Release v3.6.2

build.gradle

@@ -4,7 +4,7 @@ apply plugin: 'java'
 apply plugin: 'com.diffplug.spotless'
 
 group = 'io.akeyless'
-version = '3.6.1'
+version = '3.6.2'
 
 buildscript {
     repositories {

build.sbt

@@ -2,7 +2,7 @@ lazy val root = (project in file(".")).
   settings(
     organization := "io.akeyless",
     name := "akeyless-java",
-    version := "3.6.1",
+    version := "3.6.2",
     scalaVersion := "2.11.4",
     scalacOptions ++= Seq("-feature"),
     javacOptions in compile ++= Seq("-Xlint:deprecation"),

docs/AccountGeneralSettings.md

@@ -12,12 +12,14 @@ Name | Type | Description | Notes
 **accountDefaultKeyName** | **String** | AccountDefaultKeyName is the name of the DFC key item configured as the default key This is here simply for the response to include the item name in addition to the display ID so the client can properly show this to the user. It will not be saved to the DB, only the AccountDefaultKeyItemID will. |  [optional]
 **authUsageEvent** | [**UsageEventSetting**](UsageEventSetting.md) |  |  [optional]
 **dataProtectionSection** | [**DataProtectionSection**](DataProtectionSection.md) |  |  [optional]
+**dynamicSecretMaxTtl** | [**DynamicSecretMaxTtl**](DynamicSecretMaxTtl.md) |  |  [optional]
 **enableRequestForAccess** | **Boolean** |  |  [optional]
 **invalidCharacters** | **String** | InvalidCharacters is the invalid characters for items/targets/roles/auths/notifier_forwarder naming convention |  [optional]
 **itemUsageEvent** | [**UsageEventSetting**](UsageEventSetting.md) |  |  [optional]
 **lockDefaultKey** | **Boolean** | LockDefaultKey determines whether the configured default key can be updated by end-users on a per-request basis true - all requests use the configured default key false - every request can determine its protection key (default) nil - change nothing (every request can determine its protection key (default)) This parameter is only relevant if AccountDefaultKeyItemID is not empty |  [optional]
 **passwordPolicy** | [**PasswordPolicyInfo**](PasswordPolicyInfo.md) |  |  [optional]
 **protectItemsByDefault** | **Boolean** |  |  [optional]
+**rotationSecretMaxInterval** | [**RotationSecretMaxInterval**](RotationSecretMaxInterval.md) |  |  [optional]
 **sharingPolicy** | [**SharingPolicyInfo**](SharingPolicyInfo.md) |  |  [optional]
 
 

docs/AuthMethodAccessInfo.md

@@ -25,6 +25,7 @@ Name | Type | Description | Notes
 **oauth2AccessRules** | [**OAuth2AccessRules**](OAuth2AccessRules.md) |  |  [optional]
 **ociAccessRules** | [**OCIAccessRules**](OCIAccessRules.md) |  |  [optional]
 **oidcAccessRules** | [**OIDCAccessRules**](OIDCAccessRules.md) |  |  [optional]
+**productTypes** | **List<String>** | List of product types this auth method will be in use of |  [optional]
 **rulesType** | **String** |  |  [optional]
 **samlAccessRules** | [**SAMLAccessRules**](SAMLAccessRules.md) |  |  [optional]
 **subClaimsDelimiters** | **List<String>** |  |  [optional]

docs/CreateAuthMethod.md

@@ -15,6 +15,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]
 

docs/CreateAuthMethodAWSIAM.md

@@ -23,6 +23,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **stsUrl** | **String** | sts URL |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]

docs/CreateAuthMethodAzureAD.md

@@ -28,6 +28,7 @@ Name | Type | Description | Notes
 **jwksUri** | **String** | The URL to the JSON Web Key Set (JWKS) that containing the public keys that should be used to verify any JSON Web Token (JWT) issued by the authorization server. |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]
 

docs/CreateAuthMethodCert.md

@@ -24,6 +24,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **revokedCertIds** | **List<String>** | A list of revoked cert ids |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]

docs/CreateAuthMethodEmail.md

@@ -17,6 +17,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]
 

docs/CreateAuthMethodGCP.md

@@ -22,6 +22,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **serviceAccountCredsData** | **String** | ServiceAccount credentials data instead of giving a file path, base64 encoded |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **type** | **String** | Type of the GCP Access Rules | 

docs/CreateAuthMethodHuawei.md

@@ -23,6 +23,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]
 

docs/CreateAuthMethodK8S.md

@@ -21,6 +21,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **publicKey** | **String** | Base64-encoded or PEM formatted public key data for K8S authentication method is required [RSA2048] |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]

docs/CreateAuthMethodLDAP.md

@@ -17,6 +17,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **publicKeyData** | **String** | A public key generated for LDAP authentication method on Akeyless in base64 or PEM format [RSA2048] |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]

docs/CreateAuthMethodOAuth2.md

@@ -12,6 +12,8 @@ Name | Type | Description | Notes
 **audience** | **String** | The audience in the JWT |  [optional]
 **boundClientIds** | **List<String>** | The clients ids that the access is restricted to |  [optional]
 **boundIps** | **List<String>** | A CIDR whitelist with the IPs that the access is restricted to |  [optional]
+**cert** | **String** | CertificateFile Path to a file that contain the certificate in a PEM format. |  [optional]
+**certFileData** | **String** | CertificateFileData PEM Certificate in a Base64 format. |  [optional]
 **description** | **String** | Auth Method description |  [optional]
 **forceSubClaims** | **Boolean** | if true: enforce role-association must include sub claims |  [optional]
 **gatewayUrl** | **String** | Akeyless Gateway URL (Configuration Management port). Relevant only when the jwks-uri is accessible only from the gateway. |  [optional]
@@ -22,6 +24,7 @@ Name | Type | Description | Notes
 **jwksUri** | **String** | The URL to the JSON Web Key Set (JWKS) that containing the public keys that should be used to verify any JSON Web Token (JWT) issued by the authorization server. | 
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **subclaimsDelimiters** | **List<String>** | A list of additional sub claims delimiters (relevant only for SAML, OIDC, OAuth2/JWT) |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]

docs/CreateAuthMethodOCI.md

@@ -17,6 +17,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **tenantOcid** | **String** | The Oracle Cloud tenant ID | 
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]

docs/CreateAuthMethodOIDC.md

@@ -21,6 +21,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **requiredScopes** | **List<String>** | RequiredScopes is a list of required scopes that the oidc method will request from the oidc provider and the user must approve |  [optional]
 **requiredScopesPrefix** | **String** | RequiredScopesPrefix is a a prefix to add to all required-scopes when requesting them from the oidc server (for example, azures' Application ID URI) |  [optional]
 **subclaimsDelimiters** | **List<String>** | A list of additional sub claims delimiters (relevant only for SAML, OIDC, OAuth2/JWT) |  [optional]

docs/CreateAuthMethodSAML.md

@@ -19,6 +19,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **subclaimsDelimiters** | **List<String>** | A list of additional sub claims delimiters (relevant only for SAML, OIDC, OAuth2/JWT) |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]

docs/CreateAuthMethodUniversalIdentity.md

@@ -18,6 +18,7 @@ Name | Type | Description | Notes
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **jwtTtl** | **Long** | Jwt TTL |  [optional]
 **name** | **String** | Auth Method name | 
+**productType** | **List<String>** | Choose the relevant product type for the auth method [sm, sra, pm, dp, ca] |  [optional]
 **token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
 **ttl** | **Integer** | Token ttl |  [optional]
 **uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]

docs/CreateGodaddyTarget.md

@@ -0,0 +1,25 @@
+
+
+# CreateGodaddyTarget
+
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**apiKey** | **String** | Key of the api credentials to the Godaddy account | 
+**description** | **String** | Description of the object |  [optional]
+**imapFqdn** | **String** | ImapFQDN of the IMAP service, FQDN or IPv4 address. Must be FQDN if the IMAP is using TLS | 
+**imapPassword** | **String** | ImapPassword to access the IMAP service | 
+**imapPort** | **String** | ImapPort of the IMAP service |  [optional]
+**imapUsername** | **String** | ImapUsername to access the IMAP service | 
+**json** | **Boolean** | Set output format to JSON |  [optional]
+**key** | **String** | The name of a key that used to encrypt the target secret value (if empty, the account default protectionKey key will be used) |  [optional]
+**name** | **String** | Target name | 
+**secret** | **String** | Secret of the api credentials to the Godaddy account | 
+**timeout** | **String** | Timeout waiting for certificate validation in Duration format (1h - 1 Hour, 20m - 20 Minutes, 33m3s - 33 Minutes and 3 Seconds), maximum 1h. |  [optional]
+**token** | **String** | Authentication token (see `/auth` and `/configure`) |  [optional]
+**uidToken** | **String** | The universal identity token, Required only for universal_identity authentication |  [optional]
+
+
+

docs/CreateGodaddyTargetOutput.md

@@ -0,0 +1,13 @@
+
+
+# CreateGodaddyTargetOutput
+
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**targetId** | **Long** |  |  [optional]
+
+
+

docs/CreatePKICertIssuer.md

@@ -8,8 +8,10 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **allowAnyName** | **Boolean** | If set, clients can request certificates for any CN |  [optional]
+**allowCopyExtFromCsr** | **Boolean** | If set, will allow copying the extra extensions from the csr file (if given) |  [optional]
 **allowSubdomains** | **Boolean** | If set, clients can request certificates for subdomains and wildcard subdomains of the allowed domains |  [optional]
 **allowedDomains** | **String** | A list of the allowed domains that clients can request to be included in the certificate (in a comma-delimited list) |  [optional]
+**allowedExtraExtensions** | **String** | A json string containing the allowed extra extensions for the pki cert issuer |  [optional]
 **allowedUriSans** | **String** | A list of the allowed URIs that clients can request to be included in the certificate as part of the URI Subject Alternative Names (in a comma-delimited list) |  [optional]
 **caTarget** | **String** | The name of an existing CA target to attach this PKI Certificate Issuer to, required in Public CA mode |  [optional]
 **clientFlag** | **Boolean** | If set, certificates will be flagged for client auth use |  [optional]

docs/CreateRotatedSecret.md

@@ -2,6 +2,7 @@
 
 # CreateRotatedSecret
 
+createRotatedSecret is a command that creates a rotated secret [Deprecated: Use rotated-secret-create commands]
 
 ## Properties
 
@@ -13,18 +14,20 @@ Name | Type | Description | Notes
 **applicationId** | **String** | ApplicationId (used in azure) |  [optional]
 **authenticationCredentials** | **String** | The credentials to connect with use-user-creds/use-target-creds |  [optional]
 **autoRotate** | **String** | Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false] |  [optional]
-**awsRegion** | **String** | Region (used in aws) |  [optional]
+**awsRegion** | **String** | Aws Region (relevant only for aws) |  [optional]
 **customPayload** | **String** | Secret payload to be sent with rotation request (relevant only for rotator-type=custom) |  [optional]
 **deleteProtection** | **String** | Protection from accidental deletion of this item [true/false] |  [optional]
 **description** | **String** | Description of the object |  [optional]
 **gcpKey** | **String** | Base64-encoded service account private key text |  [optional]
 **gcpServiceAccountEmail** | **String** | The email of the gcp service account to rotate |  [optional]
 **gcpServiceAccountKeyId** | **String** | The key id of the gcp service account to rotate |  [optional]
+**graceRotation** | **String** | Create a new access key without deleting the old key from AWS for backup (relevant only for AWS) [true/false] |  [optional]
 **hostProvider** | **String** | Host provider type [explicit/target], Relevant only for Secure Remote Access of ssh cert issuer and ldap rotated secret |  [optional]
 **json** | **Boolean** | Set output format to JSON |  [optional]
 **key** | **String** | The name of a key that used to encrypt the secret value (if empty, the account default protectionKey key will be used) |  [optional]
 **metadata** | **String** | Deprecated - use description |  [optional]
 **name** | **String** | Secret name | 
+**passwordLength** | **String** | The length of the password to be generated |  [optional]
 **rotateAfterDisconnect** | **String** | Rotate the value of the secret after SRA session ends [true/false] |  [optional]
 **rotatedPassword** | **String** | rotated-username password (relevant only for rotator-type=password) |  [optional]
 **rotatedUsername** | **String** | username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password) |  [optional]
@@ -44,6 +47,7 @@ Name | Type | Description | Notes
 **secureAccessHost** | **List<String>** | Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers) |  [optional]
 **secureAccessRdpDomain** | **String** | Required when the Dynamic Secret is used for a domain user (relevant only for RDP Dynamic-Secret) |  [optional]
 **secureAccessRdpUser** | **String** | Override the RDP Domain username (relevant only for rdp) |  [optional]
+**secureAccessUrl** | **String** | Destination URL to inject secrets |  [optional]
 **secureAccessWeb** | **Boolean** | Enable Web Secure Remote Access |  [optional]
 **secureAccessWebBrowsing** | **Boolean** | Secure browser via Akeyless Web Access Bastion (relevant only for aws or azure) |  [optional]
 **secureAccessWebProxy** | **Boolean** | Web-Proxy via Akeyless Web Access Bastion (relevant only for aws or azure) |  [optional]