vaultrs/api/sys/
requests.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
use super::responses::{
    AuthResponse, GetConfigurationOfTheSecretEngineResponse, ListPoliciesResponse, MountResponse,
    RandomResponse, ReadHealthResponse, ReadPolicyResponse, StartInitializationResponse,
    UnsealResponse, WrappingLookupResponse,
};
use rustify_derive::Endpoint;
use serde::Serialize;
use serde_json::Value;
use std::collections::HashMap;

/// ## Enable Secrets Engine
/// This endpoint enables a new secrets engine at the given path.
///
/// * Path: sys/mounts/{self.path}
/// * Method: POST
/// * Response: N/A
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/mounts#enable-secrets-engine>

#[derive(Builder, Debug, Default, Endpoint, Serialize)]
#[endpoint(path = "sys/mounts/{self.path}", method = "POST", builder = "true")]
#[builder(setter(into, strip_option), default)]
pub struct EnableEngineRequest {
    #[endpoint(skip)]
    pub path: String,
    #[serde(rename = "type")]
    pub engine_type: Option<String>,
    pub description: Option<String>,
    pub config: Option<EnableEngineDataConfig>,
    pub options: Option<HashMap<String, String>>,
}

#[derive(Clone, Builder, Debug, Default, Serialize)]
#[builder(setter(into, strip_option), default)]
pub struct EnableEngineDataConfig {
    pub default_lease_ttl: Option<String>,
    pub max_lease_ttl: Option<String>,
    pub force_no_cache: Option<bool>,
    pub audit_non_hmac_request_keys: Option<Vec<String>>,
    pub audit_non_hmac_response_keys: Option<Vec<String>>,
    pub listing_visibility: Option<String>,
    pub passthrough_request_headers: Option<Vec<String>>,
    pub allowed_response_headers: Option<Vec<String>>,
}

/// ## Disable Secrets Engine
/// This endpoint disables the mount point specified in the URL.
///
/// * Path: sys/mounts/{self.path}
/// * Method: DELETE
/// * Response: N/A
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/mounts#disable-secrets-engine>

#[derive(Builder, Debug, Default, Endpoint, Serialize)]
#[endpoint(path = "sys/mounts/{self.path}", method = "DELETE", builder = "true")]
#[builder(setter(into, strip_option), default)]
pub struct DisableEngineRequest {
    #[endpoint(skip)]
    pub path: String,
}

/// ## Get the configuration of a secret engine
/// This endpoint returns the configuration of a specific secret engine.
///
/// * Path: sys/mounts/{self.path}
/// * Method: GET
/// * Response: GetConfigurationOfTheSecretEngineResponse
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/mounts#get-the-configuration-of-a-secret-engine>

#[derive(Builder, Debug, Default, Endpoint, Serialize)]
#[endpoint(
    path = "sys/mounts/{self.path}",
    method = "GET",
    builder = "true",
    response = "GetConfigurationOfTheSecretEngineResponse"
)]
#[builder(setter(into, strip_option), default)]
pub struct GetConfigurationOfTheSecretEngineRequest {
    #[endpoint(skip)]
    pub path: String,
}

/// ## List Mounted Secrets Engines
/// This endpoints lists all the mounted secrets engines.
///
/// * Path: sys/mounts
/// * Method: GET
/// * Response: [HashMap<String, MountResponse>]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/mounts#list-mounted-secrets-engines>

#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "sys/mounts",
    response = "HashMap<String, MountResponse>",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct ListMountsRequest {}

/// ## Enable Auth Method
/// This endpoint enables a new auth method.
///
/// * Path: sys/auth/{self.path}
/// * Method: POST
/// * Response: N/A
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/auth#enable-auth-method>

#[derive(Builder, Debug, Default, Endpoint, Serialize)]
#[endpoint(path = "sys/auth/{self.path}", method = "POST", builder = "true")]
#[builder(setter(into, strip_option), default)]
pub struct EnableAuthRequest {
    #[endpoint(skip)]
    pub path: String,
    #[serde(rename = "type")]
    pub engine_type: Option<String>,
    pub description: Option<String>,
    pub config: Option<EnableAuthDataConfig>,
}

#[derive(Clone, Builder, Debug, Default, Serialize)]
#[builder(setter(into, strip_option), default)]
pub struct EnableAuthDataConfig {
    pub default_lease_ttl: Option<String>,
    pub max_lease_ttl: Option<String>,
    pub force_no_cache: Option<bool>,
    pub audit_non_hmac_request_keys: Option<Vec<String>>,
    pub audit_non_hmac_response_keys: Option<Vec<String>>,
    pub listing_visibility: Option<String>,
    pub passthrough_request_headers: Option<Vec<String>>,
    pub allowed_response_headers: Option<Vec<String>>,
}

/// ## List Auth Methods
/// This endpoint lists all enabled auth methods.
///
/// * Path: sys/auth
/// * Method: GET
/// * Response: [HashMap<String, MountResponse>]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/auth#list-auth-methods>

#[derive(Builder, Debug, Default, Endpoint)]
#[endpoint(
    path = "sys/auth",
    response = "HashMap<String, AuthResponse>",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct ListAuthsRequest {}

/// ## Wrapping Unwrap
/// This endpoint returns the original response inside the given wrapping token.
///
/// * Path: /sys/wrapping/unwrap
/// * Method: POST
/// * Response: T
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/wrapping-unwrap#wrapping-unwrap>

#[derive(Builder, Endpoint)]
#[endpoint(path = "/sys/wrapping/unwrap", method = "POST", response = "Value")]
#[builder(setter(into))]
pub struct UnwrapRequest {
    pub token: Option<String>,
}

/// ## Wrapping Lookup
/// This endpoint returns the wrapping token properties.
///
/// * Path: /sys/wrapping/lookup
/// * Method: POST
/// * Response: WrappingLookupResponse
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/wrapping-unwrap#wrapping-unwrap>

#[derive(Builder, Default, Endpoint)]
#[endpoint(
    path = "/sys/wrapping/lookup",
    method = "POST",
    response = "WrappingLookupResponse",
    builder = "true"
)]
#[builder(setter(into), default)]
pub struct WrappingLookupRequest {
    pub token: String,
}

/// ## Read Health Information
/// This endpoint is used to check the health status of Vault.
///
/// * Path: /sys/health
/// * Method: GET
/// * Response: [ReadHealthResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/health#read-health-information>

#[derive(Builder, Default, Endpoint)]
#[endpoint(
    path = "/sys/health",
    response = "ReadHealthResponse",
    builder = "true"
)]
#[builder(setter(into), default)]
pub struct ReadHealthRequest {}

/// ## Start Initialization
///
/// This endpoint initializes a new Vault. The Vault must not have been previously initialized.
/// The recovery options, as well as the stored shares option, are only available when using Auto Unseal.
///
/// * Path: /sys/init
/// * Method: POST
/// * Response: [StartInitializationResponse]
/// * Reference: https://developer.hashicorp.com/vault/api-docs/system/init#start-initialization
#[derive(Builder, Default, Endpoint)]
#[endpoint(
    path = "/sys/init",
    method = "POST",
    response = "StartInitializationResponse",
    builder = "true"
)]
#[builder(setter(into), default)]
pub struct StartInitializationRequest {
    /// Specifies an array of PGP public keys used to encrypt the output unseal keys. Ordering is preserved.
    /// The keys must be base64-encoded from their original binary representation. The size of this array must be the same as secret_shares.
    pgp_keys: Option<Vec<String>>,
    /// Specifies a PGP public key used to encrypt the initial root token. The key must be base64-encoded from its original binary representation.
    root_token_pgp_key: Option<String>,
    /// Specifies the number of shares to split the root key into.
    secret_shares: u64,
    /// Specifies the number of shares required to reconstruct the root key. This must be less than or equal secret_shares.
    secret_threshold: u64,

    /// Additionally, the following options are only supported using Auto Unseal:
    /// Specifies the number of shares that should be encrypted by the HSM and stored for auto-unsealing. Currently must be the same as secret_shares.
    stored_shares: Option<u64>,
    /// Specifies the number of shares to split the recovery key into. This is only available when using Auto Unseal.
    recovery_shares: Option<u64>,
    /// Specifies the number of shares required to reconstruct the recovery key. This must be less than or equal to recovery_shares.
    /// This is only available when using Auto Unseal.
    recovery_threshold: Option<u64>,
    /// Specifies an array of PGP public keys used to encrypt the output recovery keys. Ordering is preserved.
    /// The keys must be base64-encoded from their original binary representation. The size of this array must be the same as recovery_shares. This is only available when using Auto Unseal.
    recovery_pgp_keys: Option<Vec<String>>,
}

/// ## Seal
/// This endpoint seals the Vault.
///
/// * Path: /sys/seal
/// * Method: PUT
/// * Response: N/A
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/seal#seal>

#[derive(Builder, Default, Endpoint)]
#[endpoint(path = "/sys/seal", method = "PUT", builder = "true")]
#[builder(setter(into), default)]
pub struct SealRequest {}

/// ## Unseal
/// This endpoint unseals the Vault.
///
/// * Path: /sys/unseal
/// * Method: PUT
/// * Response: [UnsealResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/unseal>

#[derive(Builder, Default, Endpoint)]
#[endpoint(
    path = "/sys/unseal",
    method = "PUT",
    response = "UnsealResponse",
    builder = "true"
)]
#[builder(setter(into), default)]
pub struct UnsealRequest {
    pub key: Option<String>,
    pub reset: Option<bool>,
    pub migrate: Option<bool>,
}

/// ## List Policies
/// This endpoint lists all configured policies.
///
/// * Path: /sys/policy
/// * Method: GET
/// * Response: [ListPoliciesResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/policy#list-policies>

#[derive(Builder, Default, Endpoint)]
#[endpoint(
    path = "/sys/policy",
    response = "ListPoliciesResponse",
    builder = "true"
)]
#[builder(setter(into), default)]
pub struct ListPoliciesRequest {}

/// ## Read Policy
/// This endpoint retrieve the policy body for the named policy.
///
/// * Path: /sys/policy/{self.name}
/// * Method: GET
/// * Response: [ReadPolicyResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/policy#read-policy>

#[derive(Builder, Default, Endpoint)]
#[endpoint(
    path = "/sys/policy/{self.name}",
    response = "ReadPolicyResponse",
    builder = "true"
)]
#[builder(setter(into), default)]
pub struct ReadPolicyRequest {
    pub name: String,
}

/// ## Create/Update Policy
/// This endpoint adds a new or updates an existing policy.
///
/// * Path: /sys/policy/{self.name}
/// * Method: PUT
/// * Response: N/A
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/policy#create-update-policy>

#[derive(Builder, Default, Endpoint)]
#[endpoint(path = "/sys/policy/{self.name}", method = "PUT", builder = "true")]
#[builder(setter(into), default)]
pub struct CreatePolicyRequest {
    pub name: String,
    pub policy: String,
}

/// ## Delete Policy
/// This endpoint deletes the policy with the given name.
///
/// * Path: /sys/policy/{self.name}
/// * Method: DELETE
/// * Response: N/A
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/policy#delete-policy>

#[derive(Builder, Default, Endpoint)]
#[endpoint(path = "/sys/policy/{self.name}", method = "DELETE", builder = "true")]
#[builder(setter(into), default)]
pub struct DeletePolicyRequest {
    pub name: String,
}

/// ## Generate random bytes
/// This endpoint returns high-quality random bytes of the specified length.
///
/// * Path: /sys/tools/random
/// * Method: POST
/// * Response: [RandomResponse]
/// * Reference: <https://developer.hashicorp.com/vault/api-docs/system/tools#generate-random-bytes>

#[derive(Builder, Default, Endpoint)]
#[endpoint(
    path = "/sys/tools/random",
    method = "POST",
    response = "RandomResponse",
    builder = "true"
)]
#[builder(setter(into, strip_option), default)]
pub struct RandomRequest {
    pub bytes: Option<u64>,
    pub format: Option<String>,
    pub source: Option<String>,
}