Class: SDM::SnapshotClient

Inherits:

Object

Object
SDM::SnapshotClient

show all

Defined in:: lib/strongdm.rb

Overview

SnapshotClient exposes methods to query historical records at a provided timestamp.

Instance Attribute Summary collapse

#account_attachments ⇒ Object readonly
AccountAttachments assign an account to a role.
#account_grants ⇒ Object readonly
AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.
#account_permissions ⇒ Object readonly
AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.
#account_resources ⇒ Object readonly
AccountResources enumerates the resources to which accounts have access.
#accounts ⇒ Object readonly
Accounts are users that have access to strongDM.
#nodes ⇒ Object readonly
Nodes make up the strongDM network, and allow your users to connect securely to your resources.
#remote_identities ⇒ Object readonly
RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.
#remote_identity_groups ⇒ Object readonly
A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts.
#resources ⇒ Object readonly
Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.
#role_resources ⇒ Object readonly
RoleResources enumerates the resources to which roles have access.
#roles ⇒ Object readonly
A Role has a list of access rules which determine which Resources the members of the Role have access to.
#secret_stores ⇒ Object readonly
SecretStores are servers where resource secrets (passwords, keys) are stored.

Instance Method Summary collapse

#initialize(client) ⇒ SnapshotClient constructor
A new instance of SnapshotClient.

Constructor Details

#initialize(client) ⇒ `SnapshotClient`

Returns a new instance of SnapshotClient.

# File 'lib/strongdm.rb', line 340

def initialize(client)
  @account_attachments = SnapshotAccountAttachments.new(client.account_attachments)
  @account_grants = SnapshotAccountGrants.new(client.account_grants)
  @account_permissions = SnapshotAccountPermissions.new(client.account_permissions)
  @account_resources = SnapshotAccountResources.new(client.account_resources)
  @accounts = SnapshotAccounts.new(client.accounts)
  @nodes = SnapshotNodes.new(client.nodes)
  @remote_identities = SnapshotRemoteIdentities.new(client.remote_identities)
  @remote_identity_groups = SnapshotRemoteIdentityGroups.new(client.remote_identity_groups)
  @resources = SnapshotResources.new(client.resources)
  @role_resources = SnapshotRoleResources.new(client.role_resources)
  @roles = SnapshotRoles.new(client.roles)
  @secret_stores = SnapshotSecretStores.new(client.secret_stores)
end

Instance Attribute Details

#account_attachments ⇒ `Object` (readonly)

AccountAttachments assign an account to a role.

See SDM::SnapshotAccountAttachments.



358
359
360

# File 'lib/strongdm.rb', line 358

def account_attachments
  @account_attachments
end

#account_grants ⇒ `Object` (readonly)

AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

See SDM::SnapshotAccountGrants.



362
363
364

# File 'lib/strongdm.rb', line 362

def account_grants
  @account_grants
end

#account_permissions ⇒ `Object` (readonly)

AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

See SDM::SnapshotAccountPermissions.



367
368
369

# File 'lib/strongdm.rb', line 367

def account_permissions
  @account_permissions
end

#account_resources ⇒ `Object` (readonly)

AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

See SDM::SnapshotAccountResources.



372
373
374

# File 'lib/strongdm.rb', line 372

def account_resources
  @account_resources
end

#accounts ⇒ `Object` (readonly)

Accounts are users that have access to strongDM. There are two types of accounts:

Users: humans who are authenticated through username and password or SSO.
Service Accounts: machines that are authenticated using a service token.

See SDM::SnapshotAccounts.



378
379
380

# File 'lib/strongdm.rb', line 378

def accounts
  @accounts
end

#nodes ⇒ `Object` (readonly)

Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:

Gateways are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
Relays are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

See SDM::SnapshotNodes.



384
385
386

# File 'lib/strongdm.rb', line 384

def nodes
  @nodes
end

#remote_identities ⇒ `Object` (readonly)

RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

See SDM::SnapshotRemoteIdentities.



388
389
390

# File 'lib/strongdm.rb', line 388

def remote_identities
  @remote_identities
end

#remote_identity_groups ⇒ `Object` (readonly)

A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

See SDM::SnapshotRemoteIdentityGroups.



393
394
395

# File 'lib/strongdm.rb', line 393

def remote_identity_groups
  @remote_identity_groups
end

#resources ⇒ `Object` (readonly)

Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

See SDM::SnapshotResources.



398
399
400

# File 'lib/strongdm.rb', line 398

def resources
  @resources
end

#role_resources ⇒ `Object` (readonly)

RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

See SDM::SnapshotRoleResources.



403
404
405

# File 'lib/strongdm.rb', line 403

def role_resources
  @role_resources
end

#roles ⇒ `Object` (readonly)

A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

See SDM::SnapshotRoles.



409
410
411

# File 'lib/strongdm.rb', line 409

def roles
  @roles
end

#secret_stores ⇒ `Object` (readonly)

SecretStores are servers where resource secrets (passwords, keys) are stored.

See SDM::SnapshotSecretStores.



413
414
415

# File 'lib/strongdm.rb', line 413

def secret_stores
  @secret_stores
end

Class: SDM::SnapshotClient

Overview

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client) ⇒ SnapshotClient

Instance Attribute Details

#account_attachments ⇒ Object (readonly)

#account_grants ⇒ Object (readonly)

#account_permissions ⇒ Object (readonly)

#account_resources ⇒ Object (readonly)

#accounts ⇒ Object (readonly)

#nodes ⇒ Object (readonly)

#remote_identities ⇒ Object (readonly)

#remote_identity_groups ⇒ Object (readonly)

#resources ⇒ Object (readonly)

#role_resources ⇒ Object (readonly)

#roles ⇒ Object (readonly)

#secret_stores ⇒ Object (readonly)