strongdm 1.0.1 → 1.0.8

Sign up to get free protection for your applications and to get access to all the features.
Files changed (169) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +26 -7
  3. data/doc/LICENSE.html +1 -11
  4. data/doc/Object.html +1 -356
  5. data/doc/README_md.html +31 -20
  6. data/doc/SDM.html +1 -1
  7. data/doc/SDM/AKS.html +40 -4
  8. data/doc/SDM/AKSBasicAuth.html +40 -4
  9. data/doc/SDM/AKSServiceAccount.html +40 -4
  10. data/doc/SDM/AccountAttachment.html +3 -3
  11. data/doc/SDM/AccountAttachmentCreateResponse.html +3 -3
  12. data/doc/SDM/AccountAttachmentDeleteResponse.html +3 -3
  13. data/doc/SDM/AccountAttachmentGetResponse.html +3 -3
  14. data/doc/SDM/AccountAttachments.html +22 -24
  15. data/doc/SDM/AccountCreateResponse.html +3 -3
  16. data/doc/SDM/AccountDeleteResponse.html +3 -3
  17. data/doc/SDM/AccountGetResponse.html +3 -3
  18. data/doc/SDM/AccountGrant.html +3 -3
  19. data/doc/SDM/AccountGrantCreateResponse.html +3 -3
  20. data/doc/SDM/AccountGrantDeleteResponse.html +3 -3
  21. data/doc/SDM/AccountGrantGetResponse.html +3 -3
  22. data/doc/SDM/AccountGrants.html +24 -24
  23. data/doc/SDM/AccountUpdateResponse.html +3 -3
  24. data/doc/SDM/Accounts.html +30 -30
  25. data/doc/SDM/AlreadyExistsError.html +1 -1
  26. data/doc/SDM/AmazonEKS.html +58 -4
  27. data/doc/SDM/AmazonES.html +22 -4
  28. data/doc/SDM/Athena.html +22 -4
  29. data/doc/SDM/AuroraMysql.html +22 -4
  30. data/doc/SDM/AuroraPostgres.html +22 -4
  31. data/doc/SDM/AuthenticationError.html +1 -1
  32. data/doc/SDM/BadRequestError.html +1 -1
  33. data/doc/SDM/BigQuery.html +22 -4
  34. data/doc/SDM/Cassandra.html +22 -4
  35. data/doc/SDM/Citus.html +409 -0
  36. data/doc/SDM/Client.html +2 -2
  37. data/doc/SDM/Clustrix.html +22 -4
  38. data/doc/SDM/Cockroach.html +22 -4
  39. data/doc/SDM/CreateResponseMetadata.html +1 -1
  40. data/doc/SDM/DB2.html +391 -0
  41. data/doc/SDM/DB2LUW.html +391 -0
  42. data/doc/SDM/DB2i.html +391 -0
  43. data/doc/SDM/DeadlineExceededError.html +1 -1
  44. data/doc/SDM/DeleteResponseMetadata.html +1 -1
  45. data/doc/SDM/Druid.html +22 -4
  46. data/doc/SDM/DynamoDB.html +22 -4
  47. data/doc/SDM/Elastic.html +22 -4
  48. data/doc/SDM/ElasticacheRedis.html +22 -4
  49. data/doc/SDM/Gateway.html +22 -4
  50. data/doc/SDM/GetResponseMetadata.html +1 -1
  51. data/doc/SDM/GoogleGKE.html +40 -4
  52. data/doc/SDM/Greenplum.html +22 -4
  53. data/doc/SDM/HTTPAuth.html +22 -4
  54. data/doc/SDM/HTTPBasicAuth.html +22 -4
  55. data/doc/SDM/HTTPNoAuth.html +22 -4
  56. data/doc/SDM/InternalError.html +1 -1
  57. data/doc/SDM/Kubernetes.html +40 -4
  58. data/doc/SDM/KubernetesBasicAuth.html +40 -4
  59. data/doc/SDM/KubernetesServiceAccount.html +40 -4
  60. data/doc/SDM/Maria.html +22 -4
  61. data/doc/SDM/Memcached.html +22 -4
  62. data/doc/SDM/Memsql.html +22 -4
  63. data/doc/SDM/MongoHost.html +22 -4
  64. data/doc/SDM/MongoLegacyHost.html +22 -4
  65. data/doc/SDM/MongoLegacyReplicaset.html +22 -4
  66. data/doc/SDM/MongoReplicaSet.html +22 -4
  67. data/doc/SDM/Mysql.html +22 -4
  68. data/doc/SDM/NodeCreateResponse.html +3 -3
  69. data/doc/SDM/NodeDeleteResponse.html +3 -3
  70. data/doc/SDM/NodeGetResponse.html +3 -3
  71. data/doc/SDM/NodeUpdateResponse.html +3 -3
  72. data/doc/SDM/Nodes.html +30 -30
  73. data/doc/SDM/NotFoundError.html +1 -1
  74. data/doc/SDM/Oracle.html +22 -4
  75. data/doc/SDM/PermissionError.html +1 -1
  76. data/doc/SDM/Plumbing.html +4355 -3574
  77. data/doc/SDM/Postgres.html +22 -4
  78. data/doc/SDM/Presto.html +22 -4
  79. data/doc/SDM/RDP.html +22 -4
  80. data/doc/SDM/RPCError.html +1 -1
  81. data/doc/SDM/RateLimitError.html +1 -1
  82. data/doc/SDM/RateLimitMetadata.html +1 -1
  83. data/doc/SDM/Redis.html +22 -4
  84. data/doc/SDM/Redshift.html +22 -4
  85. data/doc/SDM/Relay.html +23 -5
  86. data/doc/SDM/ResourceCreateResponse.html +3 -3
  87. data/doc/SDM/ResourceDeleteResponse.html +3 -3
  88. data/doc/SDM/ResourceGetResponse.html +3 -3
  89. data/doc/SDM/ResourceUpdateResponse.html +3 -3
  90. data/doc/SDM/Resources.html +29 -29
  91. data/doc/SDM/Role.html +22 -4
  92. data/doc/SDM/RoleAttachment.html +3 -3
  93. data/doc/SDM/RoleAttachmentCreateResponse.html +3 -3
  94. data/doc/SDM/RoleAttachmentDeleteResponse.html +3 -3
  95. data/doc/SDM/RoleAttachmentGetResponse.html +3 -3
  96. data/doc/SDM/RoleAttachments.html +23 -23
  97. data/doc/SDM/RoleCreateResponse.html +3 -3
  98. data/doc/SDM/RoleDeleteResponse.html +3 -3
  99. data/doc/SDM/RoleGetResponse.html +3 -3
  100. data/doc/SDM/RoleGrant.html +3 -3
  101. data/doc/SDM/RoleGrantCreateResponse.html +3 -3
  102. data/doc/SDM/RoleGrantDeleteResponse.html +3 -3
  103. data/doc/SDM/RoleGrantGetResponse.html +3 -3
  104. data/doc/SDM/RoleGrants.html +23 -23
  105. data/doc/SDM/RoleUpdateResponse.html +3 -3
  106. data/doc/SDM/Roles.html +29 -29
  107. data/doc/SDM/SQLServer.html +22 -4
  108. data/doc/SDM/SSH.html +40 -4
  109. data/doc/SDM/SSHCert.html +373 -0
  110. data/doc/SDM/Service.html +22 -4
  111. data/doc/SDM/Snowflake.html +22 -4
  112. data/doc/SDM/Sybase.html +22 -4
  113. data/doc/SDM/SybaseIQ.html +22 -4
  114. data/doc/SDM/Teradata.html +22 -4
  115. data/doc/SDM/UpdateResponseMetadata.html +1 -1
  116. data/doc/SDM/User.html +22 -4
  117. data/doc/V1.html +31 -6
  118. data/doc/V1/AccountAttachments.html +1 -1
  119. data/doc/V1/AccountAttachments/Service.html +1 -1
  120. data/doc/V1/AccountGrants.html +1 -1
  121. data/doc/V1/AccountGrants/Service.html +2 -2
  122. data/doc/V1/Accounts.html +1 -1
  123. data/doc/V1/Accounts/Service.html +1 -1
  124. data/doc/V1/Nodes.html +1 -1
  125. data/doc/V1/Nodes/Service.html +1 -1
  126. data/doc/V1/Resources.html +1 -1
  127. data/doc/V1/Resources/Service.html +1 -1
  128. data/doc/V1/RoleAttachments.html +1 -1
  129. data/doc/V1/RoleAttachments/Service.html +1 -1
  130. data/doc/V1/RoleGrants.html +1 -1
  131. data/doc/V1/RoleGrants/Service.html +1 -1
  132. data/doc/V1/Roles.html +1 -1
  133. data/doc/V1/Roles/Service.html +1 -1
  134. data/doc/V1/Tags.html +113 -0
  135. data/doc/created.rid +35 -41
  136. data/doc/css/rdoc.css +13 -5
  137. data/doc/examples/Gemfile.html +1 -11
  138. data/doc/index.html +11 -13
  139. data/doc/js/navigation.js.gz +0 -0
  140. data/doc/js/search_index.js +1 -1
  141. data/doc/js/search_index.js.gz +0 -0
  142. data/doc/js/searcher.js.gz +0 -0
  143. data/doc/lib/version.html +3 -13
  144. data/doc/table_of_contents.html +1028 -933
  145. data/lib/grpc/account_attachments_pb.rb +0 -5
  146. data/lib/grpc/account_grants_services_pb.rb +1 -1
  147. data/lib/grpc/accounts_pb.rb +3 -0
  148. data/lib/grpc/drivers_pb.rb +111 -0
  149. data/lib/grpc/nodes_pb.rb +3 -0
  150. data/lib/grpc/options_pb.rb +11 -0
  151. data/lib/grpc/plumbing.rb +2024 -1682
  152. data/lib/grpc/roles_pb.rb +2 -0
  153. data/lib/grpc/spec_pb.rb +0 -1
  154. data/lib/grpc/tags_pb.rb +36 -0
  155. data/lib/models/porcelain.rb +670 -38
  156. data/lib/strongdm.rb +1 -1
  157. data/lib/svc.rb +159 -161
  158. data/lib/version +16 -2
  159. data/lib/version.rb +1 -1
  160. metadata +23 -24
  161. data/examples/Gemfile +0 -3
  162. data/examples/Gemfile.lock +0 -14
  163. data/examples/README.md +0 -5
  164. data/examples/listUsers.rb +0 -21
  165. data/examples/okta-sync/Gemfile +0 -4
  166. data/examples/okta-sync/Gemfile.lock +0 -38
  167. data/examples/okta-sync/matchers.yml +0 -11
  168. data/examples/okta-sync/oktaSync.rb +0 -173
  169. data/examples/panicButton.rb +0 -138
data/examples/panicButton.rb DELETED
@@ -1,138 +0,0 @@
1
- # Copyright 2020 StrongDM Inc
2
- #
3
- # Licensed under the Apache License, Version 2.0 (the "License");
4
- # you may not use this file except in compliance with the License.
5
- # You may obtain a copy of the License at
6
- #
7
- # http://www.apache.org/licenses/LICENSE-2.0
8
- #
9
- # Unless required by applicable law or agreed to in writing, software
10
- # distributed under the License is distributed on an "AS IS" BASIS,
11
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12
- # See the License for the specific language governing permissions and
13
- # limitations under the License.
14
- #
15
- require "strongdm"
16
- require "OpenSSL"
17
- require "JSON"
18
-
19
- # panicButton.rb suspends all users except for one admin,
20
- # in the fake use case of a critical break in or something
21
- # usage:
22
- # ruby panicButton.rb adminuser@email.com
23
- # to revert back to pre-panic state:
24
- # ruby panicButton.rb revert
25
- def main
26
- access_key = ENV["SDM_API_ACCESS_KEY"]
27
- secret_key = ENV["SDM_API_SECRET_KEY"]
28
- if access_key == nil or secret_key == nil
29
- puts "SDM_API_ACCESS_KEY and SDM_API_SECRET_KEY must be provided"
30
- return
31
- end
32
- client = SDM::Client.new(access_key, secret_key)
33
-
34
- if ARGV.size == 1 and ARGV[0] == "revert"
35
- state_file = File.open("state.json")
36
- state = JSON.load(state_file)
37
-
38
- reinstated_count = 0
39
-
40
- users = client.accounts.list("")
41
- users.each { |user|
42
- if user.suspended
43
- reinstated_count += 1
44
- user.suspended = false
45
- client.accounts.update(user)
46
- end
47
- }
48
- state["attachments"].each { |attachment|
49
- begin
50
- a = SDM::AccountAttachment.new()
51
- a.account_id = attachment["account_id"]
52
- a.role_id = attachment["role_id"]
53
- client.account_attachments.create(a)
54
- rescue SDM::AlreadyExistsError
55
- rescue => ex
56
- puts "skipping creation of attachment due to error: " + ex.to_s
57
- end
58
- }
59
- state["grants"].each { |attachment|
60
- begin
61
- g = SDM::AccountGrant.new()
62
- g.account_id = attachment["account_id"]
63
- g.resource_id = attachment["resource_id"]
64
- client.account_grants.create(g)
65
- rescue SDM::AlreadyExistsError
66
- rescue => ex
67
- puts "skipping creation of grant due to error: " + ex.to_s
68
- end
69
- }
70
-
71
- puts "reinstated " + reinstated_count.to_s + " users"
72
- puts "recreated " + state["attachments"].size.to_s + " account attachments"
73
- puts "recreated " + state["grants"].size.to_s + " account grants"
74
-
75
- return
76
- end
77
-
78
- admin_email = ""
79
- if ARGV.size == 1
80
- admin_email = ARGV[0]
81
- else
82
- puts "please provide an admin email to preserve"
83
- return 1
84
- end
85
-
86
- admin_user_id = ""
87
- users = client.accounts.list("email:?", admin_email)
88
- users.each { |user|
89
- admin_user_id = user.id
90
- }
91
-
92
- account_attachments = client.account_attachments.list("")
93
- account_grants = client.account_grants.list("")
94
-
95
- state = {
96
- 'attachments': account_attachments.map { |x|
97
- if x.account_id != admin_user_id
98
- out = {
99
- 'account_id': x.account_id,
100
- 'role_id': x.role_id,
101
- }
102
- end
103
- }.reject { |x| x == nil },
104
- 'grants': account_grants.map { |x|
105
- if x.account_id != admin_user_id and x.valid_until == nil
106
- out = {
107
- 'account_id': x.account_id,
108
- 'resource_id': x.resource_id,
109
- }
110
- end
111
- }.reject { |x| x == nil },
112
- }
113
-
114
- puts "storing " + state[:attachments].size.to_s + " account attachments in state"
115
- puts "storing " + state[:grants].size.to_s + " account grants in state"
116
-
117
- state_file = File.open("state.json", "w")
118
- state_file.write(state.to_json)
119
-
120
- suspended_count = 0
121
- users = client.accounts.list("")
122
- users.each { |user|
123
- if user.instance_of? SDM::User and user.email == admin_email
124
- next
125
- end
126
- user.suspended = true
127
- begin
128
- client.accounts.update(user)
129
- suspended_count += 1
130
- rescue StandardError => ex
131
- puts "skipping user " + user.id + " on account of error: " + ex.to_s
132
- end
133
- }
134
-
135
- puts "suspended " + suspended_count.to_s + " users"
136
- end
137
-
138
- main()