mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-25 00:21:07 +02:00
5905f43e1f
* removes dist from api-client gitignore * ignores api-client/dist directory for eslint and prettier * builds api client
225 lines
8.8 KiB
TypeScript
225 lines
8.8 KiB
TypeScript
/**
|
|
* HashiCorp Vault API
|
|
* HTTP API that gives you full access to Vault. All API routes are prefixed with `/v1/`.
|
|
*
|
|
* The version of the OpenAPI document: 1.20.0
|
|
*
|
|
*
|
|
* NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
|
|
* https://openapi-generator.tech
|
|
* Do not edit the class manually.
|
|
*/
|
|
/**
|
|
*
|
|
* @export
|
|
* @interface CertWriteCertificateRequest
|
|
*/
|
|
export interface CertWriteCertificateRequest {
|
|
/**
|
|
* A comma-separated list of names. At least one must exist in the Common Name. Supports globbing.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
allowedCommonNames?: Array<string>;
|
|
/**
|
|
* A comma-separated list of DNS names. At least one must exist in the SANs. Supports globbing.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
allowedDnsSans?: Array<string>;
|
|
/**
|
|
* A comma-separated list of Email Addresses. At least one must exist in the SANs. Supports globbing.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
allowedEmailSans?: Array<string>;
|
|
/**
|
|
* A comma-separated string or array of oid extensions. Upon successful authentication, these extensions will be added as metadata if they are present in the certificate. The metadata key will be the string consisting of the oid numbers separated by a dash (-) instead of a dot (.) to allow usage in ACL templates.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
allowedMetadataExtensions?: Array<string>;
|
|
/**
|
|
* A comma-separated list of names. At least one must exist in either the Common Name or SANs. Supports globbing. This parameter is deprecated, please use allowed_common_names, allowed_dns_sans, allowed_email_sans, allowed_uri_sans.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
allowedNames?: Array<string>;
|
|
/**
|
|
* A comma-separated list of Organizational Units names. At least one must exist in the OU field.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
allowedOrganizationalUnits?: Array<string>;
|
|
/**
|
|
* A comma-separated list of URIs. At least one must exist in the SANs. Supports globbing.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
allowedUriSans?: Array<string>;
|
|
/**
|
|
* Use "token_bound_cidrs" instead. If this and "token_bound_cidrs" are both specified, only "token_bound_cidrs" will be used.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
* @deprecated
|
|
*/
|
|
boundCidrs?: Array<string>;
|
|
/**
|
|
* The public certificate that should be trusted. Must be x509 PEM encoded.
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
certificate?: string;
|
|
/**
|
|
* The display name to use for clients using this certificate.
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
displayName?: string;
|
|
/**
|
|
* Use "token_ttl" instead. If this and "token_ttl" are both specified, only "token_ttl" will be used.
|
|
* @type {number}
|
|
* @memberof CertWriteCertificateRequest
|
|
* @deprecated
|
|
*/
|
|
lease?: number;
|
|
/**
|
|
* Use "token_max_ttl" instead. If this and "token_max_ttl" are both specified, only "token_max_ttl" will be used.
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
* @deprecated
|
|
*/
|
|
maxTtl?: string;
|
|
/**
|
|
* Any additional CA certificates needed to communicate with OCSP servers
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
ocspCaCertificates?: string;
|
|
/**
|
|
* Whether to attempt OCSP verification of certificates at login
|
|
* @type {boolean}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
ocspEnabled?: boolean;
|
|
/**
|
|
* If set to true, if an OCSP revocation cannot be made successfully, login will proceed rather than failing. If false, failing to get an OCSP status fails the request.
|
|
* @type {boolean}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
ocspFailOpen?: boolean;
|
|
/**
|
|
* The number of retries the OCSP client should attempt per query.
|
|
* @type {number}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
ocspMaxRetries?: number;
|
|
/**
|
|
* If set to true, rather than accepting the first successful OCSP response, query all servers and consider the certificate valid only if all servers agree.
|
|
* @type {boolean}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
ocspQueryAllServers?: boolean;
|
|
/**
|
|
* A comma-separated list of OCSP server addresses. If unset, the OCSP server is determined from the AuthorityInformationAccess extension on the certificate being inspected.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
ocspServersOverride?: Array<string>;
|
|
/**
|
|
* If greater than 0, specifies the maximum age of an OCSP thisUpdate field to avoid accepting old responses without a nextUpdate field.
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
ocspThisUpdateMaxAge?: string;
|
|
/**
|
|
* Use "token_period" instead. If this and "token_period" are both specified, only "token_period" will be used.
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
* @deprecated
|
|
*/
|
|
period?: string;
|
|
/**
|
|
* Use "token_policies" instead. If this and "token_policies" are both specified, only "token_policies" will be used.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
* @deprecated
|
|
*/
|
|
policies?: Array<string>;
|
|
/**
|
|
* A comma-separated string or array of extensions formatted as "oid:value". Expects the extension value to be some type of ASN1 encoded string. All values much match. Supports globbing on "value".
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
requiredExtensions?: Array<string>;
|
|
/**
|
|
* Comma separated string or JSON list of CIDR blocks. If set, specifies the blocks of IP addresses which are allowed to use the generated token.
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenBoundCidrs?: Array<string>;
|
|
/**
|
|
* If set, tokens created via this role carry an explicit maximum TTL. During renewal, the current maximum TTL values of the role and the mount are not checked for changes, and any updates to these values will have no effect on the token being renewed.
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenExplicitMaxTtl?: string;
|
|
/**
|
|
* The maximum lifetime of the generated token
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenMaxTtl?: string;
|
|
/**
|
|
* If true, the 'default' policy will not automatically be added to generated tokens
|
|
* @type {boolean}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenNoDefaultPolicy?: boolean;
|
|
/**
|
|
* The maximum number of times a token may be used, a value of zero means unlimited
|
|
* @type {number}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenNumUses?: number;
|
|
/**
|
|
* If set, tokens created via this role will have no max lifetime; instead, their renewal period will be fixed to this value. This takes an integer number of seconds, or a string duration (e.g. "24h").
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenPeriod?: string;
|
|
/**
|
|
* Comma-separated list of policies
|
|
* @type {Array<string>}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenPolicies?: Array<string>;
|
|
/**
|
|
* The initial ttl of the token to generate
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenTtl?: string;
|
|
/**
|
|
* The type of token to generate, service or batch
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
*/
|
|
tokenType?: string;
|
|
/**
|
|
* Use "token_ttl" instead. If this and "token_ttl" are both specified, only "token_ttl" will be used.
|
|
* @type {string}
|
|
* @memberof CertWriteCertificateRequest
|
|
* @deprecated
|
|
*/
|
|
ttl?: string;
|
|
}
|
|
/**
|
|
* Check if a given object implements the CertWriteCertificateRequest interface.
|
|
*/
|
|
export declare function instanceOfCertWriteCertificateRequest(value: object): value is CertWriteCertificateRequest;
|
|
export declare function CertWriteCertificateRequestFromJSON(json: any): CertWriteCertificateRequest;
|
|
export declare function CertWriteCertificateRequestFromJSONTyped(json: any, ignoreDiscriminator: boolean): CertWriteCertificateRequest;
|
|
export declare function CertWriteCertificateRequestToJSON(json: any): CertWriteCertificateRequest;
|
|
export declare function CertWriteCertificateRequestToJSONTyped(value?: CertWriteCertificateRequest | null, ignoreDiscriminator?: boolean): any;
|