32 `json:"key_version,omitempty"`

	// Nonce for when convergent encryption v1 is used (only in Vault 0.6.1)
	Nonce string `json:"nonce,omitempty"`
}

TransitGenerateDataKeyRequest struct for TransitGenerateDataKeyRequest

func NewTransitGenerateDataKeyRequestWithDefaults ¶ 

func NewTransitGenerateDataKeyRequestWithDefaults() *TransitGenerateDataKeyRequest

NewTransitGenerateDataKeyRequestWithDefaults instantiates a new TransitGenerateDataKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitGenerateHmacRequest ¶ added in v0.3.0 

type TransitGenerateHmacRequest struct {
	// Algorithm to use (POST body parameter). Valid values are: * sha2-224 * sha2-256 * sha2-384 * sha2-512 * sha3-224 * sha3-256 * sha3-384 * sha3-512 Defaults to \"sha2-256\".
	Algorithm string `json:"algorithm,omitempty"`

	// Specifies a list of items to be processed in a single batch. When this parameter is set, if the parameter 'input' is also set, it will be ignored. Any batch output will preserve the order of the batch input.
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// The base64-encoded input data
	Input string `json:"input,omitempty"`

	// The version of the key to use for generating the HMAC. Must be 0 (for latest) or a value greater than or equal to the min_encryption_version configured on the key.
	KeyVersion int32 `json:"key_version,omitempty"`

	// Algorithm to use (POST URL parameter)
	Urlalgorithm string `json:"urlalgorithm,omitempty"`
}

TransitGenerateHmacRequest struct for TransitGenerateHmacRequest

func NewTransitGenerateHmacRequestWithDefaults ¶ added in v0.3.0 

func NewTransitGenerateHmacRequestWithDefaults() *TransitGenerateHmacRequest

NewTransitGenerateHmacRequestWithDefaults instantiates a new TransitGenerateHmacRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitGenerateHmacWithAlgorithmRequest ¶ added in v0.3.0 

type TransitGenerateHmacWithAlgorithmRequest struct {
	// Algorithm to use (POST body parameter). Valid values are: * sha2-224 * sha2-256 * sha2-384 * sha2-512 * sha3-224 * sha3-256 * sha3-384 * sha3-512 Defaults to \"sha2-256\".
	Algorithm string `json:"algorithm,omitempty"`

	// Specifies a list of items to be processed in a single batch. When this parameter is set, if the parameter 'input' is also set, it will be ignored. Any batch output will preserve the order of the batch input.
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// The base64-encoded input data
	Input string `json:"input,omitempty"`

	// The version of the key to use for generating the HMAC. Must be 0 (for latest) or a value greater than or equal to the min_encryption_version configured on the key.
	KeyVersion int32 `json:"key_version,omitempty"`
}

TransitGenerateHmacWithAlgorithmRequest struct for TransitGenerateHmacWithAlgorithmRequest

func NewTransitGenerateHmacWithAlgorithmRequestWithDefaults ¶ added in v0.3.0 

func NewTransitGenerateHmacWithAlgorithmRequestWithDefaults() *TransitGenerateHmacWithAlgorithmRequest

NewTransitGenerateHmacWithAlgorithmRequestWithDefaults instantiates a new TransitGenerateHmacWithAlgorithmRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitGenerateRandomRequest ¶ 

type TransitGenerateRandomRequest struct {
	// The number of bytes to generate (POST body parameter). Defaults to 32 (256 bits).
	Bytes int32 `json:"bytes,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"base64\".
	Format string `json:"format,omitempty"`

	// Which system to source random data from, ether \"platform\", \"seal\", or \"all\".
	Source string `json:"source,omitempty"`

	// The number of bytes to generate (POST URL parameter)
	Urlbytes string `json:"urlbytes,omitempty"`
}

TransitGenerateRandomRequest struct for TransitGenerateRandomRequest

func NewTransitGenerateRandomRequestWithDefaults ¶ 

func NewTransitGenerateRandomRequestWithDefaults() *TransitGenerateRandomRequest

NewTransitGenerateRandomRequestWithDefaults instantiates a new TransitGenerateRandomRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitGenerateRandomWithBytesRequest ¶ added in v0.3.0 

type TransitGenerateRandomWithBytesRequest struct {
	// The number of bytes to generate (POST body parameter). Defaults to 32 (256 bits).
	Bytes int32 `json:"bytes,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"base64\".
	Format string `json:"format,omitempty"`

	// Which system to source random data from, ether \"platform\", \"seal\", or \"all\".
	Source string `json:"source,omitempty"`
}

TransitGenerateRandomWithBytesRequest struct for TransitGenerateRandomWithBytesRequest

func NewTransitGenerateRandomWithBytesRequestWithDefaults ¶ added in v0.3.0 

func NewTransitGenerateRandomWithBytesRequestWithDefaults() *TransitGenerateRandomWithBytesRequest

NewTransitGenerateRandomWithBytesRequestWithDefaults instantiates a new TransitGenerateRandomWithBytesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitGenerateRandomWithSourceAndBytesRequest ¶ added in v0.3.0 

type TransitGenerateRandomWithSourceAndBytesRequest struct {
	// The number of bytes to generate (POST body parameter). Defaults to 32 (256 bits).
	Bytes int32 `json:"bytes,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"base64\".
	Format string `json:"format,omitempty"`
}

TransitGenerateRandomWithSourceAndBytesRequest struct for TransitGenerateRandomWithSourceAndBytesRequest

func NewTransitGenerateRandomWithSourceAndBytesRequestWithDefaults ¶ added in v0.3.0 

func NewTransitGenerateRandomWithSourceAndBytesRequestWithDefaults() *TransitGenerateRandomWithSourceAndBytesRequest

NewTransitGenerateRandomWithSourceAndBytesRequestWithDefaults instantiates a new TransitGenerateRandomWithSourceAndBytesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitGenerateRandomWithSourceRequest ¶ added in v0.3.0 

type TransitGenerateRandomWithSourceRequest struct {
	// The number of bytes to generate (POST body parameter). Defaults to 32 (256 bits).
	Bytes int32 `json:"bytes,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"base64\".
	Format string `json:"format,omitempty"`

	// The number of bytes to generate (POST URL parameter)
	Urlbytes string `json:"urlbytes,omitempty"`
}

TransitGenerateRandomWithSourceRequest struct for TransitGenerateRandomWithSourceRequest

func NewTransitGenerateRandomWithSourceRequestWithDefaults ¶ added in v0.3.0 

func NewTransitGenerateRandomWithSourceRequestWithDefaults() *TransitGenerateRandomWithSourceRequest

NewTransitGenerateRandomWithSourceRequestWithDefaults instantiates a new TransitGenerateRandomWithSourceRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitHashRequest ¶ 

type TransitHashRequest struct {
	// Algorithm to use (POST body parameter). Valid values are: * sha2-224 * sha2-256 * sha2-384 * sha2-512 * sha3-224 * sha3-256 * sha3-384 * sha3-512 Defaults to \"sha2-256\".
	Algorithm string `json:"algorithm,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"hex\".
	Format string `json:"format,omitempty"`

	// The base64-encoded input data
	Input string `json:"input,omitempty"`

	// Algorithm to use (POST URL parameter)
	Urlalgorithm string `json:"urlalgorithm,omitempty"`
}

TransitHashRequest struct for TransitHashRequest

func NewTransitHashRequestWithDefaults ¶ 

func NewTransitHashRequestWithDefaults() *TransitHashRequest

NewTransitHashRequestWithDefaults instantiates a new TransitHashRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitHashWithAlgorithmRequest ¶ 

type TransitHashWithAlgorithmRequest struct {
	// Algorithm to use (POST body parameter). Valid values are: * sha2-224 * sha2-256 * sha2-384 * sha2-512 * sha3-224 * sha3-256 * sha3-384 * sha3-512 Defaults to \"sha2-256\".
	Algorithm string `json:"algorithm,omitempty"`

	// Encoding format to use. Can be \"hex\" or \"base64\". Defaults to \"hex\".
	Format string `json:"format,omitempty"`

	// The base64-encoded input data
	Input string `json:"input,omitempty"`
}

TransitHashWithAlgorithmRequest struct for TransitHashWithAlgorithmRequest

func NewTransitHashWithAlgorithmRequestWithDefaults ¶ 

func NewTransitHashWithAlgorithmRequestWithDefaults() *TransitHashWithAlgorithmRequest

NewTransitHashWithAlgorithmRequestWithDefaults instantiates a new TransitHashWithAlgorithmRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitImportKeyRequest ¶ 

type TransitImportKeyRequest struct {
	// Enables taking a backup of the named key in plaintext format. Once set, this cannot be disabled.
	AllowPlaintextBackup bool `json:"allow_plaintext_backup,omitempty"`

	// True if the imported key may be rotated within Vault; false otherwise.
	AllowRotation bool `json:"allow_rotation,omitempty"`

	// Amount of time the key should live before being automatically rotated. A value of 0 (default) disables automatic rotation for the key.
	AutoRotatePeriod int32 `json:"auto_rotate_period,omitempty"`

	// The base64-encoded ciphertext of the keys. The AES key should be encrypted using OAEP with the wrapping key and then concatenated with the import key, wrapped by the AES key.
	Ciphertext string `json:"ciphertext,omitempty"`

	// Base64 encoded context for key derivation. When reading a key with key derivation enabled, if the key type supports public keys, this will return the public key for the given context.
	Context string `json:"context,omitempty"`

	// Enables key derivation mode. This allows for per-transaction unique keys for encryption operations.
	Derived bool `json:"derived,omitempty"`

	// Enables keys to be exportable. This allows for all the valid keys in the key ring to be exported.
	Exportable bool `json:"exportable,omitempty"`

	// The hash function used as a random oracle in the OAEP wrapping of the user-generated, ephemeral AES key. Can be one of \"SHA1\", \"SHA224\", \"SHA256\" (default), \"SHA384\", or \"SHA512\"
	HashFunction string `json:"hash_function,omitempty"`

	// The type of key being imported. Currently, \"aes128-gcm96\" (symmetric), \"aes256-gcm96\" (symmetric), \"ecdsa-p256\" (asymmetric), \"ecdsa-p384\" (asymmetric), \"ecdsa-p521\" (asymmetric), \"ed25519\" (asymmetric), \"rsa-2048\" (asymmetric), \"rsa-3072\" (asymmetric), \"rsa-4096\" (asymmetric) are supported. Defaults to \"aes256-gcm96\".
	Type string `json:"type,omitempty"`
}

TransitImportKeyRequest struct for TransitImportKeyRequest

func NewTransitImportKeyRequestWithDefaults ¶ 

func NewTransitImportKeyRequestWithDefaults() *TransitImportKeyRequest

NewTransitImportKeyRequestWithDefaults instantiates a new TransitImportKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitImportKeyVersionRequest ¶ 

type TransitImportKeyVersionRequest struct {
	// The base64-encoded ciphertext of the keys. The AES key should be encrypted using OAEP with the wrapping key and then concatenated with the import key, wrapped by the AES key.
	Ciphertext string `json:"ciphertext,omitempty"`

	// The hash function used as a random oracle in the OAEP wrapping of the user-generated, ephemeral AES key. Can be one of \"SHA1\", \"SHA224\", \"SHA256\" (default), \"SHA384\", or \"SHA512\"
	HashFunction string `json:"hash_function,omitempty"`
}

TransitImportKeyVersionRequest struct for TransitImportKeyVersionRequest

func NewTransitImportKeyVersionRequestWithDefaults ¶ 

func NewTransitImportKeyVersionRequestWithDefaults() *TransitImportKeyVersionRequest

NewTransitImportKeyVersionRequestWithDefaults instantiates a new TransitImportKeyVersionRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitRestoreAndRenameKeyRequest ¶ added in v0.3.0 

type TransitRestoreAndRenameKeyRequest struct {
	// Backed up key data to be restored. This should be the output from the 'backup/' endpoint.
	Backup string `json:"backup,omitempty"`

	// If set and a key by the given name exists, force the restore operation and override the key.
	Force bool `json:"force,omitempty"`
}

TransitRestoreAndRenameKeyRequest struct for TransitRestoreAndRenameKeyRequest

func NewTransitRestoreAndRenameKeyRequestWithDefaults ¶ added in v0.3.0 

func NewTransitRestoreAndRenameKeyRequestWithDefaults() *TransitRestoreAndRenameKeyRequest

NewTransitRestoreAndRenameKeyRequestWithDefaults instantiates a new TransitRestoreAndRenameKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitRestoreKeyRequest ¶ 

type TransitRestoreKeyRequest struct {
	// Backed up key data to be restored. This should be the output from the 'backup/' endpoint.
	Backup string `json:"backup,omitempty"`

	// If set and a key by the given name exists, force the restore operation and override the key.
	Force bool `json:"force,omitempty"`

	// If set, this will be the name of the restored key.
	Name string `json:"name,omitempty"`
}

TransitRestoreKeyRequest struct for TransitRestoreKeyRequest

func NewTransitRestoreKeyRequestWithDefaults ¶ 

func NewTransitRestoreKeyRequestWithDefaults() *TransitRestoreKeyRequest

NewTransitRestoreKeyRequestWithDefaults instantiates a new TransitRestoreKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitRewrapRequest ¶ 

type TransitRewrapRequest struct {
	// Specifies a list of items to be re-encrypted in a single batch. When this parameter is set, if the parameters 'ciphertext', 'context' and 'nonce' are also set, they will be ignored. Any batch output will preserve the order of the batch input.
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// Ciphertext value to rewrap
	Ciphertext string `json:"ciphertext,omitempty"`

	// Base64 encoded context for key derivation. Required for derived keys.
	Context string `json:"context,omitempty"`

	// The version of the key to use for encryption. Must be 0 (for latest) or a value greater than or equal to the min_encryption_version configured on the key.
	KeyVersion int32 `json:"key_version,omitempty"`

	// Nonce for when convergent encryption is used
	Nonce string `json:"nonce,omitempty"`
}

TransitRewrapRequest struct for TransitRewrapRequest

func NewTransitRewrapRequestWithDefaults ¶ 

func NewTransitRewrapRequestWithDefaults() *TransitRewrapRequest

NewTransitRewrapRequestWithDefaults instantiates a new TransitRewrapRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitRotateKeyRequest ¶ added in v0.3.0 

type TransitRotateKeyRequest struct {
	// The UUID of the managed key to use for the new version of this transit key
	ManagedKeyId string `json:"managed_key_id,omitempty"`

	// The name of the managed key to use for the new version of this transit key
	ManagedKeyName string `json:"managed_key_name,omitempty"`
}

TransitRotateKeyRequest struct for TransitRotateKeyRequest

func NewTransitRotateKeyRequestWithDefaults ¶ added in v0.3.0 

func NewTransitRotateKeyRequestWithDefaults() *TransitRotateKeyRequest

NewTransitRotateKeyRequestWithDefaults instantiates a new TransitRotateKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitSignRequest ¶ 

type TransitSignRequest struct {
	// Deprecated: use \"hash_algorithm\" instead.
	Algorithm string `json:"algorithm,omitempty"`

	// Specifies a list of items for processing. When this parameter is set, any supplied 'input' or 'context' parameters will be ignored. Responses are returned in the 'batch_results' array component of the 'data' element of the response. Any batch output will preserve the order of the batch input
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// Base64 encoded context for key derivation. Required if key derivation is enabled; currently only available with ed25519 keys.
	Context string `json:"context,omitempty"`

	// Hash algorithm to use (POST body parameter). Valid values are: * sha1 * sha2-224 * sha2-256 * sha2-384 * sha2-512 * sha3-224 * sha3-256 * sha3-384 * sha3-512 * none Defaults to \"sha2-256\". Not valid for all key types, including ed25519. Using none requires setting prehashed=true and signature_algorithm=pkcs1v15, yielding a PKCSv1_5_NoOID instead of the usual PKCSv1_5_DERnull signature.
	HashAlgorithm string `json:"hash_algorithm,omitempty"`

	// The base64-encoded input data
	Input string `json:"input,omitempty"`

	// The version of the key to use for signing. Must be 0 (for latest) or a value greater than or equal to the min_encryption_version configured on the key.
	KeyVersion int32 `json:"key_version,omitempty"`

	// The method by which to marshal the signature. The default is 'asn1' which is used by openssl and X.509. It can also be set to 'jws' which is used for JWT signatures; setting it to this will also cause the encoding of the signature to be url-safe base64 instead of using standard base64 encoding. Currently only valid for ECDSA P-256 key types\".
	MarshalingAlgorithm string `json:"marshaling_algorithm,omitempty"`

	// Set to 'true' when the input is already hashed. If the key type is 'rsa-2048', 'rsa-3072' or 'rsa-4096', then the algorithm used to hash the input should be indicated by the 'algorithm' parameter.
	Prehashed bool `json:"prehashed,omitempty"`

	// The salt length used to sign. Currently only applies to the RSA PSS signature scheme. Options are 'auto' (the default used by Golang, causing the salt to be as large as possible when signing), 'hash' (causes the salt length to equal the length of the hash used in the signature), or an integer between the minimum and the maximum permissible salt lengths for the given RSA key size. Defaults to 'auto'.
	SaltLength string `json:"salt_length,omitempty"`

	// The signature algorithm to use for signing. Currently only applies to RSA key types. Options are 'pss' or 'pkcs1v15'. Defaults to 'pss'
	SignatureAlgorithm string `json:"signature_algorithm,omitempty"`

	// Hash algorithm to use (POST URL parameter)
	Urlalgorithm string `json:"urlalgorithm,omitempty"`
}

TransitSignRequest struct for TransitSignRequest

func NewTransitSignRequestWithDefaults ¶ 

func NewTransitSignRequestWithDefaults() *TransitSignRequest

NewTransitSignRequestWithDefaults instantiates a new TransitSignRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitSignWithAlgorithmRequest ¶ 

type TransitSignWithAlgorithmRequest struct {
	// Deprecated: use \"hash_algorithm\" instead.
	Algorithm string `json:"algorithm,omitempty"`

	// Specifies a list of items for processing. When this parameter is set, any supplied 'input' or 'context' parameters will be ignored. Responses are returned in the 'batch_results' array component of the 'data' element of the response. Any batch output will preserve the order of the batch input
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// Base64 encoded context for key derivation. Required if key derivation is enabled; currently only available with ed25519 keys.
	Context string `json:"context,omitempty"`

	// Hash algorithm to use (POST body parameter). Valid values are: * sha1 * sha2-224 * sha2-256 * sha2-384 * sha2-512 * sha3-224 * sha3-256 * sha3-384 * sha3-512 * none Defaults to \"sha2-256\". Not valid for all key types, including ed25519. Using none requires setting prehashed=true and signature_algorithm=pkcs1v15, yielding a PKCSv1_5_NoOID instead of the usual PKCSv1_5_DERnull signature.
	HashAlgorithm string `json:"hash_algorithm,omitempty"`

	// The base64-encoded input data
	Input string `json:"input,omitempty"`

	// The version of the key to use for signing. Must be 0 (for latest) or a value greater than or equal to the min_encryption_version configured on the key.
	KeyVersion int32 `json:"key_version,omitempty"`

	// The method by which to marshal the signature. The default is 'asn1' which is used by openssl and X.509. It can also be set to 'jws' which is used for JWT signatures; setting it to this will also cause the encoding of the signature to be url-safe base64 instead of using standard base64 encoding. Currently only valid for ECDSA P-256 key types\".
	MarshalingAlgorithm string `json:"marshaling_algorithm,omitempty"`

	// Set to 'true' when the input is already hashed. If the key type is 'rsa-2048', 'rsa-3072' or 'rsa-4096', then the algorithm used to hash the input should be indicated by the 'algorithm' parameter.
	Prehashed bool `json:"prehashed,omitempty"`

	// The salt length used to sign. Currently only applies to the RSA PSS signature scheme. Options are 'auto' (the default used by Golang, causing the salt to be as large as possible when signing), 'hash' (causes the salt length to equal the length of the hash used in the signature), or an integer between the minimum and the maximum permissible salt lengths for the given RSA key size. Defaults to 'auto'.
	SaltLength string `json:"salt_length,omitempty"`

	// The signature algorithm to use for signing. Currently only applies to RSA key types. Options are 'pss' or 'pkcs1v15'. Defaults to 'pss'
	SignatureAlgorithm string `json:"signature_algorithm,omitempty"`
}

TransitSignWithAlgorithmRequest struct for TransitSignWithAlgorithmRequest

func NewTransitSignWithAlgorithmRequestWithDefaults ¶ 

func NewTransitSignWithAlgorithmRequestWithDefaults() *TransitSignWithAlgorithmRequest

NewTransitSignWithAlgorithmRequestWithDefaults instantiates a new TransitSignWithAlgorithmRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitTrimKeyRequest ¶ 

type TransitTrimKeyRequest struct {
	// The minimum available version for the key ring. All versions before this version will be permanently deleted. This value can at most be equal to the lesser of 'min_decryption_version' and 'min_encryption_version'. This is not allowed to be set when either 'min_encryption_version' or 'min_decryption_version' is set to zero.
	MinAvailableVersion int32 `json:"min_available_version,omitempty"`
}

TransitTrimKeyRequest struct for TransitTrimKeyRequest

func NewTransitTrimKeyRequestWithDefaults ¶ 

func NewTransitTrimKeyRequestWithDefaults() *TransitTrimKeyRequest

NewTransitTrimKeyRequestWithDefaults instantiates a new TransitTrimKeyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitVerifyRequest ¶ 

type TransitVerifyRequest struct {
	// Deprecated: use \"hash_algorithm\" instead.
	Algorithm string `json:"algorithm,omitempty"`

	// Specifies a list of items for processing. When this parameter is set, any supplied 'input', 'hmac' or 'signature' parameters will be ignored. Responses are returned in the 'batch_results' array component of the 'data' element of the response. Any batch output will preserve the order of the batch input
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// Base64 encoded context for key derivation. Required if key derivation is enabled; currently only available with ed25519 keys.
	Context string `json:"context,omitempty"`

	// Hash algorithm to use (POST body parameter). Valid values are: * sha1 * sha2-224 * sha2-256 * sha2-384 * sha2-512 * sha3-224 * sha3-256 * sha3-384 * sha3-512 * none Defaults to \"sha2-256\". Not valid for all key types. See note about none on signing path.
	HashAlgorithm string `json:"hash_algorithm,omitempty"`

	// The HMAC, including vault header/key version
	Hmac string `json:"hmac,omitempty"`

	// The base64-encoded input data to verify
	Input string `json:"input,omitempty"`

	// The method by which to unmarshal the signature when verifying. The default is 'asn1' which is used by openssl and X.509; can also be set to 'jws' which is used for JWT signatures in which case the signature is also expected to be url-safe base64 encoding instead of standard base64 encoding. Currently only valid for ECDSA P-256 key types\".
	MarshalingAlgorithm string `json:"marshaling_algorithm,omitempty"`

	// Set to 'true' when the input is already hashed. If the key type is 'rsa-2048', 'rsa-3072' or 'rsa-4096', then the algorithm used to hash the input should be indicated by the 'algorithm' parameter.
	Prehashed bool `json:"prehashed,omitempty"`

	// The salt length used to sign. Currently only applies to the RSA PSS signature scheme. Options are 'auto' (the default used by Golang, causing the salt to be as large as possible when signing), 'hash' (causes the salt length to equal the length of the hash used in the signature), or an integer between the minimum and the maximum permissible salt lengths for the given RSA key size. Defaults to 'auto'.
	SaltLength string `json:"salt_length,omitempty"`

	// The signature, including vault header/key version
	Signature string `json:"signature,omitempty"`

	// The signature algorithm to use for signature verification. Currently only applies to RSA key types. Options are 'pss' or 'pkcs1v15'. Defaults to 'pss'
	SignatureAlgorithm string `json:"signature_algorithm,omitempty"`

	// Hash algorithm to use (POST URL parameter)
	Urlalgorithm string `json:"urlalgorithm,omitempty"`
}

TransitVerifyRequest struct for TransitVerifyRequest

func NewTransitVerifyRequestWithDefaults ¶ 

func NewTransitVerifyRequestWithDefaults() *TransitVerifyRequest

NewTransitVerifyRequestWithDefaults instantiates a new TransitVerifyRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type TransitVerifyWithAlgorithmRequest ¶ 

type TransitVerifyWithAlgorithmRequest struct {
	// Deprecated: use \"hash_algorithm\" instead.
	Algorithm string `json:"algorithm,omitempty"`

	// Specifies a list of items for processing. When this parameter is set, any supplied 'input', 'hmac' or 'signature' parameters will be ignored. Responses are returned in the 'batch_results' array component of the 'data' element of the response. Any batch output will preserve the order of the batch input
	BatchInput []map[string]interface{} `json:"batch_input,omitempty"`

	// Base64 encoded context for key derivation. Required if key derivation is enabled; currently only available with ed25519 keys.
	Context string `json:"context,omitempty"`

	// Hash algorithm to use (POST body parameter). Valid values are: * sha1 * sha2-224 * sha2-256 * sha2-384 * sha2-512 * sha3-224 * sha3-256 * sha3-384 * sha3-512 * none Defaults to \"sha2-256\". Not valid for all key types. See note about none on signing path.
	HashAlgorithm string `json:"hash_algorithm,omitempty"`

	// The HMAC, including vault header/key version
	Hmac string `json:"hmac,omitempty"`

	// The base64-encoded input data to verify
	Input string `json:"input,omitempty"`

	// The method by which to unmarshal the signature when verifying. The default is 'asn1' which is used by openssl and X.509; can also be set to 'jws' which is used for JWT signatures in which case the signature is also expected to be url-safe base64 encoding instead of standard base64 encoding. Currently only valid for ECDSA P-256 key types\".
	MarshalingAlgorithm string `json:"marshaling_algorithm,omitempty"`

	// Set to 'true' when the input is already hashed. If the key type is 'rsa-2048', 'rsa-3072' or 'rsa-4096', then the algorithm used to hash the input should be indicated by the 'algorithm' parameter.
	Prehashed bool `json:"prehashed,omitempty"`

	// The salt length used to sign. Currently only applies to the RSA PSS signature scheme. Options are 'auto' (the default used by Golang, causing the salt to be as large as possible when signing), 'hash' (causes the salt length to equal the length of the hash used in the signature), or an integer between the minimum and the maximum permissible salt lengths for the given RSA key size. Defaults to 'auto'.
	SaltLength string `json:"salt_length,omitempty"`

	// The signature, including vault header/key version
	Signature string `json:"signature,omitempty"`

	// The signature algorithm to use for signature verification. Currently only applies to RSA key types. Options are 'pss' or 'pkcs1v15'. Defaults to 'pss'
	SignatureAlgorithm string `json:"signature_algorithm,omitempty"`
}

TransitVerifyWithAlgorithmRequest struct for TransitVerifyWithAlgorithmRequest

func NewTransitVerifyWithAlgorithmRequestWithDefaults ¶ 

func NewTransitVerifyWithAlgorithmRequestWithDefaults() *TransitVerifyWithAlgorithmRequest

NewTransitVerifyWithAlgorithmRequestWithDefaults instantiates a new TransitVerifyWithAlgorithmRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UiHeadersConfigureRequest ¶ added in v0.3.0 

type UiHeadersConfigureRequest struct {
	// Returns multiple values if true
	Multivalue bool `json:"multivalue,omitempty"`

	// The values to set the header.
	Values []string `json:"values,omitempty"`
}

UiHeadersConfigureRequest struct for UiHeadersConfigureRequest

func NewUiHeadersConfigureRequestWithDefaults ¶ added in v0.3.0 

func NewUiHeadersConfigureRequestWithDefaults() *UiHeadersConfigureRequest

NewUiHeadersConfigureRequestWithDefaults instantiates a new UiHeadersConfigureRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UiHeadersListResponse ¶ added in v0.3.0 

type UiHeadersListResponse struct {
	// Lists of configured UI headers. Omitted if list is empty
	Keys []string `json:"keys,omitempty"`
}

UiHeadersListResponse struct for UiHeadersListResponse

func NewUiHeadersListResponseWithDefaults ¶ added in v0.3.0 

func NewUiHeadersListResponseWithDefaults() *UiHeadersListResponse

NewUiHeadersListResponseWithDefaults instantiates a new UiHeadersListResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UiHeadersReadConfigurationResponse ¶ added in v0.3.0 

type UiHeadersReadConfigurationResponse struct {
	// returns the first header value when `multivalue` request parameter is false
	Value string `json:"value,omitempty"`

	// returns all header values when `multivalue` request parameter is true
	Values []string `json:"values,omitempty"`
}

UiHeadersReadConfigurationResponse struct for UiHeadersReadConfigurationResponse

func NewUiHeadersReadConfigurationResponseWithDefaults ¶ added in v0.3.0 

func NewUiHeadersReadConfigurationResponseWithDefaults() *UiHeadersReadConfigurationResponse

NewUiHeadersReadConfigurationResponseWithDefaults instantiates a new UiHeadersReadConfigurationResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UnsealRequest ¶ 

type UnsealRequest struct {
	// Specifies a single unseal key share. This is required unless reset is true.
	Key string `json:"key,omitempty"`

	// Specifies if previously-provided unseal keys are discarded and the unseal process is reset.
	Reset bool `json:"reset,omitempty"`
}

UnsealRequest struct for UnsealRequest

func NewUnsealRequestWithDefaults ¶ 

func NewUnsealRequestWithDefaults() *UnsealRequest

NewUnsealRequestWithDefaults instantiates a new UnsealRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UnsealResponse ¶ added in v0.3.0 

type UnsealResponse struct {
	BuildDate string `json:"build_date,omitempty"`

	ClusterId string `json:"cluster_id,omitempty"`

	ClusterName string `json:"cluster_name,omitempty"`

	HcpLinkResourceID string `json:"hcp_link_resource_ID,omitempty"`

	HcpLinkStatus string `json:"hcp_link_status,omitempty"`

	Initialized bool `json:"initialized,omitempty"`

	Migration bool `json:"migration,omitempty"`

	N int32 `json:"n,omitempty"`

	Nonce string `json:"nonce,omitempty"`

	Progress int32 `json:"progress,omitempty"`

	RecoverySeal bool `json:"recovery_seal,omitempty"`

	Sealed bool `json:"sealed,omitempty"`

	StorageType string `json:"storage_type,omitempty"`

	T int32 `json:"t,omitempty"`

	Type string `json:"type,omitempty"`

	Version string `json:"version,omitempty"`
}

UnsealResponse struct for UnsealResponse

func NewUnsealResponseWithDefaults ¶ added in v0.3.0 

func NewUnsealResponseWithDefaults() *UnsealResponse

NewUnsealResponseWithDefaults instantiates a new UnsealResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UnwrapRequest ¶ added in v0.3.0 

type UnwrapRequest struct {
	Token string `json:"token,omitempty"`
}

UnwrapRequest struct for UnwrapRequest

func NewUnwrapRequestWithDefaults ¶ added in v0.3.0 

func NewUnwrapRequestWithDefaults() *UnwrapRequest

NewUnwrapRequestWithDefaults instantiates a new UnwrapRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UserpassLoginRequest ¶ 

type UserpassLoginRequest struct {
	// Password for this user.
	Password string `json:"password,omitempty"`
}

UserpassLoginRequest struct for UserpassLoginRequest

func NewUserpassLoginRequestWithDefaults ¶ 

func NewUserpassLoginRequestWithDefaults() *UserpassLoginRequest

NewUserpassLoginRequestWithDefaults instantiates a new UserpassLoginRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UserpassResetPasswordRequest ¶ added in v0.3.0 

type UserpassResetPasswordRequest struct {
	// Password for this user.
	Password string `json:"password,omitempty"`
}

UserpassResetPasswordRequest struct for UserpassResetPasswordRequest

func NewUserpassResetPasswordRequestWithDefaults ¶ added in v0.3.0 

func NewUserpassResetPasswordRequestWithDefaults() *UserpassResetPasswordRequest

NewUserpassResetPasswordRequestWithDefaults instantiates a new UserpassResetPasswordRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UserpassUpdatePoliciesRequest ¶ added in v0.3.0 

type UserpassUpdatePoliciesRequest struct {
	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`
}

UserpassUpdatePoliciesRequest struct for UserpassUpdatePoliciesRequest

func NewUserpassUpdatePoliciesRequestWithDefaults ¶ added in v0.3.0 

func NewUserpassUpdatePoliciesRequestWithDefaults() *UserpassUpdatePoliciesRequest

NewUserpassUpdatePoliciesRequestWithDefaults instantiates a new UserpassUpdatePoliciesRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type UserpassWriteUserRequest ¶ 

type UserpassWriteUserRequest struct {
	// Use \"token_bound_cidrs\" instead. If this and \"token_bound_cidrs\" are both specified, only \"token_bound_cidrs\" will be used.
	// Deprecated
	BoundCidrs []string `json:"bound_cidrs,omitempty"`

	// Use \"token_max_ttl\" instead. If this and \"token_max_ttl\" are both specified, only \"token_max_ttl\" will be used.
	// Deprecated
	MaxTtl int32 `json:"max_ttl,omitempty"`

	// Password for this user.
	Password string `json:"password,omitempty"`

	// Use \"token_policies\" instead. If this and \"token_policies\" are both specified, only \"token_policies\" will be used.
	// Deprecated
	Policies []string `json:"policies,omitempty"`

	// Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
	TokenBoundCidrs []string `json:"token_bound_cidrs,omitempty"`

	// If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
	TokenExplicitMaxTtl int32 `json:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime of the generated token
	TokenMaxTtl int32 `json:"token_max_ttl,omitempty"`

	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy bool `json:"token_no_default_policy,omitempty"`

	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses int32 `json:"token_num_uses,omitempty"`

	// If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. \"24h\").
	TokenPeriod int32 `json:"token_period,omitempty"`

	// Comma-separated list of policies
	TokenPolicies []string `json:"token_policies,omitempty"`

	// The initial ttl of the token to generate
	TokenTtl int32 `json:"token_ttl,omitempty"`

	// The type of token to generate, service or batch
	TokenType string `json:"token_type,omitempty"`

	// Use \"token_ttl\" instead. If this and \"token_ttl\" are both specified, only \"token_ttl\" will be used.
	// Deprecated
	Ttl int32 `json:"ttl,omitempty"`
}

UserpassWriteUserRequest struct for UserpassWriteUserRequest

func NewUserpassWriteUserRequestWithDefaults ¶ 

func NewUserpassWriteUserRequestWithDefaults() *UserpassWriteUserRequest

NewUserpassWriteUserRequestWithDefaults instantiates a new UserpassWriteUserRequest object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

type VersionHistoryResponse ¶ added in v0.3.0 

type VersionHistoryResponse struct {
	KeyInfo map[string]interface{} `json:"key_info,omitempty"`

	Keys []string `json:"keys,omitempty"`
}

VersionHistoryResponse struct for VersionHistoryResponse

func NewVersionHistoryResponseWithDefaults ¶ added in v0.3.0 

func NewVersionHistoryResponseWithDefaults() *VersionHistoryResponse

NewVersionHistoryResponseWithDefaults instantiates a new VersionHistoryResponse object This constructor will only assign default values to properties that have it defined, but it doesn't guarantee that properties required by API are set

Source Files ¶

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.