| accessType |
String |
|
[optional] |
| customUsernameTemplate |
String |
Customize how temporary usernames are generated using go template |
[optional] |
| deleteProtection |
String |
Protection from accidental deletion of this object [true/false] |
[optional] |
| description |
String |
Description of the object |
[optional] |
| fixedUserClaimKeyname |
String |
For externally provided users, denotes the key-name of IdP claim to extract the username from (Relevant only when --access-type=external) |
[optional] [default to 'ext_email'] |
| gcpCredType |
String |
|
[optional] |
| gcpKey |
String |
Base64-encoded service account private key text |
[optional] |
| gcpKeyAlgo |
String |
Service account key algorithm, e.g. KEY_ALG_RSA_1024 (Relevant only when --access-type=sa and --gcp-cred-type=key) |
[optional] |
| gcpProjectId |
String |
GCP Project ID override for dynamic secret operations |
[optional] |
| gcpSaEmail |
String |
The email of the fixed service account to generate keys or tokens for (Relevant only when --access-type=sa and --service-account-type=fixed) |
[optional] |
| gcpTokenScopes |
String |
Access token scopes list, e.g. scope1,scope2 (Relevant only when --access-type=sa; required when --gcp-cred-type=token) |
[optional] |
| itemCustomFields |
{String: String} |
Additional custom fields to associate with the item |
[optional] |
| json |
Boolean |
Set output format to JSON |
[optional] [default to false] |
| name |
String |
Dynamic secret name |
|
| producerEncryptionKeyName |
String |
Dynamic producer encryption key |
[optional] |
| roleBinding |
String |
Role binding definitions in JSON format (Relevant only when --access-type=sa and --service-account-type=dynamic) |
[optional] |
| roleNames |
String |
Comma-separated list of GCP roles to assign to the user (Relevant only when --access-type=external) |
[optional] |
| secureAccessDelay |
Number |
The delay duration, in seconds, to wait after generating just-in-time credentials. Accepted range: 0-120 seconds |
[optional] |
| secureAccessEnable |
String |
Enable/Disable secure remote access [true/false] |
[optional] |
| secureAccessUrl |
String |
Destination URL to inject secrets |
[optional] |
| secureAccessWebBrowsing |
Boolean |
Secure browser via Akeyless's Secure Remote Access (SRA) |
[optional] [default to false] |
| secureAccessWebProxy |
Boolean |
Web-Proxy via Akeyless's Secure Remote Access (SRA) |
[optional] [default to false] |
| serviceAccountType |
String |
The type of the GCP service account. Options [fixed, dynamic] (Relevant only when --access-type=sa) |
[optional] [default to 'fixed'] |
| tags |
[String] |
Add tags attached to this object |
[optional] |
| targetName |
String |
Target name |
[optional] |
| token |
String |
Authentication token (see `/auth` and `/configure`) |
[optional] |
| uidToken |
String |
The universal identity token, Required only for universal_identity authentication |
[optional] |
| userTtl |
String |
User TTL |
[optional] [default to '60m'] |