[UI] Generated API Client (#29871)

* initial commit of generated api client

* bumps lock file

* changes api client dep from file link to portal in package

* adds ui/api-client to copywrite config header ignore

.copywrite.hcl

@@ -10,6 +10,7 @@ project {
   header_ignore = [
     "helper/pkcs7/**",
     "ui/node_modules/**",
+    "ui/api-client/**",
     "enos/modules/k8s_deploy_vault/raft-config.hcl",
     "plugins/database/postgresql/scram/**",
   ]

ui/api-client/.gitignore

@@ -0,0 +1,4 @@
+wwwroot/*.js
+node_modules
+typings
+dist

ui/api-client/.npmignore

@@ -0,0 +1 @@
+README.md

ui/api-client/.openapi-generator-ignore

@@ -0,0 +1,23 @@
+# OpenAPI Generator Ignore
+# Generated by openapi-generator https://github.com/openapitools/openapi-generator
+
+# Use this file to prevent files from being overwritten by the generator.
+# The patterns follow closely to .gitignore or .dockerignore.
+
+# As an example, the C# client generator defines ApiClient.cs.
+# You can make changes and tell OpenAPI Generator to ignore just this file by uncommenting the following line:
+#ApiClient.cs
+
+# You can match any string of characters against a directory, file or extension with a single asterisk (*):
+#foo/*/qux
+# The above matches foo/bar/qux and foo/baz/qux, but not foo/bar/baz/qux
+
+# You can recursively match patterns against a directory, file or extension with a double asterisk (**):
+#foo/**/qux
+# This matches foo/bar/qux, foo/baz/qux, and foo/bar/baz/qux
+
+# You can also negate patterns with an exclamation (!).
+# For example, you can ignore all files in a docs folder with the file extension .md:
+#docs/*.md
+# Then explicitly reverse the ignore rule for a single file:
+#!docs/README.md

ui/api-client/.openapi-generator/FILES

@@ -0,0 +1,769 @@
+.gitignore
+.npmignore
+README.md
+package.json
+src/apis/AuthApi.ts
+src/apis/IdentityApi.ts
+src/apis/SecretsApi.ts
+src/apis/SystemApi.ts
+src/apis/index.ts
+src/index.ts
+src/models/AliCloudConfigureRequest.ts
+src/models/AliCloudLoginRequest.ts
+src/models/AliCloudWriteAuthRoleRequest.ts
+src/models/AliCloudWriteRoleRequest.ts
+src/models/AliasCreateRequest.ts
+src/models/AliasUpdateByIdRequest.ts
+src/models/AppRoleDestroySecretIdByAccessorRequest.ts
+src/models/AppRoleDestroySecretIdRequest.ts
+src/models/AppRoleLoginRequest.ts
+src/models/AppRoleLoginResponse.ts
+src/models/AppRoleLookUpSecretIdByAccessorRequest.ts
+src/models/AppRoleLookUpSecretIdByAccessorResponse.ts
+src/models/AppRoleLookUpSecretIdRequest.ts
+src/models/AppRoleLookUpSecretIdResponse.ts
+src/models/AppRoleReadBindSecretIdResponse.ts
+src/models/AppRoleReadBoundCidrListResponse.ts
+src/models/AppRoleReadLocalSecretIdsResponse.ts
+src/models/AppRoleReadPeriodResponse.ts
+src/models/AppRoleReadPoliciesResponse.ts
+src/models/AppRoleReadRoleIdResponse.ts
+src/models/AppRoleReadRoleResponse.ts
+src/models/AppRoleReadSecretIdBoundCidrsResponse.ts
+src/models/AppRoleReadSecretIdNumUsesResponse.ts
+src/models/AppRoleReadSecretIdTtlResponse.ts
+src/models/AppRoleReadTokenBoundCidrsResponse.ts
+src/models/AppRoleReadTokenMaxTtlResponse.ts
+src/models/AppRoleReadTokenNumUsesResponse.ts
+src/models/AppRoleReadTokenTtlResponse.ts
+src/models/AppRoleWriteBindSecretIdRequest.ts
+src/models/AppRoleWriteBoundCidrListRequest.ts
+src/models/AppRoleWriteCustomSecretIdRequest.ts
+src/models/AppRoleWriteCustomSecretIdResponse.ts
+src/models/AppRoleWritePeriodRequest.ts
+src/models/AppRoleWritePoliciesRequest.ts
+src/models/AppRoleWriteRoleIdRequest.ts
+src/models/AppRoleWriteRoleRequest.ts
+src/models/AppRoleWriteSecretIdBoundCidrsRequest.ts
+src/models/AppRoleWriteSecretIdNumUsesRequest.ts
+src/models/AppRoleWriteSecretIdRequest.ts
+src/models/AppRoleWriteSecretIdResponse.ts
+src/models/AppRoleWriteSecretIdTtlRequest.ts
+src/models/AppRoleWriteTokenBoundCidrsRequest.ts
+src/models/AppRoleWriteTokenMaxTtlRequest.ts
+src/models/AppRoleWriteTokenNumUsesRequest.ts
+src/models/AppRoleWriteTokenTtlRequest.ts
+src/models/AuditingCalculateHashRequest.ts
+src/models/AuditingCalculateHashResponse.ts
+src/models/AuditingEnableDeviceRequest.ts
+src/models/AuditingEnableRequestHeaderRequest.ts
+src/models/AuditingListRequestHeadersResponse.ts
+src/models/AuthEnableMethodRequest.ts
+src/models/AuthReadConfigurationResponse.ts
+src/models/AuthReadTuningInformationResponse.ts
+src/models/AuthTuneConfigurationParametersRequest.ts
+src/models/AwsConfigureCertificateRequest.ts
+src/models/AwsConfigureClientRequest.ts
+src/models/AwsConfigureIdentityAccessListTidyOperationRequest.ts
+src/models/AwsConfigureIdentityIntegrationRequest.ts
+src/models/AwsConfigureIdentityWhitelistTidyOperationRequest.ts
+src/models/AwsConfigureLeaseRequest.ts
+src/models/AwsConfigureRoleTagBlacklistTidyOperationRequest.ts
+src/models/AwsConfigureRoleTagDenyListTidyOperationRequest.ts
+src/models/AwsConfigureRootIamCredentialsRequest.ts
+src/models/AwsGenerateCredentialsWithParametersRequest.ts
+src/models/AwsGenerateStsCredentialsWithParametersRequest.ts
+src/models/AwsLoginRequest.ts
+src/models/AwsReadStaticCredsNameResponse.ts
+src/models/AwsReadStaticRolesNameResponse.ts
+src/models/AwsTidyIdentityAccessListRequest.ts
+src/models/AwsTidyIdentityWhitelistRequest.ts
+src/models/AwsTidyRoleTagBlacklistRequest.ts
+src/models/AwsTidyRoleTagDenyListRequest.ts
+src/models/AwsWriteAuthRoleRequest.ts
+src/models/AwsWriteRoleRequest.ts
+src/models/AwsWriteRoleTagRequest.ts
+src/models/AwsWriteStaticRolesNameRequest.ts
+src/models/AwsWriteStaticRolesNameResponse.ts
+src/models/AwsWriteStsRoleRequest.ts
+src/models/AzureConfigureAuthRequest.ts
+src/models/AzureConfigureRequest.ts
+src/models/AzureLoginRequest.ts
+src/models/AzureWriteAuthRoleRequest.ts
+src/models/AzureWriteRoleRequest.ts
+src/models/CertConfigureRequest.ts
+src/models/CertLoginRequest.ts
+src/models/CertWriteCertificateRequest.ts
+src/models/CertWriteCrlRequest.ts
+src/models/CloudFoundryConfigureRequest.ts
+src/models/CloudFoundryLoginRequest.ts
+src/models/CloudFoundryWriteRoleRequest.ts
+src/models/CollectHostInformationResponse.ts
+src/models/ConsulConfigureAccessRequest.ts
+src/models/ConsulWriteRoleRequest.ts
+src/models/CorsConfigureRequest.ts
+src/models/CorsReadConfigurationResponse.ts
+src/models/CreateCustomMessageRequest.ts
+src/models/DatabaseConfigureConnectionRequest.ts
+src/models/DatabaseWriteRoleRequest.ts
+src/models/DatabaseWriteStaticRoleRequest.ts
+src/models/DecodeTokenRequest.ts
+src/models/EncryptionKeyConfigureRotationRequest.ts
+src/models/EncryptionKeyReadRotationConfigurationResponse.ts
+src/models/EntitiesCreateDuplicatesRequest.ts
+src/models/EntityAliasCreateDuplicatesRequest.ts
+src/models/EntityAliasesCreateDuplicatesRequest.ts
+src/models/EntityBatchDeleteRequest.ts
+src/models/EntityCreateAliasRequest.ts
+src/models/EntityCreateRequest.ts
+src/models/EntityLookUpRequest.ts
+src/models/EntityMergeRequest.ts
+src/models/EntityUpdateAliasByIdRequest.ts
+src/models/EntityUpdateByIdRequest.ts
+src/models/EntityUpdateByNameRequest.ts
+src/models/GenerateHashRequest.ts
+src/models/GenerateHashResponse.ts
+src/models/GenerateHashWithAlgorithmRequest.ts
+src/models/GenerateHashWithAlgorithmResponse.ts
+src/models/GenerateRandomRequest.ts
+src/models/GenerateRandomResponse.ts
+src/models/GenerateRandomWithBytesRequest.ts
+src/models/GenerateRandomWithBytesResponse.ts
+src/models/GenerateRandomWithSourceAndBytesRequest.ts
+src/models/GenerateRandomWithSourceAndBytesResponse.ts
+src/models/GenerateRandomWithSourceRequest.ts
+src/models/GenerateRandomWithSourceResponse.ts
+src/models/GithubConfigureRequest.ts
+src/models/GithubLoginRequest.ts
+src/models/GithubWriteTeamMappingRequest.ts
+src/models/GithubWriteUserMappingRequest.ts
+src/models/GoogleCloudConfigureAuthRequest.ts
+src/models/GoogleCloudConfigureRequest.ts
+src/models/GoogleCloudEditLabelsForRoleRequest.ts
+src/models/GoogleCloudEditServiceAccountsForRoleRequest.ts
+src/models/GoogleCloudGenerateRolesetKey3Request.ts
+src/models/GoogleCloudGenerateRolesetKeyRequest.ts
+src/models/GoogleCloudGenerateStaticAccountKeyRequest.ts
+src/models/GoogleCloudKmsConfigureKeyRequest.ts
+src/models/GoogleCloudKmsConfigureRequest.ts
+src/models/GoogleCloudKmsDecryptRequest.ts
+src/models/GoogleCloudKmsEncryptRequest.ts
+src/models/GoogleCloudKmsReencryptRequest.ts
+src/models/GoogleCloudKmsRegisterKeyRequest.ts
+src/models/GoogleCloudKmsSignRequest.ts
+src/models/GoogleCloudKmsVerifyRequest.ts
+src/models/GoogleCloudKmsWriteKeyRequest.ts
+src/models/GoogleCloudLoginRequest.ts
+src/models/GoogleCloudWriteImpersonatedAccountRequest.ts
+src/models/GoogleCloudWriteRoleRequest.ts
+src/models/GoogleCloudWriteRolesetRequest.ts
+src/models/GoogleCloudWriteStaticAccountRequest.ts
+src/models/GroupCreateAliasRequest.ts
+src/models/GroupCreateRequest.ts
+src/models/GroupLookUpRequest.ts
+src/models/GroupUpdateAliasByIdRequest.ts
+src/models/GroupUpdateByIdRequest.ts
+src/models/GroupUpdateByNameRequest.ts
+src/models/GroupsCreateDuplicatesRequest.ts
+src/models/HaStatusResponse.ts
+src/models/InitializeRequest.ts
+src/models/InternalClientActivityConfigureRequest.ts
+src/models/InternalCountEntitiesResponse.ts
+src/models/InternalCountTokensResponse.ts
+src/models/InternalGenerateOpenApiDocumentWithParametersRequest.ts
+src/models/InternalUiListEnabledFeatureFlagsResponse.ts
+src/models/InternalUiListEnabledVisibleMountsResponse.ts
+src/models/InternalUiListNamespacesResponse.ts
+src/models/InternalUiReadAuthenticatedActiveCustomMessagesResponse.ts
+src/models/InternalUiReadMountInformationResponse.ts
+src/models/InternalUiReadResultantAclResponse.ts
+src/models/InternalUiReadUnauthenticatedActiveCustomMessagesResponse.ts
+src/models/JwtConfigureRequest.ts
+src/models/JwtLoginRequest.ts
+src/models/JwtOidcCallbackFormPostRequest.ts
+src/models/JwtOidcRequestAuthorizationUrlRequest.ts
+src/models/JwtWriteRoleRequest.ts
+src/models/KerberosConfigureLdapRequest.ts
+src/models/KerberosConfigureRequest.ts
+src/models/KerberosLoginRequest.ts
+src/models/KerberosWriteGroupRequest.ts
+src/models/KubernetesConfigureAuthRequest.ts
+src/models/KubernetesConfigureRequest.ts
+src/models/KubernetesGenerateCredentialsRequest.ts
+src/models/KubernetesLoginRequest.ts
+src/models/KubernetesWriteAuthRoleRequest.ts
+src/models/KubernetesWriteRoleRequest.ts
+src/models/KvV2ConfigureRequest.ts
+src/models/KvV2DeleteVersionsRequest.ts
+src/models/KvV2DestroyVersionsRequest.ts
+src/models/KvV2PatchResponse.ts
+src/models/KvV2ReadConfigurationResponse.ts
+src/models/KvV2ReadMetadataResponse.ts
+src/models/KvV2ReadResponse.ts
+src/models/KvV2ReadSubkeysResponse.ts
+src/models/KvV2UndeleteVersionsRequest.ts
+src/models/KvV2WriteMetadataRequest.ts
+src/models/KvV2WriteRequest.ts
+src/models/KvV2WriteResponse.ts
+src/models/LdapConfigureAuthRequest.ts
+src/models/LdapConfigureRequest.ts
+src/models/LdapLibraryCheckInRequest.ts
+src/models/LdapLibraryCheckOutRequest.ts
+src/models/LdapLibraryConfigureRequest.ts
+src/models/LdapLibraryForceCheckInRequest.ts
+src/models/LdapLoginRequest.ts
+src/models/LdapRotateStaticRoleRequest.ts
+src/models/LdapWriteDynamicRoleRequest.ts
+src/models/LdapWriteGroupRequest.ts
+src/models/LdapWriteStaticRoleRequest.ts
+src/models/LdapWriteUserRequest.ts
+src/models/LeaderStatusResponse.ts
+src/models/LeasesCountResponse.ts
+src/models/LeasesListResponse.ts
+src/models/LeasesLookUpResponse.ts
+src/models/LeasesReadLeaseRequest.ts
+src/models/LeasesReadLeaseResponse.ts
+src/models/LeasesRenewLease2Request.ts
+src/models/LeasesRenewLeaseRequest.ts
+src/models/LeasesRenewLeaseWithId2Request.ts
+src/models/LeasesRenewLeaseWithIdRequest.ts
+src/models/LeasesRevokeLease2Request.ts
+src/models/LeasesRevokeLeaseRequest.ts
+src/models/LeasesRevokeLeaseWithId2Request.ts
+src/models/LeasesRevokeLeaseWithIdRequest.ts
+src/models/LeasesRevokeLeaseWithPrefix2Request.ts
+src/models/LeasesRevokeLeaseWithPrefixRequest.ts
+src/models/LoggersUpdateVerbosityLevelForRequest.ts
+src/models/LoggersUpdateVerbosityLevelRequest.ts
+src/models/MfaAdminDestroyTotpSecretRequest.ts
+src/models/MfaAdminGenerateTotpSecretRequest.ts
+src/models/MfaCreateDuoMethodRequest.ts
+src/models/MfaCreateOktaMethodRequest.ts
+src/models/MfaCreatePingIdMethodRequest.ts
+src/models/MfaCreateTotpMethodRequest.ts
+src/models/MfaGenerateTotpSecretRequest.ts
+src/models/MfaUpdateDuoMethodRequest.ts
+src/models/MfaUpdateOktaMethodRequest.ts
+src/models/MfaUpdatePingIdMethodRequest.ts
+src/models/MfaUpdateTotpMethodRequest.ts
+src/models/MfaValidateRequest.ts
+src/models/MfaWriteLoginEnforcementRequest.ts
+src/models/MongoDbAtlasConfigureRequest.ts
+src/models/MongoDbAtlasWriteRoleRequest.ts
+src/models/MountsEnableSecretsEngineRequest.ts
+src/models/MountsReadConfigurationResponse.ts
+src/models/MountsReadTuningInformationResponse.ts
+src/models/MountsTuneConfigurationParametersRequest.ts
+src/models/NomadConfigureAccessRequest.ts
+src/models/NomadConfigureLeaseRequest.ts
+src/models/NomadWriteRoleRequest.ts
+src/models/OciConfigureRequest.ts
+src/models/OciLoginRequest.ts
+src/models/OciWriteRoleRequest.ts
+src/models/OidcConfigureRequest.ts
+src/models/OidcIntrospectRequest.ts
+src/models/OidcProviderAuthorizeWithParametersRequest.ts
+src/models/OidcProviderTokenRequest.ts
+src/models/OidcRotateKeyRequest.ts
+src/models/OidcWriteAssignmentRequest.ts
+src/models/OidcWriteClientRequest.ts
+src/models/OidcWriteKeyRequest.ts
+src/models/OidcWriteProviderRequest.ts
+src/models/OidcWriteRoleRequest.ts
+src/models/OidcWriteScopeRequest.ts
+src/models/OktaConfigureRequest.ts
+src/models/OktaLoginRequest.ts
+src/models/OktaWriteGroupRequest.ts
+src/models/OktaWriteUserRequest.ts
+src/models/PersonaCreateRequest.ts
+src/models/PersonaUpdateByIdRequest.ts
+src/models/PkiConfigureAcmeRequest.ts
+src/models/PkiConfigureAutoTidyRequest.ts
+src/models/PkiConfigureAutoTidyResponse.ts
+src/models/PkiConfigureCaRequest.ts
+src/models/PkiConfigureCaResponse.ts
+src/models/PkiConfigureClusterRequest.ts
+src/models/PkiConfigureClusterResponse.ts
+src/models/PkiConfigureCmpRequest.ts
+src/models/PkiConfigureCrlRequest.ts
+src/models/PkiConfigureCrlResponse.ts
+src/models/PkiConfigureEstRequest.ts
+src/models/PkiConfigureExternalPolicyRequest.ts
+src/models/PkiConfigureExternalPolicyResponse.ts
+src/models/PkiConfigureIssuersRequest.ts
+src/models/PkiConfigureIssuersResponse.ts
+src/models/PkiConfigureKeysRequest.ts
+src/models/PkiConfigureKeysResponse.ts
+src/models/PkiConfigureScepRequest.ts
+src/models/PkiConfigureUrlsRequest.ts
+src/models/PkiConfigureUrlsResponse.ts
+src/models/PkiCrossSignIntermediateRequest.ts
+src/models/PkiCrossSignIntermediateResponse.ts
+src/models/PkiGenerateEabKeyForIssuerAndRoleResponse.ts
+src/models/PkiGenerateEabKeyForIssuerResponse.ts
+src/models/PkiGenerateEabKeyForRoleResponse.ts
+src/models/PkiGenerateEabKeyResponse.ts
+src/models/PkiGenerateExportedKeyRequest.ts
+src/models/PkiGenerateExportedKeyResponse.ts
+src/models/PkiGenerateIntermediateRequest.ts
+src/models/PkiGenerateIntermediateResponse.ts
+src/models/PkiGenerateInternalKeyRequest.ts
+src/models/PkiGenerateInternalKeyResponse.ts
+src/models/PkiGenerateKmsKeyRequest.ts
+src/models/PkiGenerateKmsKeyResponse.ts
+src/models/PkiGenerateRootRequest.ts
+src/models/PkiGenerateRootResponse.ts
+src/models/PkiImportKeyRequest.ts
+src/models/PkiImportKeyResponse.ts
+src/models/PkiIssueWithRoleRequest.ts
+src/models/PkiIssueWithRoleResponse.ts
+src/models/PkiIssuerIssueWithRoleRequest.ts
+src/models/PkiIssuerIssueWithRoleResponse.ts
+src/models/PkiIssuerReadCrlDeltaDerResponse.ts
+src/models/PkiIssuerReadCrlDeltaPemResponse.ts
+src/models/PkiIssuerReadCrlDeltaResponse.ts
+src/models/PkiIssuerReadCrlDerResponse.ts
+src/models/PkiIssuerReadCrlPemResponse.ts
+src/models/PkiIssuerReadCrlResponse.ts
+src/models/PkiIssuerReadUnifiedCrlDeltaDerResponse.ts
+src/models/PkiIssuerReadUnifiedCrlDeltaPemResponse.ts
+src/models/PkiIssuerReadUnifiedCrlDeltaResponse.ts
+src/models/PkiIssuerReadUnifiedCrlDerResponse.ts
+src/models/PkiIssuerReadUnifiedCrlPemResponse.ts
+src/models/PkiIssuerReadUnifiedCrlResponse.ts
+src/models/PkiIssuerResignCrlsRequest.ts
+src/models/PkiIssuerResignCrlsResponse.ts
+src/models/PkiIssuerSignIntermediateRequest.ts
+src/models/PkiIssuerSignIntermediateResponse.ts
+src/models/PkiIssuerSignRevocationListRequest.ts
+src/models/PkiIssuerSignRevocationListResponse.ts
+src/models/PkiIssuerSignSelfIssuedRequest.ts
+src/models/PkiIssuerSignSelfIssuedResponse.ts
+src/models/PkiIssuerSignVerbatimRequest.ts
+src/models/PkiIssuerSignVerbatimResponse.ts
+src/models/PkiIssuerSignVerbatimWithRoleRequest.ts
+src/models/PkiIssuerSignVerbatimWithRoleResponse.ts
+src/models/PkiIssuerSignWithRoleRequest.ts
+src/models/PkiIssuerSignWithRoleResponse.ts
+src/models/PkiIssuersGenerateIntermediateRequest.ts
+src/models/PkiIssuersGenerateIntermediateResponse.ts
+src/models/PkiIssuersGenerateRootRequest.ts
+src/models/PkiIssuersGenerateRootResponse.ts
+src/models/PkiIssuersImportBundleRequest.ts
+src/models/PkiIssuersImportBundleResponse.ts
+src/models/PkiIssuersImportCertRequest.ts
+src/models/PkiIssuersImportCertResponse.ts
+src/models/PkiListEabKeysResponse.ts
+src/models/PkiListIssuersResponse.ts
+src/models/PkiListKeysResponse.ts
+src/models/PkiListUnifiedRevokedCertsResponse.ts
+src/models/PkiPatchIssuerResponse.ts
+src/models/PkiPatchRoleResponse.ts
+src/models/PkiReadAutoTidyConfigurationResponse.ts
+src/models/PkiReadCaChainPemResponse.ts
+src/models/PkiReadCaDerResponse.ts
+src/models/PkiReadCaPemResponse.ts
+src/models/PkiReadCertCaChainResponse.ts
+src/models/PkiReadCertCrlResponse.ts
+src/models/PkiReadCertDeltaCrlResponse.ts
+src/models/PkiReadCertMetadataResponse.ts
+src/models/PkiReadCertRawDerResponse.ts
+src/models/PkiReadCertRawPemResponse.ts
+src/models/PkiReadCertResponse.ts
+src/models/PkiReadCertUnifiedCrlResponse.ts
+src/models/PkiReadCertUnifiedDeltaCrlResponse.ts
+src/models/PkiReadClusterConfigurationResponse.ts
+src/models/PkiReadCrlConfigurationResponse.ts
+src/models/PkiReadCrlDeltaPemResponse.ts
+src/models/PkiReadCrlDeltaResponse.ts
+src/models/PkiReadCrlDerResponse.ts
+src/models/PkiReadCrlPemResponse.ts
+src/models/PkiReadIssuerDerResponse.ts
+src/models/PkiReadIssuerJsonResponse.ts
+src/models/PkiReadIssuerPemResponse.ts
+src/models/PkiReadIssuerResponse.ts
+src/models/PkiReadIssuersConfigurationResponse.ts
+src/models/PkiReadKeyResponse.ts
+src/models/PkiReadKeysConfigurationResponse.ts
+src/models/PkiReadRoleResponse.ts
+src/models/PkiReadUrlsConfigurationResponse.ts
+src/models/PkiReplaceRootRequest.ts
+src/models/PkiReplaceRootResponse.ts
+src/models/PkiRevokeIssuerResponse.ts
+src/models/PkiRevokeRequest.ts
+src/models/PkiRevokeResponse.ts
+src/models/PkiRevokeWithKeyRequest.ts
+src/models/PkiRevokeWithKeyResponse.ts
+src/models/PkiRootSignIntermediateRequest.ts
+src/models/PkiRootSignIntermediateResponse.ts
+src/models/PkiRootSignSelfIssuedRequest.ts
+src/models/PkiRootSignSelfIssuedResponse.ts
+src/models/PkiRotateCrlResponse.ts
+src/models/PkiRotateDeltaCrlResponse.ts
+src/models/PkiRotateRootRequest.ts
+src/models/PkiRotateRootResponse.ts
+src/models/PkiSetSignedIntermediateRequest.ts
+src/models/PkiSetSignedIntermediateResponse.ts
+src/models/PkiSignVerbatimRequest.ts
+src/models/PkiSignVerbatimResponse.ts
+src/models/PkiSignVerbatimWithRoleRequest.ts
+src/models/PkiSignVerbatimWithRoleResponse.ts
+src/models/PkiSignWithRoleRequest.ts
+src/models/PkiSignWithRoleResponse.ts
+src/models/PkiTidyCancelResponse.ts
+src/models/PkiTidyRequest.ts
+src/models/PkiTidyStatusResponse.ts
+src/models/PkiWriteAcmeAccountKidRequest.ts
+src/models/PkiWriteAcmeAuthorizationAuthIdRequest.ts
+src/models/PkiWriteAcmeChallengeAuthIdChallengeTypeRequest.ts
+src/models/PkiWriteAcmeKeyIdRequest.ts
+src/models/PkiWriteAcmeNewAccountRequest.ts
+src/models/PkiWriteAcmeNewOrderRequest.ts
+src/models/PkiWriteAcmeOrderOrderIdCertRequest.ts
+src/models/PkiWriteAcmeOrderOrderIdFinalizeRequest.ts
+src/models/PkiWriteAcmeOrderOrderIdRequest.ts
+src/models/PkiWriteAcmeOrdersRequest.ts
+src/models/PkiWriteAcmeRevokeCertRequest.ts
+src/models/PkiWriteExternalPolicyAcmeAccountKidRequest.ts
+src/models/PkiWriteExternalPolicyAcmeAuthorizationAuthIdRequest.ts
+src/models/PkiWriteExternalPolicyAcmeChallengeAuthIdChallengeTypeRequest.ts
+src/models/PkiWriteExternalPolicyAcmeNewAccountRequest.ts
+src/models/PkiWriteExternalPolicyAcmeNewOrderRequest.ts
+src/models/PkiWriteExternalPolicyAcmeOrderOrderIdCertRequest.ts
+src/models/PkiWriteExternalPolicyAcmeOrderOrderIdFinalizeRequest.ts
+src/models/PkiWriteExternalPolicyAcmeOrderOrderIdRequest.ts
+src/models/PkiWriteExternalPolicyAcmeOrdersRequest.ts
+src/models/PkiWriteExternalPolicyAcmeRevokeCertRequest.ts
+src/models/PkiWriteExternalPolicyIssuePolicyRequest.ts
+src/models/PkiWriteExternalPolicyIssuePolicyResponse.ts
+src/models/PkiWriteExternalPolicyIssueRequest.ts
+src/models/PkiWriteExternalPolicyIssueResponse.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeAccountKidRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeAuthorizationAuthIdRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeChallengeAuthIdChallengeTypeRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeNewAccountRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeNewOrderRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeOrderOrderIdCertRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeOrderOrderIdFinalizeRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeOrderOrderIdRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeOrdersRequest.ts
+src/models/PkiWriteExternalPolicyPolicyAcmeRevokeCertRequest.ts
+src/models/PkiWriteExternalPolicySignIntermediatePolicyRequest.ts
+src/models/PkiWriteExternalPolicySignIntermediatePolicyResponse.ts
+src/models/PkiWriteExternalPolicySignIntermediateRequest.ts
+src/models/PkiWriteExternalPolicySignIntermediateResponse.ts
+src/models/PkiWriteExternalPolicySignPolicyRequest.ts
+src/models/PkiWriteExternalPolicySignPolicyResponse.ts
+src/models/PkiWriteExternalPolicySignRequest.ts
+src/models/PkiWriteExternalPolicySignResponse.ts
+src/models/PkiWriteIssuerIssuerRefAcmeAccountKidRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeAuthorizationAuthIdRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeChallengeAuthIdChallengeTypeRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeNewAccountRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeNewOrderRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeOrderOrderIdCertRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeOrderOrderIdFinalizeRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeOrderOrderIdRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeOrdersRequest.ts
+src/models/PkiWriteIssuerIssuerRefAcmeRevokeCertRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeAccountKidRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeAuthorizationAuthIdRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeChallengeAuthIdChallengeTypeRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeNewAccountRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeNewOrderRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeOrderOrderIdCertRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeOrderOrderIdFinalizeRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeOrderOrderIdRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeOrdersRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyAcmeRevokeCertRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyIssuePolicyRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyIssuePolicyResponse.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyIssueRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyIssueResponse.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeAccountKidRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeAuthorizationAuthIdRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeChallengeAuthIdChallengeTypeRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeNewAccountRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeNewOrderRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeOrderOrderIdCertRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeOrderOrderIdFinalizeRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeOrderOrderIdRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeOrdersRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicyPolicyAcmeRevokeCertRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicySignIntermediatePolicyRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicySignIntermediatePolicyResponse.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicySignIntermediateRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicySignIntermediateResponse.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicySignPolicyRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicySignPolicyResponse.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicySignRequest.ts
+src/models/PkiWriteIssuerIssuerRefExternalPolicySignResponse.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeAccountKidRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeAuthorizationAuthIdRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeChallengeAuthIdChallengeTypeRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeNewAccountRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeNewOrderRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdCertRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdFinalizeRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeOrderOrderIdRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeOrdersRequest.ts
+src/models/PkiWriteIssuerIssuerRefRolesRoleAcmeRevokeCertRequest.ts
+src/models/PkiWriteIssuerRequest.ts
+src/models/PkiWriteIssuerResponse.ts
+src/models/PkiWriteKeyRequest.ts
+src/models/PkiWriteKeyResponse.ts
+src/models/PkiWriteRoleRequest.ts
+src/models/PkiWriteRoleResponse.ts
+src/models/PkiWriteRolesRoleAcmeAccountKidRequest.ts
+src/models/PkiWriteRolesRoleAcmeAuthorizationAuthIdRequest.ts
+src/models/PkiWriteRolesRoleAcmeChallengeAuthIdChallengeTypeRequest.ts
+src/models/PkiWriteRolesRoleAcmeNewAccountRequest.ts
+src/models/PkiWriteRolesRoleAcmeNewOrderRequest.ts
+src/models/PkiWriteRolesRoleAcmeOrderOrderIdCertRequest.ts
+src/models/PkiWriteRolesRoleAcmeOrderOrderIdFinalizeRequest.ts
+src/models/PkiWriteRolesRoleAcmeOrderOrderIdRequest.ts
+src/models/PkiWriteRolesRoleAcmeOrdersRequest.ts
+src/models/PkiWriteRolesRoleAcmeRevokeCertRequest.ts
+src/models/PluginsCatalogListPluginsResponse.ts
+src/models/PluginsCatalogListPluginsWithTypeResponse.ts
+src/models/PluginsCatalogPinsCreatePinnedVersionRequest.ts
+src/models/PluginsCatalogPinsListPinnedVersionsResponse.ts
+src/models/PluginsCatalogPinsReadPinnedVersionResponse.ts
+src/models/PluginsCatalogReadPluginConfigurationResponse.ts
+src/models/PluginsCatalogReadPluginConfigurationWithTypeResponse.ts
+src/models/PluginsCatalogRegisterPluginRequest.ts
+src/models/PluginsCatalogRegisterPluginWithTypeRequest.ts
+src/models/PluginsReloadBackendsRequest.ts
+src/models/PluginsReloadBackendsResponse.ts
+src/models/PluginsRuntimesCatalogListPluginsRuntimesResponse.ts
+src/models/PluginsRuntimesCatalogReadPluginRuntimeConfigurationResponse.ts
+src/models/PluginsRuntimesCatalogRegisterPluginRuntimeRequest.ts
+src/models/PoliciesGeneratePasswordFromPasswordPolicyResponse.ts
+src/models/PoliciesListAclPolicies2Response.ts
+src/models/PoliciesListAclPolicies3Response.ts
+src/models/PoliciesListAclPoliciesResponse.ts
+src/models/PoliciesReadAclPolicy2Response.ts
+src/models/PoliciesReadAclPolicyResponse.ts
+src/models/PoliciesReadPasswordPolicyResponse.ts
+src/models/PoliciesWriteAclPolicy2Request.ts
+src/models/PoliciesWriteAclPolicyRequest.ts
+src/models/PoliciesWritePasswordPolicyRequest.ts
+src/models/QueryTokenAccessorCapabilitiesRequest.ts
+src/models/QueryTokenCapabilitiesRequest.ts
+src/models/QueryTokenSelfCapabilitiesRequest.ts
+src/models/RabbitMqConfigureConnectionRequest.ts
+src/models/RabbitMqConfigureLeaseRequest.ts
+src/models/RabbitMqWriteRoleRequest.ts
+src/models/RadiusConfigureRequest.ts
+src/models/RadiusLoginRequest.ts
+src/models/RadiusLoginWithUsernameRequest.ts
+src/models/RadiusWriteUserRequest.ts
+src/models/RateLimitQuotasConfigureRequest.ts
+src/models/RateLimitQuotasReadConfigurationResponse.ts
+src/models/RateLimitQuotasReadResponse.ts
+src/models/RateLimitQuotasWriteRequest.ts
+src/models/RawReadResponse.ts
+src/models/RawWriteRequest.ts
+src/models/ReadWrappingProperties2Response.ts
+src/models/ReadWrappingPropertiesRequest.ts
+src/models/ReadWrappingPropertiesResponse.ts
+src/models/RekeyAttemptInitializeRequest.ts
+src/models/RekeyAttemptInitializeResponse.ts
+src/models/RekeyAttemptReadProgressResponse.ts
+src/models/RekeyAttemptUpdateRequest.ts
+src/models/RekeyAttemptUpdateResponse.ts
+src/models/RekeyReadBackupKeyResponse.ts
+src/models/RekeyReadBackupRecoveryKeyResponse.ts
+src/models/RekeyVerificationCancelResponse.ts
+src/models/RekeyVerificationReadProgressResponse.ts
+src/models/RekeyVerificationUpdateRequest.ts
+src/models/RekeyVerificationUpdateResponse.ts
+src/models/ReloadPluginsRequest.ts
+src/models/ReloadPluginsResponse.ts
+src/models/RemountRequest.ts
+src/models/RemountResponse.ts
+src/models/RemountStatusResponse.ts
+src/models/RewrapRequest.ts
+src/models/RootTokenGenerationInitialize2Request.ts
+src/models/RootTokenGenerationInitialize2Response.ts
+src/models/RootTokenGenerationInitializeRequest.ts
+src/models/RootTokenGenerationInitializeResponse.ts
+src/models/RootTokenGenerationReadProgress2Response.ts
+src/models/RootTokenGenerationReadProgressResponse.ts
+src/models/RootTokenGenerationUpdateRequest.ts
+src/models/RootTokenGenerationUpdateResponse.ts
+src/models/SealStatusResponse.ts
+src/models/SshConfigureCaRequest.ts
+src/models/SshConfigureZeroAddressRequest.ts
+src/models/SshGenerateCredentialsRequest.ts
+src/models/SshIssueCertificateRequest.ts
+src/models/SshListRolesByIpRequest.ts
+src/models/SshSignCertificateRequest.ts
+src/models/SshVerifyOtpRequest.ts
+src/models/SshWriteRoleRequest.ts
+src/models/StandardListResponse.ts
+src/models/SubscriptionsCreateResponse.ts
+src/models/SubscriptionsListEventsSubscriptionsResponse.ts
+src/models/SubscriptionsReadEventsSubscriptionsResponse.ts
+src/models/SubscriptionsWriteEventsSubscriptionsRequest.ts
+src/models/SubscriptionsWriteEventsSubscriptionsResponse.ts
+src/models/SystemDeleteSyncConfigResponse.ts
+src/models/SystemDeleteSyncGithubAppsNameResponse.ts
+src/models/SystemListSyncAssociationsResponse.ts
+src/models/SystemListSyncDestinationsResponse.ts
+src/models/SystemListSyncDestinationsTypeResponse.ts
+src/models/SystemListSyncGithubAppsResponse.ts
+src/models/SystemPatchSyncConfigResponse.ts
+src/models/SystemPatchSyncDestinationsAwsSmNameResponse.ts
+src/models/SystemPatchSyncDestinationsAzureKvNameResponse.ts
+src/models/SystemPatchSyncDestinationsGcpSmNameResponse.ts
+src/models/SystemPatchSyncDestinationsGhNameResponse.ts
+src/models/SystemPatchSyncDestinationsInMemNameResponse.ts
+src/models/SystemPatchSyncDestinationsVercelProjectNameResponse.ts
+src/models/SystemReadConfigGroupPolicyApplicationResponse.ts
+src/models/SystemReadSyncAssociationsDestinationsResponse.ts
+src/models/SystemReadSyncAssociationsMountSecretNameResponse.ts
+src/models/SystemReadSyncConfigResponse.ts
+src/models/SystemReadSyncDestinationsAwsSmNameResponse.ts
+src/models/SystemReadSyncDestinationsAzureKvNameResponse.ts
+src/models/SystemReadSyncDestinationsGcpSmNameResponse.ts
+src/models/SystemReadSyncDestinationsGhNameResponse.ts
+src/models/SystemReadSyncDestinationsInMemNameResponse.ts
+src/models/SystemReadSyncDestinationsTypeNameAssociationsResponse.ts
+src/models/SystemReadSyncDestinationsVercelProjectNameResponse.ts
+src/models/SystemReadSyncGithubAppsNameResponse.ts
+src/models/SystemWriteConfigControlGroupRequest.ts
+src/models/SystemWriteConfigGroupPolicyApplicationRequest.ts
+src/models/SystemWriteControlGroupAuthorizeRequest.ts
+src/models/SystemWriteControlGroupRequestRequest.ts
+src/models/SystemWriteInternalCountersActivityWriteRequest.ts
+src/models/SystemWriteManagedKeysTypeNameRequest.ts
+src/models/SystemWriteManagedKeysTypeNameTestSignRequest.ts
+src/models/SystemWriteMfaMethodDuoNameRequest.ts
+src/models/SystemWriteMfaMethodOktaNameRequest.ts
+src/models/SystemWriteMfaMethodPingidNameRequest.ts
+src/models/SystemWriteMfaMethodTotpNameAdminDestroyRequest.ts
+src/models/SystemWriteMfaMethodTotpNameAdminGenerateRequest.ts
+src/models/SystemWriteMfaMethodTotpNameRequest.ts
+src/models/SystemWriteNamespacesApiLockUnlockPathRequest.ts
+src/models/SystemWriteNamespacesApiLockUnlockRequest.ts
+src/models/SystemWriteNamespacesPathRequest.ts
+src/models/SystemWritePoliciesEgpNameRequest.ts
+src/models/SystemWritePoliciesRgpNameRequest.ts
+src/models/SystemWriteQuotasLeaseCountNameRequest.ts
+src/models/SystemWriteReplicationDrPrimaryEnableRequest.ts
+src/models/SystemWriteReplicationDrPrimaryRevokeSecondaryRequest.ts
+src/models/SystemWriteReplicationDrPrimarySecondaryTokenRequest.ts
+src/models/SystemWriteReplicationDrSecondaryDisableRequest.ts
+src/models/SystemWriteReplicationDrSecondaryEnableRequest.ts
+src/models/SystemWriteReplicationDrSecondaryMerkleCheckRequest.ts
+src/models/SystemWriteReplicationDrSecondaryOperationTokenDeleteRequest.ts
+src/models/SystemWriteReplicationDrSecondaryPromoteRequest.ts
+src/models/SystemWriteReplicationDrSecondaryRecoverRequest.ts
+src/models/SystemWriteReplicationDrSecondaryReindexRequest.ts
+src/models/SystemWriteReplicationDrSecondaryUpdatePrimaryRequest.ts
+src/models/SystemWriteReplicationForceCorruptionRequest.ts
+src/models/SystemWriteReplicationPerformancePrimaryEnableRequest.ts
+src/models/SystemWriteReplicationPerformancePrimaryPathsFilterIdRequest.ts
+src/models/SystemWriteReplicationPerformancePrimaryRevokeSecondaryRequest.ts
+src/models/SystemWriteReplicationPerformancePrimarySecondaryTokenRequest.ts
+src/models/SystemWriteReplicationPerformanceSecondaryEnableRequest.ts
+src/models/SystemWriteReplicationPerformanceSecondaryPromoteRequest.ts
+src/models/SystemWriteReplicationPerformanceSecondaryUpdatePrimaryRequest.ts
+src/models/SystemWriteReplicationPrimaryEnableRequest.ts
+src/models/SystemWriteReplicationPrimaryRevokeSecondaryRequest.ts
+src/models/SystemWriteReplicationPrimarySecondaryTokenRequest.ts
+src/models/SystemWriteReplicationReindexRequest.ts
+src/models/SystemWriteReplicationSecondaryEnableRequest.ts
+src/models/SystemWriteReplicationSecondaryPromoteRequest.ts
+src/models/SystemWriteReplicationSecondaryUpdatePrimaryRequest.ts
+src/models/SystemWriteStorageRaftSnapshotAutoConfigNameRequest.ts
+src/models/SystemWriteSyncDestinationsAwsSmNameRequest.ts
+src/models/SystemWriteSyncDestinationsAwsSmNameResponse.ts
+src/models/SystemWriteSyncDestinationsAzureKvNameRequest.ts
+src/models/SystemWriteSyncDestinationsAzureKvNameResponse.ts
+src/models/SystemWriteSyncDestinationsGcpSmNameRequest.ts
+src/models/SystemWriteSyncDestinationsGcpSmNameResponse.ts
+src/models/SystemWriteSyncDestinationsGhNameRequest.ts
+src/models/SystemWriteSyncDestinationsGhNameResponse.ts
+src/models/SystemWriteSyncDestinationsInMemNameRequest.ts
+src/models/SystemWriteSyncDestinationsInMemNameResponse.ts
+src/models/SystemWriteSyncDestinationsTypeNameAssociationsRemoveRequest.ts
+src/models/SystemWriteSyncDestinationsTypeNameAssociationsRemoveResponse.ts
+src/models/SystemWriteSyncDestinationsTypeNameAssociationsSetRequest.ts
+src/models/SystemWriteSyncDestinationsTypeNameAssociationsSetResponse.ts
+src/models/SystemWriteSyncDestinationsVercelProjectNameRequest.ts
+src/models/SystemWriteSyncDestinationsVercelProjectNameResponse.ts
+src/models/SystemWriteSyncGithubAppsNameRequest.ts
+src/models/SystemWriteSyncGithubAppsNameResponse.ts
+src/models/SystemWriteUtilizationRequest.ts
+src/models/SystemWriteUtilizationResponse.ts
+src/models/TerraformCloudConfigureRequest.ts
+src/models/TerraformCloudWriteRoleRequest.ts
+src/models/TokenCreateAgainstRoleRequest.ts
+src/models/TokenCreateOrphanRequest.ts
+src/models/TokenCreateRequest.ts
+src/models/TokenLookUpAccessorRequest.ts
+src/models/TokenLookUpRequest.ts
+src/models/TokenLookUpSelf2Request.ts
+src/models/TokenRenewAccessorRequest.ts
+src/models/TokenRenewRequest.ts
+src/models/TokenRenewSelfRequest.ts
+src/models/TokenRevokeAccessorRequest.ts
+src/models/TokenRevokeOrphanRequest.ts
+src/models/TokenRevokeRequest.ts
+src/models/TokenWriteRoleRequest.ts
+src/models/TotpCreateKeyRequest.ts
+src/models/TotpValidateCodeRequest.ts
+src/models/TransitConfigureCacheRequest.ts
+src/models/TransitConfigureKeyRequest.ts
+src/models/TransitConfigureKeysRequest.ts
+src/models/TransitCreateKeyRequest.ts
+src/models/TransitDecryptRequest.ts
+src/models/TransitEncryptRequest.ts
+src/models/TransitGenerateCmacRequest.ts
+src/models/TransitGenerateCmacWithMacLengthRequest.ts
+src/models/TransitGenerateCsrForKeyRequest.ts
+src/models/TransitGenerateDataKeyRequest.ts
+src/models/TransitGenerateHmacRequest.ts
+src/models/TransitGenerateHmacWithAlgorithmRequest.ts
+src/models/TransitGenerateRandomRequest.ts
+src/models/TransitGenerateRandomWithBytesRequest.ts
+src/models/TransitGenerateRandomWithSourceAndBytesRequest.ts
+src/models/TransitGenerateRandomWithSourceRequest.ts
+src/models/TransitHashRequest.ts
+src/models/TransitHashWithAlgorithmRequest.ts
+src/models/TransitImportKeyRequest.ts
+src/models/TransitImportKeyVersionRequest.ts
+src/models/TransitRestoreAndRenameKeyRequest.ts
+src/models/TransitRestoreKeyRequest.ts
+src/models/TransitRewrapRequest.ts
+src/models/TransitRotateKeyRequest.ts
+src/models/TransitSetCertificateForKeyRequest.ts
+src/models/TransitSignRequest.ts
+src/models/TransitSignWithAlgorithmRequest.ts
+src/models/TransitTrimKeyRequest.ts
+src/models/TransitVerifyRequest.ts
+src/models/TransitVerifyWithAlgorithmRequest.ts
+src/models/UiConfigDeleteCustomMessageResponse.ts
+src/models/UiConfigReadCustomMessageResponse.ts
+src/models/UiConfigUpdateCustomMessageRequest.ts
+src/models/UiConfigUpdateCustomMessageResponse.ts
+src/models/UiHeadersConfigureRequest.ts
+src/models/UiHeadersListResponse.ts
+src/models/UiHeadersReadConfigurationResponse.ts
+src/models/UnsealRequest.ts
+src/models/UnsealResponse.ts
+src/models/UnwrapRequest.ts
+src/models/UserpassLoginRequest.ts
+src/models/UserpassResetPasswordRequest.ts
+src/models/UserpassUpdatePoliciesRequest.ts
+src/models/UserpassWriteUserRequest.ts
+src/models/VersionHistoryResponse.ts
+src/models/WellKnownListLabels2Response.ts
+src/models/WellKnownListLabelsResponse.ts
+src/models/WellKnownReadLabelResponse.ts
+src/models/index.ts
+src/runtime.ts
+tsconfig.esm.json
+tsconfig.json

ui/api-client/.openapi-generator/VERSION

@@ -0,0 +1 @@
+7.12.0

ui/api-client/README.md

@@ -0,0 +1,46 @@
+## @hashicorp/vault-client-typescript@0.0.0
+
+This generator creates TypeScript/JavaScript client that utilizes [Fetch API](https://fetch.spec.whatwg.org/). The generated Node module can be used in the following environments:
+
+Environment
+* Node.js
+* Webpack
+* Browserify
+
+Language level
+* ES5 - you must have a Promises/A+ library installed
+* ES6
+
+Module system
+* CommonJS
+* ES6 module system
+
+It can be used in both TypeScript and JavaScript. In TypeScript, the definition will be automatically resolved via `package.json`. ([Reference](https://www.typescriptlang.org/docs/handbook/declaration-files/consumption.html))
+
+### Building
+
+To build and compile the typescript sources to javascript use:
+```
+npm install
+npm run build
+```
+
+### Publishing
+
+First build the package then run `npm publish`
+
+### Consuming
+
+navigate to the folder of your consuming project and run one of the following commands.
+
+_published:_
+
+```
+npm install @hashicorp/vault-client-typescript@0.0.0 --save
+```
+
+_unPublished (not recommended):_
+
+```
+npm install PATH_TO_GENERATED_PACKAGE --save
+```

ui/api-client/openapitools.json

@@ -0,0 +1,7 @@
+{
+  "$schema": "./node_modules/@openapitools/openapi-generator-cli/config.schema.json",
+  "spaces": 2,
+  "generator-cli": {
+    "version": "7.12.0"
+  }
+}

ui/api-client/package.json

@@ -0,0 +1,21 @@
+{
+  "name": "@hashicorp/vault-client-typescript",
+  "version": "0.0.0",
+  "description": "OpenAPI client for @hashicorp/vault-client-typescript",
+  "author": "OpenAPI-Generator",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/GIT_USER_ID/GIT_REPO_ID.git"
+  },
+  "main": "./dist/index.js",
+  "typings": "./dist/index.d.ts",
+  "module": "./dist/esm/index.js",
+  "sideEffects": false,
+  "scripts": {
+    "build": "tsc && tsc -p tsconfig.esm.json",
+    "prepare": "npm run build"
+  },
+  "devDependencies": {
+    "typescript": "^4.0 || ^5.0"
+  }
+}

ui/api-client/src/apis/index.ts

@@ -0,0 +1,6 @@
+/* tslint:disable */
+/* eslint-disable */
+export * from './AuthApi';
+export * from './IdentityApi';
+export * from './SecretsApi';
+export * from './SystemApi';

ui/api-client/src/index.ts

@@ -0,0 +1,5 @@
+/* tslint:disable */
+/* eslint-disable */
+export * from './runtime';
+export * from './apis/index';
+export * from './models/index';

ui/api-client/src/models/AliCloudConfigureRequest.ts

@@ -0,0 +1,76 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AliCloudConfigureRequest
+ */
+export interface AliCloudConfigureRequest {
+  /**
+   * Access key with appropriate permissions.
+   * @type {string}
+   * @memberof AliCloudConfigureRequest
+   */
+  accessKey?: string;
+  /**
+   * Secret key with appropriate permissions.
+   * @type {string}
+   * @memberof AliCloudConfigureRequest
+   */
+  secretKey?: string;
+}
+
+/**
+ * Check if a given object implements the AliCloudConfigureRequest interface.
+ */
+export function instanceOfAliCloudConfigureRequest(value: object): value is AliCloudConfigureRequest {
+  return true;
+}
+
+export function AliCloudConfigureRequestFromJSON(json: any): AliCloudConfigureRequest {
+  return AliCloudConfigureRequestFromJSONTyped(json, false);
+}
+
+export function AliCloudConfigureRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AliCloudConfigureRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    accessKey: json['access_key'] == null ? undefined : json['access_key'],
+    secretKey: json['secret_key'] == null ? undefined : json['secret_key'],
+  };
+}
+
+export function AliCloudConfigureRequestToJSON(json: any): AliCloudConfigureRequest {
+  return AliCloudConfigureRequestToJSONTyped(json, false);
+}
+
+export function AliCloudConfigureRequestToJSONTyped(
+  value?: AliCloudConfigureRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    access_key: value['accessKey'],
+    secret_key: value['secretKey'],
+  };
+}

ui/api-client/src/models/AliCloudLoginRequest.ts

@@ -0,0 +1,86 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AliCloudLoginRequest
+ */
+export interface AliCloudLoginRequest {
+  /**
+   * The request headers. This must include the headers over which AliCloud has included a signature.
+   * @type {string}
+   * @memberof AliCloudLoginRequest
+   */
+  identityRequestHeaders?: string;
+  /**
+   * Base64-encoded full URL against which to make the AliCloud request.
+   * @type {string}
+   * @memberof AliCloudLoginRequest
+   */
+  identityRequestUrl?: string;
+  /**
+   * Name of the role against which the login is being attempted. If a matching role is not found, login fails.
+   * @type {string}
+   * @memberof AliCloudLoginRequest
+   */
+  role: string;
+}
+
+/**
+ * Check if a given object implements the AliCloudLoginRequest interface.
+ */
+export function instanceOfAliCloudLoginRequest(value: object): value is AliCloudLoginRequest {
+  if (!('role' in value) || value['role'] === undefined) return false;
+  return true;
+}
+
+export function AliCloudLoginRequestFromJSON(json: any): AliCloudLoginRequest {
+  return AliCloudLoginRequestFromJSONTyped(json, false);
+}
+
+export function AliCloudLoginRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AliCloudLoginRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    identityRequestHeaders:
+      json['identity_request_headers'] == null ? undefined : json['identity_request_headers'],
+    identityRequestUrl: json['identity_request_url'] == null ? undefined : json['identity_request_url'],
+    role: json['role'],
+  };
+}
+
+export function AliCloudLoginRequestToJSON(json: any): AliCloudLoginRequest {
+  return AliCloudLoginRequestToJSONTyped(json, false);
+}
+
+export function AliCloudLoginRequestToJSONTyped(
+  value?: AliCloudLoginRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    identity_request_headers: value['identityRequestHeaders'],
+    identity_request_url: value['identityRequestUrl'],
+    role: value['role'],
+  };
+}

ui/api-client/src/models/AliCloudWriteAuthRoleRequest.ts

@@ -0,0 +1,186 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AliCloudWriteAuthRoleRequest
+ */
+export interface AliCloudWriteAuthRoleRequest {
+  /**
+   * ARN of the RAM to bind to this role.
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  arn?: string;
+  /**
+   * Use "token_bound_cidrs" instead. If this and "token_bound_cidrs" are both specified, only "token_bound_cidrs" will be used.
+   * @type {Array<string>}
+   * @memberof AliCloudWriteAuthRoleRequest
+   * @deprecated
+   */
+  boundCidrs?: Array<string>;
+  /**
+   * Use "token_max_ttl" instead. If this and "token_max_ttl" are both specified, only "token_max_ttl" will be used.
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   * @deprecated
+   */
+  maxTtl?: string;
+  /**
+   * Use "token_period" instead. If this and "token_period" are both specified, only "token_period" will be used.
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   * @deprecated
+   */
+  period?: string;
+  /**
+   * Use "token_policies" instead. If this and "token_policies" are both specified, only "token_policies" will be used.
+   * @type {Array<string>}
+   * @memberof AliCloudWriteAuthRoleRequest
+   * @deprecated
+   */
+  policies?: Array<string>;
+  /**
+   * Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
+   * @type {Array<string>}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenBoundCidrs?: Array<string>;
+  /**
+   * If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenExplicitMaxTtl?: string;
+  /**
+   * The maximum lifetime of the generated token
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenMaxTtl?: string;
+  /**
+   * If true, the 'default' policy will not automatically be added to generated tokens
+   * @type {boolean}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenNoDefaultPolicy?: boolean;
+  /**
+   * The maximum number of times a token may be used, a value of zero means unlimited
+   * @type {number}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenNumUses?: number;
+  /**
+   * If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. "24h").
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenPeriod?: string;
+  /**
+   * Comma-separated list of policies
+   * @type {Array<string>}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenPolicies?: Array<string>;
+  /**
+   * The initial ttl of the token to generate
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenTtl?: string;
+  /**
+   * The type of token to generate, service or batch
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   */
+  tokenType?: string;
+  /**
+   * Use "token_ttl" instead. If this and "token_ttl" are both specified, only "token_ttl" will be used.
+   * @type {string}
+   * @memberof AliCloudWriteAuthRoleRequest
+   * @deprecated
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AliCloudWriteAuthRoleRequest interface.
+ */
+export function instanceOfAliCloudWriteAuthRoleRequest(value: object): value is AliCloudWriteAuthRoleRequest {
+  return true;
+}
+
+export function AliCloudWriteAuthRoleRequestFromJSON(json: any): AliCloudWriteAuthRoleRequest {
+  return AliCloudWriteAuthRoleRequestFromJSONTyped(json, false);
+}
+
+export function AliCloudWriteAuthRoleRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AliCloudWriteAuthRoleRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    arn: json['arn'] == null ? undefined : json['arn'],
+    boundCidrs: json['bound_cidrs'] == null ? undefined : json['bound_cidrs'],
+    maxTtl: json['max_ttl'] == null ? undefined : json['max_ttl'],
+    period: json['period'] == null ? undefined : json['period'],
+    policies: json['policies'] == null ? undefined : json['policies'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+    tokenExplicitMaxTtl: json['token_explicit_max_ttl'] == null ? undefined : json['token_explicit_max_ttl'],
+    tokenMaxTtl: json['token_max_ttl'] == null ? undefined : json['token_max_ttl'],
+    tokenNoDefaultPolicy:
+      json['token_no_default_policy'] == null ? undefined : json['token_no_default_policy'],
+    tokenNumUses: json['token_num_uses'] == null ? undefined : json['token_num_uses'],
+    tokenPeriod: json['token_period'] == null ? undefined : json['token_period'],
+    tokenPolicies: json['token_policies'] == null ? undefined : json['token_policies'],
+    tokenTtl: json['token_ttl'] == null ? undefined : json['token_ttl'],
+    tokenType: json['token_type'] == null ? undefined : json['token_type'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AliCloudWriteAuthRoleRequestToJSON(json: any): AliCloudWriteAuthRoleRequest {
+  return AliCloudWriteAuthRoleRequestToJSONTyped(json, false);
+}
+
+export function AliCloudWriteAuthRoleRequestToJSONTyped(
+  value?: AliCloudWriteAuthRoleRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    arn: value['arn'],
+    bound_cidrs: value['boundCidrs'],
+    max_ttl: value['maxTtl'],
+    period: value['period'],
+    policies: value['policies'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+    token_explicit_max_ttl: value['tokenExplicitMaxTtl'],
+    token_max_ttl: value['tokenMaxTtl'],
+    token_no_default_policy: value['tokenNoDefaultPolicy'],
+    token_num_uses: value['tokenNumUses'],
+    token_period: value['tokenPeriod'],
+    token_policies: value['tokenPolicies'],
+    token_ttl: value['tokenTtl'],
+    token_type: value['tokenType'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/AliCloudWriteRoleRequest.ts

@@ -0,0 +1,100 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AliCloudWriteRoleRequest
+ */
+export interface AliCloudWriteRoleRequest {
+  /**
+   * JSON of policies to be dynamically applied to users of this role.
+   * @type {string}
+   * @memberof AliCloudWriteRoleRequest
+   */
+  inlinePolicies?: string;
+  /**
+   * The maximum allowed lifetime of tokens issued using this role.
+   * @type {string}
+   * @memberof AliCloudWriteRoleRequest
+   */
+  maxTtl?: string;
+  /**
+   * The name and type of each remote policy to be applied. Example: "name:AliyunRDSReadOnlyAccess,type:System".
+   * @type {Array<string>}
+   * @memberof AliCloudWriteRoleRequest
+   */
+  remotePolicies?: Array<string>;
+  /**
+   * ARN of the role to be assumed. If provided, inline_policies and remote_policies should be blank. At creation time, this role must have configured trusted actors, and the access key and secret that will be used to assume the role (in /config) must qualify as a trusted actor.
+   * @type {string}
+   * @memberof AliCloudWriteRoleRequest
+   */
+  roleArn?: string;
+  /**
+   * Duration in seconds after which the issued token should expire. Defaults to 0, in which case the value will fallback to the system/mount defaults.
+   * @type {string}
+   * @memberof AliCloudWriteRoleRequest
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AliCloudWriteRoleRequest interface.
+ */
+export function instanceOfAliCloudWriteRoleRequest(value: object): value is AliCloudWriteRoleRequest {
+  return true;
+}
+
+export function AliCloudWriteRoleRequestFromJSON(json: any): AliCloudWriteRoleRequest {
+  return AliCloudWriteRoleRequestFromJSONTyped(json, false);
+}
+
+export function AliCloudWriteRoleRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AliCloudWriteRoleRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    inlinePolicies: json['inline_policies'] == null ? undefined : json['inline_policies'],
+    maxTtl: json['max_ttl'] == null ? undefined : json['max_ttl'],
+    remotePolicies: json['remote_policies'] == null ? undefined : json['remote_policies'],
+    roleArn: json['role_arn'] == null ? undefined : json['role_arn'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AliCloudWriteRoleRequestToJSON(json: any): AliCloudWriteRoleRequest {
+  return AliCloudWriteRoleRequestToJSONTyped(json, false);
+}
+
+export function AliCloudWriteRoleRequestToJSONTyped(
+  value?: AliCloudWriteRoleRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    inline_policies: value['inlinePolicies'],
+    max_ttl: value['maxTtl'],
+    remote_policies: value['remotePolicies'],
+    role_arn: value['roleArn'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/AliasCreateRequest.ts

@@ -0,0 +1,97 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AliasCreateRequest
+ */
+export interface AliasCreateRequest {
+  /**
+   * Entity ID to which this alias belongs to
+   * @type {string}
+   * @memberof AliasCreateRequest
+   */
+  canonicalId?: string;
+  /**
+   * Entity ID to which this alias belongs to. This field is deprecated in favor of 'canonical_id'.
+   * @type {string}
+   * @memberof AliasCreateRequest
+   */
+  entityId?: string;
+  /**
+   * ID of the alias
+   * @type {string}
+   * @memberof AliasCreateRequest
+   */
+  id?: string;
+  /**
+   * Mount accessor to which this alias belongs to
+   * @type {string}
+   * @memberof AliasCreateRequest
+   */
+  mountAccessor?: string;
+  /**
+   * Name of the alias
+   * @type {string}
+   * @memberof AliasCreateRequest
+   */
+  name?: string;
+}
+
+/**
+ * Check if a given object implements the AliasCreateRequest interface.
+ */
+export function instanceOfAliasCreateRequest(value: object): value is AliasCreateRequest {
+  return true;
+}
+
+export function AliasCreateRequestFromJSON(json: any): AliasCreateRequest {
+  return AliasCreateRequestFromJSONTyped(json, false);
+}
+
+export function AliasCreateRequestFromJSONTyped(json: any, ignoreDiscriminator: boolean): AliasCreateRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    canonicalId: json['canonical_id'] == null ? undefined : json['canonical_id'],
+    entityId: json['entity_id'] == null ? undefined : json['entity_id'],
+    id: json['id'] == null ? undefined : json['id'],
+    mountAccessor: json['mount_accessor'] == null ? undefined : json['mount_accessor'],
+    name: json['name'] == null ? undefined : json['name'],
+  };
+}
+
+export function AliasCreateRequestToJSON(json: any): AliasCreateRequest {
+  return AliasCreateRequestToJSONTyped(json, false);
+}
+
+export function AliasCreateRequestToJSONTyped(
+  value?: AliasCreateRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    canonical_id: value['canonicalId'],
+    entity_id: value['entityId'],
+    id: value['id'],
+    mount_accessor: value['mountAccessor'],
+    name: value['name'],
+  };
+}

ui/api-client/src/models/AliasUpdateByIdRequest.ts

@@ -0,0 +1,92 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AliasUpdateByIdRequest
+ */
+export interface AliasUpdateByIdRequest {
+  /**
+   * Entity ID to which this alias should be tied to
+   * @type {string}
+   * @memberof AliasUpdateByIdRequest
+   */
+  canonicalId?: string;
+  /**
+   * Entity ID to which this alias should be tied to. This field is deprecated in favor of 'canonical_id'.
+   * @type {string}
+   * @memberof AliasUpdateByIdRequest
+   */
+  entityId?: string;
+  /**
+   * Mount accessor to which this alias belongs to
+   * @type {string}
+   * @memberof AliasUpdateByIdRequest
+   */
+  mountAccessor?: string;
+  /**
+   * Name of the alias
+   * @type {string}
+   * @memberof AliasUpdateByIdRequest
+   */
+  name?: string;
+}
+
+/**
+ * Check if a given object implements the AliasUpdateByIdRequest interface.
+ */
+export function instanceOfAliasUpdateByIdRequest(value: object): value is AliasUpdateByIdRequest {
+  return true;
+}
+
+export function AliasUpdateByIdRequestFromJSON(json: any): AliasUpdateByIdRequest {
+  return AliasUpdateByIdRequestFromJSONTyped(json, false);
+}
+
+export function AliasUpdateByIdRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AliasUpdateByIdRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    canonicalId: json['canonical_id'] == null ? undefined : json['canonical_id'],
+    entityId: json['entity_id'] == null ? undefined : json['entity_id'],
+    mountAccessor: json['mount_accessor'] == null ? undefined : json['mount_accessor'],
+    name: json['name'] == null ? undefined : json['name'],
+  };
+}
+
+export function AliasUpdateByIdRequestToJSON(json: any): AliasUpdateByIdRequest {
+  return AliasUpdateByIdRequestToJSONTyped(json, false);
+}
+
+export function AliasUpdateByIdRequestToJSONTyped(
+  value?: AliasUpdateByIdRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    canonical_id: value['canonicalId'],
+    entity_id: value['entityId'],
+    mount_accessor: value['mountAccessor'],
+    name: value['name'],
+  };
+}

ui/api-client/src/models/AppRoleDestroySecretIdByAccessorRequest.ts

@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleDestroySecretIdByAccessorRequest
+ */
+export interface AppRoleDestroySecretIdByAccessorRequest {
+  /**
+   * Accessor of the SecretID
+   * @type {string}
+   * @memberof AppRoleDestroySecretIdByAccessorRequest
+   */
+  secretIdAccessor?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleDestroySecretIdByAccessorRequest interface.
+ */
+export function instanceOfAppRoleDestroySecretIdByAccessorRequest(
+  value: object
+): value is AppRoleDestroySecretIdByAccessorRequest {
+  return true;
+}
+
+export function AppRoleDestroySecretIdByAccessorRequestFromJSON(
+  json: any
+): AppRoleDestroySecretIdByAccessorRequest {
+  return AppRoleDestroySecretIdByAccessorRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleDestroySecretIdByAccessorRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleDestroySecretIdByAccessorRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretIdAccessor: json['secret_id_accessor'] == null ? undefined : json['secret_id_accessor'],
+  };
+}
+
+export function AppRoleDestroySecretIdByAccessorRequestToJSON(
+  json: any
+): AppRoleDestroySecretIdByAccessorRequest {
+  return AppRoleDestroySecretIdByAccessorRequestToJSONTyped(json, false);
+}
+
+export function AppRoleDestroySecretIdByAccessorRequestToJSONTyped(
+  value?: AppRoleDestroySecretIdByAccessorRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id_accessor: value['secretIdAccessor'],
+  };
+}

ui/api-client/src/models/AppRoleDestroySecretIdRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleDestroySecretIdRequest
+ */
+export interface AppRoleDestroySecretIdRequest {
+  /**
+   * SecretID attached to the role.
+   * @type {string}
+   * @memberof AppRoleDestroySecretIdRequest
+   */
+  secretId?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleDestroySecretIdRequest interface.
+ */
+export function instanceOfAppRoleDestroySecretIdRequest(
+  value: object
+): value is AppRoleDestroySecretIdRequest {
+  return true;
+}
+
+export function AppRoleDestroySecretIdRequestFromJSON(json: any): AppRoleDestroySecretIdRequest {
+  return AppRoleDestroySecretIdRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleDestroySecretIdRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleDestroySecretIdRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretId: json['secret_id'] == null ? undefined : json['secret_id'],
+  };
+}
+
+export function AppRoleDestroySecretIdRequestToJSON(json: any): AppRoleDestroySecretIdRequest {
+  return AppRoleDestroySecretIdRequestToJSONTyped(json, false);
+}
+
+export function AppRoleDestroySecretIdRequestToJSONTyped(
+  value?: AppRoleDestroySecretIdRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id: value['secretId'],
+  };
+}

ui/api-client/src/models/AppRoleLoginRequest.ts

@@ -0,0 +1,76 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleLoginRequest
+ */
+export interface AppRoleLoginRequest {
+  /**
+   * Unique identifier of the Role. Required to be supplied when the 'bind_secret_id' constraint is set.
+   * @type {string}
+   * @memberof AppRoleLoginRequest
+   */
+  roleId?: string;
+  /**
+   * SecretID belong to the App role
+   * @type {string}
+   * @memberof AppRoleLoginRequest
+   */
+  secretId?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleLoginRequest interface.
+ */
+export function instanceOfAppRoleLoginRequest(value: object): value is AppRoleLoginRequest {
+  return true;
+}
+
+export function AppRoleLoginRequestFromJSON(json: any): AppRoleLoginRequest {
+  return AppRoleLoginRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleLoginRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleLoginRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    roleId: json['role_id'] == null ? undefined : json['role_id'],
+    secretId: json['secret_id'] == null ? undefined : json['secret_id'],
+  };
+}
+
+export function AppRoleLoginRequestToJSON(json: any): AppRoleLoginRequest {
+  return AppRoleLoginRequestToJSONTyped(json, false);
+}
+
+export function AppRoleLoginRequestToJSONTyped(
+  value?: AppRoleLoginRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    role_id: value['roleId'],
+    secret_id: value['secretId'],
+  };
+}

ui/api-client/src/models/AppRoleLoginResponse.ts

@@ -0,0 +1,68 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleLoginResponse
+ */
+export interface AppRoleLoginResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof AppRoleLoginResponse
+   */
+  role?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleLoginResponse interface.
+ */
+export function instanceOfAppRoleLoginResponse(value: object): value is AppRoleLoginResponse {
+  return true;
+}
+
+export function AppRoleLoginResponseFromJSON(json: any): AppRoleLoginResponse {
+  return AppRoleLoginResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleLoginResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleLoginResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    role: json['role'] == null ? undefined : json['role'],
+  };
+}
+
+export function AppRoleLoginResponseToJSON(json: any): AppRoleLoginResponse {
+  return AppRoleLoginResponseToJSONTyped(json, false);
+}
+
+export function AppRoleLoginResponseToJSONTyped(
+  value?: AppRoleLoginResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    role: value['role'],
+  };
+}

ui/api-client/src/models/AppRoleLookUpSecretIdByAccessorRequest.ts

@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleLookUpSecretIdByAccessorRequest
+ */
+export interface AppRoleLookUpSecretIdByAccessorRequest {
+  /**
+   * Accessor of the SecretID
+   * @type {string}
+   * @memberof AppRoleLookUpSecretIdByAccessorRequest
+   */
+  secretIdAccessor?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleLookUpSecretIdByAccessorRequest interface.
+ */
+export function instanceOfAppRoleLookUpSecretIdByAccessorRequest(
+  value: object
+): value is AppRoleLookUpSecretIdByAccessorRequest {
+  return true;
+}
+
+export function AppRoleLookUpSecretIdByAccessorRequestFromJSON(
+  json: any
+): AppRoleLookUpSecretIdByAccessorRequest {
+  return AppRoleLookUpSecretIdByAccessorRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleLookUpSecretIdByAccessorRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleLookUpSecretIdByAccessorRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretIdAccessor: json['secret_id_accessor'] == null ? undefined : json['secret_id_accessor'],
+  };
+}
+
+export function AppRoleLookUpSecretIdByAccessorRequestToJSON(
+  json: any
+): AppRoleLookUpSecretIdByAccessorRequest {
+  return AppRoleLookUpSecretIdByAccessorRequestToJSONTyped(json, false);
+}
+
+export function AppRoleLookUpSecretIdByAccessorRequestToJSONTyped(
+  value?: AppRoleLookUpSecretIdByAccessorRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id_accessor: value['secretIdAccessor'],
+  };
+}

ui/api-client/src/models/AppRoleLookUpSecretIdByAccessorResponse.ts

@@ -0,0 +1,138 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleLookUpSecretIdByAccessorResponse
+ */
+export interface AppRoleLookUpSecretIdByAccessorResponse {
+  /**
+   * List of CIDR blocks enforcing secret IDs to be used from specific set of IP addresses. If 'bound_cidr_list' is set on the role, then the list of CIDR blocks listed here should be a subset of the CIDR blocks listed on the role.
+   * @type {Array<string>}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  cidrList?: Array<string>;
+  /**
+   *
+   * @type {Date}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  creationTime?: Date;
+  /**
+   *
+   * @type {Date}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  expirationTime?: Date;
+  /**
+   *
+   * @type {Date}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  lastUpdatedTime?: Date;
+  /**
+   *
+   * @type {object}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  metadata?: object;
+  /**
+   * Accessor of the secret ID
+   * @type {string}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  secretIdAccessor?: string;
+  /**
+   * Number of times a secret ID can access the role, after which the secret ID will expire.
+   * @type {number}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  secretIdNumUses?: number;
+  /**
+   * Duration in seconds after which the issued secret ID expires.
+   * @type {number}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  secretIdTtl?: number;
+  /**
+   * List of CIDR blocks. If set, specifies the blocks of IP addresses which can use the returned token. Should be a subset of the token CIDR blocks listed on the role, if any.
+   * @type {Array<string>}
+   * @memberof AppRoleLookUpSecretIdByAccessorResponse
+   */
+  tokenBoundCidrs?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleLookUpSecretIdByAccessorResponse interface.
+ */
+export function instanceOfAppRoleLookUpSecretIdByAccessorResponse(
+  value: object
+): value is AppRoleLookUpSecretIdByAccessorResponse {
+  return true;
+}
+
+export function AppRoleLookUpSecretIdByAccessorResponseFromJSON(
+  json: any
+): AppRoleLookUpSecretIdByAccessorResponse {
+  return AppRoleLookUpSecretIdByAccessorResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleLookUpSecretIdByAccessorResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleLookUpSecretIdByAccessorResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    cidrList: json['cidr_list'] == null ? undefined : json['cidr_list'],
+    creationTime: json['creation_time'] == null ? undefined : new Date(json['creation_time']),
+    expirationTime: json['expiration_time'] == null ? undefined : new Date(json['expiration_time']),
+    lastUpdatedTime: json['last_updated_time'] == null ? undefined : new Date(json['last_updated_time']),
+    metadata: json['metadata'] == null ? undefined : json['metadata'],
+    secretIdAccessor: json['secret_id_accessor'] == null ? undefined : json['secret_id_accessor'],
+    secretIdNumUses: json['secret_id_num_uses'] == null ? undefined : json['secret_id_num_uses'],
+    secretIdTtl: json['secret_id_ttl'] == null ? undefined : json['secret_id_ttl'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+  };
+}
+
+export function AppRoleLookUpSecretIdByAccessorResponseToJSON(
+  json: any
+): AppRoleLookUpSecretIdByAccessorResponse {
+  return AppRoleLookUpSecretIdByAccessorResponseToJSONTyped(json, false);
+}
+
+export function AppRoleLookUpSecretIdByAccessorResponseToJSONTyped(
+  value?: AppRoleLookUpSecretIdByAccessorResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    cidr_list: value['cidrList'],
+    creation_time: value['creationTime'] == null ? undefined : value['creationTime'].toISOString(),
+    expiration_time: value['expirationTime'] == null ? undefined : value['expirationTime'].toISOString(),
+    last_updated_time: value['lastUpdatedTime'] == null ? undefined : value['lastUpdatedTime'].toISOString(),
+    metadata: value['metadata'],
+    secret_id_accessor: value['secretIdAccessor'],
+    secret_id_num_uses: value['secretIdNumUses'],
+    secret_id_ttl: value['secretIdTtl'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+  };
+}

ui/api-client/src/models/AppRoleLookUpSecretIdRequest.ts

@@ -0,0 +1,68 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleLookUpSecretIdRequest
+ */
+export interface AppRoleLookUpSecretIdRequest {
+  /**
+   * SecretID attached to the role.
+   * @type {string}
+   * @memberof AppRoleLookUpSecretIdRequest
+   */
+  secretId?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleLookUpSecretIdRequest interface.
+ */
+export function instanceOfAppRoleLookUpSecretIdRequest(value: object): value is AppRoleLookUpSecretIdRequest {
+  return true;
+}
+
+export function AppRoleLookUpSecretIdRequestFromJSON(json: any): AppRoleLookUpSecretIdRequest {
+  return AppRoleLookUpSecretIdRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleLookUpSecretIdRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleLookUpSecretIdRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretId: json['secret_id'] == null ? undefined : json['secret_id'],
+  };
+}
+
+export function AppRoleLookUpSecretIdRequestToJSON(json: any): AppRoleLookUpSecretIdRequest {
+  return AppRoleLookUpSecretIdRequestToJSONTyped(json, false);
+}
+
+export function AppRoleLookUpSecretIdRequestToJSONTyped(
+  value?: AppRoleLookUpSecretIdRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id: value['secretId'],
+  };
+}

ui/api-client/src/models/AppRoleLookUpSecretIdResponse.ts

@@ -0,0 +1,134 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleLookUpSecretIdResponse
+ */
+export interface AppRoleLookUpSecretIdResponse {
+  /**
+   * List of CIDR blocks enforcing secret IDs to be used from specific set of IP addresses. If 'bound_cidr_list' is set on the role, then the list of CIDR blocks listed here should be a subset of the CIDR blocks listed on the role.
+   * @type {Array<string>}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  cidrList?: Array<string>;
+  /**
+   *
+   * @type {Date}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  creationTime?: Date;
+  /**
+   *
+   * @type {Date}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  expirationTime?: Date;
+  /**
+   *
+   * @type {Date}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  lastUpdatedTime?: Date;
+  /**
+   *
+   * @type {object}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  metadata?: object;
+  /**
+   * Accessor of the secret ID
+   * @type {string}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  secretIdAccessor?: string;
+  /**
+   * Number of times a secret ID can access the role, after which the secret ID will expire.
+   * @type {number}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  secretIdNumUses?: number;
+  /**
+   * Duration in seconds after which the issued secret ID expires.
+   * @type {number}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  secretIdTtl?: number;
+  /**
+   * List of CIDR blocks. If set, specifies the blocks of IP addresses which can use the returned token. Should be a subset of the token CIDR blocks listed on the role, if any.
+   * @type {Array<string>}
+   * @memberof AppRoleLookUpSecretIdResponse
+   */
+  tokenBoundCidrs?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleLookUpSecretIdResponse interface.
+ */
+export function instanceOfAppRoleLookUpSecretIdResponse(
+  value: object
+): value is AppRoleLookUpSecretIdResponse {
+  return true;
+}
+
+export function AppRoleLookUpSecretIdResponseFromJSON(json: any): AppRoleLookUpSecretIdResponse {
+  return AppRoleLookUpSecretIdResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleLookUpSecretIdResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleLookUpSecretIdResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    cidrList: json['cidr_list'] == null ? undefined : json['cidr_list'],
+    creationTime: json['creation_time'] == null ? undefined : new Date(json['creation_time']),
+    expirationTime: json['expiration_time'] == null ? undefined : new Date(json['expiration_time']),
+    lastUpdatedTime: json['last_updated_time'] == null ? undefined : new Date(json['last_updated_time']),
+    metadata: json['metadata'] == null ? undefined : json['metadata'],
+    secretIdAccessor: json['secret_id_accessor'] == null ? undefined : json['secret_id_accessor'],
+    secretIdNumUses: json['secret_id_num_uses'] == null ? undefined : json['secret_id_num_uses'],
+    secretIdTtl: json['secret_id_ttl'] == null ? undefined : json['secret_id_ttl'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+  };
+}
+
+export function AppRoleLookUpSecretIdResponseToJSON(json: any): AppRoleLookUpSecretIdResponse {
+  return AppRoleLookUpSecretIdResponseToJSONTyped(json, false);
+}
+
+export function AppRoleLookUpSecretIdResponseToJSONTyped(
+  value?: AppRoleLookUpSecretIdResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    cidr_list: value['cidrList'],
+    creation_time: value['creationTime'] == null ? undefined : value['creationTime'].toISOString(),
+    expiration_time: value['expirationTime'] == null ? undefined : value['expirationTime'].toISOString(),
+    last_updated_time: value['lastUpdatedTime'] == null ? undefined : value['lastUpdatedTime'].toISOString(),
+    metadata: value['metadata'],
+    secret_id_accessor: value['secretIdAccessor'],
+    secret_id_num_uses: value['secretIdNumUses'],
+    secret_id_ttl: value['secretIdTtl'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+  };
+}

ui/api-client/src/models/AppRoleReadBindSecretIdResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadBindSecretIdResponse
+ */
+export interface AppRoleReadBindSecretIdResponse {
+  /**
+   * Impose secret_id to be presented when logging in using this role. Defaults to 'true'.
+   * @type {boolean}
+   * @memberof AppRoleReadBindSecretIdResponse
+   */
+  bindSecretId?: boolean;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadBindSecretIdResponse interface.
+ */
+export function instanceOfAppRoleReadBindSecretIdResponse(
+  value: object
+): value is AppRoleReadBindSecretIdResponse {
+  return true;
+}
+
+export function AppRoleReadBindSecretIdResponseFromJSON(json: any): AppRoleReadBindSecretIdResponse {
+  return AppRoleReadBindSecretIdResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadBindSecretIdResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadBindSecretIdResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    bindSecretId: json['bind_secret_id'] == null ? undefined : json['bind_secret_id'],
+  };
+}
+
+export function AppRoleReadBindSecretIdResponseToJSON(json: any): AppRoleReadBindSecretIdResponse {
+  return AppRoleReadBindSecretIdResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadBindSecretIdResponseToJSONTyped(
+  value?: AppRoleReadBindSecretIdResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    bind_secret_id: value['bindSecretId'],
+  };
+}

ui/api-client/src/models/AppRoleReadBoundCidrListResponse.ts

@@ -0,0 +1,71 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadBoundCidrListResponse
+ */
+export interface AppRoleReadBoundCidrListResponse {
+  /**
+   * Deprecated: Please use "secret_id_bound_cidrs" instead. Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
+   * @type {Array<string>}
+   * @memberof AppRoleReadBoundCidrListResponse
+   * @deprecated
+   */
+  boundCidrList?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadBoundCidrListResponse interface.
+ */
+export function instanceOfAppRoleReadBoundCidrListResponse(
+  value: object
+): value is AppRoleReadBoundCidrListResponse {
+  return true;
+}
+
+export function AppRoleReadBoundCidrListResponseFromJSON(json: any): AppRoleReadBoundCidrListResponse {
+  return AppRoleReadBoundCidrListResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadBoundCidrListResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadBoundCidrListResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    boundCidrList: json['bound_cidr_list'] == null ? undefined : json['bound_cidr_list'],
+  };
+}
+
+export function AppRoleReadBoundCidrListResponseToJSON(json: any): AppRoleReadBoundCidrListResponse {
+  return AppRoleReadBoundCidrListResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadBoundCidrListResponseToJSONTyped(
+  value?: AppRoleReadBoundCidrListResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    bound_cidr_list: value['boundCidrList'],
+  };
+}

ui/api-client/src/models/AppRoleReadLocalSecretIdsResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadLocalSecretIdsResponse
+ */
+export interface AppRoleReadLocalSecretIdsResponse {
+  /**
+   * If true, the secret identifiers generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later
+   * @type {boolean}
+   * @memberof AppRoleReadLocalSecretIdsResponse
+   */
+  localSecretIds?: boolean;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadLocalSecretIdsResponse interface.
+ */
+export function instanceOfAppRoleReadLocalSecretIdsResponse(
+  value: object
+): value is AppRoleReadLocalSecretIdsResponse {
+  return true;
+}
+
+export function AppRoleReadLocalSecretIdsResponseFromJSON(json: any): AppRoleReadLocalSecretIdsResponse {
+  return AppRoleReadLocalSecretIdsResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadLocalSecretIdsResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadLocalSecretIdsResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    localSecretIds: json['local_secret_ids'] == null ? undefined : json['local_secret_ids'],
+  };
+}
+
+export function AppRoleReadLocalSecretIdsResponseToJSON(json: any): AppRoleReadLocalSecretIdsResponse {
+  return AppRoleReadLocalSecretIdsResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadLocalSecretIdsResponseToJSONTyped(
+  value?: AppRoleReadLocalSecretIdsResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    local_secret_ids: value['localSecretIds'],
+  };
+}

ui/api-client/src/models/AppRoleReadPeriodResponse.ts

@@ -0,0 +1,77 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadPeriodResponse
+ */
+export interface AppRoleReadPeriodResponse {
+  /**
+   * Use "token_period" instead. If this and "token_period" are both specified, only "token_period" will be used.
+   * @type {number}
+   * @memberof AppRoleReadPeriodResponse
+   * @deprecated
+   */
+  period?: number;
+  /**
+   * If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. "24h").
+   * @type {number}
+   * @memberof AppRoleReadPeriodResponse
+   */
+  tokenPeriod?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadPeriodResponse interface.
+ */
+export function instanceOfAppRoleReadPeriodResponse(value: object): value is AppRoleReadPeriodResponse {
+  return true;
+}
+
+export function AppRoleReadPeriodResponseFromJSON(json: any): AppRoleReadPeriodResponse {
+  return AppRoleReadPeriodResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadPeriodResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadPeriodResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    period: json['period'] == null ? undefined : json['period'],
+    tokenPeriod: json['token_period'] == null ? undefined : json['token_period'],
+  };
+}
+
+export function AppRoleReadPeriodResponseToJSON(json: any): AppRoleReadPeriodResponse {
+  return AppRoleReadPeriodResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadPeriodResponseToJSONTyped(
+  value?: AppRoleReadPeriodResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    period: value['period'],
+    token_period: value['tokenPeriod'],
+  };
+}

ui/api-client/src/models/AppRoleReadPoliciesResponse.ts

@@ -0,0 +1,77 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadPoliciesResponse
+ */
+export interface AppRoleReadPoliciesResponse {
+  /**
+   * Use "token_policies" instead. If this and "token_policies" are both specified, only "token_policies" will be used.
+   * @type {Array<string>}
+   * @memberof AppRoleReadPoliciesResponse
+   * @deprecated
+   */
+  policies?: Array<string>;
+  /**
+   * Comma-separated list of policies
+   * @type {Array<string>}
+   * @memberof AppRoleReadPoliciesResponse
+   */
+  tokenPolicies?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadPoliciesResponse interface.
+ */
+export function instanceOfAppRoleReadPoliciesResponse(value: object): value is AppRoleReadPoliciesResponse {
+  return true;
+}
+
+export function AppRoleReadPoliciesResponseFromJSON(json: any): AppRoleReadPoliciesResponse {
+  return AppRoleReadPoliciesResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadPoliciesResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadPoliciesResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    policies: json['policies'] == null ? undefined : json['policies'],
+    tokenPolicies: json['token_policies'] == null ? undefined : json['token_policies'],
+  };
+}
+
+export function AppRoleReadPoliciesResponseToJSON(json: any): AppRoleReadPoliciesResponse {
+  return AppRoleReadPoliciesResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadPoliciesResponseToJSONTyped(
+  value?: AppRoleReadPoliciesResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    policies: value['policies'],
+    token_policies: value['tokenPolicies'],
+  };
+}

ui/api-client/src/models/AppRoleReadRoleIdResponse.ts

@@ -0,0 +1,68 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadRoleIdResponse
+ */
+export interface AppRoleReadRoleIdResponse {
+  /**
+   * Identifier of the role. Defaults to a UUID.
+   * @type {string}
+   * @memberof AppRoleReadRoleIdResponse
+   */
+  roleId?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadRoleIdResponse interface.
+ */
+export function instanceOfAppRoleReadRoleIdResponse(value: object): value is AppRoleReadRoleIdResponse {
+  return true;
+}
+
+export function AppRoleReadRoleIdResponseFromJSON(json: any): AppRoleReadRoleIdResponse {
+  return AppRoleReadRoleIdResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadRoleIdResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadRoleIdResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    roleId: json['role_id'] == null ? undefined : json['role_id'],
+  };
+}
+
+export function AppRoleReadRoleIdResponseToJSON(json: any): AppRoleReadRoleIdResponse {
+  return AppRoleReadRoleIdResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadRoleIdResponseToJSONTyped(
+  value?: AppRoleReadRoleIdResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    role_id: value['roleId'],
+  };
+}

ui/api-client/src/models/AppRoleReadRoleResponse.ts

@@ -0,0 +1,191 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadRoleResponse
+ */
+export interface AppRoleReadRoleResponse {
+  /**
+   * Impose secret ID to be presented when logging in using this role.
+   * @type {boolean}
+   * @memberof AppRoleReadRoleResponse
+   */
+  bindSecretId?: boolean;
+  /**
+   * If true, the secret identifiers generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later
+   * @type {boolean}
+   * @memberof AppRoleReadRoleResponse
+   */
+  localSecretIds?: boolean;
+  /**
+   * Use "token_period" instead. If this and "token_period" are both specified, only "token_period" will be used.
+   * @type {number}
+   * @memberof AppRoleReadRoleResponse
+   * @deprecated
+   */
+  period?: number;
+  /**
+   * Use "token_policies" instead. If this and "token_policies" are both specified, only "token_policies" will be used.
+   * @type {Array<string>}
+   * @memberof AppRoleReadRoleResponse
+   * @deprecated
+   */
+  policies?: Array<string>;
+  /**
+   * Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
+   * @type {Array<string>}
+   * @memberof AppRoleReadRoleResponse
+   */
+  secretIdBoundCidrs?: Array<string>;
+  /**
+   * Number of times a secret ID can access the role, after which the secret ID will expire.
+   * @type {number}
+   * @memberof AppRoleReadRoleResponse
+   */
+  secretIdNumUses?: number;
+  /**
+   * Duration in seconds after which the issued secret ID expires.
+   * @type {number}
+   * @memberof AppRoleReadRoleResponse
+   */
+  secretIdTtl?: number;
+  /**
+   * Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
+   * @type {Array<string>}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenBoundCidrs?: Array<string>;
+  /**
+   * If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
+   * @type {number}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenExplicitMaxTtl?: number;
+  /**
+   * The maximum lifetime of the generated token
+   * @type {number}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenMaxTtl?: number;
+  /**
+   * If true, the 'default' policy will not automatically be added to generated tokens
+   * @type {boolean}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenNoDefaultPolicy?: boolean;
+  /**
+   * The maximum number of times a token may be used, a value of zero means unlimited
+   * @type {number}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenNumUses?: number;
+  /**
+   * If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value.
+   * @type {number}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenPeriod?: number;
+  /**
+   * Comma-separated list of policies
+   * @type {Array<string>}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenPolicies?: Array<string>;
+  /**
+   * The initial ttl of the token to generate
+   * @type {number}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenTtl?: number;
+  /**
+   * The type of token to generate, service or batch
+   * @type {string}
+   * @memberof AppRoleReadRoleResponse
+   */
+  tokenType?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadRoleResponse interface.
+ */
+export function instanceOfAppRoleReadRoleResponse(value: object): value is AppRoleReadRoleResponse {
+  return true;
+}
+
+export function AppRoleReadRoleResponseFromJSON(json: any): AppRoleReadRoleResponse {
+  return AppRoleReadRoleResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadRoleResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadRoleResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    bindSecretId: json['bind_secret_id'] == null ? undefined : json['bind_secret_id'],
+    localSecretIds: json['local_secret_ids'] == null ? undefined : json['local_secret_ids'],
+    period: json['period'] == null ? undefined : json['period'],
+    policies: json['policies'] == null ? undefined : json['policies'],
+    secretIdBoundCidrs: json['secret_id_bound_cidrs'] == null ? undefined : json['secret_id_bound_cidrs'],
+    secretIdNumUses: json['secret_id_num_uses'] == null ? undefined : json['secret_id_num_uses'],
+    secretIdTtl: json['secret_id_ttl'] == null ? undefined : json['secret_id_ttl'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+    tokenExplicitMaxTtl: json['token_explicit_max_ttl'] == null ? undefined : json['token_explicit_max_ttl'],
+    tokenMaxTtl: json['token_max_ttl'] == null ? undefined : json['token_max_ttl'],
+    tokenNoDefaultPolicy:
+      json['token_no_default_policy'] == null ? undefined : json['token_no_default_policy'],
+    tokenNumUses: json['token_num_uses'] == null ? undefined : json['token_num_uses'],
+    tokenPeriod: json['token_period'] == null ? undefined : json['token_period'],
+    tokenPolicies: json['token_policies'] == null ? undefined : json['token_policies'],
+    tokenTtl: json['token_ttl'] == null ? undefined : json['token_ttl'],
+    tokenType: json['token_type'] == null ? undefined : json['token_type'],
+  };
+}
+
+export function AppRoleReadRoleResponseToJSON(json: any): AppRoleReadRoleResponse {
+  return AppRoleReadRoleResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadRoleResponseToJSONTyped(
+  value?: AppRoleReadRoleResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    bind_secret_id: value['bindSecretId'],
+    local_secret_ids: value['localSecretIds'],
+    period: value['period'],
+    policies: value['policies'],
+    secret_id_bound_cidrs: value['secretIdBoundCidrs'],
+    secret_id_num_uses: value['secretIdNumUses'],
+    secret_id_ttl: value['secretIdTtl'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+    token_explicit_max_ttl: value['tokenExplicitMaxTtl'],
+    token_max_ttl: value['tokenMaxTtl'],
+    token_no_default_policy: value['tokenNoDefaultPolicy'],
+    token_num_uses: value['tokenNumUses'],
+    token_period: value['tokenPeriod'],
+    token_policies: value['tokenPolicies'],
+    token_ttl: value['tokenTtl'],
+    token_type: value['tokenType'],
+  };
+}

ui/api-client/src/models/AppRoleReadSecretIdBoundCidrsResponse.ts

@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadSecretIdBoundCidrsResponse
+ */
+export interface AppRoleReadSecretIdBoundCidrsResponse {
+  /**
+   * Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
+   * @type {Array<string>}
+   * @memberof AppRoleReadSecretIdBoundCidrsResponse
+   */
+  secretIdBoundCidrs?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadSecretIdBoundCidrsResponse interface.
+ */
+export function instanceOfAppRoleReadSecretIdBoundCidrsResponse(
+  value: object
+): value is AppRoleReadSecretIdBoundCidrsResponse {
+  return true;
+}
+
+export function AppRoleReadSecretIdBoundCidrsResponseFromJSON(
+  json: any
+): AppRoleReadSecretIdBoundCidrsResponse {
+  return AppRoleReadSecretIdBoundCidrsResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadSecretIdBoundCidrsResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadSecretIdBoundCidrsResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretIdBoundCidrs: json['secret_id_bound_cidrs'] == null ? undefined : json['secret_id_bound_cidrs'],
+  };
+}
+
+export function AppRoleReadSecretIdBoundCidrsResponseToJSON(
+  json: any
+): AppRoleReadSecretIdBoundCidrsResponse {
+  return AppRoleReadSecretIdBoundCidrsResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadSecretIdBoundCidrsResponseToJSONTyped(
+  value?: AppRoleReadSecretIdBoundCidrsResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id_bound_cidrs: value['secretIdBoundCidrs'],
+  };
+}

ui/api-client/src/models/AppRoleReadSecretIdNumUsesResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadSecretIdNumUsesResponse
+ */
+export interface AppRoleReadSecretIdNumUsesResponse {
+  /**
+   * Number of times a secret ID can access the role, after which the SecretID will expire. Defaults to 0 meaning that the secret ID is of unlimited use.
+   * @type {number}
+   * @memberof AppRoleReadSecretIdNumUsesResponse
+   */
+  secretIdNumUses?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadSecretIdNumUsesResponse interface.
+ */
+export function instanceOfAppRoleReadSecretIdNumUsesResponse(
+  value: object
+): value is AppRoleReadSecretIdNumUsesResponse {
+  return true;
+}
+
+export function AppRoleReadSecretIdNumUsesResponseFromJSON(json: any): AppRoleReadSecretIdNumUsesResponse {
+  return AppRoleReadSecretIdNumUsesResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadSecretIdNumUsesResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadSecretIdNumUsesResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretIdNumUses: json['secret_id_num_uses'] == null ? undefined : json['secret_id_num_uses'],
+  };
+}
+
+export function AppRoleReadSecretIdNumUsesResponseToJSON(json: any): AppRoleReadSecretIdNumUsesResponse {
+  return AppRoleReadSecretIdNumUsesResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadSecretIdNumUsesResponseToJSONTyped(
+  value?: AppRoleReadSecretIdNumUsesResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id_num_uses: value['secretIdNumUses'],
+  };
+}

ui/api-client/src/models/AppRoleReadSecretIdTtlResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadSecretIdTtlResponse
+ */
+export interface AppRoleReadSecretIdTtlResponse {
+  /**
+   * Duration in seconds after which the issued secret ID should expire. Defaults to 0, meaning no expiration.
+   * @type {number}
+   * @memberof AppRoleReadSecretIdTtlResponse
+   */
+  secretIdTtl?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadSecretIdTtlResponse interface.
+ */
+export function instanceOfAppRoleReadSecretIdTtlResponse(
+  value: object
+): value is AppRoleReadSecretIdTtlResponse {
+  return true;
+}
+
+export function AppRoleReadSecretIdTtlResponseFromJSON(json: any): AppRoleReadSecretIdTtlResponse {
+  return AppRoleReadSecretIdTtlResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadSecretIdTtlResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadSecretIdTtlResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretIdTtl: json['secret_id_ttl'] == null ? undefined : json['secret_id_ttl'],
+  };
+}
+
+export function AppRoleReadSecretIdTtlResponseToJSON(json: any): AppRoleReadSecretIdTtlResponse {
+  return AppRoleReadSecretIdTtlResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadSecretIdTtlResponseToJSONTyped(
+  value?: AppRoleReadSecretIdTtlResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id_ttl: value['secretIdTtl'],
+  };
+}

ui/api-client/src/models/AppRoleReadTokenBoundCidrsResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadTokenBoundCidrsResponse
+ */
+export interface AppRoleReadTokenBoundCidrsResponse {
+  /**
+   * Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can use the returned token. Should be a subset of the token CIDR blocks listed on the role, if any.
+   * @type {Array<string>}
+   * @memberof AppRoleReadTokenBoundCidrsResponse
+   */
+  tokenBoundCidrs?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadTokenBoundCidrsResponse interface.
+ */
+export function instanceOfAppRoleReadTokenBoundCidrsResponse(
+  value: object
+): value is AppRoleReadTokenBoundCidrsResponse {
+  return true;
+}
+
+export function AppRoleReadTokenBoundCidrsResponseFromJSON(json: any): AppRoleReadTokenBoundCidrsResponse {
+  return AppRoleReadTokenBoundCidrsResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadTokenBoundCidrsResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadTokenBoundCidrsResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+  };
+}
+
+export function AppRoleReadTokenBoundCidrsResponseToJSON(json: any): AppRoleReadTokenBoundCidrsResponse {
+  return AppRoleReadTokenBoundCidrsResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadTokenBoundCidrsResponseToJSONTyped(
+  value?: AppRoleReadTokenBoundCidrsResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    token_bound_cidrs: value['tokenBoundCidrs'],
+  };
+}

ui/api-client/src/models/AppRoleReadTokenMaxTtlResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadTokenMaxTtlResponse
+ */
+export interface AppRoleReadTokenMaxTtlResponse {
+  /**
+   * The maximum lifetime of the generated token
+   * @type {number}
+   * @memberof AppRoleReadTokenMaxTtlResponse
+   */
+  tokenMaxTtl?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadTokenMaxTtlResponse interface.
+ */
+export function instanceOfAppRoleReadTokenMaxTtlResponse(
+  value: object
+): value is AppRoleReadTokenMaxTtlResponse {
+  return true;
+}
+
+export function AppRoleReadTokenMaxTtlResponseFromJSON(json: any): AppRoleReadTokenMaxTtlResponse {
+  return AppRoleReadTokenMaxTtlResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadTokenMaxTtlResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadTokenMaxTtlResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    tokenMaxTtl: json['token_max_ttl'] == null ? undefined : json['token_max_ttl'],
+  };
+}
+
+export function AppRoleReadTokenMaxTtlResponseToJSON(json: any): AppRoleReadTokenMaxTtlResponse {
+  return AppRoleReadTokenMaxTtlResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadTokenMaxTtlResponseToJSONTyped(
+  value?: AppRoleReadTokenMaxTtlResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    token_max_ttl: value['tokenMaxTtl'],
+  };
+}

ui/api-client/src/models/AppRoleReadTokenNumUsesResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadTokenNumUsesResponse
+ */
+export interface AppRoleReadTokenNumUsesResponse {
+  /**
+   * The maximum number of times a token may be used, a value of zero means unlimited
+   * @type {number}
+   * @memberof AppRoleReadTokenNumUsesResponse
+   */
+  tokenNumUses?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadTokenNumUsesResponse interface.
+ */
+export function instanceOfAppRoleReadTokenNumUsesResponse(
+  value: object
+): value is AppRoleReadTokenNumUsesResponse {
+  return true;
+}
+
+export function AppRoleReadTokenNumUsesResponseFromJSON(json: any): AppRoleReadTokenNumUsesResponse {
+  return AppRoleReadTokenNumUsesResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadTokenNumUsesResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadTokenNumUsesResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    tokenNumUses: json['token_num_uses'] == null ? undefined : json['token_num_uses'],
+  };
+}
+
+export function AppRoleReadTokenNumUsesResponseToJSON(json: any): AppRoleReadTokenNumUsesResponse {
+  return AppRoleReadTokenNumUsesResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadTokenNumUsesResponseToJSONTyped(
+  value?: AppRoleReadTokenNumUsesResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    token_num_uses: value['tokenNumUses'],
+  };
+}

ui/api-client/src/models/AppRoleReadTokenTtlResponse.ts

@@ -0,0 +1,68 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleReadTokenTtlResponse
+ */
+export interface AppRoleReadTokenTtlResponse {
+  /**
+   * The initial ttl of the token to generate
+   * @type {number}
+   * @memberof AppRoleReadTokenTtlResponse
+   */
+  tokenTtl?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleReadTokenTtlResponse interface.
+ */
+export function instanceOfAppRoleReadTokenTtlResponse(value: object): value is AppRoleReadTokenTtlResponse {
+  return true;
+}
+
+export function AppRoleReadTokenTtlResponseFromJSON(json: any): AppRoleReadTokenTtlResponse {
+  return AppRoleReadTokenTtlResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleReadTokenTtlResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleReadTokenTtlResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    tokenTtl: json['token_ttl'] == null ? undefined : json['token_ttl'],
+  };
+}
+
+export function AppRoleReadTokenTtlResponseToJSON(json: any): AppRoleReadTokenTtlResponse {
+  return AppRoleReadTokenTtlResponseToJSONTyped(json, false);
+}
+
+export function AppRoleReadTokenTtlResponseToJSONTyped(
+  value?: AppRoleReadTokenTtlResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    token_ttl: value['tokenTtl'],
+  };
+}

ui/api-client/src/models/AppRoleWriteBindSecretIdRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteBindSecretIdRequest
+ */
+export interface AppRoleWriteBindSecretIdRequest {
+  /**
+   * Impose secret_id to be presented when logging in using this role.
+   * @type {boolean}
+   * @memberof AppRoleWriteBindSecretIdRequest
+   */
+  bindSecretId?: boolean;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteBindSecretIdRequest interface.
+ */
+export function instanceOfAppRoleWriteBindSecretIdRequest(
+  value: object
+): value is AppRoleWriteBindSecretIdRequest {
+  return true;
+}
+
+export function AppRoleWriteBindSecretIdRequestFromJSON(json: any): AppRoleWriteBindSecretIdRequest {
+  return AppRoleWriteBindSecretIdRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteBindSecretIdRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteBindSecretIdRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    bindSecretId: json['bind_secret_id'] == null ? undefined : json['bind_secret_id'],
+  };
+}
+
+export function AppRoleWriteBindSecretIdRequestToJSON(json: any): AppRoleWriteBindSecretIdRequest {
+  return AppRoleWriteBindSecretIdRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteBindSecretIdRequestToJSONTyped(
+  value?: AppRoleWriteBindSecretIdRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    bind_secret_id: value['bindSecretId'],
+  };
+}

ui/api-client/src/models/AppRoleWriteBoundCidrListRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteBoundCidrListRequest
+ */
+export interface AppRoleWriteBoundCidrListRequest {
+  /**
+   * Deprecated: Please use "secret_id_bound_cidrs" instead. Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteBoundCidrListRequest
+   */
+  boundCidrList?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteBoundCidrListRequest interface.
+ */
+export function instanceOfAppRoleWriteBoundCidrListRequest(
+  value: object
+): value is AppRoleWriteBoundCidrListRequest {
+  return true;
+}
+
+export function AppRoleWriteBoundCidrListRequestFromJSON(json: any): AppRoleWriteBoundCidrListRequest {
+  return AppRoleWriteBoundCidrListRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteBoundCidrListRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteBoundCidrListRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    boundCidrList: json['bound_cidr_list'] == null ? undefined : json['bound_cidr_list'],
+  };
+}
+
+export function AppRoleWriteBoundCidrListRequestToJSON(json: any): AppRoleWriteBoundCidrListRequest {
+  return AppRoleWriteBoundCidrListRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteBoundCidrListRequestToJSONTyped(
+  value?: AppRoleWriteBoundCidrListRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    bound_cidr_list: value['boundCidrList'],
+  };
+}

ui/api-client/src/models/AppRoleWriteCustomSecretIdRequest.ts

@@ -0,0 +1,110 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteCustomSecretIdRequest
+ */
+export interface AppRoleWriteCustomSecretIdRequest {
+  /**
+   * Comma separated string or list of CIDR blocks enforcing secret IDs to be used from specific set of IP addresses. If 'bound_cidr_list' is set on the role, then the list of CIDR blocks listed here should be a subset of the CIDR blocks listed on the role.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteCustomSecretIdRequest
+   */
+  cidrList?: Array<string>;
+  /**
+   * Metadata to be tied to the SecretID. This should be a JSON formatted string containing metadata in key value pairs.
+   * @type {string}
+   * @memberof AppRoleWriteCustomSecretIdRequest
+   */
+  metadata?: string;
+  /**
+   * Number of times this SecretID can be used, after which the SecretID expires. Overrides secret_id_num_uses role option when supplied. May not be higher than role's secret_id_num_uses.
+   * @type {number}
+   * @memberof AppRoleWriteCustomSecretIdRequest
+   */
+  numUses?: number;
+  /**
+   * SecretID to be attached to the role.
+   * @type {string}
+   * @memberof AppRoleWriteCustomSecretIdRequest
+   */
+  secretId?: string;
+  /**
+   * Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can use the returned token. Should be a subset of the token CIDR blocks listed on the role, if any.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteCustomSecretIdRequest
+   */
+  tokenBoundCidrs?: Array<string>;
+  /**
+   * Duration in seconds after which this SecretID expires. Overrides secret_id_ttl role option when supplied. May not be longer than role's secret_id_ttl.
+   * @type {string}
+   * @memberof AppRoleWriteCustomSecretIdRequest
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteCustomSecretIdRequest interface.
+ */
+export function instanceOfAppRoleWriteCustomSecretIdRequest(
+  value: object
+): value is AppRoleWriteCustomSecretIdRequest {
+  return true;
+}
+
+export function AppRoleWriteCustomSecretIdRequestFromJSON(json: any): AppRoleWriteCustomSecretIdRequest {
+  return AppRoleWriteCustomSecretIdRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteCustomSecretIdRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteCustomSecretIdRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    cidrList: json['cidr_list'] == null ? undefined : json['cidr_list'],
+    metadata: json['metadata'] == null ? undefined : json['metadata'],
+    numUses: json['num_uses'] == null ? undefined : json['num_uses'],
+    secretId: json['secret_id'] == null ? undefined : json['secret_id'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AppRoleWriteCustomSecretIdRequestToJSON(json: any): AppRoleWriteCustomSecretIdRequest {
+  return AppRoleWriteCustomSecretIdRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteCustomSecretIdRequestToJSONTyped(
+  value?: AppRoleWriteCustomSecretIdRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    cidr_list: value['cidrList'],
+    metadata: value['metadata'],
+    num_uses: value['numUses'],
+    secret_id: value['secretId'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/AppRoleWriteCustomSecretIdResponse.ts

@@ -0,0 +1,94 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteCustomSecretIdResponse
+ */
+export interface AppRoleWriteCustomSecretIdResponse {
+  /**
+   * Secret ID attached to the role.
+   * @type {string}
+   * @memberof AppRoleWriteCustomSecretIdResponse
+   */
+  secretId?: string;
+  /**
+   * Accessor of the secret ID
+   * @type {string}
+   * @memberof AppRoleWriteCustomSecretIdResponse
+   */
+  secretIdAccessor?: string;
+  /**
+   * Number of times a secret ID can access the role, after which the secret ID will expire.
+   * @type {number}
+   * @memberof AppRoleWriteCustomSecretIdResponse
+   */
+  secretIdNumUses?: number;
+  /**
+   * Duration in seconds after which the issued secret ID expires.
+   * @type {number}
+   * @memberof AppRoleWriteCustomSecretIdResponse
+   */
+  secretIdTtl?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteCustomSecretIdResponse interface.
+ */
+export function instanceOfAppRoleWriteCustomSecretIdResponse(
+  value: object
+): value is AppRoleWriteCustomSecretIdResponse {
+  return true;
+}
+
+export function AppRoleWriteCustomSecretIdResponseFromJSON(json: any): AppRoleWriteCustomSecretIdResponse {
+  return AppRoleWriteCustomSecretIdResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteCustomSecretIdResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteCustomSecretIdResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretId: json['secret_id'] == null ? undefined : json['secret_id'],
+    secretIdAccessor: json['secret_id_accessor'] == null ? undefined : json['secret_id_accessor'],
+    secretIdNumUses: json['secret_id_num_uses'] == null ? undefined : json['secret_id_num_uses'],
+    secretIdTtl: json['secret_id_ttl'] == null ? undefined : json['secret_id_ttl'],
+  };
+}
+
+export function AppRoleWriteCustomSecretIdResponseToJSON(json: any): AppRoleWriteCustomSecretIdResponse {
+  return AppRoleWriteCustomSecretIdResponseToJSONTyped(json, false);
+}
+
+export function AppRoleWriteCustomSecretIdResponseToJSONTyped(
+  value?: AppRoleWriteCustomSecretIdResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id: value['secretId'],
+    secret_id_accessor: value['secretIdAccessor'],
+    secret_id_num_uses: value['secretIdNumUses'],
+    secret_id_ttl: value['secretIdTtl'],
+  };
+}

ui/api-client/src/models/AppRoleWritePeriodRequest.ts

@@ -0,0 +1,77 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWritePeriodRequest
+ */
+export interface AppRoleWritePeriodRequest {
+  /**
+   * Use "token_period" instead. If this and "token_period" are both specified, only "token_period" will be used.
+   * @type {string}
+   * @memberof AppRoleWritePeriodRequest
+   * @deprecated
+   */
+  period?: string;
+  /**
+   * If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. "24h").
+   * @type {string}
+   * @memberof AppRoleWritePeriodRequest
+   */
+  tokenPeriod?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleWritePeriodRequest interface.
+ */
+export function instanceOfAppRoleWritePeriodRequest(value: object): value is AppRoleWritePeriodRequest {
+  return true;
+}
+
+export function AppRoleWritePeriodRequestFromJSON(json: any): AppRoleWritePeriodRequest {
+  return AppRoleWritePeriodRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWritePeriodRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWritePeriodRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    period: json['period'] == null ? undefined : json['period'],
+    tokenPeriod: json['token_period'] == null ? undefined : json['token_period'],
+  };
+}
+
+export function AppRoleWritePeriodRequestToJSON(json: any): AppRoleWritePeriodRequest {
+  return AppRoleWritePeriodRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWritePeriodRequestToJSONTyped(
+  value?: AppRoleWritePeriodRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    period: value['period'],
+    token_period: value['tokenPeriod'],
+  };
+}

ui/api-client/src/models/AppRoleWritePoliciesRequest.ts

@@ -0,0 +1,77 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWritePoliciesRequest
+ */
+export interface AppRoleWritePoliciesRequest {
+  /**
+   * Use "token_policies" instead. If this and "token_policies" are both specified, only "token_policies" will be used.
+   * @type {Array<string>}
+   * @memberof AppRoleWritePoliciesRequest
+   * @deprecated
+   */
+  policies?: Array<string>;
+  /**
+   * Comma-separated list of policies
+   * @type {Array<string>}
+   * @memberof AppRoleWritePoliciesRequest
+   */
+  tokenPolicies?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleWritePoliciesRequest interface.
+ */
+export function instanceOfAppRoleWritePoliciesRequest(value: object): value is AppRoleWritePoliciesRequest {
+  return true;
+}
+
+export function AppRoleWritePoliciesRequestFromJSON(json: any): AppRoleWritePoliciesRequest {
+  return AppRoleWritePoliciesRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWritePoliciesRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWritePoliciesRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    policies: json['policies'] == null ? undefined : json['policies'],
+    tokenPolicies: json['token_policies'] == null ? undefined : json['token_policies'],
+  };
+}
+
+export function AppRoleWritePoliciesRequestToJSON(json: any): AppRoleWritePoliciesRequest {
+  return AppRoleWritePoliciesRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWritePoliciesRequestToJSONTyped(
+  value?: AppRoleWritePoliciesRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    policies: value['policies'],
+    token_policies: value['tokenPolicies'],
+  };
+}

ui/api-client/src/models/AppRoleWriteRoleIdRequest.ts

@@ -0,0 +1,68 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteRoleIdRequest
+ */
+export interface AppRoleWriteRoleIdRequest {
+  /**
+   * Identifier of the role. Defaults to a UUID.
+   * @type {string}
+   * @memberof AppRoleWriteRoleIdRequest
+   */
+  roleId?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteRoleIdRequest interface.
+ */
+export function instanceOfAppRoleWriteRoleIdRequest(value: object): value is AppRoleWriteRoleIdRequest {
+  return true;
+}
+
+export function AppRoleWriteRoleIdRequestFromJSON(json: any): AppRoleWriteRoleIdRequest {
+  return AppRoleWriteRoleIdRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteRoleIdRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteRoleIdRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    roleId: json['role_id'] == null ? undefined : json['role_id'],
+  };
+}
+
+export function AppRoleWriteRoleIdRequestToJSON(json: any): AppRoleWriteRoleIdRequest {
+  return AppRoleWriteRoleIdRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteRoleIdRequestToJSONTyped(
+  value?: AppRoleWriteRoleIdRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    role_id: value['roleId'],
+  };
+}

ui/api-client/src/models/AppRoleWriteRoleRequest.ts

@@ -0,0 +1,208 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteRoleRequest
+ */
+export interface AppRoleWriteRoleRequest {
+  /**
+   * Impose secret_id to be presented when logging in using this role. Defaults to 'true'.
+   * @type {boolean}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  bindSecretId?: boolean;
+  /**
+   * Use "secret_id_bound_cidrs" instead.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteRoleRequest
+   * @deprecated
+   */
+  boundCidrList?: Array<string>;
+  /**
+   * If set, the secret IDs generated using this role will be cluster local. This can only be set during role creation and once set, it can't be reset later.
+   * @type {boolean}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  localSecretIds?: boolean;
+  /**
+   * Use "token_period" instead. If this and "token_period" are both specified, only "token_period" will be used.
+   * @type {string}
+   * @memberof AppRoleWriteRoleRequest
+   * @deprecated
+   */
+  period?: string;
+  /**
+   * Use "token_policies" instead. If this and "token_policies" are both specified, only "token_policies" will be used.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteRoleRequest
+   * @deprecated
+   */
+  policies?: Array<string>;
+  /**
+   * Identifier of the role. Defaults to a UUID.
+   * @type {string}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  roleId?: string;
+  /**
+   * Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  secretIdBoundCidrs?: Array<string>;
+  /**
+   * Number of times a SecretID can access the role, after which the SecretID will expire. Defaults to 0 meaning that the the secret_id is of unlimited use.
+   * @type {number}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  secretIdNumUses?: number;
+  /**
+   * Duration in seconds after which the issued SecretID should expire. Defaults to 0, meaning no expiration.
+   * @type {string}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  secretIdTtl?: string;
+  /**
+   * Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenBoundCidrs?: Array<string>;
+  /**
+   * If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
+   * @type {string}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenExplicitMaxTtl?: string;
+  /**
+   * The maximum lifetime of the generated token
+   * @type {string}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenMaxTtl?: string;
+  /**
+   * If true, the 'default' policy will not automatically be added to generated tokens
+   * @type {boolean}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenNoDefaultPolicy?: boolean;
+  /**
+   * The maximum number of times a token may be used, a value of zero means unlimited
+   * @type {number}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenNumUses?: number;
+  /**
+   * If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. "24h").
+   * @type {string}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenPeriod?: string;
+  /**
+   * Comma-separated list of policies
+   * @type {Array<string>}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenPolicies?: Array<string>;
+  /**
+   * The initial ttl of the token to generate
+   * @type {string}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenTtl?: string;
+  /**
+   * The type of token to generate, service or batch
+   * @type {string}
+   * @memberof AppRoleWriteRoleRequest
+   */
+  tokenType?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteRoleRequest interface.
+ */
+export function instanceOfAppRoleWriteRoleRequest(value: object): value is AppRoleWriteRoleRequest {
+  return true;
+}
+
+export function AppRoleWriteRoleRequestFromJSON(json: any): AppRoleWriteRoleRequest {
+  return AppRoleWriteRoleRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteRoleRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteRoleRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    bindSecretId: json['bind_secret_id'] == null ? undefined : json['bind_secret_id'],
+    boundCidrList: json['bound_cidr_list'] == null ? undefined : json['bound_cidr_list'],
+    localSecretIds: json['local_secret_ids'] == null ? undefined : json['local_secret_ids'],
+    period: json['period'] == null ? undefined : json['period'],
+    policies: json['policies'] == null ? undefined : json['policies'],
+    roleId: json['role_id'] == null ? undefined : json['role_id'],
+    secretIdBoundCidrs: json['secret_id_bound_cidrs'] == null ? undefined : json['secret_id_bound_cidrs'],
+    secretIdNumUses: json['secret_id_num_uses'] == null ? undefined : json['secret_id_num_uses'],
+    secretIdTtl: json['secret_id_ttl'] == null ? undefined : json['secret_id_ttl'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+    tokenExplicitMaxTtl: json['token_explicit_max_ttl'] == null ? undefined : json['token_explicit_max_ttl'],
+    tokenMaxTtl: json['token_max_ttl'] == null ? undefined : json['token_max_ttl'],
+    tokenNoDefaultPolicy:
+      json['token_no_default_policy'] == null ? undefined : json['token_no_default_policy'],
+    tokenNumUses: json['token_num_uses'] == null ? undefined : json['token_num_uses'],
+    tokenPeriod: json['token_period'] == null ? undefined : json['token_period'],
+    tokenPolicies: json['token_policies'] == null ? undefined : json['token_policies'],
+    tokenTtl: json['token_ttl'] == null ? undefined : json['token_ttl'],
+    tokenType: json['token_type'] == null ? undefined : json['token_type'],
+  };
+}
+
+export function AppRoleWriteRoleRequestToJSON(json: any): AppRoleWriteRoleRequest {
+  return AppRoleWriteRoleRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteRoleRequestToJSONTyped(
+  value?: AppRoleWriteRoleRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    bind_secret_id: value['bindSecretId'],
+    bound_cidr_list: value['boundCidrList'],
+    local_secret_ids: value['localSecretIds'],
+    period: value['period'],
+    policies: value['policies'],
+    role_id: value['roleId'],
+    secret_id_bound_cidrs: value['secretIdBoundCidrs'],
+    secret_id_num_uses: value['secretIdNumUses'],
+    secret_id_ttl: value['secretIdTtl'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+    token_explicit_max_ttl: value['tokenExplicitMaxTtl'],
+    token_max_ttl: value['tokenMaxTtl'],
+    token_no_default_policy: value['tokenNoDefaultPolicy'],
+    token_num_uses: value['tokenNumUses'],
+    token_period: value['tokenPeriod'],
+    token_policies: value['tokenPolicies'],
+    token_ttl: value['tokenTtl'],
+    token_type: value['tokenType'],
+  };
+}

ui/api-client/src/models/AppRoleWriteSecretIdBoundCidrsRequest.ts

@@ -0,0 +1,74 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteSecretIdBoundCidrsRequest
+ */
+export interface AppRoleWriteSecretIdBoundCidrsRequest {
+  /**
+   * Comma separated string or list of CIDR blocks. If set, specifies the blocks of IP addresses which can perform the login operation.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteSecretIdBoundCidrsRequest
+   */
+  secretIdBoundCidrs?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteSecretIdBoundCidrsRequest interface.
+ */
+export function instanceOfAppRoleWriteSecretIdBoundCidrsRequest(
+  value: object
+): value is AppRoleWriteSecretIdBoundCidrsRequest {
+  return true;
+}
+
+export function AppRoleWriteSecretIdBoundCidrsRequestFromJSON(
+  json: any
+): AppRoleWriteSecretIdBoundCidrsRequest {
+  return AppRoleWriteSecretIdBoundCidrsRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdBoundCidrsRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteSecretIdBoundCidrsRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretIdBoundCidrs: json['secret_id_bound_cidrs'] == null ? undefined : json['secret_id_bound_cidrs'],
+  };
+}
+
+export function AppRoleWriteSecretIdBoundCidrsRequestToJSON(
+  json: any
+): AppRoleWriteSecretIdBoundCidrsRequest {
+  return AppRoleWriteSecretIdBoundCidrsRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdBoundCidrsRequestToJSONTyped(
+  value?: AppRoleWriteSecretIdBoundCidrsRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id_bound_cidrs: value['secretIdBoundCidrs'],
+  };
+}

ui/api-client/src/models/AppRoleWriteSecretIdNumUsesRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteSecretIdNumUsesRequest
+ */
+export interface AppRoleWriteSecretIdNumUsesRequest {
+  /**
+   * Number of times a SecretID can access the role, after which the SecretID will expire.
+   * @type {number}
+   * @memberof AppRoleWriteSecretIdNumUsesRequest
+   */
+  secretIdNumUses?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteSecretIdNumUsesRequest interface.
+ */
+export function instanceOfAppRoleWriteSecretIdNumUsesRequest(
+  value: object
+): value is AppRoleWriteSecretIdNumUsesRequest {
+  return true;
+}
+
+export function AppRoleWriteSecretIdNumUsesRequestFromJSON(json: any): AppRoleWriteSecretIdNumUsesRequest {
+  return AppRoleWriteSecretIdNumUsesRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdNumUsesRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteSecretIdNumUsesRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretIdNumUses: json['secret_id_num_uses'] == null ? undefined : json['secret_id_num_uses'],
+  };
+}
+
+export function AppRoleWriteSecretIdNumUsesRequestToJSON(json: any): AppRoleWriteSecretIdNumUsesRequest {
+  return AppRoleWriteSecretIdNumUsesRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdNumUsesRequestToJSONTyped(
+  value?: AppRoleWriteSecretIdNumUsesRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id_num_uses: value['secretIdNumUses'],
+  };
+}

ui/api-client/src/models/AppRoleWriteSecretIdRequest.ts

@@ -0,0 +1,100 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteSecretIdRequest
+ */
+export interface AppRoleWriteSecretIdRequest {
+  /**
+   * Comma separated string or list of CIDR blocks enforcing secret IDs to be used from specific set of IP addresses. If 'bound_cidr_list' is set on the role, then the list of CIDR blocks listed here should be a subset of the CIDR blocks listed on the role.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteSecretIdRequest
+   */
+  cidrList?: Array<string>;
+  /**
+   * Metadata to be tied to the SecretID. This should be a JSON formatted string containing the metadata in key value pairs.
+   * @type {string}
+   * @memberof AppRoleWriteSecretIdRequest
+   */
+  metadata?: string;
+  /**
+   * Number of times this SecretID can be used, after which the SecretID expires. Overrides secret_id_num_uses role option when supplied. May not be higher than role's secret_id_num_uses.
+   * @type {number}
+   * @memberof AppRoleWriteSecretIdRequest
+   */
+  numUses?: number;
+  /**
+   * Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteSecretIdRequest
+   */
+  tokenBoundCidrs?: Array<string>;
+  /**
+   * Duration in seconds after which this SecretID expires. Overrides secret_id_ttl role option when supplied. May not be longer than role's secret_id_ttl.
+   * @type {string}
+   * @memberof AppRoleWriteSecretIdRequest
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteSecretIdRequest interface.
+ */
+export function instanceOfAppRoleWriteSecretIdRequest(value: object): value is AppRoleWriteSecretIdRequest {
+  return true;
+}
+
+export function AppRoleWriteSecretIdRequestFromJSON(json: any): AppRoleWriteSecretIdRequest {
+  return AppRoleWriteSecretIdRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteSecretIdRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    cidrList: json['cidr_list'] == null ? undefined : json['cidr_list'],
+    metadata: json['metadata'] == null ? undefined : json['metadata'],
+    numUses: json['num_uses'] == null ? undefined : json['num_uses'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AppRoleWriteSecretIdRequestToJSON(json: any): AppRoleWriteSecretIdRequest {
+  return AppRoleWriteSecretIdRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdRequestToJSONTyped(
+  value?: AppRoleWriteSecretIdRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    cidr_list: value['cidrList'],
+    metadata: value['metadata'],
+    num_uses: value['numUses'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/AppRoleWriteSecretIdResponse.ts

@@ -0,0 +1,92 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteSecretIdResponse
+ */
+export interface AppRoleWriteSecretIdResponse {
+  /**
+   * Secret ID attached to the role.
+   * @type {string}
+   * @memberof AppRoleWriteSecretIdResponse
+   */
+  secretId?: string;
+  /**
+   * Accessor of the secret ID
+   * @type {string}
+   * @memberof AppRoleWriteSecretIdResponse
+   */
+  secretIdAccessor?: string;
+  /**
+   * Number of times a secret ID can access the role, after which the secret ID will expire.
+   * @type {number}
+   * @memberof AppRoleWriteSecretIdResponse
+   */
+  secretIdNumUses?: number;
+  /**
+   * Duration in seconds after which the issued secret ID expires.
+   * @type {number}
+   * @memberof AppRoleWriteSecretIdResponse
+   */
+  secretIdTtl?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteSecretIdResponse interface.
+ */
+export function instanceOfAppRoleWriteSecretIdResponse(value: object): value is AppRoleWriteSecretIdResponse {
+  return true;
+}
+
+export function AppRoleWriteSecretIdResponseFromJSON(json: any): AppRoleWriteSecretIdResponse {
+  return AppRoleWriteSecretIdResponseFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteSecretIdResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretId: json['secret_id'] == null ? undefined : json['secret_id'],
+    secretIdAccessor: json['secret_id_accessor'] == null ? undefined : json['secret_id_accessor'],
+    secretIdNumUses: json['secret_id_num_uses'] == null ? undefined : json['secret_id_num_uses'],
+    secretIdTtl: json['secret_id_ttl'] == null ? undefined : json['secret_id_ttl'],
+  };
+}
+
+export function AppRoleWriteSecretIdResponseToJSON(json: any): AppRoleWriteSecretIdResponse {
+  return AppRoleWriteSecretIdResponseToJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdResponseToJSONTyped(
+  value?: AppRoleWriteSecretIdResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id: value['secretId'],
+    secret_id_accessor: value['secretIdAccessor'],
+    secret_id_num_uses: value['secretIdNumUses'],
+    secret_id_ttl: value['secretIdTtl'],
+  };
+}

ui/api-client/src/models/AppRoleWriteSecretIdTtlRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteSecretIdTtlRequest
+ */
+export interface AppRoleWriteSecretIdTtlRequest {
+  /**
+   * Duration in seconds after which the issued SecretID should expire. Defaults to 0, meaning no expiration.
+   * @type {string}
+   * @memberof AppRoleWriteSecretIdTtlRequest
+   */
+  secretIdTtl?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteSecretIdTtlRequest interface.
+ */
+export function instanceOfAppRoleWriteSecretIdTtlRequest(
+  value: object
+): value is AppRoleWriteSecretIdTtlRequest {
+  return true;
+}
+
+export function AppRoleWriteSecretIdTtlRequestFromJSON(json: any): AppRoleWriteSecretIdTtlRequest {
+  return AppRoleWriteSecretIdTtlRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdTtlRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteSecretIdTtlRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    secretIdTtl: json['secret_id_ttl'] == null ? undefined : json['secret_id_ttl'],
+  };
+}
+
+export function AppRoleWriteSecretIdTtlRequestToJSON(json: any): AppRoleWriteSecretIdTtlRequest {
+  return AppRoleWriteSecretIdTtlRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteSecretIdTtlRequestToJSONTyped(
+  value?: AppRoleWriteSecretIdTtlRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    secret_id_ttl: value['secretIdTtl'],
+  };
+}

ui/api-client/src/models/AppRoleWriteTokenBoundCidrsRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteTokenBoundCidrsRequest
+ */
+export interface AppRoleWriteTokenBoundCidrsRequest {
+  /**
+   * Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
+   * @type {Array<string>}
+   * @memberof AppRoleWriteTokenBoundCidrsRequest
+   */
+  tokenBoundCidrs?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteTokenBoundCidrsRequest interface.
+ */
+export function instanceOfAppRoleWriteTokenBoundCidrsRequest(
+  value: object
+): value is AppRoleWriteTokenBoundCidrsRequest {
+  return true;
+}
+
+export function AppRoleWriteTokenBoundCidrsRequestFromJSON(json: any): AppRoleWriteTokenBoundCidrsRequest {
+  return AppRoleWriteTokenBoundCidrsRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteTokenBoundCidrsRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteTokenBoundCidrsRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+  };
+}
+
+export function AppRoleWriteTokenBoundCidrsRequestToJSON(json: any): AppRoleWriteTokenBoundCidrsRequest {
+  return AppRoleWriteTokenBoundCidrsRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteTokenBoundCidrsRequestToJSONTyped(
+  value?: AppRoleWriteTokenBoundCidrsRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    token_bound_cidrs: value['tokenBoundCidrs'],
+  };
+}

ui/api-client/src/models/AppRoleWriteTokenMaxTtlRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteTokenMaxTtlRequest
+ */
+export interface AppRoleWriteTokenMaxTtlRequest {
+  /**
+   * The maximum lifetime of the generated token
+   * @type {string}
+   * @memberof AppRoleWriteTokenMaxTtlRequest
+   */
+  tokenMaxTtl?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteTokenMaxTtlRequest interface.
+ */
+export function instanceOfAppRoleWriteTokenMaxTtlRequest(
+  value: object
+): value is AppRoleWriteTokenMaxTtlRequest {
+  return true;
+}
+
+export function AppRoleWriteTokenMaxTtlRequestFromJSON(json: any): AppRoleWriteTokenMaxTtlRequest {
+  return AppRoleWriteTokenMaxTtlRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteTokenMaxTtlRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteTokenMaxTtlRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    tokenMaxTtl: json['token_max_ttl'] == null ? undefined : json['token_max_ttl'],
+  };
+}
+
+export function AppRoleWriteTokenMaxTtlRequestToJSON(json: any): AppRoleWriteTokenMaxTtlRequest {
+  return AppRoleWriteTokenMaxTtlRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteTokenMaxTtlRequestToJSONTyped(
+  value?: AppRoleWriteTokenMaxTtlRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    token_max_ttl: value['tokenMaxTtl'],
+  };
+}

ui/api-client/src/models/AppRoleWriteTokenNumUsesRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteTokenNumUsesRequest
+ */
+export interface AppRoleWriteTokenNumUsesRequest {
+  /**
+   * The maximum number of times a token may be used, a value of zero means unlimited
+   * @type {number}
+   * @memberof AppRoleWriteTokenNumUsesRequest
+   */
+  tokenNumUses?: number;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteTokenNumUsesRequest interface.
+ */
+export function instanceOfAppRoleWriteTokenNumUsesRequest(
+  value: object
+): value is AppRoleWriteTokenNumUsesRequest {
+  return true;
+}
+
+export function AppRoleWriteTokenNumUsesRequestFromJSON(json: any): AppRoleWriteTokenNumUsesRequest {
+  return AppRoleWriteTokenNumUsesRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteTokenNumUsesRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteTokenNumUsesRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    tokenNumUses: json['token_num_uses'] == null ? undefined : json['token_num_uses'],
+  };
+}
+
+export function AppRoleWriteTokenNumUsesRequestToJSON(json: any): AppRoleWriteTokenNumUsesRequest {
+  return AppRoleWriteTokenNumUsesRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteTokenNumUsesRequestToJSONTyped(
+  value?: AppRoleWriteTokenNumUsesRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    token_num_uses: value['tokenNumUses'],
+  };
+}

ui/api-client/src/models/AppRoleWriteTokenTtlRequest.ts

@@ -0,0 +1,68 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AppRoleWriteTokenTtlRequest
+ */
+export interface AppRoleWriteTokenTtlRequest {
+  /**
+   * The initial ttl of the token to generate
+   * @type {string}
+   * @memberof AppRoleWriteTokenTtlRequest
+   */
+  tokenTtl?: string;
+}
+
+/**
+ * Check if a given object implements the AppRoleWriteTokenTtlRequest interface.
+ */
+export function instanceOfAppRoleWriteTokenTtlRequest(value: object): value is AppRoleWriteTokenTtlRequest {
+  return true;
+}
+
+export function AppRoleWriteTokenTtlRequestFromJSON(json: any): AppRoleWriteTokenTtlRequest {
+  return AppRoleWriteTokenTtlRequestFromJSONTyped(json, false);
+}
+
+export function AppRoleWriteTokenTtlRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AppRoleWriteTokenTtlRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    tokenTtl: json['token_ttl'] == null ? undefined : json['token_ttl'],
+  };
+}
+
+export function AppRoleWriteTokenTtlRequestToJSON(json: any): AppRoleWriteTokenTtlRequest {
+  return AppRoleWriteTokenTtlRequestToJSONTyped(json, false);
+}
+
+export function AppRoleWriteTokenTtlRequestToJSONTyped(
+  value?: AppRoleWriteTokenTtlRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    token_ttl: value['tokenTtl'],
+  };
+}

ui/api-client/src/models/AuditingCalculateHashRequest.ts

@@ -0,0 +1,68 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuditingCalculateHashRequest
+ */
+export interface AuditingCalculateHashRequest {
+  /**
+   *
+   * @type {string}
+   * @memberof AuditingCalculateHashRequest
+   */
+  input?: string;
+}
+
+/**
+ * Check if a given object implements the AuditingCalculateHashRequest interface.
+ */
+export function instanceOfAuditingCalculateHashRequest(value: object): value is AuditingCalculateHashRequest {
+  return true;
+}
+
+export function AuditingCalculateHashRequestFromJSON(json: any): AuditingCalculateHashRequest {
+  return AuditingCalculateHashRequestFromJSONTyped(json, false);
+}
+
+export function AuditingCalculateHashRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuditingCalculateHashRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    input: json['input'] == null ? undefined : json['input'],
+  };
+}
+
+export function AuditingCalculateHashRequestToJSON(json: any): AuditingCalculateHashRequest {
+  return AuditingCalculateHashRequestToJSONTyped(json, false);
+}
+
+export function AuditingCalculateHashRequestToJSONTyped(
+  value?: AuditingCalculateHashRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    input: value['input'],
+  };
+}

ui/api-client/src/models/AuditingCalculateHashResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuditingCalculateHashResponse
+ */
+export interface AuditingCalculateHashResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof AuditingCalculateHashResponse
+   */
+  hash?: string;
+}
+
+/**
+ * Check if a given object implements the AuditingCalculateHashResponse interface.
+ */
+export function instanceOfAuditingCalculateHashResponse(
+  value: object
+): value is AuditingCalculateHashResponse {
+  return true;
+}
+
+export function AuditingCalculateHashResponseFromJSON(json: any): AuditingCalculateHashResponse {
+  return AuditingCalculateHashResponseFromJSONTyped(json, false);
+}
+
+export function AuditingCalculateHashResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuditingCalculateHashResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    hash: json['hash'] == null ? undefined : json['hash'],
+  };
+}
+
+export function AuditingCalculateHashResponseToJSON(json: any): AuditingCalculateHashResponse {
+  return AuditingCalculateHashResponseToJSONTyped(json, false);
+}
+
+export function AuditingCalculateHashResponseToJSONTyped(
+  value?: AuditingCalculateHashResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    hash: value['hash'],
+  };
+}

ui/api-client/src/models/AuditingEnableDeviceRequest.ts

@@ -0,0 +1,92 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuditingEnableDeviceRequest
+ */
+export interface AuditingEnableDeviceRequest {
+  /**
+   * User-friendly description for this audit backend.
+   * @type {string}
+   * @memberof AuditingEnableDeviceRequest
+   */
+  description?: string;
+  /**
+   * Mark the mount as a local mount, which is not replicated and is unaffected by replication.
+   * @type {boolean}
+   * @memberof AuditingEnableDeviceRequest
+   */
+  local?: boolean;
+  /**
+   * Configuration options for the audit backend.
+   * @type {object}
+   * @memberof AuditingEnableDeviceRequest
+   */
+  options?: object;
+  /**
+   * The type of the backend. Example: "mysql"
+   * @type {string}
+   * @memberof AuditingEnableDeviceRequest
+   */
+  type?: string;
+}
+
+/**
+ * Check if a given object implements the AuditingEnableDeviceRequest interface.
+ */
+export function instanceOfAuditingEnableDeviceRequest(value: object): value is AuditingEnableDeviceRequest {
+  return true;
+}
+
+export function AuditingEnableDeviceRequestFromJSON(json: any): AuditingEnableDeviceRequest {
+  return AuditingEnableDeviceRequestFromJSONTyped(json, false);
+}
+
+export function AuditingEnableDeviceRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuditingEnableDeviceRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    description: json['description'] == null ? undefined : json['description'],
+    local: json['local'] == null ? undefined : json['local'],
+    options: json['options'] == null ? undefined : json['options'],
+    type: json['type'] == null ? undefined : json['type'],
+  };
+}
+
+export function AuditingEnableDeviceRequestToJSON(json: any): AuditingEnableDeviceRequest {
+  return AuditingEnableDeviceRequestToJSONTyped(json, false);
+}
+
+export function AuditingEnableDeviceRequestToJSONTyped(
+  value?: AuditingEnableDeviceRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    description: value['description'],
+    local: value['local'],
+    options: value['options'],
+    type: value['type'],
+  };
+}

ui/api-client/src/models/AuditingEnableRequestHeaderRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuditingEnableRequestHeaderRequest
+ */
+export interface AuditingEnableRequestHeaderRequest {
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuditingEnableRequestHeaderRequest
+   */
+  hmac?: boolean;
+}
+
+/**
+ * Check if a given object implements the AuditingEnableRequestHeaderRequest interface.
+ */
+export function instanceOfAuditingEnableRequestHeaderRequest(
+  value: object
+): value is AuditingEnableRequestHeaderRequest {
+  return true;
+}
+
+export function AuditingEnableRequestHeaderRequestFromJSON(json: any): AuditingEnableRequestHeaderRequest {
+  return AuditingEnableRequestHeaderRequestFromJSONTyped(json, false);
+}
+
+export function AuditingEnableRequestHeaderRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuditingEnableRequestHeaderRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    hmac: json['hmac'] == null ? undefined : json['hmac'],
+  };
+}
+
+export function AuditingEnableRequestHeaderRequestToJSON(json: any): AuditingEnableRequestHeaderRequest {
+  return AuditingEnableRequestHeaderRequestToJSONTyped(json, false);
+}
+
+export function AuditingEnableRequestHeaderRequestToJSONTyped(
+  value?: AuditingEnableRequestHeaderRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    hmac: value['hmac'],
+  };
+}

ui/api-client/src/models/AuditingListRequestHeadersResponse.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuditingListRequestHeadersResponse
+ */
+export interface AuditingListRequestHeadersResponse {
+  /**
+   *
+   * @type {object}
+   * @memberof AuditingListRequestHeadersResponse
+   */
+  headers?: object;
+}
+
+/**
+ * Check if a given object implements the AuditingListRequestHeadersResponse interface.
+ */
+export function instanceOfAuditingListRequestHeadersResponse(
+  value: object
+): value is AuditingListRequestHeadersResponse {
+  return true;
+}
+
+export function AuditingListRequestHeadersResponseFromJSON(json: any): AuditingListRequestHeadersResponse {
+  return AuditingListRequestHeadersResponseFromJSONTyped(json, false);
+}
+
+export function AuditingListRequestHeadersResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuditingListRequestHeadersResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    headers: json['headers'] == null ? undefined : json['headers'],
+  };
+}
+
+export function AuditingListRequestHeadersResponseToJSON(json: any): AuditingListRequestHeadersResponse {
+  return AuditingListRequestHeadersResponseToJSONTyped(json, false);
+}
+
+export function AuditingListRequestHeadersResponseToJSONTyped(
+  value?: AuditingListRequestHeadersResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    headers: value['headers'],
+  };
+}

ui/api-client/src/models/AuthEnableMethodRequest.ts

@@ -0,0 +1,133 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuthEnableMethodRequest
+ */
+export interface AuthEnableMethodRequest {
+  /**
+   * Configuration for this mount, such as plugin_name.
+   * @type {object}
+   * @memberof AuthEnableMethodRequest
+   */
+  config?: object;
+  /**
+   * User-friendly description for this credential backend.
+   * @type {string}
+   * @memberof AuthEnableMethodRequest
+   */
+  description?: string;
+  /**
+   * Whether to give the mount access to Vault's external entropy.
+   * @type {boolean}
+   * @memberof AuthEnableMethodRequest
+   */
+  externalEntropyAccess?: boolean;
+  /**
+   * Mark the mount as a local mount, which is not replicated and is unaffected by replication.
+   * @type {boolean}
+   * @memberof AuthEnableMethodRequest
+   */
+  local?: boolean;
+  /**
+   * The options to pass into the backend. Should be a json object with string keys and values.
+   * @type {object}
+   * @memberof AuthEnableMethodRequest
+   */
+  options?: object;
+  /**
+   * Name of the auth plugin to use based from the name in the plugin catalog.
+   * @type {string}
+   * @memberof AuthEnableMethodRequest
+   */
+  pluginName?: string;
+  /**
+   * The semantic version of the plugin to use, or image tag if oci_image is provided.
+   * @type {string}
+   * @memberof AuthEnableMethodRequest
+   */
+  pluginVersion?: string;
+  /**
+   * Whether to turn on seal wrapping for the mount.
+   * @type {boolean}
+   * @memberof AuthEnableMethodRequest
+   */
+  sealWrap?: boolean;
+  /**
+   * The type of the backend. Example: "userpass"
+   * @type {string}
+   * @memberof AuthEnableMethodRequest
+   */
+  type?: string;
+}
+
+/**
+ * Check if a given object implements the AuthEnableMethodRequest interface.
+ */
+export function instanceOfAuthEnableMethodRequest(value: object): value is AuthEnableMethodRequest {
+  return true;
+}
+
+export function AuthEnableMethodRequestFromJSON(json: any): AuthEnableMethodRequest {
+  return AuthEnableMethodRequestFromJSONTyped(json, false);
+}
+
+export function AuthEnableMethodRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuthEnableMethodRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    config: json['config'] == null ? undefined : json['config'],
+    description: json['description'] == null ? undefined : json['description'],
+    externalEntropyAccess:
+      json['external_entropy_access'] == null ? undefined : json['external_entropy_access'],
+    local: json['local'] == null ? undefined : json['local'],
+    options: json['options'] == null ? undefined : json['options'],
+    pluginName: json['plugin_name'] == null ? undefined : json['plugin_name'],
+    pluginVersion: json['plugin_version'] == null ? undefined : json['plugin_version'],
+    sealWrap: json['seal_wrap'] == null ? undefined : json['seal_wrap'],
+    type: json['type'] == null ? undefined : json['type'],
+  };
+}
+
+export function AuthEnableMethodRequestToJSON(json: any): AuthEnableMethodRequest {
+  return AuthEnableMethodRequestToJSONTyped(json, false);
+}
+
+export function AuthEnableMethodRequestToJSONTyped(
+  value?: AuthEnableMethodRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    config: value['config'],
+    description: value['description'],
+    external_entropy_access: value['externalEntropyAccess'],
+    local: value['local'],
+    options: value['options'],
+    plugin_name: value['pluginName'],
+    plugin_version: value['pluginVersion'],
+    seal_wrap: value['sealWrap'],
+    type: value['type'],
+  };
+}

ui/api-client/src/models/AuthReadConfigurationResponse.ts

@@ -0,0 +1,167 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuthReadConfigurationResponse
+ */
+export interface AuthReadConfigurationResponse {
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadConfigurationResponse
+   */
+  accessor?: string;
+  /**
+   *
+   * @type {object}
+   * @memberof AuthReadConfigurationResponse
+   */
+  config?: object;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadConfigurationResponse
+   */
+  deprecationStatus?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadConfigurationResponse
+   */
+  description?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuthReadConfigurationResponse
+   */
+  externalEntropyAccess?: boolean;
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuthReadConfigurationResponse
+   */
+  local?: boolean;
+  /**
+   *
+   * @type {object}
+   * @memberof AuthReadConfigurationResponse
+   */
+  options?: object;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadConfigurationResponse
+   */
+  pluginVersion?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadConfigurationResponse
+   */
+  runningPluginVersion?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadConfigurationResponse
+   */
+  runningSha256?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuthReadConfigurationResponse
+   */
+  sealWrap?: boolean;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadConfigurationResponse
+   */
+  type?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadConfigurationResponse
+   */
+  uuid?: string;
+}
+
+/**
+ * Check if a given object implements the AuthReadConfigurationResponse interface.
+ */
+export function instanceOfAuthReadConfigurationResponse(
+  value: object
+): value is AuthReadConfigurationResponse {
+  return true;
+}
+
+export function AuthReadConfigurationResponseFromJSON(json: any): AuthReadConfigurationResponse {
+  return AuthReadConfigurationResponseFromJSONTyped(json, false);
+}
+
+export function AuthReadConfigurationResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuthReadConfigurationResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    accessor: json['accessor'] == null ? undefined : json['accessor'],
+    config: json['config'] == null ? undefined : json['config'],
+    deprecationStatus: json['deprecation_status'] == null ? undefined : json['deprecation_status'],
+    description: json['description'] == null ? undefined : json['description'],
+    externalEntropyAccess:
+      json['external_entropy_access'] == null ? undefined : json['external_entropy_access'],
+    local: json['local'] == null ? undefined : json['local'],
+    options: json['options'] == null ? undefined : json['options'],
+    pluginVersion: json['plugin_version'] == null ? undefined : json['plugin_version'],
+    runningPluginVersion: json['running_plugin_version'] == null ? undefined : json['running_plugin_version'],
+    runningSha256: json['running_sha256'] == null ? undefined : json['running_sha256'],
+    sealWrap: json['seal_wrap'] == null ? undefined : json['seal_wrap'],
+    type: json['type'] == null ? undefined : json['type'],
+    uuid: json['uuid'] == null ? undefined : json['uuid'],
+  };
+}
+
+export function AuthReadConfigurationResponseToJSON(json: any): AuthReadConfigurationResponse {
+  return AuthReadConfigurationResponseToJSONTyped(json, false);
+}
+
+export function AuthReadConfigurationResponseToJSONTyped(
+  value?: AuthReadConfigurationResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    accessor: value['accessor'],
+    config: value['config'],
+    deprecation_status: value['deprecationStatus'],
+    description: value['description'],
+    external_entropy_access: value['externalEntropyAccess'],
+    local: value['local'],
+    options: value['options'],
+    plugin_version: value['pluginVersion'],
+    running_plugin_version: value['runningPluginVersion'],
+    running_sha256: value['runningSha256'],
+    seal_wrap: value['sealWrap'],
+    type: value['type'],
+    uuid: value['uuid'],
+  };
+}

ui/api-client/src/models/AuthReadTuningInformationResponse.ts

@@ -0,0 +1,231 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuthReadTuningInformationResponse
+ */
+export interface AuthReadTuningInformationResponse {
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  allowedManagedKeys?: Array<string>;
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  allowedResponseHeaders?: Array<string>;
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  auditNonHmacRequestKeys?: Array<string>;
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  auditNonHmacResponseKeys?: Array<string>;
+  /**
+   *
+   * @type {number}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  defaultLeaseTtl?: number;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  description?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  externalEntropyAccess?: boolean;
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  forceNoCache?: boolean;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  identityTokenKey?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  listingVisibility?: string;
+  /**
+   *
+   * @type {number}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  maxLeaseTtl?: number;
+  /**
+   *
+   * @type {object}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  options?: object;
+  /**
+   *
+   * @type {Array<string>}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  passthroughRequestHeaders?: Array<string>;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  pluginVersion?: string;
+  /**
+   *
+   * @type {string}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  tokenType?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  trimRequestTrailingSlashes?: boolean;
+  /**
+   *
+   * @type {number}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  userLockoutCounterResetDuration?: number;
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  userLockoutDisable?: boolean;
+  /**
+   *
+   * @type {number}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  userLockoutDuration?: number;
+  /**
+   *
+   * @type {number}
+   * @memberof AuthReadTuningInformationResponse
+   */
+  userLockoutThreshold?: number;
+}
+
+/**
+ * Check if a given object implements the AuthReadTuningInformationResponse interface.
+ */
+export function instanceOfAuthReadTuningInformationResponse(
+  value: object
+): value is AuthReadTuningInformationResponse {
+  return true;
+}
+
+export function AuthReadTuningInformationResponseFromJSON(json: any): AuthReadTuningInformationResponse {
+  return AuthReadTuningInformationResponseFromJSONTyped(json, false);
+}
+
+export function AuthReadTuningInformationResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuthReadTuningInformationResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    allowedManagedKeys: json['allowed_managed_keys'] == null ? undefined : json['allowed_managed_keys'],
+    allowedResponseHeaders:
+      json['allowed_response_headers'] == null ? undefined : json['allowed_response_headers'],
+    auditNonHmacRequestKeys:
+      json['audit_non_hmac_request_keys'] == null ? undefined : json['audit_non_hmac_request_keys'],
+    auditNonHmacResponseKeys:
+      json['audit_non_hmac_response_keys'] == null ? undefined : json['audit_non_hmac_response_keys'],
+    defaultLeaseTtl: json['default_lease_ttl'] == null ? undefined : json['default_lease_ttl'],
+    description: json['description'] == null ? undefined : json['description'],
+    externalEntropyAccess:
+      json['external_entropy_access'] == null ? undefined : json['external_entropy_access'],
+    forceNoCache: json['force_no_cache'] == null ? undefined : json['force_no_cache'],
+    identityTokenKey: json['identity_token_key'] == null ? undefined : json['identity_token_key'],
+    listingVisibility: json['listing_visibility'] == null ? undefined : json['listing_visibility'],
+    maxLeaseTtl: json['max_lease_ttl'] == null ? undefined : json['max_lease_ttl'],
+    options: json['options'] == null ? undefined : json['options'],
+    passthroughRequestHeaders:
+      json['passthrough_request_headers'] == null ? undefined : json['passthrough_request_headers'],
+    pluginVersion: json['plugin_version'] == null ? undefined : json['plugin_version'],
+    tokenType: json['token_type'] == null ? undefined : json['token_type'],
+    trimRequestTrailingSlashes:
+      json['trim_request_trailing_slashes'] == null ? undefined : json['trim_request_trailing_slashes'],
+    userLockoutCounterResetDuration:
+      json['user_lockout_counter_reset_duration'] == null
+        ? undefined
+        : json['user_lockout_counter_reset_duration'],
+    userLockoutDisable: json['user_lockout_disable'] == null ? undefined : json['user_lockout_disable'],
+    userLockoutDuration: json['user_lockout_duration'] == null ? undefined : json['user_lockout_duration'],
+    userLockoutThreshold: json['user_lockout_threshold'] == null ? undefined : json['user_lockout_threshold'],
+  };
+}
+
+export function AuthReadTuningInformationResponseToJSON(json: any): AuthReadTuningInformationResponse {
+  return AuthReadTuningInformationResponseToJSONTyped(json, false);
+}
+
+export function AuthReadTuningInformationResponseToJSONTyped(
+  value?: AuthReadTuningInformationResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    allowed_managed_keys: value['allowedManagedKeys'],
+    allowed_response_headers: value['allowedResponseHeaders'],
+    audit_non_hmac_request_keys: value['auditNonHmacRequestKeys'],
+    audit_non_hmac_response_keys: value['auditNonHmacResponseKeys'],
+    default_lease_ttl: value['defaultLeaseTtl'],
+    description: value['description'],
+    external_entropy_access: value['externalEntropyAccess'],
+    force_no_cache: value['forceNoCache'],
+    identity_token_key: value['identityTokenKey'],
+    listing_visibility: value['listingVisibility'],
+    max_lease_ttl: value['maxLeaseTtl'],
+    options: value['options'],
+    passthrough_request_headers: value['passthroughRequestHeaders'],
+    plugin_version: value['pluginVersion'],
+    token_type: value['tokenType'],
+    trim_request_trailing_slashes: value['trimRequestTrailingSlashes'],
+    user_lockout_counter_reset_duration: value['userLockoutCounterResetDuration'],
+    user_lockout_disable: value['userLockoutDisable'],
+    user_lockout_duration: value['userLockoutDuration'],
+    user_lockout_threshold: value['userLockoutThreshold'],
+  };
+}

ui/api-client/src/models/AuthTuneConfigurationParametersRequest.ts

@@ -0,0 +1,183 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AuthTuneConfigurationParametersRequest
+ */
+export interface AuthTuneConfigurationParametersRequest {
+  /**
+   * A list of headers to whitelist and allow a plugin to set on responses.
+   * @type {Array<string>}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  allowedResponseHeaders?: Array<string>;
+  /**
+   * The list of keys in the request data object that will not be HMAC'd by audit devices.
+   * @type {Array<string>}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  auditNonHmacRequestKeys?: Array<string>;
+  /**
+   * The list of keys in the response data object that will not be HMAC'd by audit devices.
+   * @type {Array<string>}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  auditNonHmacResponseKeys?: Array<string>;
+  /**
+   * The default lease TTL for this mount.
+   * @type {string}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  defaultLeaseTtl?: string;
+  /**
+   * User-friendly description for this credential backend.
+   * @type {string}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  description?: string;
+  /**
+   * The name of the key used to sign plugin identity tokens. Defaults to the default key.
+   * @type {string}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  identityTokenKey?: string;
+  /**
+   * Determines the visibility of the mount in the UI-specific listing endpoint. Accepted value are 'unauth' and 'hidden', with the empty default ('') behaving like 'hidden'.
+   * @type {string}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  listingVisibility?: string;
+  /**
+   * The max lease TTL for this mount.
+   * @type {string}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  maxLeaseTtl?: string;
+  /**
+   * The options to pass into the backend. Should be a json object with string keys and values.
+   * @type {object}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  options?: object;
+  /**
+   * A list of headers to whitelist and pass from the request to the plugin.
+   * @type {Array<string>}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  passthroughRequestHeaders?: Array<string>;
+  /**
+   * The semantic version of the plugin to use, or image tag if oci_image is provided.
+   * @type {string}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  pluginVersion?: string;
+  /**
+   * The type of token to issue (service or batch).
+   * @type {string}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  tokenType?: string;
+  /**
+   *
+   * @type {boolean}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  trimRequestTrailingSlashes?: boolean;
+  /**
+   * The user lockout configuration to pass into the backend. Should be a json object with string keys and values.
+   * @type {object}
+   * @memberof AuthTuneConfigurationParametersRequest
+   */
+  userLockoutConfig?: object;
+}
+
+/**
+ * Check if a given object implements the AuthTuneConfigurationParametersRequest interface.
+ */
+export function instanceOfAuthTuneConfigurationParametersRequest(
+  value: object
+): value is AuthTuneConfigurationParametersRequest {
+  return true;
+}
+
+export function AuthTuneConfigurationParametersRequestFromJSON(
+  json: any
+): AuthTuneConfigurationParametersRequest {
+  return AuthTuneConfigurationParametersRequestFromJSONTyped(json, false);
+}
+
+export function AuthTuneConfigurationParametersRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AuthTuneConfigurationParametersRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    allowedResponseHeaders:
+      json['allowed_response_headers'] == null ? undefined : json['allowed_response_headers'],
+    auditNonHmacRequestKeys:
+      json['audit_non_hmac_request_keys'] == null ? undefined : json['audit_non_hmac_request_keys'],
+    auditNonHmacResponseKeys:
+      json['audit_non_hmac_response_keys'] == null ? undefined : json['audit_non_hmac_response_keys'],
+    defaultLeaseTtl: json['default_lease_ttl'] == null ? undefined : json['default_lease_ttl'],
+    description: json['description'] == null ? undefined : json['description'],
+    identityTokenKey: json['identity_token_key'] == null ? undefined : json['identity_token_key'],
+    listingVisibility: json['listing_visibility'] == null ? undefined : json['listing_visibility'],
+    maxLeaseTtl: json['max_lease_ttl'] == null ? undefined : json['max_lease_ttl'],
+    options: json['options'] == null ? undefined : json['options'],
+    passthroughRequestHeaders:
+      json['passthrough_request_headers'] == null ? undefined : json['passthrough_request_headers'],
+    pluginVersion: json['plugin_version'] == null ? undefined : json['plugin_version'],
+    tokenType: json['token_type'] == null ? undefined : json['token_type'],
+    trimRequestTrailingSlashes:
+      json['trim_request_trailing_slashes'] == null ? undefined : json['trim_request_trailing_slashes'],
+    userLockoutConfig: json['user_lockout_config'] == null ? undefined : json['user_lockout_config'],
+  };
+}
+
+export function AuthTuneConfigurationParametersRequestToJSON(
+  json: any
+): AuthTuneConfigurationParametersRequest {
+  return AuthTuneConfigurationParametersRequestToJSONTyped(json, false);
+}
+
+export function AuthTuneConfigurationParametersRequestToJSONTyped(
+  value?: AuthTuneConfigurationParametersRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    allowed_response_headers: value['allowedResponseHeaders'],
+    audit_non_hmac_request_keys: value['auditNonHmacRequestKeys'],
+    audit_non_hmac_response_keys: value['auditNonHmacResponseKeys'],
+    default_lease_ttl: value['defaultLeaseTtl'],
+    description: value['description'],
+    identity_token_key: value['identityTokenKey'],
+    listing_visibility: value['listingVisibility'],
+    max_lease_ttl: value['maxLeaseTtl'],
+    options: value['options'],
+    passthrough_request_headers: value['passthroughRequestHeaders'],
+    plugin_version: value['pluginVersion'],
+    token_type: value['tokenType'],
+    trim_request_trailing_slashes: value['trimRequestTrailingSlashes'],
+    user_lockout_config: value['userLockoutConfig'],
+  };
+}

ui/api-client/src/models/AwsConfigureCertificateRequest.ts

@@ -0,0 +1,78 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureCertificateRequest
+ */
+export interface AwsConfigureCertificateRequest {
+  /**
+   * Base64 encoded AWS Public cert required to verify PKCS7 signature of the EC2 instance metadata.
+   * @type {string}
+   * @memberof AwsConfigureCertificateRequest
+   */
+  awsPublicCert?: string;
+  /**
+   * Takes the value of either "pkcs7" or "identity", indicating the type of document which can be verified using the given certificate. The reason is that the PKCS#7 document will have a DSA digest and the identity signature will have an RSA signature, and accordingly the public certificates to verify those also vary. Defaults to "pkcs7".
+   * @type {string}
+   * @memberof AwsConfigureCertificateRequest
+   */
+  type?: string;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureCertificateRequest interface.
+ */
+export function instanceOfAwsConfigureCertificateRequest(
+  value: object
+): value is AwsConfigureCertificateRequest {
+  return true;
+}
+
+export function AwsConfigureCertificateRequestFromJSON(json: any): AwsConfigureCertificateRequest {
+  return AwsConfigureCertificateRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureCertificateRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureCertificateRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    awsPublicCert: json['aws_public_cert'] == null ? undefined : json['aws_public_cert'],
+    type: json['type'] == null ? undefined : json['type'],
+  };
+}
+
+export function AwsConfigureCertificateRequestToJSON(json: any): AwsConfigureCertificateRequest {
+  return AwsConfigureCertificateRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureCertificateRequestToJSONTyped(
+  value?: AwsConfigureCertificateRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    aws_public_cert: value['awsPublicCert'],
+    type: value['type'],
+  };
+}

ui/api-client/src/models/AwsConfigureClientRequest.ts

@@ -0,0 +1,201 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureClientRequest
+ */
+export interface AwsConfigureClientRequest {
+  /**
+   * AWS Access Key ID for the account used to make AWS API requests.
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  accessKey?: string;
+  /**
+   * List of additional headers that are allowed to be in AWS STS request headers
+   * @type {Array<string>}
+   * @memberof AwsConfigureClientRequest
+   */
+  allowedStsHeaderValues?: Array<string>;
+  /**
+   * If set to true, will deregister all registered rotation jobs from the RotationManager for the plugin.
+   * @type {boolean}
+   * @memberof AwsConfigureClientRequest
+   */
+  disableAutomatedRotation?: boolean;
+  /**
+   * URL to override the default generated endpoint for making AWS EC2 API calls.
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  endpoint?: string;
+  /**
+   * URL to override the default generated endpoint for making AWS IAM API calls.
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  iamEndpoint?: string;
+  /**
+   * Value to require in the X-Vault-AWS-IAM-Server-ID request header
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  iamServerIdHeaderValue?: string;
+  /**
+   * Audience of plugin identity tokens
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  identityTokenAudience?: string;
+  /**
+   * Time-to-live of plugin identity tokens
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  identityTokenTtl?: string;
+  /**
+   * Maximum number of retries for recoverable exceptions of AWS APIs
+   * @type {number}
+   * @memberof AwsConfigureClientRequest
+   */
+  maxRetries?: number;
+  /**
+   * Role ARN to assume for plugin identity token federation
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  roleArn?: string;
+  /**
+   * TTL for automatic credential rotation of the given username. Mutually exclusive with rotation_schedule
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  rotationPeriod?: string;
+  /**
+   * CRON-style string that will define the schedule on which rotations should occur. Mutually exclusive with rotation_period
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  rotationSchedule?: string;
+  /**
+   * Specifies the amount of time in which the rotation is allowed to occur starting from a given rotation_schedule
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  rotationWindow?: string;
+  /**
+   * AWS Secret Access Key for the account used to make AWS API requests.
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  secretKey?: string;
+  /**
+   * URL to override the default generated endpoint for making AWS STS API calls.
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  stsEndpoint?: string;
+  /**
+   * The region ID for the sts_endpoint, if set.
+   * @type {string}
+   * @memberof AwsConfigureClientRequest
+   */
+  stsRegion?: string;
+  /**
+   * Uses the STS region from client requests for making AWS STS API calls.
+   * @type {boolean}
+   * @memberof AwsConfigureClientRequest
+   */
+  useStsRegionFromClient?: boolean;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureClientRequest interface.
+ */
+export function instanceOfAwsConfigureClientRequest(value: object): value is AwsConfigureClientRequest {
+  return true;
+}
+
+export function AwsConfigureClientRequestFromJSON(json: any): AwsConfigureClientRequest {
+  return AwsConfigureClientRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureClientRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureClientRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    accessKey: json['access_key'] == null ? undefined : json['access_key'],
+    allowedStsHeaderValues:
+      json['allowed_sts_header_values'] == null ? undefined : json['allowed_sts_header_values'],
+    disableAutomatedRotation:
+      json['disable_automated_rotation'] == null ? undefined : json['disable_automated_rotation'],
+    endpoint: json['endpoint'] == null ? undefined : json['endpoint'],
+    iamEndpoint: json['iam_endpoint'] == null ? undefined : json['iam_endpoint'],
+    iamServerIdHeaderValue:
+      json['iam_server_id_header_value'] == null ? undefined : json['iam_server_id_header_value'],
+    identityTokenAudience:
+      json['identity_token_audience'] == null ? undefined : json['identity_token_audience'],
+    identityTokenTtl: json['identity_token_ttl'] == null ? undefined : json['identity_token_ttl'],
+    maxRetries: json['max_retries'] == null ? undefined : json['max_retries'],
+    roleArn: json['role_arn'] == null ? undefined : json['role_arn'],
+    rotationPeriod: json['rotation_period'] == null ? undefined : json['rotation_period'],
+    rotationSchedule: json['rotation_schedule'] == null ? undefined : json['rotation_schedule'],
+    rotationWindow: json['rotation_window'] == null ? undefined : json['rotation_window'],
+    secretKey: json['secret_key'] == null ? undefined : json['secret_key'],
+    stsEndpoint: json['sts_endpoint'] == null ? undefined : json['sts_endpoint'],
+    stsRegion: json['sts_region'] == null ? undefined : json['sts_region'],
+    useStsRegionFromClient:
+      json['use_sts_region_from_client'] == null ? undefined : json['use_sts_region_from_client'],
+  };
+}
+
+export function AwsConfigureClientRequestToJSON(json: any): AwsConfigureClientRequest {
+  return AwsConfigureClientRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureClientRequestToJSONTyped(
+  value?: AwsConfigureClientRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    access_key: value['accessKey'],
+    allowed_sts_header_values: value['allowedStsHeaderValues'],
+    disable_automated_rotation: value['disableAutomatedRotation'],
+    endpoint: value['endpoint'],
+    iam_endpoint: value['iamEndpoint'],
+    iam_server_id_header_value: value['iamServerIdHeaderValue'],
+    identity_token_audience: value['identityTokenAudience'],
+    identity_token_ttl: value['identityTokenTtl'],
+    max_retries: value['maxRetries'],
+    role_arn: value['roleArn'],
+    rotation_period: value['rotationPeriod'],
+    rotation_schedule: value['rotationSchedule'],
+    rotation_window: value['rotationWindow'],
+    secret_key: value['secretKey'],
+    sts_endpoint: value['stsEndpoint'],
+    sts_region: value['stsRegion'],
+    use_sts_region_from_client: value['useStsRegionFromClient'],
+  };
+}

ui/api-client/src/models/AwsConfigureIdentityAccessListTidyOperationRequest.ts

@@ -0,0 +1,82 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureIdentityAccessListTidyOperationRequest
+ */
+export interface AwsConfigureIdentityAccessListTidyOperationRequest {
+  /**
+   * If set to 'true', disables the periodic tidying of the 'identity-accesslist/<instance_id>' entries.
+   * @type {boolean}
+   * @memberof AwsConfigureIdentityAccessListTidyOperationRequest
+   */
+  disablePeriodicTidy?: boolean;
+  /**
+   * The amount of extra time that must have passed beyond the identity's expiration, before it is removed from the backend storage.
+   * @type {string}
+   * @memberof AwsConfigureIdentityAccessListTidyOperationRequest
+   */
+  safetyBuffer?: string;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureIdentityAccessListTidyOperationRequest interface.
+ */
+export function instanceOfAwsConfigureIdentityAccessListTidyOperationRequest(
+  value: object
+): value is AwsConfigureIdentityAccessListTidyOperationRequest {
+  return true;
+}
+
+export function AwsConfigureIdentityAccessListTidyOperationRequestFromJSON(
+  json: any
+): AwsConfigureIdentityAccessListTidyOperationRequest {
+  return AwsConfigureIdentityAccessListTidyOperationRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureIdentityAccessListTidyOperationRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureIdentityAccessListTidyOperationRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    disablePeriodicTidy: json['disable_periodic_tidy'] == null ? undefined : json['disable_periodic_tidy'],
+    safetyBuffer: json['safety_buffer'] == null ? undefined : json['safety_buffer'],
+  };
+}
+
+export function AwsConfigureIdentityAccessListTidyOperationRequestToJSON(
+  json: any
+): AwsConfigureIdentityAccessListTidyOperationRequest {
+  return AwsConfigureIdentityAccessListTidyOperationRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureIdentityAccessListTidyOperationRequestToJSONTyped(
+  value?: AwsConfigureIdentityAccessListTidyOperationRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    disable_periodic_tidy: value['disablePeriodicTidy'],
+    safety_buffer: value['safetyBuffer'],
+  };
+}

ui/api-client/src/models/AwsConfigureIdentityIntegrationRequest.ts

@@ -0,0 +1,98 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureIdentityIntegrationRequest
+ */
+export interface AwsConfigureIdentityIntegrationRequest {
+  /**
+   * Configure how the AWS auth method generates entity alias when using EC2 auth. Valid values are "role_id", "instance_id", and "image_id". Defaults to "role_id".
+   * @type {string}
+   * @memberof AwsConfigureIdentityIntegrationRequest
+   */
+  ec2Alias?: string;
+  /**
+   * The metadata to include on the aliases and audit logs generated by this plugin. When set to 'default', includes: account_id, auth_type. These fields are available to add: ami_id, instance_id, region. Not editing this field means the 'default' fields are included. Explicitly setting this field to empty overrides the 'default' and means no metadata will be included. If not using 'default', explicit fields must be sent like: 'field1,field2'.
+   * @type {Array<string>}
+   * @memberof AwsConfigureIdentityIntegrationRequest
+   */
+  ec2Metadata?: Array<string>;
+  /**
+   * Configure how the AWS auth method generates entity aliases when using IAM auth. Valid values are "role_id", "unique_id", "full_arn" and "canonical_arn". Defaults to "role_id".
+   * @type {string}
+   * @memberof AwsConfigureIdentityIntegrationRequest
+   */
+  iamAlias?: string;
+  /**
+   * The metadata to include on the aliases and audit logs generated by this plugin. When set to 'default', includes: account_id, auth_type. These fields are available to add: canonical_arn, client_arn, client_user_id, inferred_aws_region, inferred_entity_id, inferred_entity_type, inferred_hostname. Not editing this field means the 'default' fields are included. Explicitly setting this field to empty overrides the 'default' and means no metadata will be included. If not using 'default', explicit fields must be sent like: 'field1,field2'.
+   * @type {Array<string>}
+   * @memberof AwsConfigureIdentityIntegrationRequest
+   */
+  iamMetadata?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureIdentityIntegrationRequest interface.
+ */
+export function instanceOfAwsConfigureIdentityIntegrationRequest(
+  value: object
+): value is AwsConfigureIdentityIntegrationRequest {
+  return true;
+}
+
+export function AwsConfigureIdentityIntegrationRequestFromJSON(
+  json: any
+): AwsConfigureIdentityIntegrationRequest {
+  return AwsConfigureIdentityIntegrationRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureIdentityIntegrationRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureIdentityIntegrationRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    ec2Alias: json['ec2_alias'] == null ? undefined : json['ec2_alias'],
+    ec2Metadata: json['ec2_metadata'] == null ? undefined : json['ec2_metadata'],
+    iamAlias: json['iam_alias'] == null ? undefined : json['iam_alias'],
+    iamMetadata: json['iam_metadata'] == null ? undefined : json['iam_metadata'],
+  };
+}
+
+export function AwsConfigureIdentityIntegrationRequestToJSON(
+  json: any
+): AwsConfigureIdentityIntegrationRequest {
+  return AwsConfigureIdentityIntegrationRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureIdentityIntegrationRequestToJSONTyped(
+  value?: AwsConfigureIdentityIntegrationRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    ec2_alias: value['ec2Alias'],
+    ec2_metadata: value['ec2Metadata'],
+    iam_alias: value['iamAlias'],
+    iam_metadata: value['iamMetadata'],
+  };
+}

ui/api-client/src/models/AwsConfigureIdentityWhitelistTidyOperationRequest.ts

@@ -0,0 +1,82 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureIdentityWhitelistTidyOperationRequest
+ */
+export interface AwsConfigureIdentityWhitelistTidyOperationRequest {
+  /**
+   * If set to 'true', disables the periodic tidying of the 'identity-accesslist/<instance_id>' entries.
+   * @type {boolean}
+   * @memberof AwsConfigureIdentityWhitelistTidyOperationRequest
+   */
+  disablePeriodicTidy?: boolean;
+  /**
+   * The amount of extra time that must have passed beyond the identity's expiration, before it is removed from the backend storage.
+   * @type {string}
+   * @memberof AwsConfigureIdentityWhitelistTidyOperationRequest
+   */
+  safetyBuffer?: string;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureIdentityWhitelistTidyOperationRequest interface.
+ */
+export function instanceOfAwsConfigureIdentityWhitelistTidyOperationRequest(
+  value: object
+): value is AwsConfigureIdentityWhitelistTidyOperationRequest {
+  return true;
+}
+
+export function AwsConfigureIdentityWhitelistTidyOperationRequestFromJSON(
+  json: any
+): AwsConfigureIdentityWhitelistTidyOperationRequest {
+  return AwsConfigureIdentityWhitelistTidyOperationRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureIdentityWhitelistTidyOperationRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureIdentityWhitelistTidyOperationRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    disablePeriodicTidy: json['disable_periodic_tidy'] == null ? undefined : json['disable_periodic_tidy'],
+    safetyBuffer: json['safety_buffer'] == null ? undefined : json['safety_buffer'],
+  };
+}
+
+export function AwsConfigureIdentityWhitelistTidyOperationRequestToJSON(
+  json: any
+): AwsConfigureIdentityWhitelistTidyOperationRequest {
+  return AwsConfigureIdentityWhitelistTidyOperationRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureIdentityWhitelistTidyOperationRequestToJSONTyped(
+  value?: AwsConfigureIdentityWhitelistTidyOperationRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    disable_periodic_tidy: value['disablePeriodicTidy'],
+    safety_buffer: value['safetyBuffer'],
+  };
+}

ui/api-client/src/models/AwsConfigureLeaseRequest.ts

@@ -0,0 +1,76 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureLeaseRequest
+ */
+export interface AwsConfigureLeaseRequest {
+  /**
+   * Default lease for roles.
+   * @type {string}
+   * @memberof AwsConfigureLeaseRequest
+   */
+  lease?: string;
+  /**
+   * Maximum time a credential is valid for.
+   * @type {string}
+   * @memberof AwsConfigureLeaseRequest
+   */
+  leaseMax?: string;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureLeaseRequest interface.
+ */
+export function instanceOfAwsConfigureLeaseRequest(value: object): value is AwsConfigureLeaseRequest {
+  return true;
+}
+
+export function AwsConfigureLeaseRequestFromJSON(json: any): AwsConfigureLeaseRequest {
+  return AwsConfigureLeaseRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureLeaseRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureLeaseRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    lease: json['lease'] == null ? undefined : json['lease'],
+    leaseMax: json['lease_max'] == null ? undefined : json['lease_max'],
+  };
+}
+
+export function AwsConfigureLeaseRequestToJSON(json: any): AwsConfigureLeaseRequest {
+  return AwsConfigureLeaseRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureLeaseRequestToJSONTyped(
+  value?: AwsConfigureLeaseRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    lease: value['lease'],
+    lease_max: value['leaseMax'],
+  };
+}

ui/api-client/src/models/AwsConfigureRoleTagBlacklistTidyOperationRequest.ts

@@ -0,0 +1,82 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureRoleTagBlacklistTidyOperationRequest
+ */
+export interface AwsConfigureRoleTagBlacklistTidyOperationRequest {
+  /**
+   * If set to 'true', disables the periodic tidying of deny listed entries.
+   * @type {boolean}
+   * @memberof AwsConfigureRoleTagBlacklistTidyOperationRequest
+   */
+  disablePeriodicTidy?: boolean;
+  /**
+   * The amount of extra time that must have passed beyond the roletag expiration, before it is removed from the backend storage. Defaults to 4320h (180 days).
+   * @type {string}
+   * @memberof AwsConfigureRoleTagBlacklistTidyOperationRequest
+   */
+  safetyBuffer?: string;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureRoleTagBlacklistTidyOperationRequest interface.
+ */
+export function instanceOfAwsConfigureRoleTagBlacklistTidyOperationRequest(
+  value: object
+): value is AwsConfigureRoleTagBlacklistTidyOperationRequest {
+  return true;
+}
+
+export function AwsConfigureRoleTagBlacklistTidyOperationRequestFromJSON(
+  json: any
+): AwsConfigureRoleTagBlacklistTidyOperationRequest {
+  return AwsConfigureRoleTagBlacklistTidyOperationRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureRoleTagBlacklistTidyOperationRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureRoleTagBlacklistTidyOperationRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    disablePeriodicTidy: json['disable_periodic_tidy'] == null ? undefined : json['disable_periodic_tidy'],
+    safetyBuffer: json['safety_buffer'] == null ? undefined : json['safety_buffer'],
+  };
+}
+
+export function AwsConfigureRoleTagBlacklistTidyOperationRequestToJSON(
+  json: any
+): AwsConfigureRoleTagBlacklistTidyOperationRequest {
+  return AwsConfigureRoleTagBlacklistTidyOperationRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureRoleTagBlacklistTidyOperationRequestToJSONTyped(
+  value?: AwsConfigureRoleTagBlacklistTidyOperationRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    disable_periodic_tidy: value['disablePeriodicTidy'],
+    safety_buffer: value['safetyBuffer'],
+  };
+}

ui/api-client/src/models/AwsConfigureRoleTagDenyListTidyOperationRequest.ts

@@ -0,0 +1,82 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureRoleTagDenyListTidyOperationRequest
+ */
+export interface AwsConfigureRoleTagDenyListTidyOperationRequest {
+  /**
+   * If set to 'true', disables the periodic tidying of deny listed entries.
+   * @type {boolean}
+   * @memberof AwsConfigureRoleTagDenyListTidyOperationRequest
+   */
+  disablePeriodicTidy?: boolean;
+  /**
+   * The amount of extra time that must have passed beyond the roletag expiration, before it is removed from the backend storage. Defaults to 4320h (180 days).
+   * @type {string}
+   * @memberof AwsConfigureRoleTagDenyListTidyOperationRequest
+   */
+  safetyBuffer?: string;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureRoleTagDenyListTidyOperationRequest interface.
+ */
+export function instanceOfAwsConfigureRoleTagDenyListTidyOperationRequest(
+  value: object
+): value is AwsConfigureRoleTagDenyListTidyOperationRequest {
+  return true;
+}
+
+export function AwsConfigureRoleTagDenyListTidyOperationRequestFromJSON(
+  json: any
+): AwsConfigureRoleTagDenyListTidyOperationRequest {
+  return AwsConfigureRoleTagDenyListTidyOperationRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureRoleTagDenyListTidyOperationRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureRoleTagDenyListTidyOperationRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    disablePeriodicTidy: json['disable_periodic_tidy'] == null ? undefined : json['disable_periodic_tidy'],
+    safetyBuffer: json['safety_buffer'] == null ? undefined : json['safety_buffer'],
+  };
+}
+
+export function AwsConfigureRoleTagDenyListTidyOperationRequestToJSON(
+  json: any
+): AwsConfigureRoleTagDenyListTidyOperationRequest {
+  return AwsConfigureRoleTagDenyListTidyOperationRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureRoleTagDenyListTidyOperationRequestToJSONTyped(
+  value?: AwsConfigureRoleTagDenyListTidyOperationRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    disable_periodic_tidy: value['disablePeriodicTidy'],
+    safety_buffer: value['safetyBuffer'],
+  };
+}

ui/api-client/src/models/AwsConfigureRootIamCredentialsRequest.ts

@@ -0,0 +1,204 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsConfigureRootIamCredentialsRequest
+ */
+export interface AwsConfigureRootIamCredentialsRequest {
+  /**
+   * Access key with permission to create new keys.
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  accessKey?: string;
+  /**
+   * If set to true, will deregister all registered rotation jobs from the RotationManager for the plugin.
+   * @type {boolean}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  disableAutomatedRotation?: boolean;
+  /**
+   * Endpoint to custom IAM server URL
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  iamEndpoint?: string;
+  /**
+   * Audience of plugin identity tokens
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  identityTokenAudience?: string;
+  /**
+   * Time-to-live of plugin identity tokens
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  identityTokenTtl?: string;
+  /**
+   * Maximum number of retries for recoverable exceptions of AWS APIs
+   * @type {number}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  maxRetries?: number;
+  /**
+   * Region for API calls.
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  region?: string;
+  /**
+   * Role ARN to assume for plugin identity token federation
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  roleArn?: string;
+  /**
+   * TTL for automatic credential rotation of the given username. Mutually exclusive with rotation_schedule
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  rotationPeriod?: string;
+  /**
+   * CRON-style string that will define the schedule on which rotations should occur. Mutually exclusive with rotation_period
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  rotationSchedule?: string;
+  /**
+   * Specifies the amount of time in which the rotation is allowed to occur starting from a given rotation_schedule
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  rotationWindow?: string;
+  /**
+   * Secret key with permission to create new keys.
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  secretKey?: string;
+  /**
+   * Endpoint to custom STS server URL
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  stsEndpoint?: string;
+  /**
+   * Fallback endpoints if sts_endpoint is unreachable
+   * @type {Array<string>}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  stsFallbackEndpoints?: Array<string>;
+  /**
+   * Fallback regions if sts_region is unreachable
+   * @type {Array<string>}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  stsFallbackRegions?: Array<string>;
+  /**
+   * Specific region for STS API calls.
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  stsRegion?: string;
+  /**
+   * Template to generate custom IAM usernames
+   * @type {string}
+   * @memberof AwsConfigureRootIamCredentialsRequest
+   */
+  usernameTemplate?: string;
+}
+
+/**
+ * Check if a given object implements the AwsConfigureRootIamCredentialsRequest interface.
+ */
+export function instanceOfAwsConfigureRootIamCredentialsRequest(
+  value: object
+): value is AwsConfigureRootIamCredentialsRequest {
+  return true;
+}
+
+export function AwsConfigureRootIamCredentialsRequestFromJSON(
+  json: any
+): AwsConfigureRootIamCredentialsRequest {
+  return AwsConfigureRootIamCredentialsRequestFromJSONTyped(json, false);
+}
+
+export function AwsConfigureRootIamCredentialsRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsConfigureRootIamCredentialsRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    accessKey: json['access_key'] == null ? undefined : json['access_key'],
+    disableAutomatedRotation:
+      json['disable_automated_rotation'] == null ? undefined : json['disable_automated_rotation'],
+    iamEndpoint: json['iam_endpoint'] == null ? undefined : json['iam_endpoint'],
+    identityTokenAudience:
+      json['identity_token_audience'] == null ? undefined : json['identity_token_audience'],
+    identityTokenTtl: json['identity_token_ttl'] == null ? undefined : json['identity_token_ttl'],
+    maxRetries: json['max_retries'] == null ? undefined : json['max_retries'],
+    region: json['region'] == null ? undefined : json['region'],
+    roleArn: json['role_arn'] == null ? undefined : json['role_arn'],
+    rotationPeriod: json['rotation_period'] == null ? undefined : json['rotation_period'],
+    rotationSchedule: json['rotation_schedule'] == null ? undefined : json['rotation_schedule'],
+    rotationWindow: json['rotation_window'] == null ? undefined : json['rotation_window'],
+    secretKey: json['secret_key'] == null ? undefined : json['secret_key'],
+    stsEndpoint: json['sts_endpoint'] == null ? undefined : json['sts_endpoint'],
+    stsFallbackEndpoints: json['sts_fallback_endpoints'] == null ? undefined : json['sts_fallback_endpoints'],
+    stsFallbackRegions: json['sts_fallback_regions'] == null ? undefined : json['sts_fallback_regions'],
+    stsRegion: json['sts_region'] == null ? undefined : json['sts_region'],
+    usernameTemplate: json['username_template'] == null ? undefined : json['username_template'],
+  };
+}
+
+export function AwsConfigureRootIamCredentialsRequestToJSON(
+  json: any
+): AwsConfigureRootIamCredentialsRequest {
+  return AwsConfigureRootIamCredentialsRequestToJSONTyped(json, false);
+}
+
+export function AwsConfigureRootIamCredentialsRequestToJSONTyped(
+  value?: AwsConfigureRootIamCredentialsRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    access_key: value['accessKey'],
+    disable_automated_rotation: value['disableAutomatedRotation'],
+    iam_endpoint: value['iamEndpoint'],
+    identity_token_audience: value['identityTokenAudience'],
+    identity_token_ttl: value['identityTokenTtl'],
+    max_retries: value['maxRetries'],
+    region: value['region'],
+    role_arn: value['roleArn'],
+    rotation_period: value['rotationPeriod'],
+    rotation_schedule: value['rotationSchedule'],
+    rotation_window: value['rotationWindow'],
+    secret_key: value['secretKey'],
+    sts_endpoint: value['stsEndpoint'],
+    sts_fallback_endpoints: value['stsFallbackEndpoints'],
+    sts_fallback_regions: value['stsFallbackRegions'],
+    sts_region: value['stsRegion'],
+    username_template: value['usernameTemplate'],
+  };
+}

ui/api-client/src/models/AwsGenerateCredentialsWithParametersRequest.ts

@@ -0,0 +1,98 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsGenerateCredentialsWithParametersRequest
+ */
+export interface AwsGenerateCredentialsWithParametersRequest {
+  /**
+   * MFA code to provide for session tokens
+   * @type {string}
+   * @memberof AwsGenerateCredentialsWithParametersRequest
+   */
+  mfaCode?: string;
+  /**
+   * ARN of role to assume when credential_type is assumed_role
+   * @type {string}
+   * @memberof AwsGenerateCredentialsWithParametersRequest
+   */
+  roleArn?: string;
+  /**
+   * Session name to use when assuming role. Max chars: 64
+   * @type {string}
+   * @memberof AwsGenerateCredentialsWithParametersRequest
+   */
+  roleSessionName?: string;
+  /**
+   * Lifetime of the returned credentials in seconds
+   * @type {string}
+   * @memberof AwsGenerateCredentialsWithParametersRequest
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AwsGenerateCredentialsWithParametersRequest interface.
+ */
+export function instanceOfAwsGenerateCredentialsWithParametersRequest(
+  value: object
+): value is AwsGenerateCredentialsWithParametersRequest {
+  return true;
+}
+
+export function AwsGenerateCredentialsWithParametersRequestFromJSON(
+  json: any
+): AwsGenerateCredentialsWithParametersRequest {
+  return AwsGenerateCredentialsWithParametersRequestFromJSONTyped(json, false);
+}
+
+export function AwsGenerateCredentialsWithParametersRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsGenerateCredentialsWithParametersRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    mfaCode: json['mfa_code'] == null ? undefined : json['mfa_code'],
+    roleArn: json['role_arn'] == null ? undefined : json['role_arn'],
+    roleSessionName: json['role_session_name'] == null ? undefined : json['role_session_name'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AwsGenerateCredentialsWithParametersRequestToJSON(
+  json: any
+): AwsGenerateCredentialsWithParametersRequest {
+  return AwsGenerateCredentialsWithParametersRequestToJSONTyped(json, false);
+}
+
+export function AwsGenerateCredentialsWithParametersRequestToJSONTyped(
+  value?: AwsGenerateCredentialsWithParametersRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    mfa_code: value['mfaCode'],
+    role_arn: value['roleArn'],
+    role_session_name: value['roleSessionName'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/AwsGenerateStsCredentialsWithParametersRequest.ts

@@ -0,0 +1,98 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsGenerateStsCredentialsWithParametersRequest
+ */
+export interface AwsGenerateStsCredentialsWithParametersRequest {
+  /**
+   * MFA code to provide for session tokens
+   * @type {string}
+   * @memberof AwsGenerateStsCredentialsWithParametersRequest
+   */
+  mfaCode?: string;
+  /**
+   * ARN of role to assume when credential_type is assumed_role
+   * @type {string}
+   * @memberof AwsGenerateStsCredentialsWithParametersRequest
+   */
+  roleArn?: string;
+  /**
+   * Session name to use when assuming role. Max chars: 64
+   * @type {string}
+   * @memberof AwsGenerateStsCredentialsWithParametersRequest
+   */
+  roleSessionName?: string;
+  /**
+   * Lifetime of the returned credentials in seconds
+   * @type {string}
+   * @memberof AwsGenerateStsCredentialsWithParametersRequest
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AwsGenerateStsCredentialsWithParametersRequest interface.
+ */
+export function instanceOfAwsGenerateStsCredentialsWithParametersRequest(
+  value: object
+): value is AwsGenerateStsCredentialsWithParametersRequest {
+  return true;
+}
+
+export function AwsGenerateStsCredentialsWithParametersRequestFromJSON(
+  json: any
+): AwsGenerateStsCredentialsWithParametersRequest {
+  return AwsGenerateStsCredentialsWithParametersRequestFromJSONTyped(json, false);
+}
+
+export function AwsGenerateStsCredentialsWithParametersRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsGenerateStsCredentialsWithParametersRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    mfaCode: json['mfa_code'] == null ? undefined : json['mfa_code'],
+    roleArn: json['role_arn'] == null ? undefined : json['role_arn'],
+    roleSessionName: json['role_session_name'] == null ? undefined : json['role_session_name'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AwsGenerateStsCredentialsWithParametersRequestToJSON(
+  json: any
+): AwsGenerateStsCredentialsWithParametersRequest {
+  return AwsGenerateStsCredentialsWithParametersRequestToJSONTyped(json, false);
+}
+
+export function AwsGenerateStsCredentialsWithParametersRequestToJSONTyped(
+  value?: AwsGenerateStsCredentialsWithParametersRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    mfa_code: value['mfaCode'],
+    role_arn: value['roleArn'],
+    role_session_name: value['roleSessionName'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/AwsLoginRequest.ts

@@ -0,0 +1,130 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsLoginRequest
+ */
+export interface AwsLoginRequest {
+  /**
+   * HTTP method to use for the AWS request when auth_type is iam. This must match what has been signed in the presigned request.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  iamHttpRequestMethod?: string;
+  /**
+   * Base64-encoded request body when auth_type is iam. This must match the request body included in the signature.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  iamRequestBody?: string;
+  /**
+   * Key/value pairs of headers for use in the sts:GetCallerIdentity HTTP requests headers when auth_type is iam. Can be either a Base64-encoded, JSON-serialized string, or a JSON object of key/value pairs. This must at a minimum include the headers over which AWS has included a signature.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  iamRequestHeaders?: string;
+  /**
+   * Base64-encoded full URL against which to make the AWS request when using iam auth_type.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  iamRequestUrl?: string;
+  /**
+   * Base64 encoded EC2 instance identity document. This needs to be supplied along with the 'signature' parameter. If using 'curl' for fetching the identity document, consider using the option '-w 0' while piping the output to 'base64' binary.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  identity?: string;
+  /**
+   * The nonce to be used for subsequent login requests when auth_type is ec2. If this parameter is not specified at all and if reauthentication is allowed, then the backend will generate a random nonce, attaches it to the instance's identity access list entry and returns the nonce back as part of auth metadata. This value should be used with further login requests, to establish client authenticity. Clients can choose to set a custom nonce if preferred, in which case, it is recommended that clients provide a strong nonce. If a nonce is provided but with an empty value, it indicates intent to disable reauthentication. Note that, when 'disallow_reauthentication' option is enabled on either the role or the role tag, the 'nonce' holds no significance.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  nonce?: string;
+  /**
+   * PKCS7 signature of the identity document when using an auth_type of ec2.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  pkcs7?: string;
+  /**
+   * Name of the role against which the login is being attempted. If 'role' is not specified, then the login endpoint looks for a role bearing the name of the AMI ID of the EC2 instance that is trying to login. If a matching role is not found, login fails.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  role?: string;
+  /**
+   * Base64 encoded SHA256 RSA signature of the instance identity document. This needs to be supplied along with 'identity' parameter.
+   * @type {string}
+   * @memberof AwsLoginRequest
+   */
+  signature?: string;
+}
+
+/**
+ * Check if a given object implements the AwsLoginRequest interface.
+ */
+export function instanceOfAwsLoginRequest(value: object): value is AwsLoginRequest {
+  return true;
+}
+
+export function AwsLoginRequestFromJSON(json: any): AwsLoginRequest {
+  return AwsLoginRequestFromJSONTyped(json, false);
+}
+
+export function AwsLoginRequestFromJSONTyped(json: any, ignoreDiscriminator: boolean): AwsLoginRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    iamHttpRequestMethod:
+      json['iam_http_request_method'] == null ? undefined : json['iam_http_request_method'],
+    iamRequestBody: json['iam_request_body'] == null ? undefined : json['iam_request_body'],
+    iamRequestHeaders: json['iam_request_headers'] == null ? undefined : json['iam_request_headers'],
+    iamRequestUrl: json['iam_request_url'] == null ? undefined : json['iam_request_url'],
+    identity: json['identity'] == null ? undefined : json['identity'],
+    nonce: json['nonce'] == null ? undefined : json['nonce'],
+    pkcs7: json['pkcs7'] == null ? undefined : json['pkcs7'],
+    role: json['role'] == null ? undefined : json['role'],
+    signature: json['signature'] == null ? undefined : json['signature'],
+  };
+}
+
+export function AwsLoginRequestToJSON(json: any): AwsLoginRequest {
+  return AwsLoginRequestToJSONTyped(json, false);
+}
+
+export function AwsLoginRequestToJSONTyped(
+  value?: AwsLoginRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    iam_http_request_method: value['iamHttpRequestMethod'],
+    iam_request_body: value['iamRequestBody'],
+    iam_request_headers: value['iamRequestHeaders'],
+    iam_request_url: value['iamRequestUrl'],
+    identity: value['identity'],
+    nonce: value['nonce'],
+    pkcs7: value['pkcs7'],
+    role: value['role'],
+    signature: value['signature'],
+  };
+}

ui/api-client/src/models/AwsReadStaticCredsNameResponse.ts

@@ -0,0 +1,78 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsReadStaticCredsNameResponse
+ */
+export interface AwsReadStaticCredsNameResponse {
+  /**
+   * The access key of the AWS Credential
+   * @type {string}
+   * @memberof AwsReadStaticCredsNameResponse
+   */
+  accessKey?: string;
+  /**
+   * The secret key of the AWS Credential
+   * @type {string}
+   * @memberof AwsReadStaticCredsNameResponse
+   */
+  secretKey?: string;
+}
+
+/**
+ * Check if a given object implements the AwsReadStaticCredsNameResponse interface.
+ */
+export function instanceOfAwsReadStaticCredsNameResponse(
+  value: object
+): value is AwsReadStaticCredsNameResponse {
+  return true;
+}
+
+export function AwsReadStaticCredsNameResponseFromJSON(json: any): AwsReadStaticCredsNameResponse {
+  return AwsReadStaticCredsNameResponseFromJSONTyped(json, false);
+}
+
+export function AwsReadStaticCredsNameResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsReadStaticCredsNameResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    accessKey: json['access_key'] == null ? undefined : json['access_key'],
+    secretKey: json['secret_key'] == null ? undefined : json['secret_key'],
+  };
+}
+
+export function AwsReadStaticCredsNameResponseToJSON(json: any): AwsReadStaticCredsNameResponse {
+  return AwsReadStaticCredsNameResponseToJSONTyped(json, false);
+}
+
+export function AwsReadStaticCredsNameResponseToJSONTyped(
+  value?: AwsReadStaticCredsNameResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    access_key: value['accessKey'],
+    secret_key: value['secretKey'],
+  };
+}

ui/api-client/src/models/AwsReadStaticRolesNameResponse.ts

@@ -0,0 +1,111 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsReadStaticRolesNameResponse
+ */
+export interface AwsReadStaticRolesNameResponse {
+  /**
+   * The AWS ARN for the role to be assumed when interacting with the account specified.
+   * @type {string}
+   * @memberof AwsReadStaticRolesNameResponse
+   */
+  assumeRoleArn?: string;
+  /**
+   * An identifier for the assumed role session.
+   * @type {string}
+   * @memberof AwsReadStaticRolesNameResponse
+   */
+  assumeRoleSessionName?: string;
+  /**
+   * An external ID to be passed to the assumed role session.
+   * @type {string}
+   * @memberof AwsReadStaticRolesNameResponse
+   */
+  externalId?: string;
+  /**
+   * The name of this role.
+   * @type {string}
+   * @memberof AwsReadStaticRolesNameResponse
+   */
+  name?: string;
+  /**
+   * Period by which to rotate the backing credential of the adopted user. This can be a Go duration (e.g, '1m', 24h'), or an integer number of seconds.
+   * @type {string}
+   * @memberof AwsReadStaticRolesNameResponse
+   */
+  rotationPeriod?: string;
+  /**
+   * The IAM user to adopt as a static role.
+   * @type {string}
+   * @memberof AwsReadStaticRolesNameResponse
+   */
+  username?: string;
+}
+
+/**
+ * Check if a given object implements the AwsReadStaticRolesNameResponse interface.
+ */
+export function instanceOfAwsReadStaticRolesNameResponse(
+  value: object
+): value is AwsReadStaticRolesNameResponse {
+  return true;
+}
+
+export function AwsReadStaticRolesNameResponseFromJSON(json: any): AwsReadStaticRolesNameResponse {
+  return AwsReadStaticRolesNameResponseFromJSONTyped(json, false);
+}
+
+export function AwsReadStaticRolesNameResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsReadStaticRolesNameResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    assumeRoleArn: json['assume_role_arn'] == null ? undefined : json['assume_role_arn'],
+    assumeRoleSessionName:
+      json['assume_role_session_name'] == null ? undefined : json['assume_role_session_name'],
+    externalId: json['external_id'] == null ? undefined : json['external_id'],
+    name: json['name'] == null ? undefined : json['name'],
+    rotationPeriod: json['rotation_period'] == null ? undefined : json['rotation_period'],
+    username: json['username'] == null ? undefined : json['username'],
+  };
+}
+
+export function AwsReadStaticRolesNameResponseToJSON(json: any): AwsReadStaticRolesNameResponse {
+  return AwsReadStaticRolesNameResponseToJSONTyped(json, false);
+}
+
+export function AwsReadStaticRolesNameResponseToJSONTyped(
+  value?: AwsReadStaticRolesNameResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    assume_role_arn: value['assumeRoleArn'],
+    assume_role_session_name: value['assumeRoleSessionName'],
+    external_id: value['externalId'],
+    name: value['name'],
+    rotation_period: value['rotationPeriod'],
+    username: value['username'],
+  };
+}

ui/api-client/src/models/AwsTidyIdentityAccessListRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsTidyIdentityAccessListRequest
+ */
+export interface AwsTidyIdentityAccessListRequest {
+  /**
+   * The amount of extra time that must have passed beyond the identity's expiration, before it is removed from the backend storage.
+   * @type {string}
+   * @memberof AwsTidyIdentityAccessListRequest
+   */
+  safetyBuffer?: string;
+}
+
+/**
+ * Check if a given object implements the AwsTidyIdentityAccessListRequest interface.
+ */
+export function instanceOfAwsTidyIdentityAccessListRequest(
+  value: object
+): value is AwsTidyIdentityAccessListRequest {
+  return true;
+}
+
+export function AwsTidyIdentityAccessListRequestFromJSON(json: any): AwsTidyIdentityAccessListRequest {
+  return AwsTidyIdentityAccessListRequestFromJSONTyped(json, false);
+}
+
+export function AwsTidyIdentityAccessListRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsTidyIdentityAccessListRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    safetyBuffer: json['safety_buffer'] == null ? undefined : json['safety_buffer'],
+  };
+}
+
+export function AwsTidyIdentityAccessListRequestToJSON(json: any): AwsTidyIdentityAccessListRequest {
+  return AwsTidyIdentityAccessListRequestToJSONTyped(json, false);
+}
+
+export function AwsTidyIdentityAccessListRequestToJSONTyped(
+  value?: AwsTidyIdentityAccessListRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    safety_buffer: value['safetyBuffer'],
+  };
+}

ui/api-client/src/models/AwsTidyIdentityWhitelistRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsTidyIdentityWhitelistRequest
+ */
+export interface AwsTidyIdentityWhitelistRequest {
+  /**
+   * The amount of extra time that must have passed beyond the identity's expiration, before it is removed from the backend storage.
+   * @type {string}
+   * @memberof AwsTidyIdentityWhitelistRequest
+   */
+  safetyBuffer?: string;
+}
+
+/**
+ * Check if a given object implements the AwsTidyIdentityWhitelistRequest interface.
+ */
+export function instanceOfAwsTidyIdentityWhitelistRequest(
+  value: object
+): value is AwsTidyIdentityWhitelistRequest {
+  return true;
+}
+
+export function AwsTidyIdentityWhitelistRequestFromJSON(json: any): AwsTidyIdentityWhitelistRequest {
+  return AwsTidyIdentityWhitelistRequestFromJSONTyped(json, false);
+}
+
+export function AwsTidyIdentityWhitelistRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsTidyIdentityWhitelistRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    safetyBuffer: json['safety_buffer'] == null ? undefined : json['safety_buffer'],
+  };
+}
+
+export function AwsTidyIdentityWhitelistRequestToJSON(json: any): AwsTidyIdentityWhitelistRequest {
+  return AwsTidyIdentityWhitelistRequestToJSONTyped(json, false);
+}
+
+export function AwsTidyIdentityWhitelistRequestToJSONTyped(
+  value?: AwsTidyIdentityWhitelistRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    safety_buffer: value['safetyBuffer'],
+  };
+}

ui/api-client/src/models/AwsTidyRoleTagBlacklistRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsTidyRoleTagBlacklistRequest
+ */
+export interface AwsTidyRoleTagBlacklistRequest {
+  /**
+   * The amount of extra time that must have passed beyond the roletag expiration, before it is removed from the backend storage.
+   * @type {string}
+   * @memberof AwsTidyRoleTagBlacklistRequest
+   */
+  safetyBuffer?: string;
+}
+
+/**
+ * Check if a given object implements the AwsTidyRoleTagBlacklistRequest interface.
+ */
+export function instanceOfAwsTidyRoleTagBlacklistRequest(
+  value: object
+): value is AwsTidyRoleTagBlacklistRequest {
+  return true;
+}
+
+export function AwsTidyRoleTagBlacklistRequestFromJSON(json: any): AwsTidyRoleTagBlacklistRequest {
+  return AwsTidyRoleTagBlacklistRequestFromJSONTyped(json, false);
+}
+
+export function AwsTidyRoleTagBlacklistRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsTidyRoleTagBlacklistRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    safetyBuffer: json['safety_buffer'] == null ? undefined : json['safety_buffer'],
+  };
+}
+
+export function AwsTidyRoleTagBlacklistRequestToJSON(json: any): AwsTidyRoleTagBlacklistRequest {
+  return AwsTidyRoleTagBlacklistRequestToJSONTyped(json, false);
+}
+
+export function AwsTidyRoleTagBlacklistRequestToJSONTyped(
+  value?: AwsTidyRoleTagBlacklistRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    safety_buffer: value['safetyBuffer'],
+  };
+}

ui/api-client/src/models/AwsTidyRoleTagDenyListRequest.ts

@@ -0,0 +1,70 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsTidyRoleTagDenyListRequest
+ */
+export interface AwsTidyRoleTagDenyListRequest {
+  /**
+   * The amount of extra time that must have passed beyond the roletag expiration, before it is removed from the backend storage.
+   * @type {string}
+   * @memberof AwsTidyRoleTagDenyListRequest
+   */
+  safetyBuffer?: string;
+}
+
+/**
+ * Check if a given object implements the AwsTidyRoleTagDenyListRequest interface.
+ */
+export function instanceOfAwsTidyRoleTagDenyListRequest(
+  value: object
+): value is AwsTidyRoleTagDenyListRequest {
+  return true;
+}
+
+export function AwsTidyRoleTagDenyListRequestFromJSON(json: any): AwsTidyRoleTagDenyListRequest {
+  return AwsTidyRoleTagDenyListRequestFromJSONTyped(json, false);
+}
+
+export function AwsTidyRoleTagDenyListRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsTidyRoleTagDenyListRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    safetyBuffer: json['safety_buffer'] == null ? undefined : json['safety_buffer'],
+  };
+}
+
+export function AwsTidyRoleTagDenyListRequestToJSON(json: any): AwsTidyRoleTagDenyListRequest {
+  return AwsTidyRoleTagDenyListRequestToJSONTyped(json, false);
+}
+
+export function AwsTidyRoleTagDenyListRequestToJSONTyped(
+  value?: AwsTidyRoleTagDenyListRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    safety_buffer: value['safetyBuffer'],
+  };
+}

ui/api-client/src/models/AwsWriteAuthRoleRequest.ts

@@ -0,0 +1,301 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsWriteAuthRoleRequest
+ */
+export interface AwsWriteAuthRoleRequest {
+  /**
+   * If set, allows migration of the underlying instance where the client resides. This keys off of pendingTime in the metadata document, so essentially, this disables the client nonce check whenever the instance is migrated to a new host and pendingTime is newer than the previously-remembered time. Use with caution. This is only checked when auth_type is ec2.
+   * @type {boolean}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  allowInstanceMigration?: boolean;
+  /**
+   * The auth_type permitted to authenticate to this role. Must be one of iam or ec2 and cannot be changed after role creation.
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  authType?: string;
+  /**
+   * If set, defines a constraint on the EC2 instances that the account ID in its identity document to match one of the IDs specified by this parameter. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundAccountId?: Array<string>;
+  /**
+   * If set, defines a constraint on the EC2 instances that they should be using one of the AMI IDs specified by this parameter. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundAmiId?: Array<string>;
+  /**
+   * If set, defines a constraint on the EC2 instances to have one of the given instance IDs. Can be a list or comma-separated string of EC2 instance IDs. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundEc2InstanceId?: Array<string>;
+  /**
+   * If set, defines a constraint on the EC2 instances to be associated with an IAM instance profile ARN which has a prefix that matches one of the values specified by this parameter. The value is prefix-matched (as though it were a glob ending in '*'). This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundIamInstanceProfileArn?: Array<string>;
+  /**
+   * ARN of the IAM principals to bind to this role. Only applicable when auth_type is iam.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundIamPrincipalArn?: Array<string>;
+  /**
+   * If set, defines a constraint on the authenticating EC2 instance that it must match one of the IAM role ARNs specified by this parameter. The value is prefix-matched (as though it were a glob ending in '*'). The configured IAM user or EC2 instance role must be allowed to execute the 'iam:GetInstanceProfile' action if this is specified. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundIamRoleArn?: Array<string>;
+  /**
+   * If set, defines a constraint on the EC2 instances that the region in its identity document match one of the regions specified by this parameter. This is only applicable when auth_type is ec2.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundRegion?: Array<string>;
+  /**
+   * If set, defines a constraint on the EC2 instance to be associated with the subnet ID that matches one of the values specified by this parameter. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundSubnetId?: Array<string>;
+  /**
+   * If set, defines a constraint on the EC2 instance to be associated with a VPC ID that matches one of the value specified by this parameter. This is only applicable when auth_type is ec2 or inferred_entity_type is ec2_instance.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  boundVpcId?: Array<string>;
+  /**
+   * If set, only allows a single token to be granted per instance ID. In order to perform a fresh login, the entry in the access list for the instance ID needs to be cleared using 'auth/aws-ec2/identity-accesslist/<instance_id>' endpoint. This is only applicable when auth_type is ec2.
+   * @type {boolean}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  disallowReauthentication?: boolean;
+  /**
+   * When auth_type is iam and inferred_entity_type is set, the region to assume the inferred entity exists in.
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  inferredAwsRegion?: string;
+  /**
+   * When auth_type is iam, the AWS entity type to infer from the authenticated principal. The only supported value is ec2_instance, which will extract the EC2 instance ID from the authenticated role and apply the following restrictions specific to EC2 instances: bound_ami_id, bound_account_id, bound_iam_role_arn, bound_iam_instance_profile_arn, bound_vpc_id, bound_subnet_id. The configured EC2 client must be able to find the inferred instance ID in the results, and the instance must be running. If unable to determine the EC2 instance ID or unable to find the EC2 instance ID among running instances, then authentication will fail.
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  inferredEntityType?: string;
+  /**
+   * Use "token_max_ttl" instead. If this and "token_max_ttl" are both specified, only "token_max_ttl" will be used.
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   * @deprecated
+   */
+  maxTtl?: string;
+  /**
+   * Use "token_period" instead. If this and "token_period" are both specified, only "token_period" will be used.
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   * @deprecated
+   */
+  period?: string;
+  /**
+   * Use "token_policies" instead. If this and "token_policies" are both specified, only "token_policies" will be used.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   * @deprecated
+   */
+  policies?: Array<string>;
+  /**
+   * If set, resolve all AWS IAM ARNs into AWS's internal unique IDs. When an IAM entity (e.g., user, role, or instance profile) is deleted, then all references to it within the role will be invalidated, which prevents a new IAM entity from being created with the same name and matching the role's IAM binds. Once set, this cannot be unset.
+   * @type {boolean}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  resolveAwsUniqueIds?: boolean;
+  /**
+   * If set, enables the role tags for this role. The value set for this field should be the 'key' of the tag on the EC2 instance. The 'value' of the tag should be generated using 'role/<role>/tag' endpoint. Defaults to an empty string, meaning that role tags are disabled. This is only allowed if auth_type is ec2.
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  roleTag?: string;
+  /**
+   * Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenBoundCidrs?: Array<string>;
+  /**
+   * If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenExplicitMaxTtl?: string;
+  /**
+   * The maximum lifetime of the generated token
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenMaxTtl?: string;
+  /**
+   * If true, the 'default' policy will not automatically be added to generated tokens
+   * @type {boolean}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenNoDefaultPolicy?: boolean;
+  /**
+   * The maximum number of times a token may be used, a value of zero means unlimited
+   * @type {number}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenNumUses?: number;
+  /**
+   * If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. "24h").
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenPeriod?: string;
+  /**
+   * Comma-separated list of policies
+   * @type {Array<string>}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenPolicies?: Array<string>;
+  /**
+   * The initial ttl of the token to generate
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenTtl?: string;
+  /**
+   * The type of token to generate, service or batch
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   */
+  tokenType?: string;
+  /**
+   * Use "token_ttl" instead. If this and "token_ttl" are both specified, only "token_ttl" will be used.
+   * @type {string}
+   * @memberof AwsWriteAuthRoleRequest
+   * @deprecated
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AwsWriteAuthRoleRequest interface.
+ */
+export function instanceOfAwsWriteAuthRoleRequest(value: object): value is AwsWriteAuthRoleRequest {
+  return true;
+}
+
+export function AwsWriteAuthRoleRequestFromJSON(json: any): AwsWriteAuthRoleRequest {
+  return AwsWriteAuthRoleRequestFromJSONTyped(json, false);
+}
+
+export function AwsWriteAuthRoleRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsWriteAuthRoleRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    allowInstanceMigration:
+      json['allow_instance_migration'] == null ? undefined : json['allow_instance_migration'],
+    authType: json['auth_type'] == null ? undefined : json['auth_type'],
+    boundAccountId: json['bound_account_id'] == null ? undefined : json['bound_account_id'],
+    boundAmiId: json['bound_ami_id'] == null ? undefined : json['bound_ami_id'],
+    boundEc2InstanceId: json['bound_ec2_instance_id'] == null ? undefined : json['bound_ec2_instance_id'],
+    boundIamInstanceProfileArn:
+      json['bound_iam_instance_profile_arn'] == null ? undefined : json['bound_iam_instance_profile_arn'],
+    boundIamPrincipalArn:
+      json['bound_iam_principal_arn'] == null ? undefined : json['bound_iam_principal_arn'],
+    boundIamRoleArn: json['bound_iam_role_arn'] == null ? undefined : json['bound_iam_role_arn'],
+    boundRegion: json['bound_region'] == null ? undefined : json['bound_region'],
+    boundSubnetId: json['bound_subnet_id'] == null ? undefined : json['bound_subnet_id'],
+    boundVpcId: json['bound_vpc_id'] == null ? undefined : json['bound_vpc_id'],
+    disallowReauthentication:
+      json['disallow_reauthentication'] == null ? undefined : json['disallow_reauthentication'],
+    inferredAwsRegion: json['inferred_aws_region'] == null ? undefined : json['inferred_aws_region'],
+    inferredEntityType: json['inferred_entity_type'] == null ? undefined : json['inferred_entity_type'],
+    maxTtl: json['max_ttl'] == null ? undefined : json['max_ttl'],
+    period: json['period'] == null ? undefined : json['period'],
+    policies: json['policies'] == null ? undefined : json['policies'],
+    resolveAwsUniqueIds: json['resolve_aws_unique_ids'] == null ? undefined : json['resolve_aws_unique_ids'],
+    roleTag: json['role_tag'] == null ? undefined : json['role_tag'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+    tokenExplicitMaxTtl: json['token_explicit_max_ttl'] == null ? undefined : json['token_explicit_max_ttl'],
+    tokenMaxTtl: json['token_max_ttl'] == null ? undefined : json['token_max_ttl'],
+    tokenNoDefaultPolicy:
+      json['token_no_default_policy'] == null ? undefined : json['token_no_default_policy'],
+    tokenNumUses: json['token_num_uses'] == null ? undefined : json['token_num_uses'],
+    tokenPeriod: json['token_period'] == null ? undefined : json['token_period'],
+    tokenPolicies: json['token_policies'] == null ? undefined : json['token_policies'],
+    tokenTtl: json['token_ttl'] == null ? undefined : json['token_ttl'],
+    tokenType: json['token_type'] == null ? undefined : json['token_type'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AwsWriteAuthRoleRequestToJSON(json: any): AwsWriteAuthRoleRequest {
+  return AwsWriteAuthRoleRequestToJSONTyped(json, false);
+}
+
+export function AwsWriteAuthRoleRequestToJSONTyped(
+  value?: AwsWriteAuthRoleRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    allow_instance_migration: value['allowInstanceMigration'],
+    auth_type: value['authType'],
+    bound_account_id: value['boundAccountId'],
+    bound_ami_id: value['boundAmiId'],
+    bound_ec2_instance_id: value['boundEc2InstanceId'],
+    bound_iam_instance_profile_arn: value['boundIamInstanceProfileArn'],
+    bound_iam_principal_arn: value['boundIamPrincipalArn'],
+    bound_iam_role_arn: value['boundIamRoleArn'],
+    bound_region: value['boundRegion'],
+    bound_subnet_id: value['boundSubnetId'],
+    bound_vpc_id: value['boundVpcId'],
+    disallow_reauthentication: value['disallowReauthentication'],
+    inferred_aws_region: value['inferredAwsRegion'],
+    inferred_entity_type: value['inferredEntityType'],
+    max_ttl: value['maxTtl'],
+    period: value['period'],
+    policies: value['policies'],
+    resolve_aws_unique_ids: value['resolveAwsUniqueIds'],
+    role_tag: value['roleTag'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+    token_explicit_max_ttl: value['tokenExplicitMaxTtl'],
+    token_max_ttl: value['tokenMaxTtl'],
+    token_no_default_policy: value['tokenNoDefaultPolicy'],
+    token_num_uses: value['tokenNumUses'],
+    token_period: value['tokenPeriod'],
+    token_policies: value['tokenPolicies'],
+    token_ttl: value['tokenTtl'],
+    token_type: value['tokenType'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/AwsWriteRoleRequest.ts

@@ -0,0 +1,183 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsWriteRoleRequest
+ */
+export interface AwsWriteRoleRequest {
+  /**
+   * Use role_arns or policy_arns instead.
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   * @deprecated
+   */
+  arn?: string;
+  /**
+   * Type of credential to retrieve. Must be one of assumed_role, iam_user, federation_token, or session_token
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   */
+  credentialType?: string;
+  /**
+   * Default TTL for assumed_role, federation_token, and session_token credential types when no TTL is explicitly requested with the credentials
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   */
+  defaultStsTtl?: string;
+  /**
+   * External ID to set when assuming the role; only valid when credential_type is assumed_role
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   */
+  externalId?: string;
+  /**
+   * Names of IAM groups that generated IAM users will be added to. For a credential type of assumed_role or federation_token, the policies sent to the corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the policies from each group in iam_groups combined with the policy_document and policy_arns parameters.
+   * @type {Array<string>}
+   * @memberof AwsWriteRoleRequest
+   */
+  iamGroups?: Array<string>;
+  /**
+   * IAM tags to be set for any users created by this role. These must be presented as Key-Value pairs. This can be represented as a map or a list of equal sign delimited key pairs.
+   * @type {object}
+   * @memberof AwsWriteRoleRequest
+   */
+  iamTags?: object;
+  /**
+   * Max allowed TTL for assumed_role, federation_token, and session_token credential types
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   */
+  maxStsTtl?: string;
+  /**
+   * Identification number or ARN of the MFA device associated with the root config user. Only valid when credential_type is session_token. This is only required when the IAM user has an MFA device configured.
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   */
+  mfaSerialNumber?: string;
+  /**
+   * ARN of an IAM policy to attach as a permissions boundary on IAM user credentials; only valid when credential_type isiam_user
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   */
+  permissionsBoundaryArn?: string;
+  /**
+   * Use policy_document instead.
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   * @deprecated
+   */
+  policy?: string;
+  /**
+   * ARNs of AWS policies. Behavior varies by credential_type. When credential_type is iam_user, then it will attach the specified policies to the generated IAM user. When credential_type is assumed_role or federation_token, the policies will be passed as the PolicyArns parameter, acting as a filter on permissions available.
+   * @type {Array<string>}
+   * @memberof AwsWriteRoleRequest
+   */
+  policyArns?: Array<string>;
+  /**
+   * JSON-encoded IAM policy document. Behavior varies by credential_type. When credential_type is iam_user, then it will attach the contents of the policy_document to the IAM user generated. When credential_type is assumed_role or federation_token, this will be passed in as the Policy parameter to the AssumeRole or GetFederationToken API call, acting as a filter on permissions available.
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   */
+  policyDocument?: string;
+  /**
+   * ARNs of AWS roles allowed to be assumed. Only valid when credential_type is assumed_role
+   * @type {Array<string>}
+   * @memberof AwsWriteRoleRequest
+   */
+  roleArns?: Array<string>;
+  /**
+   * Session tags to be set for "assumed_role" creds created by this role. These must be presented as Key-Value pairs. This can be represented as a map or a list of equal sign delimited key pairs.
+   * @type {object}
+   * @memberof AwsWriteRoleRequest
+   */
+  sessionTags?: object;
+  /**
+   * Path for IAM User. Only valid when credential_type is iam_user
+   * @type {string}
+   * @memberof AwsWriteRoleRequest
+   */
+  userPath?: string;
+}
+
+/**
+ * Check if a given object implements the AwsWriteRoleRequest interface.
+ */
+export function instanceOfAwsWriteRoleRequest(value: object): value is AwsWriteRoleRequest {
+  return true;
+}
+
+export function AwsWriteRoleRequestFromJSON(json: any): AwsWriteRoleRequest {
+  return AwsWriteRoleRequestFromJSONTyped(json, false);
+}
+
+export function AwsWriteRoleRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsWriteRoleRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    arn: json['arn'] == null ? undefined : json['arn'],
+    credentialType: json['credential_type'] == null ? undefined : json['credential_type'],
+    defaultStsTtl: json['default_sts_ttl'] == null ? undefined : json['default_sts_ttl'],
+    externalId: json['external_id'] == null ? undefined : json['external_id'],
+    iamGroups: json['iam_groups'] == null ? undefined : json['iam_groups'],
+    iamTags: json['iam_tags'] == null ? undefined : json['iam_tags'],
+    maxStsTtl: json['max_sts_ttl'] == null ? undefined : json['max_sts_ttl'],
+    mfaSerialNumber: json['mfa_serial_number'] == null ? undefined : json['mfa_serial_number'],
+    permissionsBoundaryArn:
+      json['permissions_boundary_arn'] == null ? undefined : json['permissions_boundary_arn'],
+    policy: json['policy'] == null ? undefined : json['policy'],
+    policyArns: json['policy_arns'] == null ? undefined : json['policy_arns'],
+    policyDocument: json['policy_document'] == null ? undefined : json['policy_document'],
+    roleArns: json['role_arns'] == null ? undefined : json['role_arns'],
+    sessionTags: json['session_tags'] == null ? undefined : json['session_tags'],
+    userPath: json['user_path'] == null ? undefined : json['user_path'],
+  };
+}
+
+export function AwsWriteRoleRequestToJSON(json: any): AwsWriteRoleRequest {
+  return AwsWriteRoleRequestToJSONTyped(json, false);
+}
+
+export function AwsWriteRoleRequestToJSONTyped(
+  value?: AwsWriteRoleRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    arn: value['arn'],
+    credential_type: value['credentialType'],
+    default_sts_ttl: value['defaultStsTtl'],
+    external_id: value['externalId'],
+    iam_groups: value['iamGroups'],
+    iam_tags: value['iamTags'],
+    max_sts_ttl: value['maxStsTtl'],
+    mfa_serial_number: value['mfaSerialNumber'],
+    permissions_boundary_arn: value['permissionsBoundaryArn'],
+    policy: value['policy'],
+    policy_arns: value['policyArns'],
+    policy_document: value['policyDocument'],
+    role_arns: value['roleArns'],
+    session_tags: value['sessionTags'],
+    user_path: value['userPath'],
+  };
+}

ui/api-client/src/models/AwsWriteRoleTagRequest.ts

@@ -0,0 +1,102 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsWriteRoleTagRequest
+ */
+export interface AwsWriteRoleTagRequest {
+  /**
+   * If set, allows migration of the underlying instance where the client resides. This keys off of pendingTime in the metadata document, so essentially, this disables the client nonce check whenever the instance is migrated to a new host and pendingTime is newer than the previously-remembered time. Use with caution.
+   * @type {boolean}
+   * @memberof AwsWriteRoleTagRequest
+   */
+  allowInstanceMigration?: boolean;
+  /**
+   * If set, only allows a single token to be granted per instance ID. In order to perform a fresh login, the entry in access list for the instance ID needs to be cleared using the 'auth/aws-ec2/identity-accesslist/<instance_id>' endpoint.
+   * @type {boolean}
+   * @memberof AwsWriteRoleTagRequest
+   */
+  disallowReauthentication?: boolean;
+  /**
+   * Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
+   * @type {string}
+   * @memberof AwsWriteRoleTagRequest
+   */
+  instanceId?: string;
+  /**
+   * If set, specifies the maximum allowed token lifetime.
+   * @type {string}
+   * @memberof AwsWriteRoleTagRequest
+   */
+  maxTtl?: string;
+  /**
+   * Policies to be associated with the tag. If set, must be a subset of the role's policies. If set, but set to an empty value, only the 'default' policy will be given to issued tokens.
+   * @type {Array<string>}
+   * @memberof AwsWriteRoleTagRequest
+   */
+  policies?: Array<string>;
+}
+
+/**
+ * Check if a given object implements the AwsWriteRoleTagRequest interface.
+ */
+export function instanceOfAwsWriteRoleTagRequest(value: object): value is AwsWriteRoleTagRequest {
+  return true;
+}
+
+export function AwsWriteRoleTagRequestFromJSON(json: any): AwsWriteRoleTagRequest {
+  return AwsWriteRoleTagRequestFromJSONTyped(json, false);
+}
+
+export function AwsWriteRoleTagRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsWriteRoleTagRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    allowInstanceMigration:
+      json['allow_instance_migration'] == null ? undefined : json['allow_instance_migration'],
+    disallowReauthentication:
+      json['disallow_reauthentication'] == null ? undefined : json['disallow_reauthentication'],
+    instanceId: json['instance_id'] == null ? undefined : json['instance_id'],
+    maxTtl: json['max_ttl'] == null ? undefined : json['max_ttl'],
+    policies: json['policies'] == null ? undefined : json['policies'],
+  };
+}
+
+export function AwsWriteRoleTagRequestToJSON(json: any): AwsWriteRoleTagRequest {
+  return AwsWriteRoleTagRequestToJSONTyped(json, false);
+}
+
+export function AwsWriteRoleTagRequestToJSONTyped(
+  value?: AwsWriteRoleTagRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    allow_instance_migration: value['allowInstanceMigration'],
+    disallow_reauthentication: value['disallowReauthentication'],
+    instance_id: value['instanceId'],
+    max_ttl: value['maxTtl'],
+    policies: value['policies'],
+  };
+}

ui/api-client/src/models/AwsWriteStaticRolesNameRequest.ts

@@ -0,0 +1,103 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsWriteStaticRolesNameRequest
+ */
+export interface AwsWriteStaticRolesNameRequest {
+  /**
+   * The AWS ARN for the role to be assumed when interacting with the account specified.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameRequest
+   */
+  assumeRoleArn?: string;
+  /**
+   * An identifier for the assumed role session.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameRequest
+   */
+  assumeRoleSessionName?: string;
+  /**
+   * An external ID to be passed to the assumed role session.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameRequest
+   */
+  externalId?: string;
+  /**
+   * Period by which to rotate the backing credential of the adopted user. This can be a Go duration (e.g, '1m', 24h'), or an integer number of seconds.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameRequest
+   */
+  rotationPeriod?: string;
+  /**
+   * The IAM user to adopt as a static role.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameRequest
+   */
+  username?: string;
+}
+
+/**
+ * Check if a given object implements the AwsWriteStaticRolesNameRequest interface.
+ */
+export function instanceOfAwsWriteStaticRolesNameRequest(
+  value: object
+): value is AwsWriteStaticRolesNameRequest {
+  return true;
+}
+
+export function AwsWriteStaticRolesNameRequestFromJSON(json: any): AwsWriteStaticRolesNameRequest {
+  return AwsWriteStaticRolesNameRequestFromJSONTyped(json, false);
+}
+
+export function AwsWriteStaticRolesNameRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsWriteStaticRolesNameRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    assumeRoleArn: json['assume_role_arn'] == null ? undefined : json['assume_role_arn'],
+    assumeRoleSessionName:
+      json['assume_role_session_name'] == null ? undefined : json['assume_role_session_name'],
+    externalId: json['external_id'] == null ? undefined : json['external_id'],
+    rotationPeriod: json['rotation_period'] == null ? undefined : json['rotation_period'],
+    username: json['username'] == null ? undefined : json['username'],
+  };
+}
+
+export function AwsWriteStaticRolesNameRequestToJSON(json: any): AwsWriteStaticRolesNameRequest {
+  return AwsWriteStaticRolesNameRequestToJSONTyped(json, false);
+}
+
+export function AwsWriteStaticRolesNameRequestToJSONTyped(
+  value?: AwsWriteStaticRolesNameRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    assume_role_arn: value['assumeRoleArn'],
+    assume_role_session_name: value['assumeRoleSessionName'],
+    external_id: value['externalId'],
+    rotation_period: value['rotationPeriod'],
+    username: value['username'],
+  };
+}

ui/api-client/src/models/AwsWriteStaticRolesNameResponse.ts

@@ -0,0 +1,111 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsWriteStaticRolesNameResponse
+ */
+export interface AwsWriteStaticRolesNameResponse {
+  /**
+   * The AWS ARN for the role to be assumed when interacting with the account specified.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameResponse
+   */
+  assumeRoleArn?: string;
+  /**
+   * An identifier for the assumed role session.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameResponse
+   */
+  assumeRoleSessionName?: string;
+  /**
+   * An external ID to be passed to the assumed role session.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameResponse
+   */
+  externalId?: string;
+  /**
+   * The name of this role.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameResponse
+   */
+  name?: string;
+  /**
+   * Period by which to rotate the backing credential of the adopted user. This can be a Go duration (e.g, '1m', 24h'), or an integer number of seconds.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameResponse
+   */
+  rotationPeriod?: string;
+  /**
+   * The IAM user to adopt as a static role.
+   * @type {string}
+   * @memberof AwsWriteStaticRolesNameResponse
+   */
+  username?: string;
+}
+
+/**
+ * Check if a given object implements the AwsWriteStaticRolesNameResponse interface.
+ */
+export function instanceOfAwsWriteStaticRolesNameResponse(
+  value: object
+): value is AwsWriteStaticRolesNameResponse {
+  return true;
+}
+
+export function AwsWriteStaticRolesNameResponseFromJSON(json: any): AwsWriteStaticRolesNameResponse {
+  return AwsWriteStaticRolesNameResponseFromJSONTyped(json, false);
+}
+
+export function AwsWriteStaticRolesNameResponseFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsWriteStaticRolesNameResponse {
+  if (json == null) {
+    return json;
+  }
+  return {
+    assumeRoleArn: json['assume_role_arn'] == null ? undefined : json['assume_role_arn'],
+    assumeRoleSessionName:
+      json['assume_role_session_name'] == null ? undefined : json['assume_role_session_name'],
+    externalId: json['external_id'] == null ? undefined : json['external_id'],
+    name: json['name'] == null ? undefined : json['name'],
+    rotationPeriod: json['rotation_period'] == null ? undefined : json['rotation_period'],
+    username: json['username'] == null ? undefined : json['username'],
+  };
+}
+
+export function AwsWriteStaticRolesNameResponseToJSON(json: any): AwsWriteStaticRolesNameResponse {
+  return AwsWriteStaticRolesNameResponseToJSONTyped(json, false);
+}
+
+export function AwsWriteStaticRolesNameResponseToJSONTyped(
+  value?: AwsWriteStaticRolesNameResponse | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    assume_role_arn: value['assumeRoleArn'],
+    assume_role_session_name: value['assumeRoleSessionName'],
+    external_id: value['externalId'],
+    name: value['name'],
+    rotation_period: value['rotationPeriod'],
+    username: value['username'],
+  };
+}

ui/api-client/src/models/AwsWriteStsRoleRequest.ts

@@ -0,0 +1,76 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AwsWriteStsRoleRequest
+ */
+export interface AwsWriteStsRoleRequest {
+  /**
+   * AWS external ID to be used when assuming the STS role.
+   * @type {string}
+   * @memberof AwsWriteStsRoleRequest
+   */
+  externalId?: string;
+  /**
+   * AWS ARN for STS role to be assumed when interacting with the account specified. The Vault server must have permissions to assume this role.
+   * @type {string}
+   * @memberof AwsWriteStsRoleRequest
+   */
+  stsRole?: string;
+}
+
+/**
+ * Check if a given object implements the AwsWriteStsRoleRequest interface.
+ */
+export function instanceOfAwsWriteStsRoleRequest(value: object): value is AwsWriteStsRoleRequest {
+  return true;
+}
+
+export function AwsWriteStsRoleRequestFromJSON(json: any): AwsWriteStsRoleRequest {
+  return AwsWriteStsRoleRequestFromJSONTyped(json, false);
+}
+
+export function AwsWriteStsRoleRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AwsWriteStsRoleRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    externalId: json['external_id'] == null ? undefined : json['external_id'],
+    stsRole: json['sts_role'] == null ? undefined : json['sts_role'],
+  };
+}
+
+export function AwsWriteStsRoleRequestToJSON(json: any): AwsWriteStsRoleRequest {
+  return AwsWriteStsRoleRequestToJSONTyped(json, false);
+}
+
+export function AwsWriteStsRoleRequestToJSONTyped(
+  value?: AwsWriteStsRoleRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    external_id: value['externalId'],
+    sts_role: value['stsRole'],
+  };
+}

ui/api-client/src/models/AzureConfigureAuthRequest.ts

@@ -0,0 +1,182 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AzureConfigureAuthRequest
+ */
+export interface AzureConfigureAuthRequest {
+  /**
+   * The OAuth2 client id to connection to Azure. This value can also be provided with the AZURE_CLIENT_ID environment variable.
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  clientId?: string;
+  /**
+   * The OAuth2 client secret to connection to Azure. This value can also be provided with the AZURE_CLIENT_SECRET environment variable.
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  clientSecret?: string;
+  /**
+   * If set to true, will deregister all registered rotation jobs from the RotationManager for the plugin.
+   * @type {boolean}
+   * @memberof AzureConfigureAuthRequest
+   */
+  disableAutomatedRotation?: boolean;
+  /**
+   * The Azure environment name. If not provided, AzurePublicCloud is used. This value can also be provided with the AZURE_ENVIRONMENT environment variable.
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  environment?: string;
+  /**
+   * Audience of plugin identity tokens
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  identityTokenAudience?: string;
+  /**
+   * Time-to-live of plugin identity tokens
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  identityTokenTtl?: string;
+  /**
+   * The maximum number of attempts a failed operation will be retried before producing an error.
+   * @type {number}
+   * @memberof AzureConfigureAuthRequest
+   */
+  maxRetries?: number;
+  /**
+   * The maximum delay allowed before retrying an operation.
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  maxRetryDelay?: string;
+  /**
+   * The resource URL for the vault application in Azure Active Directory. This value can also be provided with the AZURE_AD_RESOURCE environment variable.
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  resource?: string;
+  /**
+   * The initial amount of delay to use before retrying an operation, increasing exponentially.
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  retryDelay?: string;
+  /**
+   * The TTL of the root password in Azure. This can be either a number of seconds or a time formatted duration (ex: 24h, 48ds)
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  rootPasswordTtl?: string;
+  /**
+   * TTL for automatic credential rotation of the given username. Mutually exclusive with rotation_schedule
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  rotationPeriod?: string;
+  /**
+   * CRON-style string that will define the schedule on which rotations should occur. Mutually exclusive with rotation_period
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  rotationSchedule?: string;
+  /**
+   * Specifies the amount of time in which the rotation is allowed to occur starting from a given rotation_schedule
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  rotationWindow?: string;
+  /**
+   * The tenant id for the Azure Active Directory. This is sometimes referred to as Directory ID in AD. This value can also be provided with the AZURE_TENANT_ID environment variable.
+   * @type {string}
+   * @memberof AzureConfigureAuthRequest
+   */
+  tenantId?: string;
+}
+
+/**
+ * Check if a given object implements the AzureConfigureAuthRequest interface.
+ */
+export function instanceOfAzureConfigureAuthRequest(value: object): value is AzureConfigureAuthRequest {
+  return true;
+}
+
+export function AzureConfigureAuthRequestFromJSON(json: any): AzureConfigureAuthRequest {
+  return AzureConfigureAuthRequestFromJSONTyped(json, false);
+}
+
+export function AzureConfigureAuthRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AzureConfigureAuthRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    clientId: json['client_id'] == null ? undefined : json['client_id'],
+    clientSecret: json['client_secret'] == null ? undefined : json['client_secret'],
+    disableAutomatedRotation:
+      json['disable_automated_rotation'] == null ? undefined : json['disable_automated_rotation'],
+    environment: json['environment'] == null ? undefined : json['environment'],
+    identityTokenAudience:
+      json['identity_token_audience'] == null ? undefined : json['identity_token_audience'],
+    identityTokenTtl: json['identity_token_ttl'] == null ? undefined : json['identity_token_ttl'],
+    maxRetries: json['max_retries'] == null ? undefined : json['max_retries'],
+    maxRetryDelay: json['max_retry_delay'] == null ? undefined : json['max_retry_delay'],
+    resource: json['resource'] == null ? undefined : json['resource'],
+    retryDelay: json['retry_delay'] == null ? undefined : json['retry_delay'],
+    rootPasswordTtl: json['root_password_ttl'] == null ? undefined : json['root_password_ttl'],
+    rotationPeriod: json['rotation_period'] == null ? undefined : json['rotation_period'],
+    rotationSchedule: json['rotation_schedule'] == null ? undefined : json['rotation_schedule'],
+    rotationWindow: json['rotation_window'] == null ? undefined : json['rotation_window'],
+    tenantId: json['tenant_id'] == null ? undefined : json['tenant_id'],
+  };
+}
+
+export function AzureConfigureAuthRequestToJSON(json: any): AzureConfigureAuthRequest {
+  return AzureConfigureAuthRequestToJSONTyped(json, false);
+}
+
+export function AzureConfigureAuthRequestToJSONTyped(
+  value?: AzureConfigureAuthRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    client_id: value['clientId'],
+    client_secret: value['clientSecret'],
+    disable_automated_rotation: value['disableAutomatedRotation'],
+    environment: value['environment'],
+    identity_token_audience: value['identityTokenAudience'],
+    identity_token_ttl: value['identityTokenTtl'],
+    max_retries: value['maxRetries'],
+    max_retry_delay: value['maxRetryDelay'],
+    resource: value['resource'],
+    retry_delay: value['retryDelay'],
+    root_password_ttl: value['rootPasswordTtl'],
+    rotation_period: value['rotationPeriod'],
+    rotation_schedule: value['rotationSchedule'],
+    rotation_window: value['rotationWindow'],
+    tenant_id: value['tenantId'],
+  };
+}

ui/api-client/src/models/AzureConfigureRequest.ts

@@ -0,0 +1,158 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AzureConfigureRequest
+ */
+export interface AzureConfigureRequest {
+  /**
+   * The OAuth2 client id to connect to Azure. This value can also be provided with the AZURE_CLIENT_ID environment variable.
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  clientId?: string;
+  /**
+   * The OAuth2 client secret to connect to Azure. This value can also be provided with the AZURE_CLIENT_SECRET environment variable.
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  clientSecret?: string;
+  /**
+   * If set to true, will deregister all registered rotation jobs from the RotationManager for the plugin.
+   * @type {boolean}
+   * @memberof AzureConfigureRequest
+   */
+  disableAutomatedRotation?: boolean;
+  /**
+   * The Azure environment name. If not provided, AzurePublicCloud is used. This value can also be provided with the AZURE_ENVIRONMENT environment variable.
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  environment?: string;
+  /**
+   * Audience of plugin identity tokens
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  identityTokenAudience?: string;
+  /**
+   * Time-to-live of plugin identity tokens
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  identityTokenTtl?: string;
+  /**
+   * The TTL of the root password in Azure. This can be either a number of seconds or a time formatted duration (ex: 24h, 48ds)
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  rootPasswordTtl?: string;
+  /**
+   * TTL for automatic credential rotation of the given username. Mutually exclusive with rotation_schedule
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  rotationPeriod?: string;
+  /**
+   * CRON-style string that will define the schedule on which rotations should occur. Mutually exclusive with rotation_period
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  rotationSchedule?: string;
+  /**
+   * Specifies the amount of time in which the rotation is allowed to occur starting from a given rotation_schedule
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  rotationWindow?: string;
+  /**
+   * The subscription id for the Azure Active Directory. This value can also be provided with the AZURE_SUBSCRIPTION_ID environment variable.
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  subscriptionId?: string;
+  /**
+   * The tenant id for the Azure Active Directory. This value can also be provided with the AZURE_TENANT_ID environment variable.
+   * @type {string}
+   * @memberof AzureConfigureRequest
+   */
+  tenantId?: string;
+}
+
+/**
+ * Check if a given object implements the AzureConfigureRequest interface.
+ */
+export function instanceOfAzureConfigureRequest(value: object): value is AzureConfigureRequest {
+  return true;
+}
+
+export function AzureConfigureRequestFromJSON(json: any): AzureConfigureRequest {
+  return AzureConfigureRequestFromJSONTyped(json, false);
+}
+
+export function AzureConfigureRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AzureConfigureRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    clientId: json['client_id'] == null ? undefined : json['client_id'],
+    clientSecret: json['client_secret'] == null ? undefined : json['client_secret'],
+    disableAutomatedRotation:
+      json['disable_automated_rotation'] == null ? undefined : json['disable_automated_rotation'],
+    environment: json['environment'] == null ? undefined : json['environment'],
+    identityTokenAudience:
+      json['identity_token_audience'] == null ? undefined : json['identity_token_audience'],
+    identityTokenTtl: json['identity_token_ttl'] == null ? undefined : json['identity_token_ttl'],
+    rootPasswordTtl: json['root_password_ttl'] == null ? undefined : json['root_password_ttl'],
+    rotationPeriod: json['rotation_period'] == null ? undefined : json['rotation_period'],
+    rotationSchedule: json['rotation_schedule'] == null ? undefined : json['rotation_schedule'],
+    rotationWindow: json['rotation_window'] == null ? undefined : json['rotation_window'],
+    subscriptionId: json['subscription_id'] == null ? undefined : json['subscription_id'],
+    tenantId: json['tenant_id'] == null ? undefined : json['tenant_id'],
+  };
+}
+
+export function AzureConfigureRequestToJSON(json: any): AzureConfigureRequest {
+  return AzureConfigureRequestToJSONTyped(json, false);
+}
+
+export function AzureConfigureRequestToJSONTyped(
+  value?: AzureConfigureRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    client_id: value['clientId'],
+    client_secret: value['clientSecret'],
+    disable_automated_rotation: value['disableAutomatedRotation'],
+    environment: value['environment'],
+    identity_token_audience: value['identityTokenAudience'],
+    identity_token_ttl: value['identityTokenTtl'],
+    root_password_ttl: value['rootPasswordTtl'],
+    rotation_period: value['rotationPeriod'],
+    rotation_schedule: value['rotationSchedule'],
+    rotation_window: value['rotationWindow'],
+    subscription_id: value['subscriptionId'],
+    tenant_id: value['tenantId'],
+  };
+}

ui/api-client/src/models/AzureLoginRequest.ts

@@ -0,0 +1,113 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AzureLoginRequest
+ */
+export interface AzureLoginRequest {
+  /**
+   * A signed JWT
+   * @type {string}
+   * @memberof AzureLoginRequest
+   */
+  jwt?: string;
+  /**
+   * The resource group from the instance.
+   * @type {string}
+   * @memberof AzureLoginRequest
+   */
+  resourceGroupName?: string;
+  /**
+   * The fully qualified ID of the resource, includingthe resource name and resource type. Use the format, /subscriptions/{guid}/resourceGroups/{resource-group-name}/{resource-provider-namespace}/{resource-type}/{resource-name}. This value is ignored if vm_name or vmss_name is specified.
+   * @type {string}
+   * @memberof AzureLoginRequest
+   */
+  resourceId?: string;
+  /**
+   * The token role.
+   * @type {string}
+   * @memberof AzureLoginRequest
+   */
+  role?: string;
+  /**
+   * The subscription id for the instance.
+   * @type {string}
+   * @memberof AzureLoginRequest
+   */
+  subscriptionId?: string;
+  /**
+   * The name of the virtual machine. This value is ignored if vmss_name is specified.
+   * @type {string}
+   * @memberof AzureLoginRequest
+   */
+  vmName?: string;
+  /**
+   * The name of the virtual machine scale set the instance is in.
+   * @type {string}
+   * @memberof AzureLoginRequest
+   */
+  vmssName?: string;
+}
+
+/**
+ * Check if a given object implements the AzureLoginRequest interface.
+ */
+export function instanceOfAzureLoginRequest(value: object): value is AzureLoginRequest {
+  return true;
+}
+
+export function AzureLoginRequestFromJSON(json: any): AzureLoginRequest {
+  return AzureLoginRequestFromJSONTyped(json, false);
+}
+
+export function AzureLoginRequestFromJSONTyped(json: any, ignoreDiscriminator: boolean): AzureLoginRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    jwt: json['jwt'] == null ? undefined : json['jwt'],
+    resourceGroupName: json['resource_group_name'] == null ? undefined : json['resource_group_name'],
+    resourceId: json['resource_id'] == null ? undefined : json['resource_id'],
+    role: json['role'] == null ? undefined : json['role'],
+    subscriptionId: json['subscription_id'] == null ? undefined : json['subscription_id'],
+    vmName: json['vm_name'] == null ? undefined : json['vm_name'],
+    vmssName: json['vmss_name'] == null ? undefined : json['vmss_name'],
+  };
+}
+
+export function AzureLoginRequestToJSON(json: any): AzureLoginRequest {
+  return AzureLoginRequestToJSONTyped(json, false);
+}
+
+export function AzureLoginRequestToJSONTyped(
+  value?: AzureLoginRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    jwt: value['jwt'],
+    resource_group_name: value['resourceGroupName'],
+    resource_id: value['resourceId'],
+    role: value['role'],
+    subscription_id: value['subscriptionId'],
+    vm_name: value['vmName'],
+    vmss_name: value['vmssName'],
+  };
+}

ui/api-client/src/models/AzureWriteAuthRoleRequest.ts

@@ -0,0 +1,227 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AzureWriteAuthRoleRequest
+ */
+export interface AzureWriteAuthRoleRequest {
+  /**
+   * Comma-separated list of group ids that login is restricted to.
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  boundGroupIds?: Array<string>;
+  /**
+   * Comma-separated list of locations that login is restricted to.
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  boundLocations?: Array<string>;
+  /**
+   * Comma-separated list of resource groups that login is restricted to.
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  boundResourceGroups?: Array<string>;
+  /**
+   * Comma-separated list of scale sets that login is restricted to.
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  boundScaleSets?: Array<string>;
+  /**
+   * Comma-separated list of service principal ids that login is restricted to.
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  boundServicePrincipalIds?: Array<string>;
+  /**
+   * Comma-separated list of subscription ids that login is restricted to.
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  boundSubscriptionIds?: Array<string>;
+  /**
+   * Use "token_max_ttl" instead. If this and "token_max_ttl" are both specified, only "token_max_ttl" will be used.
+   * @type {string}
+   * @memberof AzureWriteAuthRoleRequest
+   * @deprecated
+   */
+  maxTtl?: string;
+  /**
+   * Use "token_num_uses" instead. If this and "token_num_uses" are both specified, only "token_num_uses" will be used.
+   * @type {number}
+   * @memberof AzureWriteAuthRoleRequest
+   * @deprecated
+   */
+  numUses?: number;
+  /**
+   * Use "token_period" instead. If this and "token_period" are both specified, only "token_period" will be used.
+   * @type {string}
+   * @memberof AzureWriteAuthRoleRequest
+   * @deprecated
+   */
+  period?: string;
+  /**
+   * Use "token_policies" instead. If this and "token_policies" are both specified, only "token_policies" will be used.
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   * @deprecated
+   */
+  policies?: Array<string>;
+  /**
+   * Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenBoundCidrs?: Array<string>;
+  /**
+   * If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
+   * @type {string}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenExplicitMaxTtl?: string;
+  /**
+   * The maximum lifetime of the generated token
+   * @type {string}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenMaxTtl?: string;
+  /**
+   * If true, the 'default' policy will not automatically be added to generated tokens
+   * @type {boolean}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenNoDefaultPolicy?: boolean;
+  /**
+   * The maximum number of times a token may be used, a value of zero means unlimited
+   * @type {number}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenNumUses?: number;
+  /**
+   * If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. "24h").
+   * @type {string}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenPeriod?: string;
+  /**
+   * Comma-separated list of policies
+   * @type {Array<string>}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenPolicies?: Array<string>;
+  /**
+   * The initial ttl of the token to generate
+   * @type {string}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenTtl?: string;
+  /**
+   * The type of token to generate, service or batch
+   * @type {string}
+   * @memberof AzureWriteAuthRoleRequest
+   */
+  tokenType?: string;
+  /**
+   * Use "token_ttl" instead. If this and "token_ttl" are both specified, only "token_ttl" will be used.
+   * @type {string}
+   * @memberof AzureWriteAuthRoleRequest
+   * @deprecated
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AzureWriteAuthRoleRequest interface.
+ */
+export function instanceOfAzureWriteAuthRoleRequest(value: object): value is AzureWriteAuthRoleRequest {
+  return true;
+}
+
+export function AzureWriteAuthRoleRequestFromJSON(json: any): AzureWriteAuthRoleRequest {
+  return AzureWriteAuthRoleRequestFromJSONTyped(json, false);
+}
+
+export function AzureWriteAuthRoleRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AzureWriteAuthRoleRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    boundGroupIds: json['bound_group_ids'] == null ? undefined : json['bound_group_ids'],
+    boundLocations: json['bound_locations'] == null ? undefined : json['bound_locations'],
+    boundResourceGroups: json['bound_resource_groups'] == null ? undefined : json['bound_resource_groups'],
+    boundScaleSets: json['bound_scale_sets'] == null ? undefined : json['bound_scale_sets'],
+    boundServicePrincipalIds:
+      json['bound_service_principal_ids'] == null ? undefined : json['bound_service_principal_ids'],
+    boundSubscriptionIds: json['bound_subscription_ids'] == null ? undefined : json['bound_subscription_ids'],
+    maxTtl: json['max_ttl'] == null ? undefined : json['max_ttl'],
+    numUses: json['num_uses'] == null ? undefined : json['num_uses'],
+    period: json['period'] == null ? undefined : json['period'],
+    policies: json['policies'] == null ? undefined : json['policies'],
+    tokenBoundCidrs: json['token_bound_cidrs'] == null ? undefined : json['token_bound_cidrs'],
+    tokenExplicitMaxTtl: json['token_explicit_max_ttl'] == null ? undefined : json['token_explicit_max_ttl'],
+    tokenMaxTtl: json['token_max_ttl'] == null ? undefined : json['token_max_ttl'],
+    tokenNoDefaultPolicy:
+      json['token_no_default_policy'] == null ? undefined : json['token_no_default_policy'],
+    tokenNumUses: json['token_num_uses'] == null ? undefined : json['token_num_uses'],
+    tokenPeriod: json['token_period'] == null ? undefined : json['token_period'],
+    tokenPolicies: json['token_policies'] == null ? undefined : json['token_policies'],
+    tokenTtl: json['token_ttl'] == null ? undefined : json['token_ttl'],
+    tokenType: json['token_type'] == null ? undefined : json['token_type'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AzureWriteAuthRoleRequestToJSON(json: any): AzureWriteAuthRoleRequest {
+  return AzureWriteAuthRoleRequestToJSONTyped(json, false);
+}
+
+export function AzureWriteAuthRoleRequestToJSONTyped(
+  value?: AzureWriteAuthRoleRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    bound_group_ids: value['boundGroupIds'],
+    bound_locations: value['boundLocations'],
+    bound_resource_groups: value['boundResourceGroups'],
+    bound_scale_sets: value['boundScaleSets'],
+    bound_service_principal_ids: value['boundServicePrincipalIds'],
+    bound_subscription_ids: value['boundSubscriptionIds'],
+    max_ttl: value['maxTtl'],
+    num_uses: value['numUses'],
+    period: value['period'],
+    policies: value['policies'],
+    token_bound_cidrs: value['tokenBoundCidrs'],
+    token_explicit_max_ttl: value['tokenExplicitMaxTtl'],
+    token_max_ttl: value['tokenMaxTtl'],
+    token_no_default_policy: value['tokenNoDefaultPolicy'],
+    token_num_uses: value['tokenNumUses'],
+    token_period: value['tokenPeriod'],
+    token_policies: value['tokenPolicies'],
+    token_ttl: value['tokenTtl'],
+    token_type: value['tokenType'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/AzureWriteRoleRequest.ts

@@ -0,0 +1,140 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface AzureWriteRoleRequest
+ */
+export interface AzureWriteRoleRequest {
+  /**
+   * Application Object ID to use for static service principal credentials.
+   * @type {string}
+   * @memberof AzureWriteRoleRequest
+   */
+  applicationObjectId?: string;
+  /**
+   * JSON list of Azure groups to add the service principal to.
+   * @type {string}
+   * @memberof AzureWriteRoleRequest
+   */
+  azureGroups?: string;
+  /**
+   * JSON list of Azure roles to assign.
+   * @type {string}
+   * @memberof AzureWriteRoleRequest
+   */
+  azureRoles?: string;
+  /**
+   * Maximum lifetime of the lease and service principal. If not set or set to 0, will use the system default.
+   * @type {string}
+   * @memberof AzureWriteRoleRequest
+   */
+  explicitMaxTtl?: string;
+  /**
+   * Maximum time a service principal. If not set or set to 0, will use system default.
+   * @type {string}
+   * @memberof AzureWriteRoleRequest
+   */
+  maxTtl?: string;
+  /**
+   * Indicates whether new application objects should be permanently deleted. If not set, objects will not be permanently deleted.
+   * @type {boolean}
+   * @memberof AzureWriteRoleRequest
+   */
+  permanentlyDelete?: boolean;
+  /**
+   * Persist the app between generated credentials. Useful if the app needs to maintain owner ship of resources it creates
+   * @type {boolean}
+   * @memberof AzureWriteRoleRequest
+   */
+  persistApp?: boolean;
+  /**
+   * Specifies the security principal types that are allowed to sign in to the application. Valid values are: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount
+   * @type {string}
+   * @memberof AzureWriteRoleRequest
+   */
+  signInAudience?: string;
+  /**
+   * Azure tags to attach to an application.
+   * @type {Array<string>}
+   * @memberof AzureWriteRoleRequest
+   */
+  tags?: Array<string>;
+  /**
+   * Default lease for generated credentials. If not set or set to 0, will use system default.
+   * @type {string}
+   * @memberof AzureWriteRoleRequest
+   */
+  ttl?: string;
+}
+
+/**
+ * Check if a given object implements the AzureWriteRoleRequest interface.
+ */
+export function instanceOfAzureWriteRoleRequest(value: object): value is AzureWriteRoleRequest {
+  return true;
+}
+
+export function AzureWriteRoleRequestFromJSON(json: any): AzureWriteRoleRequest {
+  return AzureWriteRoleRequestFromJSONTyped(json, false);
+}
+
+export function AzureWriteRoleRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): AzureWriteRoleRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    applicationObjectId: json['application_object_id'] == null ? undefined : json['application_object_id'],
+    azureGroups: json['azure_groups'] == null ? undefined : json['azure_groups'],
+    azureRoles: json['azure_roles'] == null ? undefined : json['azure_roles'],
+    explicitMaxTtl: json['explicit_max_ttl'] == null ? undefined : json['explicit_max_ttl'],
+    maxTtl: json['max_ttl'] == null ? undefined : json['max_ttl'],
+    permanentlyDelete: json['permanently_delete'] == null ? undefined : json['permanently_delete'],
+    persistApp: json['persist_app'] == null ? undefined : json['persist_app'],
+    signInAudience: json['sign_in_audience'] == null ? undefined : json['sign_in_audience'],
+    tags: json['tags'] == null ? undefined : json['tags'],
+    ttl: json['ttl'] == null ? undefined : json['ttl'],
+  };
+}
+
+export function AzureWriteRoleRequestToJSON(json: any): AzureWriteRoleRequest {
+  return AzureWriteRoleRequestToJSONTyped(json, false);
+}
+
+export function AzureWriteRoleRequestToJSONTyped(
+  value?: AzureWriteRoleRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    application_object_id: value['applicationObjectId'],
+    azure_groups: value['azureGroups'],
+    azure_roles: value['azureRoles'],
+    explicit_max_ttl: value['explicitMaxTtl'],
+    max_ttl: value['maxTtl'],
+    permanently_delete: value['permanentlyDelete'],
+    persist_app: value['persistApp'],
+    sign_in_audience: value['signInAudience'],
+    tags: value['tags'],
+    ttl: value['ttl'],
+  };
+}

ui/api-client/src/models/CertConfigureRequest.ts

@@ -0,0 +1,102 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface CertConfigureRequest
+ */
+export interface CertConfigureRequest {
+  /**
+   * If set, during renewal, skips the matching of presented client identity with the client identity used during login. Defaults to false.
+   * @type {boolean}
+   * @memberof CertConfigureRequest
+   */
+  disableBinding?: boolean;
+  /**
+   * If set, metadata of the certificate including the metadata corresponding to allowed_metadata_extensions will be stored in the alias. Defaults to false.
+   * @type {boolean}
+   * @memberof CertConfigureRequest
+   */
+  enableIdentityAliasMetadata?: boolean;
+  /**
+   * If set, metadata of the client certificate will be returned on authentication failures.
+   * @type {boolean}
+   * @memberof CertConfigureRequest
+   */
+  enableMetadataOnFailures?: boolean;
+  /**
+   * The size of the in memory OCSP response cache, shared by all configured certs
+   * @type {number}
+   * @memberof CertConfigureRequest
+   */
+  ocspCacheSize?: number;
+  /**
+   * The size of the in memory role cache
+   * @type {number}
+   * @memberof CertConfigureRequest
+   */
+  roleCacheSize?: number;
+}
+
+/**
+ * Check if a given object implements the CertConfigureRequest interface.
+ */
+export function instanceOfCertConfigureRequest(value: object): value is CertConfigureRequest {
+  return true;
+}
+
+export function CertConfigureRequestFromJSON(json: any): CertConfigureRequest {
+  return CertConfigureRequestFromJSONTyped(json, false);
+}
+
+export function CertConfigureRequestFromJSONTyped(
+  json: any,
+  ignoreDiscriminator: boolean
+): CertConfigureRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    disableBinding: json['disable_binding'] == null ? undefined : json['disable_binding'],
+    enableIdentityAliasMetadata:
+      json['enable_identity_alias_metadata'] == null ? undefined : json['enable_identity_alias_metadata'],
+    enableMetadataOnFailures:
+      json['enable_metadata_on_failures'] == null ? undefined : json['enable_metadata_on_failures'],
+    ocspCacheSize: json['ocsp_cache_size'] == null ? undefined : json['ocsp_cache_size'],
+    roleCacheSize: json['role_cache_size'] == null ? undefined : json['role_cache_size'],
+  };
+}
+
+export function CertConfigureRequestToJSON(json: any): CertConfigureRequest {
+  return CertConfigureRequestToJSONTyped(json, false);
+}
+
+export function CertConfigureRequestToJSONTyped(
+  value?: CertConfigureRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    disable_binding: value['disableBinding'],
+    enable_identity_alias_metadata: value['enableIdentityAliasMetadata'],
+    enable_metadata_on_failures: value['enableMetadataOnFailures'],
+    ocsp_cache_size: value['ocspCacheSize'],
+    role_cache_size: value['roleCacheSize'],
+  };
+}

ui/api-client/src/models/CertLoginRequest.ts

@@ -0,0 +1,65 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * HashiCorp Vault API
+ * HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
+ *
+ * The version of the OpenAPI document: 1.20.0
+ *
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { mapValues } from '../runtime';
+/**
+ *
+ * @export
+ * @interface CertLoginRequest
+ */
+export interface CertLoginRequest {
+  /**
+   * The name of the certificate role to authenticate against.
+   * @type {string}
+   * @memberof CertLoginRequest
+   */
+  name?: string;
+}
+
+/**
+ * Check if a given object implements the CertLoginRequest interface.
+ */
+export function instanceOfCertLoginRequest(value: object): value is CertLoginRequest {
+  return true;
+}
+
+export function CertLoginRequestFromJSON(json: any): CertLoginRequest {
+  return CertLoginRequestFromJSONTyped(json, false);
+}
+
+export function CertLoginRequestFromJSONTyped(json: any, ignoreDiscriminator: boolean): CertLoginRequest {
+  if (json == null) {
+    return json;
+  }
+  return {
+    name: json['name'] == null ? undefined : json['name'],
+  };
+}
+
+export function CertLoginRequestToJSON(json: any): CertLoginRequest {
+  return CertLoginRequestToJSONTyped(json, false);
+}
+
+export function CertLoginRequestToJSONTyped(
+  value?: CertLoginRequest | null,
+  ignoreDiscriminator: boolean = false
+): any {
+  if (value == null) {
+    return value;
+  }
+
+  return {
+    name: value['name'],
+  };
+}