Class: SDM::SnapshotClient

Inherits:
Object
  • Object
show all
Defined in:
lib/strongdm.rb

Overview

SnapshotClient exposes methods to query historical records at a provided timestamp.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(client) ⇒ SnapshotClient

Returns a new instance of SnapshotClient.



483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
 
# File 'lib/strongdm.rb', line 483

def initialize(client)
  @access_requests = SnapshotAccessRequests.new(client.access_requests)
  @account_attachments = SnapshotAccountAttachments.new(client.)
  @account_grants = SnapshotAccountGrants.new(client.)
  @account_permissions = SnapshotAccountPermissions.new(client.)
  @account_resources = SnapshotAccountResources.new(client.)
  @accounts = SnapshotAccounts.new(client.accounts)
  @approval_workflow_approvers = SnapshotApprovalWorkflowApprovers.new(client.approval_workflow_approvers)
  @approval_workflow_steps = SnapshotApprovalWorkflowSteps.new(client.approval_workflow_steps)
  @approval_workflows = SnapshotApprovalWorkflows.new(client.approval_workflows)
  @nodes = SnapshotNodes.new(client.nodes)
  @remote_identities = SnapshotRemoteIdentities.new(client.remote_identities)
  @remote_identity_groups = SnapshotRemoteIdentityGroups.new(client.remote_identity_groups)
  @resources = SnapshotResources.new(client.resources)
  @role_resources = SnapshotRoleResources.new(client.role_resources)
  @roles = SnapshotRoles.new(client.roles)
  @secret_stores = SnapshotSecretStores.new(client.secret_stores)
  @workflow_approvers = SnapshotWorkflowApprovers.new(client.workflow_approvers)
  @workflow_assignments = SnapshotWorkflowAssignments.new(client.workflow_assignments)
  @workflow_roles = SnapshotWorkflowRoles.new(client.workflow_roles)
  @workflows = SnapshotWorkflows.new(client.workflows)
end

Instance Attribute Details

#access_requestsObject (readonly)

AccessRequests are requests for access to a resource that may match a Workflow.

See SDM::SnapshotAccessRequests.



509
510
511
 
# File 'lib/strongdm.rb', line 509

def access_requests
  @access_requests
end

#account_attachmentsObject (readonly)

AccountAttachments assign an account to a role.

See SDM::SnapshotAccountAttachments.



513
514
515
 
# File 'lib/strongdm.rb', line 513

def 
  @account_attachments
end

#account_grantsObject (readonly)

AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

See SDM::SnapshotAccountGrants.



517
518
519
 
# File 'lib/strongdm.rb', line 517

def 
  @account_grants
end

#account_permissionsObject (readonly)

AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

See SDM::SnapshotAccountPermissions.



522
523
524
 
# File 'lib/strongdm.rb', line 522

def 
  @account_permissions
end

#account_resourcesObject (readonly)

AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

See SDM::SnapshotAccountResources.



527
528
529
 
# File 'lib/strongdm.rb', line 527

def 
  @account_resources
end

#accountsObject (readonly)

Accounts are users that have access to strongDM. There are two types of accounts:

  1. Users: humans who are authenticated through username and password or SSO.
  2. Service Accounts: machines that are authenticated using a service token.
  3. Tokens are access keys with permissions that can be used for authentication.

See SDM::SnapshotAccounts.



534
535
536
 
# File 'lib/strongdm.rb', line 534

def accounts
  @accounts
end

#approval_workflow_approversObject (readonly)

ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep

See SDM::SnapshotApprovalWorkflowApprovers.



538
539
540
 
# File 'lib/strongdm.rb', line 538

def approval_workflow_approvers
  @approval_workflow_approvers
end

#approval_workflow_stepsObject (readonly)

ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow

See SDM::SnapshotApprovalWorkflowSteps.



542
543
544
 
# File 'lib/strongdm.rb', line 542

def approval_workflow_steps
  @approval_workflow_steps
end

#approval_workflowsObject (readonly)

ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.

See SDM::SnapshotApprovalWorkflows.



547
548
549
 
# File 'lib/strongdm.rb', line 547

def approval_workflows
  @approval_workflows
end

#nodesObject (readonly)

Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:

  • Gateways are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
  • Relays are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

See SDM::SnapshotNodes.



553
554
555
 
# File 'lib/strongdm.rb', line 553

def nodes
  @nodes
end

#remote_identitiesObject (readonly)

RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

See SDM::SnapshotRemoteIdentities.



557
558
559
 
# File 'lib/strongdm.rb', line 557

def remote_identities
  @remote_identities
end

#remote_identity_groupsObject (readonly)

A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

See SDM::SnapshotRemoteIdentityGroups.



562
563
564
 
# File 'lib/strongdm.rb', line 562

def remote_identity_groups
  @remote_identity_groups
end

#resourcesObject (readonly)

Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

See SDM::SnapshotResources.



567
568
569
 
# File 'lib/strongdm.rb', line 567

def resources
  @resources
end

#role_resourcesObject (readonly)

RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

See SDM::SnapshotRoleResources.



572
573
574
 
# File 'lib/strongdm.rb', line 572

def role_resources
  @role_resources
end

#rolesObject (readonly)

A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

See SDM::SnapshotRoles.



578
579
580
 
# File 'lib/strongdm.rb', line 578

def roles
  @roles
end

#secret_storesObject (readonly)

SecretStores are servers where resource secrets (passwords, keys) are stored.

See SDM::SnapshotSecretStores.



582
583
584
 
# File 'lib/strongdm.rb', line 582

def secret_stores
  @secret_stores
end

#workflow_approversObject (readonly)

WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.

See SDM::SnapshotWorkflowApprovers.



586
587
588
 
# File 'lib/strongdm.rb', line 586

def workflow_approvers
  @workflow_approvers
end

#workflow_assignmentsObject (readonly)

WorkflowAssignments links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.

See SDM::SnapshotWorkflowAssignments.



591
592
593
 
# File 'lib/strongdm.rb', line 591

def workflow_assignments
  @workflow_assignments
end

#workflow_rolesObject (readonly)

WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

See SDM::SnapshotWorkflowRoles.



596
597
598
 
# File 'lib/strongdm.rb', line 596

def workflow_roles
  @workflow_roles
end

#workflowsObject (readonly)

Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.

See SDM::SnapshotWorkflows.



602
603
604
 
# File 'lib/strongdm.rb', line 602

def workflows
  @workflows
end