/create-rotated-secretAsk AIpost https://api.akeyless.io/create-rotated-secretBody ParamsProviderTypestringapi-idstringAPI ID to rotate (relevant only for rotator-type=api-key)api-keystringAPI key to rotate (relevant only for rotator-type=api-key)application-idstringApplicationId (used in azure)authentication-credentialsstringDefaults to use-user-credsThe credentials to connect with use-user-creds/use-target-credsauto-rotatestringWhether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]aws-regionstringDefaults to us-east-2Aws Region (relevant only for aws)custom-payloadstringSecret payload to be sent with rotation request (relevant only for rotator-type=custom)delete_protectionstringProtection from accidental deletion of this object [true/false]descriptionstringDescription of the objectgcp-keystringBase64-encoded service account private key textgcp-service-account-emailstringThe email of the gcp service account to rotategcp-service-account-key-idstringThe key id of the gcp service account to rotategrace-rotationstringCreate a new access key without deleting the old key from AWS for backup (relevant only for AWS) [true/false]host-providerstringHost provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secretjsonbooleanDefaults to falseSet output format to JSONtruefalsekeystringThe name of a key that used to encrypt the secret value (if empty, the account default protectionKey key will be used)lock-during-sra-sessionstringLock this secret for read/update while an SRA session is activemetadatastringDeprecated - use descriptionnamestringrequiredSecret namepassword-lengthstringThe length of the password to be generatedrotate-after-disconnectstringStringOrBool accepts JSON strings, booleans, and numbers for backward compatibility with older SDK versions that send boolean values for rotate-after-disconnect.rotated-passwordstringrotated-username password (relevant only for rotator-type=password)rotated-usernamestringusername to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)rotation-hourint32The Hour of the rotation in UTC. Default rotation-hour is 14:00rotation-intervalstringThe number of days to wait between every automatic key rotation (1-365)rotator-creds-typestringrotator-custom-cmdstringCustom rotation command (relevant only for ssh target)rotator-typestringrequiredRotator Typesame-passwordstringRotate same password for each host from the Linked Target (relevant only for Linked Target)secure-access-allow-external-userbooleanDefaults to falseAllow providing external user for a domain users (relevant only for rdp)truefalsesecure-access-aws-account-idstringThe AWS account id (relevant only for aws)secure-access-aws-native-clibooleanThe AWS native clitruefalsesecure-access-bastion-issuerstringDeprecated. use secure-access-certificate-issuersecure-access-certificate-issuerstringPath to the SSH Certificate Issuer for your Akeyless Secure Accesssecure-access-db-namestringThe DB name (relevant only for DB Dynamic-Secret)secure-access-db-schemastringThe db schema (relevant only for mssql or postgresql)secure-access-disable-concurrent-connectionsbooleanEnable this flag to prevent simultaneous use of the same secrettruefalsesecure-access-enablestringEnable/Disable secure remote access [true/false]secure-access-hostarray of stringsTarget servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)secure-access-hostADD stringsecure-access-rdp-domainstringRequired when the Dynamic Secret is used for a domain user (relevant only for RDP Dynamic-Secret)secure-access-rdp-userstringOverride the RDP Domain username (relevant only for rdp)secure-access-urlstringDestination URL to inject secretssecure-access-webbooleanDefaults to falseEnable Web Secure Remote Accesstruefalsesecure-access-web-browsingbooleanDefaults to falseSecure browser viaAkeyless's Secure Remote Access (SRA) (relevant only for aws or azure)truefalsesecure-access-web-proxybooleanDefaults to falseWeb-Proxy via Akeyless's Secure Remote Access (SRA) (relevant only for aws or azure)truefalsessh-passwordstringDeprecated: use RotatedPasswordssh-usernamestringDeprecated: use RotatedUserstorage-account-key-namestringThe name of the storage account key to rotate [key1/key2/kerb1/kerb2] (relevat to azure-storage-account)tagsarray of stringsAdd tags attached to this objecttagsADD stringtargetarray of stringsA list of linked targets to be associated, Relevant only for Secure Remote Access for ssh cert issuer, ldap rotated secret and ldap dynamic secret, To specify multiple targets use argument multiple timestargetADD stringtarget-namestringrequiredTarget nametokenstringAuthentication token (see /auth and /configure)uid-tokenstringThe universal identity token, Required only for universal_identity authenticationuser-attributestringDefaults to cnLDAP User Attribute, Default value "cn"user-dnstringLDAP User Base DNResponses 200createRotatedSecretResponse wraps response body. defaulterrorResponse wraps any error to return it as a JSON object with one "error" field.Updated 7 months ago
