Class: Conjur::Bootstrap::Command::SystemAccounts

Inherits:
Base
  • Object
show all
Defined in:
lib/conjur/bootstrap.rb

Overview

Create a set of hosts that have security_admin privilege.

Instance Attribute Summary

Attributes inherited from Base

#api, #listener

Instance Method Summary collapse

Methods inherited from Base

#auditors, #echo, #find_or_create_record, #find_or_create_resource, #permit, #security_admin, #store_api_key

Instance Method Details

#performObject



130
131
132
133
134
135
136
137
138
139
140
# File 'lib/conjur/bootstrap.rb', line 130

def perform
  for hostname in %w(conjur/authn-tv conjur/expiration conjur/secrets-rotator conjur/policy-loader conjur/ldap-sync)
    find_or_create_resource api.resource("webservice:#{hostname}"), security_admin
    find_or_create_record api.host(hostname), security_admin do |record, options|
      api.create_host(id: record.id, ownerid: security_admin.roleid).tap do |host|
        host.role.revoke_from security_admin
        security_admin.add_member host
      end
    end
  end
end