Class: SDM::SnapshotClient

Inherits:

Object

• Object
• SDM::SnapshotClient

Defined in:

lib/strongdm.rb

Overview

SnapshotClient exposes methods to query historical records at a provided timestamp.

Instance Attribute Summary

• #access_requests ⇒ Object readonly

  AccessRequests are requests for access to a resource that may match a Workflow.

• #account_attachments ⇒ Object readonly

  AccountAttachments assign an account to a role.

• #account_grants ⇒ Object readonly

  AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

• #account_permissions ⇒ Object readonly

  AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

• #account_resources ⇒ Object readonly

  AccountResources enumerates the resources to which accounts have access.

• #accounts ⇒ Object readonly

  Accounts are users that have access to strongDM.

• #nodes ⇒ Object readonly

  Nodes make up the strongDM network, and allow your users to connect securely to your resources.

• #peering_group_nodes ⇒ Object readonly

  PeeringGroupNodes provides the building blocks necessary to obtain attach a node to a peering group.

• #peering_group_peers ⇒ Object readonly

  PeeringGroupPeers provides the building blocks necessary to link two peering groups.

• #peering_group_resources ⇒ Object readonly

  PeeringGroupResources provides the building blocks necessary to obtain attach a resource to a peering group.

• #peering_groups ⇒ Object readonly

  PeeringGroups provides the building blocks necessary to obtain explicit network topology and routing.

• #remote_identities ⇒ Object readonly

  RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

• #remote_identity_groups ⇒ Object readonly

  A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts.

• #resources ⇒ Object readonly

  Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

• #role_resources ⇒ Object readonly

  RoleResources enumerates the resources to which roles have access.

• #roles ⇒ Object readonly

  A Role has a list of access rules which determine which Resources the members of the Role have access to.

• #secret_stores ⇒ Object readonly

  SecretStores are servers where resource secrets (passwords, keys) are stored.

• #workflow_approvers ⇒ Object readonly

  WorkflowApprovers is an account with the ability to approve requests bound to a workflow.

• #workflow_assignments ⇒ Object readonly

  WorkflowAssignments links a Resource to a Workflow.

• #workflow_roles ⇒ Object readonly

  WorkflowRole links a role to a workflow.

• #workflows ⇒ Object readonly

  Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.

Instance Method Summary

• #initialize(client) ⇒ SnapshotClient constructor

  A new instance of SnapshotClient.

Constructor Details

#initialize(client) ⇒ SnapshotClient

Returns a new instance of SnapshotClient.

# File 'lib/strongdm.rb', line 439

def initialize(client)
  @access_requests = SnapshotAccessRequests.new(client.access_requests)
  @account_attachments = SnapshotAccountAttachments.new(client.account_attachments)
  @account_grants = SnapshotAccountGrants.new(client.account_grants)
  @account_permissions = SnapshotAccountPermissions.new(client.account_permissions)
  @account_resources = SnapshotAccountResources.new(client.account_resources)
  @accounts = SnapshotAccounts.new(client.accounts)
  @nodes = SnapshotNodes.new(client.nodes)
  @peering_group_nodes = SnapshotPeeringGroupNodes.new(client.peering_group_nodes)
  @peering_group_peers = SnapshotPeeringGroupPeers.new(client.peering_group_peers)
  @peering_group_resources = SnapshotPeeringGroupResources.new(client.peering_group_resources)
  @peering_groups = SnapshotPeeringGroups.new(client.peering_groups)
  @remote_identities = SnapshotRemoteIdentities.new(client.remote_identities)
  @remote_identity_groups = SnapshotRemoteIdentityGroups.new(client.remote_identity_groups)
  @resources = SnapshotResources.new(client.resources)
  @role_resources = SnapshotRoleResources.new(client.role_resources)
  @roles = SnapshotRoles.new(client.roles)
  @secret_stores = SnapshotSecretStores.new(client.secret_stores)
  @workflow_approvers = SnapshotWorkflowApprovers.new(client.workflow_approvers)
  @workflow_assignments = SnapshotWorkflowAssignments.new(client.workflow_assignments)
  @workflow_roles = SnapshotWorkflowRoles.new(client.workflow_roles)
  @workflows = SnapshotWorkflows.new(client.workflows)
end

Instance Attribute Details

#access_requests ⇒ Object (readonly)

AccessRequests are requests for access to a resource that may match a Workflow.

See SDM::SnapshotAccessRequests.

# File 'lib/strongdm.rb', line 466

def access_requests
  @access_requests
end

#account_attachments ⇒ Object (readonly)

AccountAttachments assign an account to a role.

See SDM::SnapshotAccountAttachments.

# File 'lib/strongdm.rb', line 470

def account_attachments
  @account_attachments
end

#account_grants ⇒ Object (readonly)

AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

See SDM::SnapshotAccountGrants.

# File 'lib/strongdm.rb', line 474

def account_grants
  @account_grants
end

#account_permissions ⇒ Object (readonly)

AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

See SDM::SnapshotAccountPermissions.

# File 'lib/strongdm.rb', line 479

def account_permissions
  @account_permissions
end

#account_resources ⇒ Object (readonly)

AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

See SDM::SnapshotAccountResources.

# File 'lib/strongdm.rb', line 484

def account_resources
  @account_resources
end

#accounts ⇒ Object (readonly)

Accounts are users that have access to strongDM. There are two types of accounts:

1. Users: humans who are authenticated through username and password or SSO.
2. Service Accounts: machines that are authenticated using a service token.

See SDM::SnapshotAccounts.

# File 'lib/strongdm.rb', line 490

def accounts
  @accounts
end

#nodes ⇒ Object (readonly)

Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:

• Gateways are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
• Relays are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

See SDM::SnapshotNodes.

# File 'lib/strongdm.rb', line 496

def nodes
  @nodes
end

#peering_group_nodes ⇒ Object (readonly)

PeeringGroupNodes provides the building blocks necessary to obtain attach a node to a peering group.

See SDM::SnapshotPeeringGroupNodes.

# File 'lib/strongdm.rb', line 500

def peering_group_nodes
  @peering_group_nodes
end

#peering_group_peers ⇒ Object (readonly)

PeeringGroupPeers provides the building blocks necessary to link two peering groups.

See SDM::SnapshotPeeringGroupPeers.

# File 'lib/strongdm.rb', line 504

def peering_group_peers
  @peering_group_peers
end

#peering_group_resources ⇒ Object (readonly)

PeeringGroupResources provides the building blocks necessary to obtain attach a resource to a peering group.

See SDM::SnapshotPeeringGroupResources.

# File 'lib/strongdm.rb', line 508

def peering_group_resources
  @peering_group_resources
end

#peering_groups ⇒ Object (readonly)

PeeringGroups provides the building blocks necessary to obtain explicit network topology and routing.

See SDM::SnapshotPeeringGroups.

# File 'lib/strongdm.rb', line 512

def peering_groups
  @peering_groups
end

#remote_identities ⇒ Object (readonly)

RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

See SDM::SnapshotRemoteIdentities.

# File 'lib/strongdm.rb', line 516

def remote_identities
  @remote_identities
end

#remote_identity_groups ⇒ Object (readonly)

A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

See SDM::SnapshotRemoteIdentityGroups.

# File 'lib/strongdm.rb', line 521

def remote_identity_groups
  @remote_identity_groups
end

#resources ⇒ Object (readonly)

Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

See SDM::SnapshotResources.

# File 'lib/strongdm.rb', line 526

def resources
  @resources
end

#role_resources ⇒ Object (readonly)

RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

See SDM::SnapshotRoleResources.

# File 'lib/strongdm.rb', line 531

def role_resources
  @role_resources
end

#roles ⇒ Object (readonly)

A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

See SDM::SnapshotRoles.

# File 'lib/strongdm.rb', line 537

def roles
  @roles
end

#secret_stores ⇒ Object (readonly)

SecretStores are servers where resource secrets (passwords, keys) are stored.

See SDM::SnapshotSecretStores.

# File 'lib/strongdm.rb', line 541

def secret_stores
  @secret_stores
end

#workflow_approvers ⇒ Object (readonly)

WorkflowApprovers is an account with the ability to approve requests bound to a workflow.

See SDM::SnapshotWorkflowApprovers.

# File 'lib/strongdm.rb', line 545

def workflow_approvers
  @workflow_approvers
end

#workflow_assignments ⇒ Object (readonly)

WorkflowAssignments links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.

See SDM::SnapshotWorkflowAssignments.

# File 'lib/strongdm.rb', line 550

def workflow_assignments
  @workflow_assignments
end

#workflow_roles ⇒ Object (readonly)

WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

See SDM::SnapshotWorkflowRoles.

# File 'lib/strongdm.rb', line 555

def workflow_roles
  @workflow_roles
end

#workflows ⇒ Object (readonly)

Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.

See SDM::SnapshotWorkflows.

# File 'lib/strongdm.rb', line 561

def workflows
  @workflows
end