diff --git a/src/custom/schemas/dynamic-secrets.ts b/src/custom/schemas/dynamic-secrets.ts
index edf9d05..e179e55 100644
--- a/src/custom/schemas/dynamic-secrets.ts
+++ b/src/custom/schemas/dynamic-secrets.ts
@@ -7,12 +7,16 @@ export enum SqlProviders {
MsSQL = "mssql"
}
+export enum ElasticSearchAuthTypes {
+ User = "user",
+ ApiKey = "api-key"
+}
+
export const DynamicSecretRedisDBSchema = z.object({
host: z.string().trim().toLowerCase(),
port: z.number(),
username: z.string().trim(), // this is often "default".
password: z.string().trim().optional(),
-
creationStatement: z.string().trim(),
revocationStatement: z.string().trim(),
renewStatement: z.string().trim().optional(),
@@ -30,6 +34,48 @@ export const DynamicSecretAwsElastiCacheSchema = z.object({
ca: z.string().optional()
});
+export const DynamicSecretElasticSearchSchema = z.object({
+ host: z.string().trim().min(1),
+ port: z.number(),
+ roles: z.array(z.string().trim().min(1)).min(1),
+
+ // two auth types "user, apikey"
+ auth: z.discriminatedUnion("type", [
+ z.object({
+ type: z.literal(ElasticSearchAuthTypes.User),
+ username: z.string().trim(),
+ password: z.string().trim()
+ }),
+ z.object({
+ type: z.literal(ElasticSearchAuthTypes.ApiKey),
+ apiKey: z.string().trim(),
+ apiKeyId: z.string().trim()
+ })
+ ]),
+
+ ca: z.string().optional()
+});
+
+export const DynamicSecretRabbitMqSchema = z.object({
+ host: z.string().trim().min(1),
+ port: z.number(),
+ tags: z.array(z.string().trim()).default([]),
+
+ username: z.string().trim().min(1),
+ password: z.string().trim().min(1),
+
+ ca: z.string().optional(),
+
+ virtualHost: z.object({
+ name: z.string().trim().min(1),
+ permissions: z.object({
+ read: z.string().trim().min(1),
+ write: z.string().trim().min(1),
+ configure: z.string().trim().min(1)
+ })
+ })
+});
+
export const DynamicSecretSqlDBSchema = z.object({
client: z.nativeEnum(SqlProviders),
host: z.string().trim().toLowerCase(),
@@ -67,12 +113,60 @@ export const DynamicSecretAwsIamSchema = z.object({
policyArns: z.string().trim().optional()
});
+export const DynamicSecretMongoAtlasSchema = z.object({
+ adminPublicKey: z.string().trim().min(1).describe("Admin user public api key"),
+ adminPrivateKey: z.string().trim().min(1).describe("Admin user private api key"),
+ groupId: z.string().trim().min(1).describe("Unique 24-hexadecimal digit string that identifies your project. This is same as project id"),
+ roles: z
+ .object({
+ collectionName: z.string().optional().describe("Collection on which this role applies."),
+ databaseName: z.string().min(1).describe("Database to which the user is granted access privileges."),
+ roleName: z
+ .string()
+ .min(1)
+ .describe(
+ ' Enum: "atlasAdmin" "backup" "clusterMonitor" "dbAdmin" "dbAdminAnyDatabase" "enableSharding" "read" "readAnyDatabase" "readWrite" "readWriteAnyDatabase" "".Human-readable label that identifies a group of privileges assigned to a database user. This value can either be a built-in role or a custom role.'
+ )
+ })
+ .array()
+ .min(1),
+ scopes: z
+ .object({
+ name: z
+ .string()
+ .min(1)
+ .describe("Human-readable label that identifies the cluster or MongoDB Atlas Data Lake that this database user can access."),
+ type: z.string().min(1).describe("Category of resource that this database user can access. Enum: CLUSTER, DATA_LAKE, STREAM")
+ })
+ .array()
+});
+
+export const DynamicSecretMongoDBSchema = z.object({
+ host: z.string().min(1).trim().toLowerCase(),
+ port: z.number().optional(),
+ username: z.string().min(1).trim(),
+ password: z.string().min(1).trim(),
+ database: z.string().min(1).trim(),
+ ca: z.string().min(1).optional(),
+ roles: z
+ .string()
+ .array()
+ .min(1)
+ .describe(
+ 'Enum: "atlasAdmin" "backup" "clusterMonitor" "dbAdmin" "dbAdminAnyDatabase" "enableSharding" "read" "readAnyDatabase" "readWrite" "readWriteAnyDatabase" "".Human-readable label that identifies a group of privileges assigned to a database user. This value can either be a built-in role or a custom role.'
+ )
+});
+
export enum DynamicSecretProviders {
SqlDatabase = "sql-database",
Cassandra = "cassandra",
AwsIam = "aws-iam",
Redis = "redis",
- AwsElastiCache = "aws-elasticache"
+ AwsElastiCache = "aws-elasticache",
+ MongoAtlas = "mongo-db-atlas",
+ ElasticSearch = "elastic-search",
+ MongoDB = "mongo-db",
+ RabbitMq = "rabbit-mq"
}
export const DynamicSecretProviderSchema = z.discriminatedUnion("type", [
@@ -80,7 +174,11 @@ export const DynamicSecretProviderSchema = z.discriminatedUnion("type", [
z.object({ type: z.literal(DynamicSecretProviders.Cassandra), inputs: DynamicSecretCassandraSchema }),
z.object({ type: z.literal(DynamicSecretProviders.AwsIam), inputs: DynamicSecretAwsIamSchema }),
z.object({ type: z.literal(DynamicSecretProviders.Redis), inputs: DynamicSecretRedisDBSchema }),
- z.object({ type: z.literal(DynamicSecretProviders.AwsElastiCache), inputs: DynamicSecretAwsElastiCacheSchema })
+ z.object({ type: z.literal(DynamicSecretProviders.AwsElastiCache), inputs: DynamicSecretAwsElastiCacheSchema }),
+ z.object({ type: z.literal(DynamicSecretProviders.MongoAtlas), inputs: DynamicSecretMongoAtlasSchema }),
+ z.object({ type: z.literal(DynamicSecretProviders.ElasticSearch), inputs: DynamicSecretElasticSearchSchema }),
+ z.object({ type: z.literal(DynamicSecretProviders.MongoDB), inputs: DynamicSecretMongoDBSchema }),
+ z.object({ type: z.literal(DynamicSecretProviders.RabbitMq), inputs: DynamicSecretRabbitMqSchema })
]);
export type TDynamicSecretProvider = z.infer;