vaultrs/api/aws/
requests.rs

1use rustify_derive::Endpoint;
2use std::fmt::Debug;
3
4use super::responses::{
5    GenerateCredentialsResponse, GetConfigurationResponse, ListRolesResponse, ReadLeaseResponse,
6    ReadRoleResponse, RotateRootCredentialsResponse,
7};
8
9/// ## Configure Root IAM Credentials
10///
11/// Configures the root IAM credentials to communicate with AWS.
12///
13/// * Path: {self.mount}/config/root
14/// * Method: POST
15/// * Response: N/A
16/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#configure-root-iam-credentials>
17#[derive(Builder, Debug, Default, Endpoint)]
18#[endpoint(path = "{self.mount}/config/root", method = "POST", builder = "true")]
19#[builder(setter(into, strip_option), default)]
20pub struct SetConfigurationRequest {
21    #[endpoint(skip)]
22    pub mount: String,
23    pub max_retries: Option<i32>,
24    pub access_key: String,
25    pub secret_key: String,
26    pub region: Option<String>,
27    pub iam_endpoint: Option<String>,
28    pub sts_endpoint: Option<String>,
29    pub username_template: Option<String>,
30}
31
32/// ## Read Root Configuration
33///
34/// Read non-secure values that have been configured in the config/root endpoint
35///
36/// * Path: {self.mount}/config/root
37/// * Method: GET
38/// * Response: [GetConfigurationResponse]
39/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-root-configuration>
40#[derive(Builder, Debug, Default, Endpoint)]
41#[endpoint(
42    path = "{self.mount}/config/root",
43    method = "GET",
44    builder = "true",
45    response = "GetConfigurationResponse"
46)]
47#[builder(setter(into, strip_option), default)]
48pub struct GetConfigurationRequest {
49    #[endpoint(skip)]
50    pub mount: String,
51}
52
53/// ## Rotate Root IAM Credentials
54///
55/// When you have configured Vault with static credentials, you can use this endpoint to have Vault rotate the access key it used.
56///
57/// * Path: {self.mount}/config/rotate-root
58/// * Method: GET
59/// * Response: [RotateRootCredentialsResponse]
60/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#rotate-root-iam-credentials>
61#[derive(Builder, Debug, Default, Endpoint)]
62#[endpoint(
63    path = "{self.mount}/config/rotate-root",
64    method = "POST",
65    builder = "true",
66    response = "RotateRootCredentialsResponse"
67)]
68#[builder(setter(into, strip_option), default)]
69pub struct RotateRootCredentialsRequest {
70    #[endpoint(skip)]
71    pub mount: String,
72}
73
74/// ## Configure Lease
75///
76/// Configures lease settings for the AWS secrets engine
77///
78/// * Path: {self.mount}/config/lease
79/// * Method: POST
80/// * Response: N.A.
81/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#configure-lease>
82#[derive(Builder, Debug, Default, Endpoint)]
83#[endpoint(path = "{self.mount}/config/lease", method = "POST", builder = "true")]
84#[builder(setter(into, strip_option), default)]
85pub struct ConfigureLeaseRequest {
86    #[endpoint(skip)]
87    pub mount: String,
88
89    pub lease: String,
90    pub lease_max: String,
91}
92
93/// ## Read Lease
94///
95/// Returns the current lease settings for the AWS secrets engine
96///
97/// * Path: {self.mount}/config/lease
98/// * Method: GET
99/// * Response: [ReadLeaseResponse]
100/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-lease>
101#[derive(Builder, Debug, Default, Endpoint)]
102#[endpoint(
103    path = "{self.mount}/config/lease",
104    method = "GET",
105    response = "ReadLeaseResponse",
106    builder = "true"
107)]
108#[builder(setter(into, strip_option), default)]
109pub struct ReadLeaseRequest {
110    #[endpoint(skip)]
111    pub mount: String,
112}
113
114/// ## Create/Update Role
115///
116/// Creates or updates the role with the given name
117///
118/// * Path: {self.mount}/roles/{self.name}
119/// * Method: POST
120/// * Response: N.A.
121/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#create-update-role>
122#[derive(Builder, Debug, Default, Endpoint)]
123#[endpoint(
124    path = "{self.mount}/roles/{self.name}",
125    method = "POST",
126    builder = "true"
127)]
128#[builder(setter(into, strip_option), default)]
129pub struct CreateUpdateRoleRequest {
130    #[endpoint(skip)]
131    pub mount: String,
132
133    pub name: String,
134    pub credential_type: String,
135    pub role_arns: Option<Vec<String>>,
136    pub policy_arns: Option<Vec<String>>,
137    pub policy_document: String,
138    pub iam_groups: Option<Vec<String>>,
139    pub iam_tags: Option<Vec<String>>,
140    pub default_sts_ttl: Option<u32>,
141    pub max_sts_ttl: Option<u32>,
142    pub user_path: Option<String>,
143    pub permissions_boundary_arn: Option<String>,
144
145    pub policy: Option<String>,
146    pub arn: Option<String>,
147}
148
149/// ## Read Role
150///
151/// Queries an existing role by the given name
152///
153/// * Path: {self.mount}/roles/{self.name}
154/// * Method: GET
155/// * Response: [ReadRoleResponse]
156/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#read-role>
157#[derive(Builder, Debug, Default, Endpoint)]
158#[endpoint(
159    path = "{self.mount}/roles/{self.name}",
160    method = "GET",
161    response = "ReadRoleResponse",
162    builder = "true"
163)]
164#[builder(setter(into, strip_option), default)]
165pub struct ReadRoleRequest {
166    #[endpoint(skip)]
167    pub mount: String,
168
169    pub name: String,
170}
171
172/// ## List Roles
173///
174///  lists all existing roles in the secrets engine
175///
176/// * Path: {self.mount}/roles
177/// * Method: LIST
178/// * Response: [ListRolesResponse]
179/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#list-roles>
180#[derive(Builder, Debug, Default, Endpoint)]
181#[endpoint(
182    path = "{self.mount}/roles",
183    method = "LIST",
184    response = "ListRolesResponse",
185    builder = "true"
186)]
187#[builder(setter(into, strip_option), default)]
188pub struct ListRolesRequest {
189    #[endpoint(skip)]
190    pub mount: String,
191}
192
193/// ## Delete Role
194///
195/// Deletes an existing role by the given name
196///
197/// * Path: {self.mount}/roles/{self.name}
198/// * Method: DELETE
199/// * Response: N.A.
200/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#delete-role>
201#[derive(Builder, Debug, Default, Endpoint)]
202#[endpoint(
203    path = "{self.mount}/roles/{self.name}",
204    method = "DELETE",
205    builder = "true"
206)]
207#[builder(setter(into, strip_option), default)]
208pub struct DeleteRoleRequest {
209    #[endpoint(skip)]
210    pub mount: String,
211    pub name: String,
212}
213
214/// ## Generate Credentials (/aws/creds)
215///
216/// Generates credentials based on the named role using /aws/creds endpoint
217///
218/// * Path: {self.mount}/creds/{self.name}
219/// * Method: GET
220/// * Response: [GenerateCredentialsResponse]
221/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#generate-credentials>
222#[derive(Builder, Debug, Default, Endpoint)]
223#[endpoint(
224    path = "{self.mount}/creds/{self.name}",
225    method = "GET",
226    response = "GenerateCredentialsResponse",
227    builder = "true"
228)]
229#[builder(setter(into, strip_option), default)]
230pub struct GenerateCredentialsRequest {
231    #[endpoint(skip)]
232    pub mount: String,
233    pub name: String,
234    pub role_arn: Option<String>,
235    pub role_session_name: Option<String>,
236    pub ttl: Option<String>,
237}
238
239/// ## Generate Credentials (/aws/sts)
240///
241/// Generates credentials based on the named role using /aws/sts endpoint
242///
243/// * Path: {self.mount}/sts/{self.name}
244/// * Method: POST
245/// * Response: [GenerateCredentialsResponse]
246/// * Reference: <https://developer.hashicorp.com/vault/api-docs/secret/aws#generate-credentials>
247#[derive(Builder, Debug, Default, Endpoint)]
248#[endpoint(
249    path = "{self.mount}/sts/{self.name}",
250    method = "POST",
251    response = "GenerateCredentialsResponse",
252    builder = "true"
253)]
254#[builder(setter(into, strip_option), default)]
255pub struct GenerateCredentialsStsRequest {
256    #[endpoint(skip)]
257    pub mount: String,
258    pub name: String,
259    pub role_arn: Option<String>,
260    pub role_session_name: Option<String>,
261    pub ttl: Option<String>,
262}
vaultrs/api/aws/requests.rs

vaultrs/api/aws/
requests.rs
