vaultrs/api/auth/aws/
requests.rs

1use super::responses::{
2    CreateRoleTagResponse, ListCertificateConfigurationsResponse, ListDenyListTagsResponse,
3    ListIdentityAccessListEntriesResponse, ListRolesResponse, ListStsRolesResponse,
4    ReadCertificateConfigurationResponse, ReadClientConfigurationResponse,
5    ReadIdentityAccessListInformationResponse, ReadIdentityAccessListTidySettingsResponse,
6    ReadIdentityConfigurationResponse, ReadRoleResponse, ReadRoleTagDenyListResponse,
7    ReadRoleTagDenyListTidySettingsResponse, ReadStsRoleResponse, RotateRootCredentialsResponse,
8};
9use rustify_derive::Endpoint;
10use serde::Serialize;
11
12/// ## Configure Client
13/// Configures the credentials required to perform API calls to AWS as well as custom endpoints to talk to AWS APIs.
14///
15/// * Path: /auth/{self.mount}/config/client
16/// * Method: POST
17/// * Response: N/A
18/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#configure-client>
19#[derive(Builder, Debug, Default, Endpoint)]
20#[endpoint(
21    path = "/auth/{self.mount}/config/client",
22    method = "POST",
23    builder = "true"
24)]
25#[builder(setter(into, strip_option), default)]
26pub struct ConfigureClientRequest {
27    #[endpoint(skip)]
28    pub mount: String,
29    pub max_retries: Option<i64>,
30    pub access_key: Option<String>,
31    pub secret_key: Option<String>,
32    pub endpoint: Option<String>,
33    pub iam_endpoint: Option<String>,
34    pub sts_endpoint: Option<String>,
35    pub sts_region: Option<String>,
36    pub iam_server_id_header_value: Option<String>,
37    pub allowed_sts_header_values: Option<String>,
38}
39
40/// ## Read Client Configuration
41/// Returns the previously configured AWS access credentials.
42///
43/// * Path: /auth/{self.mount}/config/client
44/// * Method: GET
45/// * Response: [ReadClientConfigurationResponse]
46/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#read-config>
47#[derive(Builder, Debug, Endpoint)]
48#[endpoint(
49    path = "/auth/{self.mount}/config/client",
50    response = "ReadClientConfigurationResponse",
51    builder = "true"
52)]
53#[builder(setter(into))]
54pub struct ReadClientConfigurationRequest {
55    #[endpoint(skip)]
56    pub mount: String,
57}
58
59/// ## Delete Client Configuration
60/// Deletes the previously configured AWS access credentials.
61///
62/// * Path: /auth/{self.mount}/config/client
63/// * Method: DELETE
64/// * Response: N/A
65/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#delete-config>
66#[derive(Builder, Debug, Endpoint)]
67#[endpoint(
68    path = "/auth/{self.mount}/config/client",
69    method = "DELETE",
70    builder = "true"
71)]
72#[builder(setter(into))]
73pub struct DeleteClientConfigurationRequest {
74    #[endpoint(skip)]
75    pub mount: String,
76}
77
78/// ## Rotate Root Credentials
79/// When you have configured Vault with static credentials, you can use this endpoint to have Vault rotate the access key it used.
80///
81/// * Path: /auth/{self.mount}/config/rotate-root
82/// * Method: POST
83/// * Response: N/A
84/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#rotate-root-credentials>
85#[derive(Builder, Debug, Endpoint)]
86#[endpoint(
87    path = "/auth/{self.mount}/config/rotate-root",
88    method = "POST",
89    response = "RotateRootCredentialsResponse",
90    builder = "true"
91)]
92#[builder(setter(into))]
93pub struct RotateRootCredentialsRequest {
94    #[endpoint(skip)]
95    pub mount: String,
96}
97
98/// ## Configure Identity Integration
99/// This configures the way that Vault interacts with the Identity store.
100///
101/// * Path: /auth/{self.mount}/config/identity
102/// * Method: POST
103/// * Response: N/A
104/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#configure-identity-integration>
105#[derive(Builder, Debug, Default, Endpoint)]
106#[endpoint(
107    path = "/auth/{self.mount}/config/identity",
108    method = "POST",
109    builder = "true"
110)]
111#[builder(setter(into, strip_option), default)]
112pub struct ConfigureIdentityRequest {
113    #[endpoint(skip)]
114    pub mount: String,
115    pub iam_alias: Option<String>,
116    pub iam_metadata: Option<Vec<String>>,
117    pub ec2_alias: Option<String>,
118    pub ec2_metadata: Option<Vec<String>>,
119}
120
121/// ## Read Identity Integration Configuration
122/// Returns the previously configured Identity integration configuration
123///
124/// * Path: /auth/{self.mount}/config/identity
125/// * Method: GET
126/// * Response: [ReadIdentityConfigurationResponse]
127/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#read-identity-integration-configuration>
128#[derive(Builder, Debug, Endpoint)]
129#[endpoint(
130    path = "/auth/{self.mount}/config/identity",
131    response = "ReadIdentityConfigurationResponse",
132    builder = "true"
133)]
134#[builder(setter(into))]
135pub struct ReadIdentityConfigurationRequest {
136    #[endpoint(skip)]
137    pub mount: String,
138}
139
140/// ## Create Certificate Configuration
141/// Registers an AWS public key to be used to verify the instance identity documents.
142///
143/// * Path: /auth/{self.mount}/config/certificate/{self.cert_name}
144/// * Method: GET
145/// * Response: N/A
146/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#create-certificate-configuration>
147#[derive(Builder, Debug, Default, Endpoint, Serialize)]
148#[endpoint(
149    path = "/auth/{self.mount}/config/certificate/{self.cert_name}",
150    method = "POST",
151    builder = "true"
152)]
153#[builder(setter(into, strip_option), default)]
154pub struct CreateCertificateConfigurationRequest {
155    #[endpoint(skip)]
156    pub mount: String,
157    #[endpoint(skip)]
158    pub cert_name: String,
159    pub aws_public_cert: String,
160    #[serde(rename = "type")]
161    pub cert_type: Option<String>,
162}
163
164/// ## Read Certificate Configuration
165/// Returns the previously configured AWS public key.
166///
167/// * Path: /auth/{self.mount}/config/certificate/{self.cert_name}
168/// * Method: GET
169/// * Response: [ReadCertificateConfigurationResponse]
170/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#read-certificate-configuration>
171#[derive(Builder, Debug, Endpoint)]
172#[endpoint(
173    path = "/auth/{self.mount}/config/certificate/{self.cert_name}",
174    response = "ReadCertificateConfigurationResponse",
175    builder = "true"
176)]
177#[builder(setter(into))]
178pub struct ReadCertificateConfigurationRequest {
179    #[endpoint(skip)]
180    pub mount: String,
181    #[endpoint(skip)]
182    pub cert_name: String,
183}
184
185/// ## Delete Certificate Configuration
186/// Removes the previously configured AWS public key.
187///
188/// * Path: /auth/{self.mount}/config/certificate/{self.cert_name}
189/// * Method: DELETE
190/// * Response: N/A
191/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#delete-certificate-configuration>
192#[derive(Builder, Debug, Endpoint)]
193#[endpoint(
194    path = "/auth/{self.mount}/config/certificate/{self.cert_name}",
195    method = "DELETE",
196    builder = "true"
197)]
198#[builder(setter(into))]
199pub struct DeleteCertificateConfigurationRequest {
200    #[endpoint(skip)]
201    pub mount: String,
202    #[endpoint(skip)]
203    pub cert_name: String,
204}
205
206/// ## List Certificate Configurations
207/// Lists all the AWS public certificates that are registered with the method.
208///
209/// * Path: /auth/{self.mount}/config/certificates
210/// * Method: LIST
211/// * Response: [ListCertificateConfigurationsResponse]
212/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#list-certificate-configuration>
213#[derive(Builder, Debug, Endpoint)]
214#[endpoint(
215    path = "/auth/{self.mount}/config/certificates",
216    method = "LIST",
217    response = "ListCertificateConfigurationsResponse",
218    builder = "true"
219)]
220#[builder(setter(into))]
221pub struct ListCertificateConfigurationsRequest {
222    #[endpoint(skip)]
223    pub mount: String,
224}
225
226/// ## Create STS Role
227/// Allows the explicit association of STS roles to satellite AWS accounts (i.e. those which are
228/// not the account in which the Vault server is running.)
229///
230/// * Path: /auth/{self.mount}/config/sts/{self.account_id}
231/// * Method: POST
232/// * Response: N/A
233/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#create-sts-role>
234#[derive(Builder, Debug, Endpoint)]
235#[endpoint(
236    path = "/auth/{self.mount}/config/sts/{self.account_id}",
237    method = "POST",
238    builder = "true"
239)]
240#[builder(setter(into))]
241pub struct CreateStsRoleRequest {
242    #[endpoint(skip)]
243    pub mount: String,
244    #[endpoint(skip)]
245    pub account_id: String,
246    pub sts_role: String,
247}
248
249/// ## Read STS Role
250/// Returns the previously configured STS role.
251///
252/// * Path: /auth/{self.mount}/config/sts/{self.account_id}
253/// * Method: GET
254/// * Response: [ReadStsRoleResponse]
255/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#read-sts-role>
256#[derive(Builder, Debug, Endpoint)]
257#[endpoint(
258    path = "/auth/{self.mount}/config/sts/{self.account_id}",
259    response = "ReadStsRoleResponse",
260    builder = "true"
261)]
262#[builder(setter(into))]
263pub struct ReadStsRoleRequest {
264    #[endpoint(skip)]
265    pub mount: String,
266    #[endpoint(skip)]
267    pub account_id: String,
268}
269
270/// ## List STS Roles
271/// Lists all the AWS Account IDs for which an STS role is registered.
272///
273/// * Path: /auth/{self.mount}/config/sts
274/// * Method: LIST
275/// * Response: [ListStsRolesResponse]
276/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#list-sts-roles>
277#[derive(Builder, Debug, Endpoint)]
278#[endpoint(
279    path = "/auth/{self.mount}/config/sts",
280    method = "LIST",
281    response = "ListStsRolesResponse",
282    builder = "true"
283)]
284#[builder(setter(into))]
285pub struct ListStsRolesRequest {
286    #[endpoint(skip)]
287    pub mount: String,
288}
289
290/// ## Delete STS Role
291/// Deletes a previously configured AWS account/STS role association.
292///
293/// * Path: /auth/{self.mount}/config/sts/{self.account_id}
294/// * Method: DELETE
295/// * Response: N/A
296/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#delete-sts-role>
297#[derive(Builder, Debug, Endpoint)]
298#[endpoint(
299    path = "/auth/{self.mount}/config/sts/{self.account_id}",
300    method = "DELETE",
301    builder = "true"
302)]
303#[builder(setter(into))]
304pub struct DeleteStsRoleRequest {
305    #[endpoint(skip)]
306    pub mount: String,
307    #[endpoint(skip)]
308    pub account_id: String,
309}
310
311/// ## Configure Identity Access List Tidy Operation
312/// Configures the periodic tidying operation of the access listed identity entries.
313///
314/// * Path: /auth/{self.mount}/config/tidy/identity-accesslist
315/// * Method: POST
316/// * Response: N/A
317/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#configure-identity-access-list-tidy-operation>
318#[derive(Builder, Debug, Default, Endpoint)]
319#[endpoint(
320    path = "/auth/{self.mount}/config/tidy/identity-accesslist",
321    method = "POST",
322    builder = "true"
323)]
324#[builder(setter(into, strip_option), default)]
325pub struct ConfigureIdentityAccessListTidyOperationRequest {
326    #[endpoint(skip)]
327    pub mount: String,
328    pub safety_buffer: Option<String>,
329    pub disable_periodic_tidy: Option<bool>,
330}
331
332/// ## Read Identity Access List Tidy Settings
333/// Returns the previously configured periodic access list tidying settings.
334///
335/// * Path: /auth/{self.mount}/config/tidy/identity-accesslist
336/// * Method: GET
337/// * Response: ReadIdentityAccessListTidySettingsResponse
338/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#read-identity-access-list-tidy-settings>
339#[derive(Builder, Debug, Default, Endpoint)]
340#[endpoint(
341    path = "/auth/{self.mount}/config/tidy/identity-accesslist",
342    response = "ReadIdentityAccessListTidySettingsResponse",
343    builder = "true"
344)]
345#[builder(setter(into, strip_option), default)]
346pub struct ReadIdentityAccessListTidySettingsRequest {
347    #[endpoint(skip)]
348    pub mount: String,
349}
350
351/// ## Delete Identity Access List Tidy Settings
352/// Deletes the previously configured periodic access list tidying settings.
353///
354/// * Path: /auth/{self.mount}/config/tidy/identity-accesslist
355/// * Method: DELETE
356/// * Response: N/A
357/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#delete-identity-access-list-tidy-settings>
358#[derive(Builder, Debug, Default, Endpoint)]
359#[endpoint(
360    path = "/auth/{self.mount}/config/tidy/identity-accesslist",
361    method = "DELETE",
362    builder = "true"
363)]
364#[builder(setter(into, strip_option), default)]
365pub struct DeleteIdentityAccessListTidySettingsRequest {
366    #[endpoint(skip)]
367    pub mount: String,
368}
369
370/// ## Configure Role Tag Deny List Tidy Operation
371/// Configures the periodic tidying operation of the deny listed role tag entries.
372///
373/// * Path: /auth/{self.mount}/config/tidy/roletag-denylist
374/// * Method: POST
375/// * Response: N/A
376/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#configure-role-tag-deny-list-tidy-operation>
377#[derive(Builder, Debug, Default, Endpoint)]
378#[endpoint(
379    path = "/auth/{self.mount}/config/tidy/roletag-denylist",
380    method = "POST",
381    builder = "true"
382)]
383#[builder(setter(into, strip_option), default)]
384pub struct ConfigureRoleTagDenyListTidyOperationRequest {
385    #[endpoint(skip)]
386    pub mount: String,
387    pub safety_buffer: Option<String>,
388    pub disable_periodic_tidy: Option<bool>,
389}
390
391/// ## Read Role Tag Deny List Tidy Settings
392/// Returns the previously configured periodic deny list tidying settings.
393///
394/// * Path: /auth/{self.mount}/config/tidy/roletag-denylist
395/// * Method: GET
396/// * Response: ReadRoleTagDebyListTidySettingsResponse
397/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#read-role-tag-deny-list-tidy-settings>
398#[derive(Builder, Debug, Default, Endpoint)]
399#[endpoint(
400    path = "/auth/{self.mount}/config/tidy/roletag-denylist",
401    response = "ReadRoleTagDenyListTidySettingsResponse",
402    builder = "true"
403)]
404#[builder(setter(into, strip_option), default)]
405pub struct ReadRoleTagDenyListTidySettingsRequest {
406    #[endpoint(skip)]
407    pub mount: String,
408}
409
410/// ## Delete Role Tag Deny List Tidy Settings
411/// Deletes the previously configured periodic deny list tidying settings.
412///
413/// * Path: /auth/{self.mount}/config/tidy/roletag-denylist
414/// * Method: DELETE
415/// * Response: N/A
416/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#delete-role-tag-deny-list-tidy-settings>
417#[derive(Builder, Debug, Default, Endpoint)]
418#[endpoint(
419    path = "/auth/{self.mount}/config/tidy/roletag-denylist",
420    method = "DELETE",
421    builder = "true"
422)]
423#[builder(setter(into, strip_option), default)]
424pub struct DeleteRoleTagDenyListTidySettingsRequest {
425    #[endpoint(skip)]
426    pub mount: String,
427}
428
429/// ## Create Role
430/// Registers a role in the method
431///
432/// * Path: /auth/{self.mount}/role/{self.role}
433/// * Method: POST
434/// * Response: [N/A]
435/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#create-role>
436#[derive(Builder, Debug, Default, Endpoint)]
437#[endpoint(
438    path = "/auth/{self.mount}/role/{self.role}",
439    method = "POST",
440    builder = "true"
441)]
442#[builder(setter(into, strip_option), default)]
443pub struct CreateRoleRequest {
444    #[endpoint(skip)]
445    pub mount: String,
446    #[endpoint(skip)]
447    pub role: String,
448    pub auth_type: Option<String>,
449    pub bound_ami_id: Option<Vec<String>>,
450    pub bound_account_id: Option<Vec<String>>,
451    pub bound_region: Option<Vec<String>>,
452    pub bound_vpc_id: Option<Vec<String>>,
453    pub bound_subnet_id: Option<Vec<String>>,
454    pub bound_iam_role_arn: Option<Vec<String>>,
455    pub bound_iam_instance_profile_arn: Option<Vec<String>>,
456    pub bound_ec2_instance_id: Option<Vec<String>>,
457    pub role_tag: Option<String>,
458    pub bound_iam_principal_arn: Option<Vec<String>>,
459    pub inferred_entity_type: Option<String>,
460    pub inferred_aws_region: Option<String>,
461    pub resolve_aws_unique_ids: Option<bool>,
462    pub allow_instance_migration: Option<bool>,
463    pub disallow_reauthentication: Option<bool>,
464    pub token_ttl: Option<i64>,
465    pub token_max_ttl: Option<i64>,
466    pub token_policies: Option<Vec<String>>,
467    pub token_bound_cidrs: Option<Vec<String>>,
468    pub token_explicit_max_ttl: Option<i64>,
469    pub token_no_default_policy: Option<bool>,
470    pub token_num_uses: Option<i64>,
471    pub token_period: Option<i64>,
472    pub token_type: Option<String>,
473}
474
475/// ## Read Role
476/// Returns the previously registered role configuration
477///
478/// * Path: /auth/{self.mount}/role/{self.role}
479/// * Method: GET
480/// * Response: [ReadRoleResponse]
481/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#read-role>
482#[derive(Builder, Debug, Default, Endpoint)]
483#[endpoint(
484    path = "/auth/{self.mount}/role/{self.role}",
485    response = "ReadRoleResponse",
486    builder = "true"
487)]
488#[builder(setter(into, strip_option), default)]
489pub struct ReadRoleRequest {
490    #[endpoint(skip)]
491    pub mount: String,
492    #[endpoint(skip)]
493    pub role: String,
494}
495
496/// ## List Roles
497/// Lists all the roles that are registered with the method
498///
499/// * Path: /auth/{self.mount}/roles
500/// * Method: LIST
501/// * Response: [ListRolesResponse]
502/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#list-roles>
503#[derive(Builder, Debug, Default, Endpoint)]
504#[endpoint(
505    path = "/auth/{self.mount}/roles",
506    method = "LIST",
507    response = "ListRolesResponse",
508    builder = "true"
509)]
510#[builder(setter(into, strip_option), default)]
511pub struct ListRolesRequest {
512    #[endpoint(skip)]
513    pub mount: String,
514}
515
516/// ## Delete Role
517/// Deletes the previously registered role
518///
519/// * Path: /auth/{self.mount}/role/{self.role}
520/// * Method: DELETE
521/// * Response: [N/A]
522/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#delete-role>
523#[derive(Builder, Debug, Default, Endpoint)]
524#[endpoint(
525    path = "/auth/{self.mount}/role/{self.role}",
526    method = "DELETE",
527    builder = "true"
528)]
529#[builder(setter(into, strip_option), default)]
530pub struct DeleteRoleRequest {
531    #[endpoint(skip)]
532    pub mount: String,
533    #[endpoint(skip)]
534    pub role: String,
535}
536
537/// ## Create Role Tags
538/// Creates a role tag on the role, which help in restricting the capabilities
539/// that are set on the role
540///
541/// * Path: /auth/{self.mount}/role/{self.role}/tag
542/// * Method: POST
543/// * Response: [CreateRoleTagResponse]
544/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#create-role-tags>
545#[derive(Builder, Debug, Default, Endpoint)]
546#[endpoint(
547    path = "/auth/{self.mount}/role/{self.role}/tag",
548    method = "POST",
549    response = "CreateRoleTagResponse",
550    builder = "true"
551)]
552#[builder(setter(into, strip_option), default)]
553pub struct CreateRoleTagRequest {
554    #[endpoint(skip)]
555    pub mount: String,
556    #[endpoint(skip)]
557    pub role: String,
558    pub policies: Option<Vec<String>>,
559    pub max_ttl: Option<String>,
560    pub instance_id: Option<String>,
561    pub allow_instance_migration: Option<bool>,
562    pub disallow_reauthentication: Option<bool>,
563}
564
565/// ## Login(IAM method)
566/// This endpoint verifies the pkcs7 signature of the signed GetCallerIdentity request.
567///
568/// * Path: /auth/{self.mount}/login
569/// * Method: POST
570/// * Response: N/A
571/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#login>
572#[derive(Builder, Debug, Default, Endpoint)]
573#[endpoint(path = "/auth/{self.mount}/login", method = "POST", builder = "true")]
574#[builder(setter(into, strip_option), default)]
575pub struct IamLoginRequest {
576    #[endpoint(skip)]
577    pub mount: String,
578    pub role: Option<String>,
579    pub iam_http_request_method: String,
580    pub iam_request_url: String,
581    pub iam_request_body: String,
582    pub iam_request_headers: String,
583}
584
585/// ## Login(EC2 method)
586/// This endpoint verifies the pkcs7 signature of the instance identity document.
587///
588/// * Path: /auth/{self.mount}/login
589/// * Method: POST
590/// * Response: N/A
591/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#login>
592#[derive(Builder, Debug, Default, Endpoint)]
593#[endpoint(path = "/auth/{self.mount}/login", method = "POST", builder = "true")]
594#[builder(setter(into, strip_option), default)]
595pub struct Ec2LoginRequest {
596    #[endpoint(skip)]
597    pub mount: String,
598    pub role: Option<String>,
599    pub nonce: Option<String>,
600    pub identity: String,
601    pub signature: String,
602    pub pkcs7: String,
603}
604
605/// ## Place Role Tags in Deny List
606/// Places a valid role tag in a deny list
607///
608/// * Path: /auth/{self.mount}/roletag-denylist/{self.tag_value}
609/// * Method: POST
610/// * Response: N/A
611/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#place-role-tags-in-deny-list>
612#[derive(Builder, Debug, Default, Endpoint)]
613#[endpoint(
614    path = "/auth/{self.mount}/roletag-denylist/{self.tag_value}",
615    method = "POST",
616    builder = "true"
617)]
618#[builder(setter(into, strip_option), default)]
619pub struct PlaceRoleTagsInDenyListRequest {
620    #[endpoint(skip)]
621    pub mount: String,
622    #[endpoint(skip)]
623    pub tag_value: String,
624}
625
626/// ## Read Role Tag Deny List Information
627/// Returns the deny list entry of a previously deny listed role tag.
628///
629/// * Path: /auth/{self.mount}/roletag-denylist/{self.role_tag}
630/// * Method: GET
631/// * Response: [ReadRoleTagDenyListResponse]
632/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#read-role-tag-deny-list-information>
633#[derive(Builder, Debug, Default, Endpoint)]
634#[endpoint(
635    path = "/auth/{self.mount}/roletag-denylist/{self.tag_value}",
636    response = "ReadRoleTagDenyListResponse",
637    builder = "true"
638)]
639#[builder(setter(into, strip_option), default)]
640pub struct ReadRoleTagDenyListRequest {
641    #[endpoint(skip)]
642    pub mount: String,
643    #[endpoint(skip)]
644    pub tag_value: String,
645}
646
647/// ## List Deny List Tags
648/// Lists all the role tags that are deny listed
649///
650/// * Path: /auth/{self.mount}/roletag-denylist
651/// * Method: LIST
652/// * Response: [ListDenyListTagsResponse]
653/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#list-deny-list-tags>
654#[derive(Builder, Debug, Default, Endpoint)]
655#[endpoint(
656    path = "/auth/{self.mount}/roletag-denylist",
657    method = "LIST",
658    response = "ListDenyListTagsResponse",
659    builder = "true"
660)]
661#[builder(setter(into, strip_option), default)]
662pub struct ListDenyListTagsRequest {
663    #[endpoint(skip)]
664    pub mount: String,
665}
666
667/// ## Delete Deny List Tags
668/// Deletes a deny listed role tag
669///
670/// * Path: /auth/{self.mount}/roletag-denylist/{self.role_tag}
671/// * Method: DELETE
672/// * Response: [N/A]
673/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#delete-deny-list-tags>
674#[derive(Builder, Debug, Default, Endpoint)]
675#[endpoint(
676    path = "/auth/{self.mount}/roletag-denylist/{self.tag_value}",
677    method = "DELETE",
678    builder = "true"
679)]
680#[builder(setter(into, strip_option), default)]
681pub struct DeleteDenyListTagsRequest {
682    #[endpoint(skip)]
683    pub mount: String,
684    #[endpoint(skip)]
685    pub tag_value: String,
686}
687
688/// ## Tidy Deny List Tags
689///
690/// Cleans up the entries in the deny listed based on expiration time on the entry and safety_buffer.
691/// * Path: /auth/{self.mount}/tidy/roletag-denylist
692/// * Method: POST
693/// * Response: N/A
694/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#tidy-deny-list-tags>
695#[derive(Builder, Debug, Default, Endpoint)]
696#[endpoint(
697    path = "/auth/{self.mount}/tidy/roletag-denylist",
698    method = "POST",
699    builder = "true"
700)]
701#[builder(setter(into, strip_option), default)]
702pub struct TidyDenyListTagsRequest {
703    #[endpoint(skip)]
704    pub mount: String,
705    pub safety_buffer: Option<String>,
706}
707
708/// ## Read Identity Access List Information
709/// Returns an entry in the identity access list.
710///
711/// * Path: /auth/{self.mount}/identity-accesslist/{self.instance_id}
712/// * Method: GET
713/// * Response: [ReadIdentityAccessListInformationResponse]
714/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#tidy-deny-list-tags>
715#[derive(Builder, Debug, Default, Endpoint)]
716#[endpoint(
717    path = "/auth/{self.mount}/identity-accesslist/{self.instance_id}",
718    response = "ReadIdentityAccessListInformationResponse",
719    builder = "true"
720)]
721#[builder(setter(into, strip_option), default)]
722pub struct ReadIdentityAccessListInformationRequest {
723    #[endpoint(skip)]
724    pub mount: String,
725    #[endpoint(skip)]
726    pub instance_id: String,
727}
728
729/// ## List Identity Access List Entries
730/// Lists all the instance IDs that are in the access list of successful logins
731///
732/// * Path: /auth/{self.mount}/identity-accesslist
733/// * Method: LIST
734/// * Response: [ListIdentityAccessListEntriesResponse]
735/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#list-identity-access-list-entries>
736#[derive(Builder, Debug, Default, Endpoint)]
737#[endpoint(
738    path = "/auth/{self.mount}/identity-accesslist",
739    method = "LIST",
740    response = "ListIdentityAccessListEntriesResponse",
741    builder = "true"
742)]
743#[builder(setter(into, strip_option), default)]
744pub struct ListIdentityAccessListEntriesRequest {
745    #[endpoint(skip)]
746    pub mount: String,
747}
748
749/// ## Delete Identity Access List Entries
750/// Deletes a cache of the successful login from an instance
751///
752/// * Path: /auth/{self.mount}/identity-accesslist/{self.instance_id}
753/// * Method: DELETE
754/// * Response: [N/A]
755/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#delete-identity-access-list-entries>
756#[derive(Builder, Debug, Default, Endpoint)]
757#[endpoint(
758    path = "/auth/{self.mount}/identity-accesslist/{self.instance_id}",
759    method = "DELETE",
760    builder = "true"
761)]
762#[builder(setter(into, strip_option), default)]
763pub struct DeleteIdentityAccessListEntriesRequest {
764    #[endpoint(skip)]
765    pub mount: String,
766    #[endpoint(skip)]
767    pub instance_id: String,
768}
769
770/// ## Tidy Identity Access List Entries
771/// Cleans up the entries in the access list based on expiration time andsafety_buffer
772///
773/// * Path: /auth/{self.mount}/tidy/identity-accesslist
774/// * Method: POST
775/// * Response: [N/A]
776/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/aws#tidy-identity-access-list-entries>
777#[derive(Builder, Debug, Default, Endpoint)]
778#[endpoint(
779    path = "/auth/{self.mount}/tidy/identity-accesslist",
780    method = "POST",
781    builder = "true"
782)]
783#[builder(setter(into, strip_option), default)]
784pub struct TidyIdentityAccessListEntriesRequest {
785    #[endpoint(skip)]
786    pub mount: String,
787    pub safety_buffer: Option<String>,
788}
vaultrs/api/auth/aws/requests.rs

vaultrs/api/auth/aws/
requests.rs
