Sync OpenAPI: Miscellaneous changes from Vault 1.15.0-dev (#163)

* Sync OpenAPI: Miscellaneous changes from Vault 1.15.0-dev Reminder: we are still carrying a local modification to the Vault source tree when generating OpenAPI of ``` go get github.com/hashicorp/vault-plugin-{secrets-{gcp,kv},auth-jwt}@main go mod tidy ``` whilst we wait for those plugins to be updated in the main Vault tree. * Sync further changes from Vault * Sync further changes from Vault
hashicorp · Oct 17, 2023 · cca03b0 · cca03b0
1 parent ea137a2
commit cca03b0
Show file tree

Hide file tree

Showing 51 changed files with 3,309 additions and 103 deletions.
diff --git a/docs/AuthEnableMethodRequest.md b/docs/AuthEnableMethodRequest.md
@@ -10,7 +10,7 @@ Name | Type | Description | Notes
 **Local** | **bool** | Mark the mount as a local mount, which is not replicated and is unaffected by replication. | [optional] [default to false]
 **Options** | **Object** | The options to pass into the backend. Should be a json object with string keys and values. | [optional] 
 **PluginName** | **string** | Name of the auth plugin to use based from the name in the plugin catalog. | [optional] 
-**PluginVersion** | **string** | The semantic version of the plugin to use. | [optional] 
+**PluginVersion** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 **SealWrap** | **bool** | Whether to turn on seal wrapping for the mount. | [optional] [default to false]
 **Type** | **string** | The type of the backend. Example: \&quot;userpass\&quot; | [optional] 
 

diff --git a/docs/AuthTuneConfigurationParametersRequest.md b/docs/AuthTuneConfigurationParametersRequest.md
@@ -13,7 +13,7 @@ Name | Type | Description | Notes
 **MaxLeaseTtl** | **string** | The max lease TTL for this mount. | [optional] 
 **Options** | **Object** | The options to pass into the backend. Should be a json object with string keys and values. | [optional] 
 **PassthroughRequestHeaders** | **List&lt;string&gt;** | A list of headers to whitelist and pass from the request to the plugin. | [optional] 
-**PluginVersion** | **string** | The semantic version of the plugin to use. | [optional] 
+**PluginVersion** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 **TokenType** | **string** | The type of token to issue (service or batch). | [optional] 
 **UserLockoutConfig** | **Object** | The user lockout configuration to pass into the backend. Should be a json object with string keys and values. | [optional] 
 

diff --git a/docs/AwsConfigureClientRequest.md b/docs/AwsConfigureClientRequest.md
@@ -13,6 +13,7 @@ Name | Type | Description | Notes
 **SecretKey** | **string** | AWS Secret Access Key for the account used to make AWS API requests. | [optional] [default to ""]
 **StsEndpoint** | **string** | URL to override the default generated endpoint for making AWS STS API calls. | [optional] [default to ""]
 **StsRegion** | **string** | The region ID for the sts_endpoint, if set. | [optional] [default to ""]
+**UseStsRegionFromClient** | **bool** | Uses the STS region from client requests for making AWS STS API calls. | [optional] [default to false]
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
 
diff --git a/docs/AwsLoginRequest.md b/docs/AwsLoginRequest.md
@@ -4,7 +4,7 @@
 
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
-**IamHttpRequestMethod** | **string** | HTTP method to use for the AWS request when auth_type is iam. This must match what has been signed in the presigned request. Currently, POST is the only supported value | [optional] 
+**IamHttpRequestMethod** | **string** | HTTP method to use for the AWS request when auth_type is iam. This must match what has been signed in the presigned request. | [optional] 
 **IamRequestBody** | **string** | Base64-encoded request body when auth_type is iam. This must match the request body included in the signature. | [optional] 
 **IamRequestHeaders** | **string** | Key/value pairs of headers for use in the sts:GetCallerIdentity HTTP requests headers when auth_type is iam. Can be either a Base64-encoded, JSON-serialized string, or a JSON object of key/value pairs. This must at a minimum include the headers over which AWS has included a signature. | [optional] 
 **IamRequestUrl** | **string** | Base64-encoded full URL against which to make the AWS request when using iam auth_type. | [optional] 

diff --git a/docs/DatabaseWriteStaticRoleRequest.md b/docs/DatabaseWriteStaticRoleRequest.md
@@ -7,8 +7,10 @@ Name | Type | Description | Notes
 **CredentialConfig** | **Object** | The configuration for the given credential_type. | [optional] 
 **CredentialType** | **string** | The type of credential to manage. Options include: &#x27;password&#x27;, &#x27;rsa_private_key&#x27;. Defaults to &#x27;password&#x27;. | [optional] [default to "password"]
 **DbName** | **string** | Name of the database this role acts on. | [optional] 
-**RotationPeriod** | **string** | Period for automatic credential rotation of the given username. Not valid unless used with \&quot;username\&quot;. | [optional] 
+**RotationPeriod** | **string** | Period for automatic credential rotation of the given username. Not valid unless used with \&quot;username\&quot;. Mutually exclusive with \&quot;rotation_schedule.\&quot; | [optional] 
+**RotationSchedule** | **string** | Schedule for automatic credential rotation of the given username. Mutually exclusive with \&quot;rotation_period.\&quot; | [optional] 
 **RotationStatements** | **List&lt;string&gt;** | Specifies the database statements to be executed to rotate the accounts credentials. Not every plugin type will support this functionality. See the plugin&#x27;s API page for more information on support and formatting for this parameter. | [optional] 
+**RotationWindow** | **string** | The window of time in which rotations are allowed to occur starting from a given \&quot;rotation_schedule\&quot;. Requires \&quot;rotation_schedule\&quot; to be specified | [optional] 
 **Username** | **string** | Name of the static user account for Vault to manage. Requires \&quot;rotation_period\&quot; to be specified | [optional] 
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)

diff --git a/docs/MountsEnableSecretsEngineRequest.md b/docs/MountsEnableSecretsEngineRequest.md
@@ -10,7 +10,7 @@ Name | Type | Description | Notes
 **Local** | **bool** | Mark the mount as a local mount, which is not replicated and is unaffected by replication. | [optional] [default to false]
 **Options** | **Object** | The options to pass into the backend. Should be a json object with string keys and values. | [optional] 
 **PluginName** | **string** | Name of the plugin to mount based from the name registered in the plugin catalog. | [optional] 
-**PluginVersion** | **string** | The semantic version of the plugin to use. | [optional] 
+**PluginVersion** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 **SealWrap** | **bool** | Whether to turn on seal wrapping for the mount. | [optional] [default to false]
 **Type** | **string** | The type of the backend. Example: \&quot;passthrough\&quot; | [optional] 
 

diff --git a/docs/MountsReadConfigurationResponse.md b/docs/MountsReadConfigurationResponse.md
@@ -11,7 +11,7 @@ Name | Type | Description | Notes
 **ExternalEntropyAccess** | **bool** |  | [optional] 
 **Local** | **bool** | Mark the mount as a local mount, which is not replicated and is unaffected by replication. | [optional] [default to false]
 **Options** | **Object** | The options to pass into the backend. Should be a json object with string keys and values. | [optional] 
-**PluginVersion** | **string** | The semantic version of the plugin to use. | [optional] 
+**PluginVersion** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 **RunningPluginVersion** | **string** |  | [optional] 
 **RunningSha256** | **string** |  | [optional] 
 **SealWrap** | **bool** | Whether to turn on seal wrapping for the mount. | [optional] [default to false]

diff --git a/docs/MountsReadTuningInformationResponse.md b/docs/MountsReadTuningInformationResponse.md
@@ -16,7 +16,7 @@ Name | Type | Description | Notes
 **MaxLeaseTtl** | **int** | The max lease TTL for this mount. | [optional] 
 **Options** | **Object** | The options to pass into the backend. Should be a json object with string keys and values. | [optional] 
 **PassthroughRequestHeaders** | **List&lt;string&gt;** |  | [optional] 
-**PluginVersion** | **string** | The semantic version of the plugin to use. | [optional] 
+**PluginVersion** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 **TokenType** | **string** | The type of token to issue (service or batch). | [optional] 
 **UserLockoutCounterResetDuration** | **long** |  | [optional] 
 **UserLockoutDisable** | **bool** |  | [optional] 

diff --git a/docs/MountsTuneConfigurationParametersRequest.md b/docs/MountsTuneConfigurationParametersRequest.md
@@ -14,7 +14,7 @@ Name | Type | Description | Notes
 **MaxLeaseTtl** | **string** | The max lease TTL for this mount. | [optional] 
 **Options** | **Object** | The options to pass into the backend. Should be a json object with string keys and values. | [optional] 
 **PassthroughRequestHeaders** | **List&lt;string&gt;** | A list of headers to whitelist and pass from the request to the plugin. | [optional] 
-**PluginVersion** | **string** | The semantic version of the plugin to use. | [optional] 
+**PluginVersion** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 **TokenType** | **string** | The type of token to issue (service or batch). | [optional] 
 **UserLockoutConfig** | **Object** | The user lockout configuration to pass into the backend. Should be a json object with string keys and values. | [optional] 
 

diff --git a/docs/PkiPatchIssuerResponse.md b/docs/PkiPatchIssuerResponse.md
@@ -14,7 +14,7 @@ Name | Type | Description | Notes
 **KeyId** | **string** | Key Id | [optional] 
 **LeafNotAfterBehavior** | **string** | Leaf Not After Behavior | [optional] 
 **ManualChain** | **List&lt;string&gt;** | Manual Chain | [optional] 
-**OcspServers** | **List&lt;string&gt;** | OSCP Servers | [optional] 
+**OcspServers** | **List&lt;string&gt;** | OCSP Servers | [optional] 
 **RevocationSignatureAlgorithm** | **string** | Revocation Signature Alogrithm | [optional] 
 **RevocationTime** | **int** |  | [optional] 
 **RevocationTimeRfc3339** | **string** |  | [optional] 

diff --git a/docs/PkiReadIssuerResponse.md b/docs/PkiReadIssuerResponse.md
@@ -14,7 +14,7 @@ Name | Type | Description | Notes
 **KeyId** | **string** | Key Id | [optional] 
 **LeafNotAfterBehavior** | **string** | Leaf Not After Behavior | [optional] 
 **ManualChain** | **List&lt;string&gt;** | Manual Chain | [optional] 
-**OcspServers** | **List&lt;string&gt;** | OSCP Servers | [optional] 
+**OcspServers** | **List&lt;string&gt;** | OCSP Servers | [optional] 
 **RevocationSignatureAlgorithm** | **string** | Revocation Signature Alogrithm | [optional] 
 **RevocationTime** | **int** |  | [optional] 
 **RevocationTimeRfc3339** | **string** |  | [optional] 

diff --git a/docs/PkiWriteIssuerResponse.md b/docs/PkiWriteIssuerResponse.md
@@ -14,7 +14,7 @@ Name | Type | Description | Notes
 **KeyId** | **string** | Key Id | [optional] 
 **LeafNotAfterBehavior** | **string** | Leaf Not After Behavior | [optional] 
 **ManualChain** | **List&lt;string&gt;** | Manual Chain | [optional] 
-**OcspServers** | **List&lt;string&gt;** | OSCP Servers | [optional] 
+**OcspServers** | **List&lt;string&gt;** | OCSP Servers | [optional] 
 **RevocationSignatureAlgorithm** | **string** | Revocation Signature Alogrithm | [optional] 
 **RevocationTime** | **int** |  | [optional] 
 **RevocationTimeRfc3339** | **string** |  | [optional] 

diff --git a/docs/PluginsCatalogReadPluginConfigurationResponse.md b/docs/PluginsCatalogReadPluginConfigurationResponse.md
@@ -9,8 +9,9 @@ Name | Type | Description | Notes
 **Command** | **string** | The command used to start the plugin. The executable defined in this command must exist in vault&#x27;s plugin directory. | [optional] 
 **DeprecationStatus** | **string** |  | [optional] 
 **Name** | **string** | The name of the plugin | [optional] 
-**Sha256** | **string** | The SHA256 sum of the executable used in the command field. This should be HEX encoded. | [optional] 
-**_Version** | **string** | The semantic version of the plugin to use. | [optional] 
+**OciImage** | **string** | The name of the OCI image to be run, without the tag or SHA256. Must already be present on the machine. | [optional] 
+**Sha256** | **string** | The SHA256 sum of the executable or container to be run. This should be HEX encoded. | [optional] 
+**_Version** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
 
diff --git a/docs/PluginsCatalogReadPluginConfigurationWithTypeResponse.md b/docs/PluginsCatalogReadPluginConfigurationWithTypeResponse.md
@@ -9,8 +9,9 @@ Name | Type | Description | Notes
 **Command** | **string** | The command used to start the plugin. The executable defined in this command must exist in vault&#x27;s plugin directory. | [optional] 
 **DeprecationStatus** | **string** |  | [optional] 
 **Name** | **string** | The name of the plugin | [optional] 
-**Sha256** | **string** | The SHA256 sum of the executable used in the command field. This should be HEX encoded. | [optional] 
-**_Version** | **string** | The semantic version of the plugin to use. | [optional] 
+**OciImage** | **string** | The name of the OCI image to be run, without the tag or SHA256. Must already be present on the machine. | [optional] 
+**Sha256** | **string** | The SHA256 sum of the executable or container to be run. This should be HEX encoded. | [optional] 
+**_Version** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
 
diff --git a/docs/PluginsCatalogRegisterPluginRequest.md b/docs/PluginsCatalogRegisterPluginRequest.md
@@ -7,8 +7,9 @@ Name | Type | Description | Notes
 **Args** | **List&lt;string&gt;** | The args passed to plugin command. | [optional] 
 **Command** | **string** | The command used to start the plugin. The executable defined in this command must exist in vault&#x27;s plugin directory. | [optional] 
 **Env** | **List&lt;string&gt;** | The environment variables passed to plugin command. Each entry is of the form \&quot;key&#x3D;value\&quot;. | [optional] 
-**Sha256** | **string** | The SHA256 sum of the executable used in the command field. This should be HEX encoded. | [optional] 
-**_Version** | **string** | The semantic version of the plugin to use. | [optional] 
+**OciImage** | **string** | The name of the OCI image to be run, without the tag or SHA256. Must already be present on the machine. | [optional] 
+**Sha256** | **string** | The SHA256 sum of the executable or container to be run. This should be HEX encoded. | [optional] 
+**_Version** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
 
diff --git a/docs/PluginsCatalogRegisterPluginWithTypeRequest.md b/docs/PluginsCatalogRegisterPluginWithTypeRequest.md
@@ -7,8 +7,9 @@ Name | Type | Description | Notes
 **Args** | **List&lt;string&gt;** | The args passed to plugin command. | [optional] 
 **Command** | **string** | The command used to start the plugin. The executable defined in this command must exist in vault&#x27;s plugin directory. | [optional] 
 **Env** | **List&lt;string&gt;** | The environment variables passed to plugin command. Each entry is of the form \&quot;key&#x3D;value\&quot;. | [optional] 
-**Sha256** | **string** | The SHA256 sum of the executable used in the command field. This should be HEX encoded. | [optional] 
-**_Version** | **string** | The semantic version of the plugin to use. | [optional] 
+**OciImage** | **string** | The name of the OCI image to be run, without the tag or SHA256. Must already be present on the machine. | [optional] 
+**Sha256** | **string** | The SHA256 sum of the executable or container to be run. This should be HEX encoded. | [optional] 
+**_Version** | **string** | The semantic version of the plugin to use, or image tag if oci_image is provided. | [optional] 
 
 [[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
 
diff --git a/docs/PluginsRuntimesCatalogListPluginsRuntimesResponse.md b/docs/PluginsRuntimesCatalogListPluginsRuntimesResponse.md
@@ -0,0 +1,10 @@
+# Vault.Model.PluginsRuntimesCatalogListPluginsRuntimesResponse
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**Runtimes** | **List&lt;Object&gt;** | List of all plugin runtimes in the catalog | [optional] 
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
diff --git a/docs/PluginsRuntimesCatalogReadPluginRuntimeConfigurationResponse.md b/docs/PluginsRuntimesCatalogReadPluginRuntimeConfigurationResponse.md
@@ -0,0 +1,15 @@
+# Vault.Model.PluginsRuntimesCatalogReadPluginRuntimeConfigurationResponse
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**CgroupParent** | **string** | Optional parent cgroup for the container | [optional] 
+**CpuNanos** | **long** | The limit of runtime CPU in nanos | [optional] 
+**MemoryBytes** | **long** | The limit of runtime memory in bytes | [optional] 
+**Name** | **string** | The name of the plugin runtime | [optional] 
+**OciRuntime** | **string** | The OCI-compatible runtime (default \&quot;runsc\&quot;) | [optional] 
+**Type** | **string** | The type of the plugin runtime | [optional] 
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
diff --git a/docs/PluginsRuntimesCatalogRegisterPluginRuntimeRequest.md b/docs/PluginsRuntimesCatalogRegisterPluginRuntimeRequest.md
@@ -0,0 +1,13 @@
+# Vault.Model.PluginsRuntimesCatalogRegisterPluginRuntimeRequest
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**CgroupParent** | **string** | Optional parent cgroup for the container | [optional] 
+**CpuNanos** | **long** | The limit of runtime CPU in nanos | [optional] 
+**MemoryBytes** | **long** | The limit of runtime memory in bytes | [optional] 
+**OciRuntime** | **string** | The OCI-compatible runtime (default \&quot;runsc\&quot;) | [optional] 
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
diff --git a/docs/RateLimitQuotasReadResponse.md b/docs/RateLimitQuotasReadResponse.md
@@ -5,6 +5,7 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **BlockInterval** | **int** |  | [optional] 
+**Inheritable** | **bool** |  | [optional] 
 **Interval** | **int** |  | [optional] 
 **Name** | **string** |  | [optional] 
 **Path** | **string** |  | [optional] 

diff --git a/docs/RateLimitQuotasWriteRequest.md b/docs/RateLimitQuotasWriteRequest.md
@@ -5,6 +5,7 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **BlockInterval** | **string** | If set, when a client reaches a rate limit threshold, the client will be prohibited from any further requests until after the &#x27;block_interval&#x27; has elapsed. | [optional] 
+**Inheritable** | **bool** | Whether all child namespaces can inherit this namespace quota. | [optional] 
 **Interval** | **string** | The duration to enforce rate limiting for (default &#x27;1s&#x27;). | [optional] 
 **Path** | **string** | Path of the mount or namespace to apply the quota. A blank path configures a global quota. For example namespace1/ adds a quota to a full namespace, namespace1/auth/userpass adds a quota to userpass in namespace1. | [optional] 
 **Rate** | **float** | The maximum number of requests in a given interval to be allowed by the quota rule. The &#x27;rate&#x27; must be positive. | [optional]