createrotatedsecret

post

https://api.akeyless.io/create-rotated-secret

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Body Params

createRotatedSecret is a command that creates a rotated secret [Deprecated: Use rotated-secret-create commands]

ProviderType

string

api-id

string

API ID to rotate (relevant only for rotator-type=api-key)

api-key

string

API key to rotate (relevant only for rotator-type=api-key)

application-id

string

ApplicationId (used in azure)

authentication-credentials

string

Defaults to use-user-creds

The credentials to connect with use-user-creds/use-target-creds

auto-rotate

string

Whether to automatically rotate every --rotation-interval days, or disable existing automatic rotation [true/false]

aws-region

string

Defaults to us-east-2

Aws Region (relevant only for aws)

custom-payload

string

Secret payload to be sent with rotation request (relevant only for rotator-type=custom)

delete_protection

string

Protection from accidental deletion of this object [true/false]

description

string

Description of the object

gcp-key

string

Base64-encoded service account private key text

gcp-service-account-email

string

The email of the gcp service account to rotate

gcp-service-account-key-id

string

The key id of the gcp service account to rotate

grace-rotation

string

Create a new access key without deleting the old key from AWS for backup (relevant only for AWS) [true/false]

host-provider

string

Host provider type [explicit/target], Default Host provider is explicit, Relevant only for Secure Remote Access of ssh cert issuer, ldap rotated secret and ldap dynamic secret

json

boolean

Defaults to false

Set output format to JSON

key

string

The name of a key that used to encrypt the secret value (if empty, the account default protectionKey key will be used)

lock-during-sra-session

string

Lock this secret for read/update while an SRA session is active

metadata

string

Deprecated - use description

name

string

required

Secret name

password-length

string

The length of the password to be generated

rotate-after-disconnect

string

StringOrBool accepts JSON strings, booleans, and numbers for backward compatibility with older SDK versions that send boolean values for rotate-after-disconnect.

rotated-password

string

rotated-username password (relevant only for rotator-type=password)

rotated-username

string

username to be rotated, if selected use-self-creds at rotator-creds-type, this username will try to rotate it's own password, if use-target-creds is selected, target credentials will be use to rotate the rotated-password (relevant only for rotator-type=password)

rotation-hour

int32

The Hour of the rotation in UTC. Default rotation-hour is 14:00

rotation-interval

string

The number of days to wait between every automatic key rotation (1-365)

rotator-creds-type

string

rotator-custom-cmd

string

Custom rotation command (relevant only for ssh target)

rotator-type

string

required

Rotator Type

same-password

string

Rotate same password for each host from the Linked Target (relevant only for Linked Target)

secure-access-allow-external-user

boolean

Defaults to false

Allow providing external user for a domain users (relevant only for rdp)

secure-access-aws-account-id

string

The AWS account id (relevant only for aws)

secure-access-aws-native-cli

boolean

The AWS native cli

secure-access-bastion-issuer

string

Deprecated. use secure-access-certificate-issuer

secure-access-certificate-issuer

string

Path to the SSH Certificate Issuer for your Akeyless Secure Access

secure-access-db-name

string

The DB name (relevant only for DB Dynamic-Secret)

secure-access-db-schema

string

The db schema (relevant only for mssql or postgresql)

secure-access-disable-concurrent-connections

boolean

Enable this flag to prevent simultaneous use of the same secret

secure-access-enable

string

Enable/Disable secure remote access [true/false]

secure-access-host

array of strings

Target servers for connections (In case of Linked Target association, host(s) will inherit Linked Target hosts - Relevant only for Dynamic Secrets/producers)

secure-access-host

secure-access-rdp-domain

string

Required when the Dynamic Secret is used for a domain user (relevant only for RDP Dynamic-Secret)

secure-access-rdp-user

string

Override the RDP Domain username (relevant only for rdp)

secure-access-url

string

Destination URL to inject secrets

secure-access-web

boolean

Defaults to false

Enable Web Secure Remote Access

secure-access-web-browsing

boolean

Defaults to false

Secure browser viaAkeyless's Secure Remote Access (SRA) (relevant only for aws or azure)

secure-access-web-proxy

boolean

Defaults to false

Web-Proxy via Akeyless's Secure Remote Access (SRA) (relevant only for aws or azure)

ssh-password

string

Deprecated: use RotatedPassword

ssh-username

string

Deprecated: use RotatedUser

storage-account-key-name

string

The name of the storage account key to rotate [key1/key2/kerb1/kerb2] (relevat to azure-storage-account)

200createRotatedSecretResponse wraps response body.

defaulterrorResponse wraps any error to return it as a JSON object with one "error" field.