vaultrs/api/auth/kubernetes/
requests.rs

1use super::responses::{
2    ListRolesResponse, ReadKubernetesAuthConfigResponse, ReadKubernetesRoleResponse,
3};
4use rustify_derive::Endpoint;
5
6/// ## Configure Kubernetes Auth
7/// Sets backend configuration for the Kubernetes auth mount
8///
9/// * Path: /auth/kubernetes/config
10/// * Method: POST
11/// * Response: N/A
12/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/kubernetes#configure-method>
13#[derive(Builder, Debug, Default, Endpoint)]
14#[endpoint(path = "/auth/{self.mount}/config", method = "POST", builder = "true")]
15#[builder(setter(into, strip_option), default)]
16pub struct ConfigureKubernetesAuthRequest {
17    #[endpoint(skip)]
18    pub mount: String,
19    pub kubernetes_host: String,
20    pub kubernetes_ca_cert: Option<String>,
21    pub pem_keys: Option<Vec<String>>,
22    pub issuer: Option<String>,
23    pub disable_iss_validation: bool,
24    pub disable_local_ca_jwt: bool,
25}
26
27/// ## Read Kubernetes Auth Config
28/// Gets backend configuration for the Kubernetes auth mount
29///
30/// * Path: /auth/kubernetes/config
31/// * Method: GET
32/// * Response: [ReadKubernetesAuthConfigResponse]
33/// * Reference: <https://developer.hashicorp.com/vault/api-docsauth/kubernetes#read-config>
34#[derive(Builder, Debug, Default, Endpoint)]
35#[endpoint(
36    path = "/auth/{self.mount}/config",
37    method = "GET",
38    response = "ReadKubernetesAuthConfigResponse",
39    builder = "true"
40)]
41#[builder(setter(into))]
42pub struct ReadKubernetesAuthConfigRequest {
43    #[endpoint(skip)]
44    pub mount: String,
45}
46
47/// ## Login with Kubernetes
48/// Issues a Vault token based on the presented credentials.
49///
50/// * Path: /auth/kubernetes/login
51/// * Method: POST
52/// * Response: N/A
53/// * Reference: <https://developer.hashicorp.com/vault/api-docsauth/kubernetes#login>
54#[derive(Builder, Debug, Endpoint)]
55#[endpoint(path = "/auth/{self.mount}/login", method = "POST", builder = "true")]
56#[builder(setter(into))]
57pub struct LoginWithKubernetesRequest {
58    #[endpoint(skip)]
59    pub mount: String,
60    pub role: String,
61    pub jwt: String,
62}
63
64/// ## List Roles
65/// Returns a list the existing Kubernetes roles.
66///
67/// * Path: /auth/{self.mount}/role
68/// * Method: LIST
69/// * Response: [ListRolesResponse]
70/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/kubernetes#list-roles>
71#[derive(Builder, Debug, Default, Endpoint)]
72#[endpoint(
73    path = "/auth/{self.mount}/role",
74    method = "LIST",
75    response = "ListRolesResponse",
76    builder = "true"
77)]
78#[builder(setter(into, strip_option), default)]
79pub struct ListRolesRequest {
80    #[endpoint(skip)]
81    pub mount: String,
82}
83
84/// ## Create Kubernetes role
85/// Creates a new Kubernetes Role.
86///
87/// * Path: /auth/{self.mount}/role/{self.name}
88/// * Method: POST
89/// * Response: N/A
90/// * Reference: <https://developer.hashicorp.com/vault/api-docsauth/kubernetes#create-role>
91#[derive(Builder, Debug, Default, Endpoint)]
92#[endpoint(
93    path = "/auth/{self.mount}/role/{self.name}",
94    method = "POST",
95    builder = "true"
96)]
97#[builder(setter(into, strip_option), default)]
98pub struct CreateKubernetesRoleRequest {
99    #[endpoint(skip)]
100    pub mount: String,
101    #[endpoint(skip)]
102    pub name: String,
103    pub bound_service_account_names: Vec<String>,
104    pub bound_service_account_namespaces: Vec<String>,
105    pub audience: Option<String>,
106    pub token_ttl: Option<String>,
107    pub token_max_ttl: Option<String>,
108    pub token_policies: Option<Vec<String>>,
109    pub token_bound_cidrs: Option<Vec<String>>,
110    pub token_explicit_max_ttl: Option<String>,
111    pub token_no_default_policy: Option<bool>,
112    pub token_num_uses: Option<u64>,
113    pub token_period: Option<String>,
114    pub token_type: Option<String>,
115}
116
117/// ## Read AppRole
118/// Reads the properties of an existing Kubernetes role.
119///
120/// * Path: /auth/{self.mount}/role/{self.name}
121/// * Method: GET
122/// * Response: [ReadKubernetesRoleResponse]
123/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/kubernetes#read-role>
124#[derive(Builder, Debug, Default, Endpoint)]
125#[endpoint(
126    path = "/auth/{self.mount}/role/{self.name}",
127    response = "ReadKubernetesRoleResponse",
128    builder = "true"
129)]
130#[builder(setter(into, strip_option), default)]
131pub struct ReadKubernetesRoleRequest {
132    #[endpoint(skip)]
133    pub mount: String,
134    #[endpoint(skip)]
135    pub name: String,
136}
137
138/// ## Delete AppRole
139/// Deletes an existing Kubernetes.
140///
141/// * Path: /auth/{self.mount}/role/{self.name}
142/// * Method: DELETE
143/// * Response: N/A
144/// * Reference: <https://developer.hashicorp.com/vault/api-docs/auth/kubernetes#delete-role>
145#[derive(Builder, Debug, Default, Endpoint)]
146#[endpoint(
147    path = "/auth/{self.mount}/role/{self.name}",
148    method = "DELETE",
149    builder = "true"
150)]
151#[builder(setter(into, strip_option), default)]
152pub struct DeleteKubernetesRoleRequest {
153    #[endpoint(skip)]
154    pub mount: String,
155    #[endpoint(skip)]
156    pub name: String,
157}