vaultrs/api/aws/requests.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262
use rustify_derive::Endpoint;
use std::fmt::Debug;
use super::responses::{
GenerateCredentialsResponse, GetConfigurationResponse, ListRolesResponse, ReadLeaseResponse,
ReadRoleResponse, RotateRootCredentialsResponse,
};
/// ## Configure Root IAM Credentials
///
/// Configures the root IAM credentials to communicate with AWS.
///
/// * Path: {self.mount}/config/root
/// * Method: POST
/// * Response: N/A
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#configure-root-iam-credentials>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(path = "{self.mount}/config/root", method = "POST", builder = "true")]
#[builder(setter(into, strip_option), default)]
pub struct SetConfigurationRequest {
#[endpoint(skip)]
pub mount: String,
pub max_retries: Option<i32>,
pub access_key: String,
pub secret_key: String,
pub region: Option<String>,
pub iam_endpoint: Option<String>,
pub sts_endpoint: Option<String>,
pub username_template: Option<String>,
}
/// ## Read Root Configuration
///
/// Read non-secure values that have been configured in the config/root endpoint
///
/// * Path: {self.mount}/config/root
/// * Method: GET
/// * Response: [GetConfigurationResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-root-configuration>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/config/root",
method = "GET",
builder = "true",
response = "GetConfigurationResponse"
)]
#[builder(setter(into, strip_option), default)]
pub struct GetConfigurationRequest {
#[endpoint(skip)]
pub mount: String,
}
/// ## Rotate Root IAM Credentials
///
/// When you have configured Vault with static credentials, you can use this endpoint to have Vault rotate the access key it used.
///
/// * Path: {self.mount}/config/rotate-root
/// * Method: GET
/// * Response: [RotateRootCredentialsResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#rotate-root-iam-credentials>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/config/rotate-root",
method = "POST",
builder = "true",
response = "RotateRootCredentialsResponse"
)]
#[builder(setter(into, strip_option), default)]
pub struct RotateRootCredentialsRequest {
#[endpoint(skip)]
pub mount: String,
}
/// ## Configure Lease
///
/// Configures lease settings for the AWS secrets engine
///
/// * Path: {self.mount}/config/lease
/// * Method: POST
/// * Response: N.A.
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#configure-lease>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(path = "{self.mount}/config/lease", method = "POST", builder = "true")]
#[builder(setter(into, strip_option), default)]
pub struct ConfigureLeaseRequest {
#[endpoint(skip)]
pub mount: String,
pub lease: String,
pub lease_max: String,
}
/// ## Read Lease
///
/// Returns the current lease settings for the AWS secrets engine
///
/// * Path: {self.mount}/config/lease
/// * Method: GET
/// * Response: [ReadLeaseResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-lease>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/config/lease",
method = "GET",
response = "ReadLeaseResponse",
builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct ReadLeaseRequest {
#[endpoint(skip)]
pub mount: String,
}
/// ## Create/Update Role
///
/// Creates or updates the role with the given name
///
/// * Path: {self.mount}/roles/{self.name}
/// * Method: POST
/// * Response: N.A.
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#create-update-role>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/roles/{self.name}",
method = "POST",
builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct CreateUpdateRoleRequest {
#[endpoint(skip)]
pub mount: String,
pub name: String,
pub credential_type: String,
pub role_arns: Option<Vec<String>>,
pub policy_arns: Option<Vec<String>>,
pub policy_document: String,
pub iam_groups: Option<Vec<String>>,
pub iam_tags: Option<Vec<String>>,
pub default_sts_ttl: Option<u32>,
pub max_sts_ttl: Option<u32>,
pub user_path: Option<String>,
pub permissions_boundary_arn: Option<String>,
pub policy: Option<String>,
pub arn: Option<String>,
}
/// ## Read Role
///
/// Queries an existing role by the given name
///
/// * Path: {self.mount}/roles/{self.name}
/// * Method: GET
/// * Response: [ReadRoleResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-role>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/roles/{self.name}",
method = "GET",
response = "ReadRoleResponse",
builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct ReadRoleRequest {
#[endpoint(skip)]
pub mount: String,
pub name: String,
}
/// ## List Roles
///
/// lists all existing roles in the secrets engine
///
/// * Path: {self.mount}/roles
/// * Method: LIST
/// * Response: [ListRolesResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#list-roles>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/roles",
method = "LIST",
response = "ListRolesResponse",
builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct ListRolesRequest {
#[endpoint(skip)]
pub mount: String,
}
/// ## Delete Role
///
/// Deletes an existing role by the given name
///
/// * Path: {self.mount}/roles/{self.name}
/// * Method: DELETE
/// * Response: N.A.
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#delete-role>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/roles/{self.name}",
method = "DELETE",
builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct DeleteRoleRequest {
#[endpoint(skip)]
pub mount: String,
pub name: String,
}
/// ## Generate Credentials (/aws/creds)
///
/// Generates credentials based on the named role using /aws/creds endpoint
///
/// * Path: {self.mount}/creds/{self.name}
/// * Method: GET
/// * Response: [GenerateCredentialsResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#generate-credentials>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/creds/{self.name}",
method = "GET",
response = "GenerateCredentialsResponse",
builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct GenerateCredentialsRequest {
#[endpoint(skip)]
pub mount: String,
pub name: String,
pub role_arn: Option<String>,
pub role_session_name: Option<String>,
pub ttl: Option<String>,
}
/// ## Generate Credentials (/aws/sts)
///
/// Generates credentials based on the named role using /aws/sts endpoint
///
/// * Path: {self.mount}/sts/{self.name}
/// * Method: POST
/// * Response: [GenerateCredentialsResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#generate-credentials>
#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
path = "{self.mount}/sts/{self.name}",
method = "POST",
response = "GenerateCredentialsResponse",
builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct GenerateCredentialsStsRequest {
#[endpoint(skip)]
pub mount: String,
pub name: String,
pub role_arn: Option<String>,
pub role_session_name: Option<String>,
pub ttl: Option<String>,
}