Class: SDM::SnapshotClient
- Inherits:
-
Object
- Object
- SDM::SnapshotClient
- Defined in:
- lib/strongdm.rb
Overview
SnapshotClient exposes methods to query historical records at a provided timestamp.
Instance Attribute Summary collapse
-
#access_requests ⇒ Object
readonly
AccessRequests are requests for access to a resource that may match a Workflow.
-
#account_attachments ⇒ Object
readonly
AccountAttachments assign an account to a role.
-
#account_grants ⇒ Object
readonly
AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.
-
#account_permissions ⇒ Object
readonly
AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.
-
#account_resources ⇒ Object
readonly
AccountResources enumerates the resources to which accounts have access.
-
#accounts ⇒ Object
readonly
Accounts are users that have access to strongDM.
-
#approval_workflow_approvers ⇒ Object
readonly
ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep.
-
#approval_workflow_steps ⇒ Object
readonly
ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow.
-
#approval_workflows ⇒ Object
readonly
ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.
-
#nodes ⇒ Object
readonly
Nodes make up the strongDM network, and allow your users to connect securely to your resources.
-
#remote_identities ⇒ Object
readonly
RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.
-
#remote_identity_groups ⇒ Object
readonly
A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts.
-
#resources ⇒ Object
readonly
Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.
-
#role_resources ⇒ Object
readonly
RoleResources enumerates the resources to which roles have access.
-
#roles ⇒ Object
readonly
A Role has a list of access rules which determine which Resources the members of the Role have access to.
-
#secret_stores ⇒ Object
readonly
SecretStores are servers where resource secrets (passwords, keys) are stored.
-
#workflow_approvers ⇒ Object
readonly
WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.
-
#workflow_assignments ⇒ Object
readonly
WorkflowAssignments links a Resource to a Workflow.
-
#workflow_roles ⇒ Object
readonly
WorkflowRole links a role to a workflow.
-
#workflows ⇒ Object
readonly
Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.
Instance Method Summary collapse
-
#initialize(client) ⇒ SnapshotClient
constructor
A new instance of SnapshotClient.
Constructor Details
#initialize(client) ⇒ SnapshotClient
Returns a new instance of SnapshotClient.
483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 |
# File 'lib/strongdm.rb', line 483 def initialize(client) @access_requests = SnapshotAccessRequests.new(client.access_requests) @account_attachments = SnapshotAccountAttachments.new(client.) @account_grants = SnapshotAccountGrants.new(client.account_grants) @account_permissions = SnapshotAccountPermissions.new(client.) @account_resources = SnapshotAccountResources.new(client.account_resources) @accounts = SnapshotAccounts.new(client.accounts) @approval_workflow_approvers = SnapshotApprovalWorkflowApprovers.new(client.approval_workflow_approvers) @approval_workflow_steps = SnapshotApprovalWorkflowSteps.new(client.approval_workflow_steps) @approval_workflows = SnapshotApprovalWorkflows.new(client.approval_workflows) @nodes = SnapshotNodes.new(client.nodes) @remote_identities = SnapshotRemoteIdentities.new(client.remote_identities) @remote_identity_groups = SnapshotRemoteIdentityGroups.new(client.remote_identity_groups) @resources = SnapshotResources.new(client.resources) @role_resources = SnapshotRoleResources.new(client.role_resources) @roles = SnapshotRoles.new(client.roles) @secret_stores = SnapshotSecretStores.new(client.secret_stores) @workflow_approvers = SnapshotWorkflowApprovers.new(client.workflow_approvers) @workflow_assignments = SnapshotWorkflowAssignments.new(client.workflow_assignments) @workflow_roles = SnapshotWorkflowRoles.new(client.workflow_roles) @workflows = SnapshotWorkflows.new(client.workflows) end |
Instance Attribute Details
#access_requests ⇒ Object (readonly)
AccessRequests are requests for access to a resource that may match a Workflow.
509 510 511 |
# File 'lib/strongdm.rb', line 509 def access_requests @access_requests end |
#account_attachments ⇒ Object (readonly)
AccountAttachments assign an account to a role.
513 514 515 |
# File 'lib/strongdm.rb', line 513 def @account_attachments end |
#account_grants ⇒ Object (readonly)
AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.
517 518 519 |
# File 'lib/strongdm.rb', line 517 def account_grants @account_grants end |
#account_permissions ⇒ Object (readonly)
AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.
522 523 524 |
# File 'lib/strongdm.rb', line 522 def @account_permissions end |
#account_resources ⇒ Object (readonly)
AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.
527 528 529 |
# File 'lib/strongdm.rb', line 527 def account_resources @account_resources end |
#accounts ⇒ Object (readonly)
Accounts are users that have access to strongDM. There are two types of accounts:
- Users: humans who are authenticated through username and password or SSO.
- Service Accounts: machines that are authenticated using a service token.
- Tokens are access keys with permissions that can be used for authentication.
534 535 536 |
# File 'lib/strongdm.rb', line 534 def accounts @accounts end |
#approval_workflow_approvers ⇒ Object (readonly)
ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep
538 539 540 |
# File 'lib/strongdm.rb', line 538 def approval_workflow_approvers @approval_workflow_approvers end |
#approval_workflow_steps ⇒ Object (readonly)
ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow
542 543 544 |
# File 'lib/strongdm.rb', line 542 def approval_workflow_steps @approval_workflow_steps end |
#approval_workflows ⇒ Object (readonly)
ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.
547 548 549 |
# File 'lib/strongdm.rb', line 547 def approval_workflows @approval_workflows end |
#nodes ⇒ Object (readonly)
Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:
- Gateways are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
- Relays are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.
See SDM::SnapshotNodes.
553 554 555 |
# File 'lib/strongdm.rb', line 553 def nodes @nodes end |
#remote_identities ⇒ Object (readonly)
RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.
557 558 559 |
# File 'lib/strongdm.rb', line 557 def remote_identities @remote_identities end |
#remote_identity_groups ⇒ Object (readonly)
A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.
562 563 564 |
# File 'lib/strongdm.rb', line 562 def remote_identity_groups @remote_identity_groups end |
#resources ⇒ Object (readonly)
Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.
567 568 569 |
# File 'lib/strongdm.rb', line 567 def resources @resources end |
#role_resources ⇒ Object (readonly)
RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.
572 573 574 |
# File 'lib/strongdm.rb', line 572 def role_resources @role_resources end |
#roles ⇒ Object (readonly)
A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.
See SDM::SnapshotRoles.
578 579 580 |
# File 'lib/strongdm.rb', line 578 def roles @roles end |
#secret_stores ⇒ Object (readonly)
SecretStores are servers where resource secrets (passwords, keys) are stored.
582 583 584 |
# File 'lib/strongdm.rb', line 582 def secret_stores @secret_stores end |
#workflow_approvers ⇒ Object (readonly)
WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.
586 587 588 |
# File 'lib/strongdm.rb', line 586 def workflow_approvers @workflow_approvers end |
#workflow_assignments ⇒ Object (readonly)
WorkflowAssignments links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.
591 592 593 |
# File 'lib/strongdm.rb', line 591 def workflow_assignments @workflow_assignments end |
#workflow_roles ⇒ Object (readonly)
WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.
596 597 598 |
# File 'lib/strongdm.rb', line 596 def workflow_roles @workflow_roles end |
#workflows ⇒ Object (readonly)
Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.
602 603 604 |
# File 'lib/strongdm.rb', line 602 def workflows @workflows end |