strongdm 1.0.32 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.git/ORIG_HEAD +1 -1
- data/.git/config +0 -3
- data/.git/index +0 -0
- data/.git/logs/HEAD +3 -4
- data/.git/logs/refs/heads/master +2 -2
- data/.git/logs/refs/remotes/origin/HEAD +1 -1
- data/.git/objects/pack/pack-799dc839a811c2fbe50b5281a9266fcc3a8f5154.idx +0 -0
- data/.git/objects/pack/{pack-760024d2d3e635c44bfe6b54af80a8b21674032d.pack → pack-799dc839a811c2fbe50b5281a9266fcc3a8f5154.pack} +0 -0
- data/.git/packed-refs +5 -2
- data/.git/refs/heads/master +1 -1
- data/.yardopts +9 -0
- data/README.md +18 -6
- data/lib/errors/errors.rb +1 -1
- data/lib/grpc/account_attachments_services_pb.rb +1 -1
- data/lib/grpc/accounts_services_pb.rb +2 -2
- data/lib/grpc/drivers_pb.rb +38 -0
- data/lib/grpc/nodes_services_pb.rb +1 -1
- data/lib/grpc/options_pb.rb +35 -40
- data/lib/grpc/plumbing.rb +1258 -965
- data/lib/grpc/resources_services_pb.rb +3 -1
- data/lib/grpc/role_attachments_services_pb.rb +10 -0
- data/lib/grpc/role_grants_services_pb.rb +10 -0
- data/lib/grpc/roles_services_pb.rb +4 -6
- data/lib/grpc/secret_store_types_pb.rb +25 -0
- data/lib/grpc/secret_stores_services_pb.rb +1 -1
- data/lib/models/porcelain.rb +1243 -2897
- data/lib/strongdm.rb +39 -15
- data/lib/svc.rb +162 -14
- data/lib/version +1 -1
- data/lib/version.rb +1 -1
- metadata +5 -222
- data/.git/FETCH_HEAD +0 -2
- data/.git/logs/refs/heads/development +0 -1
- data/.git/objects/pack/pack-760024d2d3e635c44bfe6b54af80a8b21674032d.idx +0 -0
- data/.git/refs/heads/development +0 -1
- data/doc/LICENSE.html +0 -187
- data/doc/Object.html +0 -114
- data/doc/README_md.html +0 -146
- data/doc/SDM/AKS.html +0 -352
- data/doc/SDM/AKSBasicAuth.html +0 -337
- data/doc/SDM/AKSServiceAccount.html +0 -322
- data/doc/SDM/AKSServiceAccountUserImpersonation.html +0 -322
- data/doc/SDM/AKSUserImpersonation.html +0 -352
- data/doc/SDM/AWS.html +0 -337
- data/doc/SDM/AWSStore.html +0 -232
- data/doc/SDM/AccountAttachment.html +0 -219
- data/doc/SDM/AccountAttachmentCreateResponse.html +0 -219
- data/doc/SDM/AccountAttachmentDeleteResponse.html +0 -204
- data/doc/SDM/AccountAttachmentGetResponse.html +0 -219
- data/doc/SDM/AccountAttachments.html +0 -354
- data/doc/SDM/AccountCreateResponse.html +0 -234
- data/doc/SDM/AccountDeleteResponse.html +0 -204
- data/doc/SDM/AccountGetResponse.html +0 -219
- data/doc/SDM/AccountGrant.html +0 -249
- data/doc/SDM/AccountGrantCreateResponse.html +0 -219
- data/doc/SDM/AccountGrantDeleteResponse.html +0 -204
- data/doc/SDM/AccountGrantGetResponse.html +0 -219
- data/doc/SDM/AccountGrants.html +0 -354
- data/doc/SDM/AccountUpdateResponse.html +0 -219
- data/doc/SDM/Accounts.html +0 -409
- data/doc/SDM/AlreadyExistsError.html +0 -140
- data/doc/SDM/AmazonEKS.html +0 -397
- data/doc/SDM/AmazonEKSUserImpersonation.html +0 -397
- data/doc/SDM/AmazonES.html +0 -367
- data/doc/SDM/AmazonMQAMQP091.html +0 -352
- data/doc/SDM/Athena.html +0 -367
- data/doc/SDM/AuroraMysql.html +0 -352
- data/doc/SDM/AuroraPostgres.html +0 -367
- data/doc/SDM/AuthenticationError.html +0 -140
- data/doc/SDM/Azure.html +0 -307
- data/doc/SDM/AzureCertificate.html +0 -307
- data/doc/SDM/AzurePostgres.html +0 -367
- data/doc/SDM/BadRequestError.html +0 -140
- data/doc/SDM/BigQuery.html +0 -337
- data/doc/SDM/Cassandra.html +0 -352
- data/doc/SDM/Citus.html +0 -367
- data/doc/SDM/Client.html +0 -443
- data/doc/SDM/Clustrix.html +0 -352
- data/doc/SDM/Cockroach.html +0 -367
- data/doc/SDM/ControlPanel.html +0 -248
- data/doc/SDM/ControlPanelGetSSHCAPublicKeyResponse.html +0 -219
- data/doc/SDM/ControlPanelVerifyJWTResponse.html +0 -219
- data/doc/SDM/CreateResponseMetadata.html +0 -169
- data/doc/SDM/DB2LUW.html +0 -352
- data/doc/SDM/DB2i.html +0 -352
- data/doc/SDM/DeadlineExceededError.html +0 -140
- data/doc/SDM/DeleteResponseMetadata.html +0 -169
- data/doc/SDM/DocumentDBHost.html +0 -352
- data/doc/SDM/DocumentDBReplicaSet.html +0 -367
- data/doc/SDM/Druid.html +0 -337
- data/doc/SDM/DynamoDB.html +0 -367
- data/doc/SDM/Elastic.html +0 -352
- data/doc/SDM/ElasticacheRedis.html +0 -337
- data/doc/SDM/GCP.html +0 -292
- data/doc/SDM/Gateway.html +0 -279
- data/doc/SDM/GetResponseMetadata.html +0 -169
- data/doc/SDM/GoogleGKE.html +0 -322
- data/doc/SDM/GoogleGKEUserImpersonation.html +0 -322
- data/doc/SDM/Greenplum.html +0 -367
- data/doc/SDM/HTTPAuth.html +0 -352
- data/doc/SDM/HTTPBasicAuth.html +0 -367
- data/doc/SDM/HTTPNoAuth.html +0 -337
- data/doc/SDM/InternalError.html +0 -140
- data/doc/SDM/Kubernetes.html +0 -352
- data/doc/SDM/KubernetesBasicAuth.html +0 -337
- data/doc/SDM/KubernetesServiceAccount.html +0 -322
- data/doc/SDM/KubernetesServiceAccountUserImpersonation.html +0 -322
- data/doc/SDM/KubernetesUserImpersonation.html +0 -352
- data/doc/SDM/Maria.html +0 -352
- data/doc/SDM/Memcached.html +0 -307
- data/doc/SDM/Memsql.html +0 -352
- data/doc/SDM/MongoHost.html +0 -367
- data/doc/SDM/MongoLegacyHost.html +0 -382
- data/doc/SDM/MongoLegacyReplicaset.html +0 -397
- data/doc/SDM/MongoReplicaSet.html +0 -397
- data/doc/SDM/Mysql.html +0 -352
- data/doc/SDM/Neptune.html +0 -307
- data/doc/SDM/NeptuneIAM.html +0 -382
- data/doc/SDM/NodeCreateResponse.html +0 -234
- data/doc/SDM/NodeDeleteResponse.html +0 -204
- data/doc/SDM/NodeGetResponse.html +0 -219
- data/doc/SDM/NodeUpdateResponse.html +0 -219
- data/doc/SDM/Nodes.html +0 -409
- data/doc/SDM/NotFoundError.html +0 -140
- data/doc/SDM/Oracle.html +0 -367
- data/doc/SDM/PermissionError.html +0 -140
- data/doc/SDM/Plumbing.html +0 -15828
- data/doc/SDM/Postgres.html +0 -367
- data/doc/SDM/Presto.html +0 -367
- data/doc/SDM/RDP.html +0 -337
- data/doc/SDM/RPCError.html +0 -157
- data/doc/SDM/RabbitMQAMQP091.html +0 -352
- data/doc/SDM/RateLimitError.html +0 -157
- data/doc/SDM/RateLimitMetadata.html +0 -234
- data/doc/SDM/RawTCP.html +0 -307
- data/doc/SDM/Redis.html +0 -322
- data/doc/SDM/Redshift.html +0 -367
- data/doc/SDM/Relay.html +0 -249
- data/doc/SDM/ResourceCreateResponse.html +0 -219
- data/doc/SDM/ResourceDeleteResponse.html +0 -204
- data/doc/SDM/ResourceGetResponse.html +0 -219
- data/doc/SDM/ResourceUpdateResponse.html +0 -219
- data/doc/SDM/Resources.html +0 -456
- data/doc/SDM/Role.html +0 -249
- data/doc/SDM/RoleAttachment.html +0 -219
- data/doc/SDM/RoleAttachmentCreateResponse.html +0 -219
- data/doc/SDM/RoleAttachmentDeleteResponse.html +0 -204
- data/doc/SDM/RoleAttachmentGetResponse.html +0 -219
- data/doc/SDM/RoleAttachments.html +0 -354
- data/doc/SDM/RoleCreateResponse.html +0 -219
- data/doc/SDM/RoleDeleteResponse.html +0 -204
- data/doc/SDM/RoleGetResponse.html +0 -219
- data/doc/SDM/RoleGrant.html +0 -219
- data/doc/SDM/RoleGrantCreateResponse.html +0 -219
- data/doc/SDM/RoleGrantDeleteResponse.html +0 -204
- data/doc/SDM/RoleGrantGetResponse.html +0 -219
- data/doc/SDM/RoleGrants.html +0 -354
- data/doc/SDM/RoleUpdateResponse.html +0 -219
- data/doc/SDM/Roles.html +0 -403
- data/doc/SDM/SQLServer.html +0 -382
- data/doc/SDM/SSH.html +0 -352
- data/doc/SDM/SSHCert.html +0 -337
- data/doc/SDM/SSHCustomerKey.html +0 -352
- data/doc/SDM/SecretStoreCreateResponse.html +0 -219
- data/doc/SDM/SecretStoreDeleteResponse.html +0 -204
- data/doc/SDM/SecretStoreGetResponse.html +0 -219
- data/doc/SDM/SecretStoreUpdateResponse.html +0 -219
- data/doc/SDM/SecretStores.html +0 -403
- data/doc/SDM/Service.html +0 -234
- data/doc/SDM/SingleStore.html +0 -352
- data/doc/SDM/Snowflake.html +0 -352
- data/doc/SDM/Sybase.html +0 -337
- data/doc/SDM/SybaseIQ.html +0 -337
- data/doc/SDM/Tag.html +0 -202
- data/doc/SDM/Teradata.html +0 -337
- data/doc/SDM/UpdateResponseMetadata.html +0 -169
- data/doc/SDM/User.html +0 -264
- data/doc/SDM/VaultTLSStore.html +0 -292
- data/doc/SDM/VaultTokenStore.html +0 -247
- data/doc/SDM.html +0 -122
- data/doc/V1/AccountAttachments/Service.html +0 -107
- data/doc/V1/AccountAttachments.html +0 -100
- data/doc/V1/AccountGrants/Service.html +0 -107
- data/doc/V1/AccountGrants.html +0 -100
- data/doc/V1/Accounts/Service.html +0 -112
- data/doc/V1/Accounts.html +0 -100
- data/doc/V1/ControlPanel/Service.html +0 -107
- data/doc/V1/ControlPanel.html +0 -100
- data/doc/V1/Nodes/Service.html +0 -112
- data/doc/V1/Nodes.html +0 -100
- data/doc/V1/Resources/Service.html +0 -105
- data/doc/V1/Resources.html +0 -100
- data/doc/V1/RoleAttachments/Service.html +0 -107
- data/doc/V1/RoleAttachments.html +0 -100
- data/doc/V1/RoleGrants/Service.html +0 -107
- data/doc/V1/RoleGrants.html +0 -100
- data/doc/V1/Roles/Service.html +0 -107
- data/doc/V1/Roles.html +0 -100
- data/doc/V1/SecretStores/Service.html +0 -107
- data/doc/V1/SecretStores.html +0 -100
- data/doc/V1/Tags.html +0 -100
- data/doc/V1.html +0 -502
- data/doc/created.rid +0 -37
- data/doc/css/fonts.css +0 -167
- data/doc/css/rdoc.css +0 -639
- data/doc/examples/Gemfile.html +0 -89
- data/doc/fonts/Lato-Light.ttf +0 -0
- data/doc/fonts/Lato-LightItalic.ttf +0 -0
- data/doc/fonts/Lato-Regular.ttf +0 -0
- data/doc/fonts/Lato-RegularItalic.ttf +0 -0
- data/doc/fonts/SourceCodePro-Bold.ttf +0 -0
- data/doc/fonts/SourceCodePro-Regular.ttf +0 -0
- data/doc/images/add.png +0 -0
- data/doc/images/arrow_up.png +0 -0
- data/doc/images/brick.png +0 -0
- data/doc/images/brick_link.png +0 -0
- data/doc/images/bug.png +0 -0
- data/doc/images/bullet_black.png +0 -0
- data/doc/images/bullet_toggle_minus.png +0 -0
- data/doc/images/bullet_toggle_plus.png +0 -0
- data/doc/images/date.png +0 -0
- data/doc/images/delete.png +0 -0
- data/doc/images/find.png +0 -0
- data/doc/images/loadingAnimation.gif +0 -0
- data/doc/images/macFFBgHack.png +0 -0
- data/doc/images/package.png +0 -0
- data/doc/images/page_green.png +0 -0
- data/doc/images/page_white_text.png +0 -0
- data/doc/images/page_white_width.png +0 -0
- data/doc/images/plugin.png +0 -0
- data/doc/images/ruby.png +0 -0
- data/doc/images/tag_blue.png +0 -0
- data/doc/images/tag_green.png +0 -0
- data/doc/images/transparent.png +0 -0
- data/doc/images/wrench.png +0 -0
- data/doc/images/wrench_orange.png +0 -0
- data/doc/images/zoom.png +0 -0
- data/doc/index.html +0 -255
- data/doc/js/darkfish.js +0 -84
- data/doc/js/navigation.js +0 -105
- data/doc/js/navigation.js.gz +0 -0
- data/doc/js/search.js +0 -110
- data/doc/js/search_index.js +0 -1
- data/doc/js/search_index.js.gz +0 -0
- data/doc/js/searcher.js +0 -229
- data/doc/js/searcher.js.gz +0 -0
- data/doc/lib/version.html +0 -92
- data/doc/table_of_contents.html +0 -4614
- data/examples/Gemfile +0 -3
- data/examples/listUsers.rb +0 -21
data/doc/SDM/Client.html
DELETED
@@ -1,443 +0,0 @@
|
|
1
|
-
<!DOCTYPE html>
|
2
|
-
|
3
|
-
<html>
|
4
|
-
<head>
|
5
|
-
<meta charset="UTF-8">
|
6
|
-
|
7
|
-
<title>class SDM::Client - RDoc Documentation</title>
|
8
|
-
|
9
|
-
<script type="text/javascript">
|
10
|
-
var rdoc_rel_prefix = "../";
|
11
|
-
var index_rel_prefix = "../";
|
12
|
-
</script>
|
13
|
-
|
14
|
-
<script src="../js/navigation.js" defer></script>
|
15
|
-
<script src="../js/search.js" defer></script>
|
16
|
-
<script src="../js/search_index.js" defer></script>
|
17
|
-
<script src="../js/searcher.js" defer></script>
|
18
|
-
<script src="../js/darkfish.js" defer></script>
|
19
|
-
|
20
|
-
<link href="../css/fonts.css" rel="stylesheet">
|
21
|
-
<link href="../css/rdoc.css" rel="stylesheet">
|
22
|
-
|
23
|
-
|
24
|
-
<body id="top" role="document" class="class">
|
25
|
-
<nav role="navigation">
|
26
|
-
<div id="project-navigation">
|
27
|
-
<div id="home-section" role="region" title="Quick navigation" class="nav-section">
|
28
|
-
<h2>
|
29
|
-
<a href="../index.html" rel="home">Home</a>
|
30
|
-
</h2>
|
31
|
-
|
32
|
-
<div id="table-of-contents-navigation">
|
33
|
-
<a href="../table_of_contents.html#pages">Pages</a>
|
34
|
-
<a href="../table_of_contents.html#classes">Classes</a>
|
35
|
-
<a href="../table_of_contents.html#methods">Methods</a>
|
36
|
-
</div>
|
37
|
-
</div>
|
38
|
-
|
39
|
-
<div id="search-section" role="search" class="project-section initially-hidden">
|
40
|
-
<form action="#" method="get" accept-charset="utf-8">
|
41
|
-
<div id="search-field-wrapper">
|
42
|
-
<input id="search-field" role="combobox" aria-label="Search"
|
43
|
-
aria-autocomplete="list" aria-controls="search-results"
|
44
|
-
type="text" name="search" placeholder="Search" spellcheck="false"
|
45
|
-
title="Type to search, Up and Down to navigate, Enter to load">
|
46
|
-
</div>
|
47
|
-
|
48
|
-
<ul id="search-results" aria-label="Search Results"
|
49
|
-
aria-busy="false" aria-expanded="false"
|
50
|
-
aria-atomic="false" class="initially-hidden"></ul>
|
51
|
-
</form>
|
52
|
-
</div>
|
53
|
-
|
54
|
-
</div>
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
<div id="class-metadata">
|
59
|
-
|
60
|
-
|
61
|
-
<div id="parent-class-section" class="nav-section">
|
62
|
-
<h3>Parent</h3>
|
63
|
-
|
64
|
-
<p class="link"><a href="../Object.html">Object</a>
|
65
|
-
</div>
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
<!-- Method Quickref -->
|
71
|
-
<div id="method-list-section" class="nav-section">
|
72
|
-
<h3>Methods</h3>
|
73
|
-
|
74
|
-
<ul class="link-list" role="directory">
|
75
|
-
<li ><a href="#method-c-new">::new</a>
|
76
|
-
<li ><a href="#method-i-get_metadata">#get_metadata</a>
|
77
|
-
<li ><a href="#method-i-jitterSleep">#jitterSleep</a>
|
78
|
-
<li ><a href="#method-i-shouldRetry">#shouldRetry</a>
|
79
|
-
<li ><a href="#method-i-sign">#sign</a>
|
80
|
-
</ul>
|
81
|
-
</div>
|
82
|
-
|
83
|
-
</div>
|
84
|
-
</nav>
|
85
|
-
|
86
|
-
<main role="main" aria-labelledby="class-SDM::Client">
|
87
|
-
<h1 id="class-SDM::Client" class="class">
|
88
|
-
class SDM::Client
|
89
|
-
</h1>
|
90
|
-
|
91
|
-
<section class="description">
|
92
|
-
|
93
|
-
<p><a href="Client.html"><code>Client</code></a> bundles all the services together and initializes them.</p>
|
94
|
-
|
95
|
-
</section>
|
96
|
-
|
97
|
-
<section id="5Buntitled-5D" class="documentation-section">
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
<section class="attribute-method-details" class="method-section">
|
102
|
-
<header>
|
103
|
-
<h3>Attributes</h3>
|
104
|
-
</header>
|
105
|
-
|
106
|
-
<div id="attribute-i-_test_options" class="method-detail">
|
107
|
-
<div class="method-heading attribute-method-heading">
|
108
|
-
<span class="method-name">_test_options</span><span
|
109
|
-
class="attribute-access-type">[R]</span>
|
110
|
-
</div>
|
111
|
-
|
112
|
-
<div class="method-description">
|
113
|
-
|
114
|
-
</div>
|
115
|
-
</div>
|
116
|
-
<div id="attribute-i-account_attachments" class="method-detail">
|
117
|
-
<div class="method-heading attribute-method-heading">
|
118
|
-
<span class="method-name">account_attachments</span><span
|
119
|
-
class="attribute-access-type">[R]</span>
|
120
|
-
</div>
|
121
|
-
|
122
|
-
<div class="method-description">
|
123
|
-
<p><a href="AccountAttachments.html"><code>AccountAttachments</code></a> assign an account to a role or composite role.</p>
|
124
|
-
</div>
|
125
|
-
</div>
|
126
|
-
<div id="attribute-i-account_grants" class="method-detail">
|
127
|
-
<div class="method-heading attribute-method-heading">
|
128
|
-
<span class="method-name">account_grants</span><span
|
129
|
-
class="attribute-access-type">[R]</span>
|
130
|
-
</div>
|
131
|
-
|
132
|
-
<div class="method-description">
|
133
|
-
<p><a href="AccountGrants.html"><code>AccountGrants</code></a> assign a resource directly to an account, giving the account the permission to connect to that resource.</p>
|
134
|
-
</div>
|
135
|
-
</div>
|
136
|
-
<div id="attribute-i-accounts" class="method-detail">
|
137
|
-
<div class="method-heading attribute-method-heading">
|
138
|
-
<span class="method-name">accounts</span><span
|
139
|
-
class="attribute-access-type">[R]</span>
|
140
|
-
</div>
|
141
|
-
|
142
|
-
<div class="method-description">
|
143
|
-
<p><a href="Accounts.html"><code>Accounts</code></a> are users that have access to strongDM. There are two types of accounts:</p>
|
144
|
-
<ol><li>
|
145
|
-
<p><strong>Users:</strong> humans who are authenticated through username and password or SSO.</p>
|
146
|
-
</li><li>
|
147
|
-
<p>**Service Accounts:** machines that are authenticated using a service token.</p>
|
148
|
-
</li></ol>
|
149
|
-
</div>
|
150
|
-
</div>
|
151
|
-
<div id="attribute-i-api_access_key" class="method-detail">
|
152
|
-
<div class="method-heading attribute-method-heading">
|
153
|
-
<span class="method-name">api_access_key</span><span
|
154
|
-
class="attribute-access-type">[R]</span>
|
155
|
-
</div>
|
156
|
-
|
157
|
-
<div class="method-description">
|
158
|
-
<p>API authentication token (read-only).</p>
|
159
|
-
</div>
|
160
|
-
</div>
|
161
|
-
<div id="attribute-i-base_retry_delay" class="method-detail">
|
162
|
-
<div class="method-heading attribute-method-heading">
|
163
|
-
<span class="method-name">base_retry_delay</span><span
|
164
|
-
class="attribute-access-type">[R]</span>
|
165
|
-
</div>
|
166
|
-
|
167
|
-
<div class="method-description">
|
168
|
-
|
169
|
-
</div>
|
170
|
-
</div>
|
171
|
-
<div id="attribute-i-control_panel" class="method-detail">
|
172
|
-
<div class="method-heading attribute-method-heading">
|
173
|
-
<span class="method-name">control_panel</span><span
|
174
|
-
class="attribute-access-type">[R]</span>
|
175
|
-
</div>
|
176
|
-
|
177
|
-
<div class="method-description">
|
178
|
-
<p><a href="ControlPanel.html"><code>ControlPanel</code></a> contains all administrative controls.</p>
|
179
|
-
</div>
|
180
|
-
</div>
|
181
|
-
<div id="attribute-i-max_retries" class="method-detail">
|
182
|
-
<div class="method-heading attribute-method-heading">
|
183
|
-
<span class="method-name">max_retries</span><span
|
184
|
-
class="attribute-access-type">[R]</span>
|
185
|
-
</div>
|
186
|
-
|
187
|
-
<div class="method-description">
|
188
|
-
|
189
|
-
</div>
|
190
|
-
</div>
|
191
|
-
<div id="attribute-i-max_retry_delay" class="method-detail">
|
192
|
-
<div class="method-heading attribute-method-heading">
|
193
|
-
<span class="method-name">max_retry_delay</span><span
|
194
|
-
class="attribute-access-type">[R]</span>
|
195
|
-
</div>
|
196
|
-
|
197
|
-
<div class="method-description">
|
198
|
-
|
199
|
-
</div>
|
200
|
-
</div>
|
201
|
-
<div id="attribute-i-nodes" class="method-detail">
|
202
|
-
<div class="method-heading attribute-method-heading">
|
203
|
-
<span class="method-name">nodes</span><span
|
204
|
-
class="attribute-access-type">[R]</span>
|
205
|
-
</div>
|
206
|
-
|
207
|
-
<div class="method-description">
|
208
|
-
<p><a href="Nodes.html"><code>Nodes</code></a> make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:</p>
|
209
|
-
<ul><li>
|
210
|
-
<p><strong>Gateways</strong> are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.</p>
|
211
|
-
</li><li>
|
212
|
-
<p><strong>Relays</strong> are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.</p>
|
213
|
-
</li></ul>
|
214
|
-
</div>
|
215
|
-
</div>
|
216
|
-
<div id="attribute-i-resources" class="method-detail">
|
217
|
-
<div class="method-heading attribute-method-heading">
|
218
|
-
<span class="method-name">resources</span><span
|
219
|
-
class="attribute-access-type">[R]</span>
|
220
|
-
</div>
|
221
|
-
|
222
|
-
<div class="method-description">
|
223
|
-
|
224
|
-
</div>
|
225
|
-
</div>
|
226
|
-
<div id="attribute-i-role_attachments" class="method-detail">
|
227
|
-
<div class="method-heading attribute-method-heading">
|
228
|
-
<span class="method-name">role_attachments</span><span
|
229
|
-
class="attribute-access-type">[R]</span>
|
230
|
-
</div>
|
231
|
-
|
232
|
-
<div class="method-description">
|
233
|
-
<p><a href="RoleAttachments.html"><code>RoleAttachments</code></a> represent relationships between composite roles and the roles that make up those composite roles. When a composite role is attached to another role, the permissions granted to members of the composite role are augmented to include the permissions granted to members of the attached role.</p>
|
234
|
-
</div>
|
235
|
-
</div>
|
236
|
-
<div id="attribute-i-role_grants" class="method-detail">
|
237
|
-
<div class="method-heading attribute-method-heading">
|
238
|
-
<span class="method-name">role_grants</span><span
|
239
|
-
class="attribute-access-type">[R]</span>
|
240
|
-
</div>
|
241
|
-
|
242
|
-
<div class="method-description">
|
243
|
-
<p><a href="RoleGrants.html"><code>RoleGrants</code></a> represent relationships between composite roles and the roles that make up those composite roles. When a composite role is attached to another role, the permissions granted to members of the composite role are augmented to include the permissions granted to members of the attached role.</p>
|
244
|
-
</div>
|
245
|
-
</div>
|
246
|
-
<div id="attribute-i-roles" class="method-detail">
|
247
|
-
<div class="method-heading attribute-method-heading">
|
248
|
-
<span class="method-name">roles</span><span
|
249
|
-
class="attribute-access-type">[R]</span>
|
250
|
-
</div>
|
251
|
-
|
252
|
-
<div class="method-description">
|
253
|
-
<p><a href="Roles.html"><code>Roles</code></a> are tools for controlling user access to resources. Each <a href="Role.html"><code>Role</code></a> holds a list of resources which they grant access to. Composite roles are a special type of <a href="Role.html"><code>Role</code></a> which have no resource associations of their own, but instead grant access to the combined resources associated with a set of child roles. Each user can be a member of one <a href="Role.html"><code>Role</code></a> or composite role.</p>
|
254
|
-
</div>
|
255
|
-
</div>
|
256
|
-
<div id="attribute-i-secret_stores" class="method-detail">
|
257
|
-
<div class="method-heading attribute-method-heading">
|
258
|
-
<span class="method-name">secret_stores</span><span
|
259
|
-
class="attribute-access-type">[R]</span>
|
260
|
-
</div>
|
261
|
-
|
262
|
-
<div class="method-description">
|
263
|
-
<p><a href="SecretStores.html"><code>SecretStores</code></a> are servers where resource secrets (passwords, keys) are stored.</p>
|
264
|
-
</div>
|
265
|
-
</div>
|
266
|
-
</section>
|
267
|
-
|
268
|
-
|
269
|
-
<section id="public-class-5Buntitled-5D-method-details" class="method-section">
|
270
|
-
<header>
|
271
|
-
<h3>Public Class Methods</h3>
|
272
|
-
</header>
|
273
|
-
|
274
|
-
<div id="method-c-new" class="method-detail ">
|
275
|
-
<div class="method-heading">
|
276
|
-
<span class="method-name">new</span><span
|
277
|
-
class="method-args">(api_access_key, api_secret_key, host:"api.strongdm.com:443", insecure:false)</span>
|
278
|
-
<span class="method-click-advice">click to toggle source</span>
|
279
|
-
</div>
|
280
|
-
|
281
|
-
<div class="method-description">
|
282
|
-
<p>Creates a new strongDM API client.</p>
|
283
|
-
|
284
|
-
<div class="method-source-code" id="new-source">
|
285
|
-
<pre><span class="ruby-comment"># File lib/strongdm.rb, line 33</span>
|
286
|
-
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">initialize</span>(<span class="ruby-identifier">api_access_key</span>, <span class="ruby-identifier">api_secret_key</span>, <span class="ruby-value">host:</span><span class="ruby-string">"api.strongdm.com:443"</span>, <span class="ruby-value">insecure:</span><span class="ruby-keyword">false</span>)
|
287
|
-
<span class="ruby-identifier">raise</span> <span class="ruby-constant">TypeError</span>, <span class="ruby-string">'client access key must be a string'</span> <span class="ruby-keyword">unless</span> <span class="ruby-identifier">api_access_key</span>.<span class="ruby-identifier">kind_of?</span>(<span class="ruby-constant">String</span>)
|
288
|
-
<span class="ruby-identifier">raise</span> <span class="ruby-constant">TypeError</span>, <span class="ruby-string">'client secret key must be a string'</span> <span class="ruby-keyword">unless</span> <span class="ruby-identifier">api_secret_key</span>.<span class="ruby-identifier">kind_of?</span>(<span class="ruby-constant">String</span>)
|
289
|
-
<span class="ruby-identifier">raise</span> <span class="ruby-constant">TypeError</span>, <span class="ruby-string">'client host must be a string'</span> <span class="ruby-keyword">unless</span> <span class="ruby-identifier">host</span>.<span class="ruby-identifier">kind_of?</span>(<span class="ruby-constant">String</span>)
|
290
|
-
<span class="ruby-ivar">@api_access_key</span> = <span class="ruby-identifier">api_access_key</span>.<span class="ruby-identifier">strip</span>
|
291
|
-
<span class="ruby-ivar">@api_secret_key</span> = <span class="ruby-constant">Base64</span>.<span class="ruby-identifier">strict_decode64</span>(<span class="ruby-identifier">api_secret_key</span>.<span class="ruby-identifier">strip</span>)
|
292
|
-
<span class="ruby-ivar">@max_retries</span> = <span class="ruby-constant">DEFAULT_MAX_RETRIES</span>
|
293
|
-
<span class="ruby-ivar">@base_retry_delay</span> = <span class="ruby-constant">DEFAULT_BASE_RETRY_DELAY</span>
|
294
|
-
<span class="ruby-ivar">@max_retry_delay</span> = <span class="ruby-constant">DEFAULT_MAX_RETRY_DELAY</span>
|
295
|
-
<span class="ruby-ivar">@account_attachments</span> = <span class="ruby-constant">AccountAttachments</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
296
|
-
<span class="ruby-ivar">@account_grants</span> = <span class="ruby-constant">AccountGrants</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
297
|
-
<span class="ruby-ivar">@accounts</span> = <span class="ruby-constant">Accounts</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
298
|
-
<span class="ruby-ivar">@control_panel</span> = <span class="ruby-constant">ControlPanel</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
299
|
-
<span class="ruby-ivar">@nodes</span> = <span class="ruby-constant">Nodes</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
300
|
-
<span class="ruby-ivar">@resources</span> = <span class="ruby-constant">Resources</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
301
|
-
<span class="ruby-ivar">@role_attachments</span> = <span class="ruby-constant">RoleAttachments</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
302
|
-
<span class="ruby-ivar">@role_grants</span> = <span class="ruby-constant">RoleGrants</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
303
|
-
<span class="ruby-ivar">@roles</span> = <span class="ruby-constant">Roles</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
304
|
-
<span class="ruby-ivar">@secret_stores</span> = <span class="ruby-constant">SecretStores</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">host</span>, <span class="ruby-identifier">insecure</span>, <span class="ruby-keyword">self</span>)
|
305
|
-
<span class="ruby-ivar">@_test_options</span> = <span class="ruby-constant">Hash</span>.<span class="ruby-identifier">new</span>
|
306
|
-
<span class="ruby-keyword">end</span></pre>
|
307
|
-
</div>
|
308
|
-
</div>
|
309
|
-
|
310
|
-
|
311
|
-
</div>
|
312
|
-
|
313
|
-
</section>
|
314
|
-
|
315
|
-
<section id="public-instance-5Buntitled-5D-method-details" class="method-section">
|
316
|
-
<header>
|
317
|
-
<h3>Public Instance Methods</h3>
|
318
|
-
</header>
|
319
|
-
|
320
|
-
<div id="method-i-get_metadata" class="method-detail ">
|
321
|
-
<div class="method-heading">
|
322
|
-
<span class="method-name">get_metadata</span><span
|
323
|
-
class="method-args">(method_name, req)</span>
|
324
|
-
<span class="method-click-advice">click to toggle source</span>
|
325
|
-
</div>
|
326
|
-
|
327
|
-
<div class="method-description">
|
328
|
-
|
329
|
-
|
330
|
-
<div class="method-source-code" id="get_metadata-source">
|
331
|
-
<pre><span class="ruby-comment"># File lib/strongdm.rb, line 55</span>
|
332
|
-
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">get_metadata</span>(<span class="ruby-identifier">method_name</span>, <span class="ruby-identifier">req</span>)
|
333
|
-
<span class="ruby-keyword">return</span> {
|
334
|
-
<span class="ruby-value">'x-sdm-authentication':</span> <span class="ruby-ivar">@api_access_key</span>,
|
335
|
-
<span class="ruby-value">'x-sdm-signature':</span> <span class="ruby-keyword">self</span>.<span class="ruby-identifier">sign</span>(<span class="ruby-identifier">method_name</span>, <span class="ruby-identifier">req</span>.<span class="ruby-identifier">to_proto</span>),
|
336
|
-
<span class="ruby-value">'x-sdm-api-version':</span> <span class="ruby-constant">API_VERSION</span>,
|
337
|
-
<span class="ruby-value">'x-sdm-user-agent':</span> <span class="ruby-constant">USER_AGENT</span>,
|
338
|
-
}
|
339
|
-
<span class="ruby-keyword">end</span></pre>
|
340
|
-
</div>
|
341
|
-
</div>
|
342
|
-
|
343
|
-
|
344
|
-
</div>
|
345
|
-
|
346
|
-
<div id="method-i-jitterSleep" class="method-detail ">
|
347
|
-
<div class="method-heading">
|
348
|
-
<span class="method-name">jitterSleep</span><span
|
349
|
-
class="method-args">(iter)</span>
|
350
|
-
<span class="method-click-advice">click to toggle source</span>
|
351
|
-
</div>
|
352
|
-
|
353
|
-
<div class="method-description">
|
354
|
-
|
355
|
-
|
356
|
-
<div class="method-source-code" id="jitterSleep-source">
|
357
|
-
<pre><span class="ruby-comment"># File lib/strongdm.rb, line 80</span>
|
358
|
-
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">jitterSleep</span>(<span class="ruby-identifier">iter</span>)
|
359
|
-
<span class="ruby-identifier">dur_max</span> = <span class="ruby-ivar">@base_retry_delay</span> <span class="ruby-operator">*</span> <span class="ruby-value">2</span><span class="ruby-operator">**</span><span class="ruby-identifier">iter</span>
|
360
|
-
<span class="ruby-keyword">if</span> (<span class="ruby-identifier">dur_max</span> <span class="ruby-operator">></span> <span class="ruby-ivar">@max_retry_delay</span>)
|
361
|
-
<span class="ruby-identifier">dur_max</span> = <span class="ruby-ivar">@max_retry_delay</span>
|
362
|
-
<span class="ruby-keyword">end</span>
|
363
|
-
<span class="ruby-identifier">dur</span> = <span class="ruby-identifier">rand</span>() <span class="ruby-operator">*</span> <span class="ruby-identifier">dur_max</span>
|
364
|
-
<span class="ruby-identifier">sleep</span>(<span class="ruby-identifier">dur</span>)
|
365
|
-
<span class="ruby-keyword">end</span></pre>
|
366
|
-
</div>
|
367
|
-
</div>
|
368
|
-
|
369
|
-
|
370
|
-
</div>
|
371
|
-
|
372
|
-
<div id="method-i-shouldRetry" class="method-detail ">
|
373
|
-
<div class="method-heading">
|
374
|
-
<span class="method-name">shouldRetry</span><span
|
375
|
-
class="method-args">(iter, err)</span>
|
376
|
-
<span class="method-click-advice">click to toggle source</span>
|
377
|
-
</div>
|
378
|
-
|
379
|
-
<div class="method-description">
|
380
|
-
|
381
|
-
|
382
|
-
<div class="method-source-code" id="shouldRetry-source">
|
383
|
-
<pre><span class="ruby-comment"># File lib/strongdm.rb, line 89</span>
|
384
|
-
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">shouldRetry</span>(<span class="ruby-identifier">iter</span>, <span class="ruby-identifier">err</span>)
|
385
|
-
<span class="ruby-keyword">if</span> (<span class="ruby-identifier">iter</span> <span class="ruby-operator">>=</span> <span class="ruby-ivar">@max_retries</span><span class="ruby-value">-1</span>)
|
386
|
-
<span class="ruby-keyword">return</span> <span class="ruby-keyword">false</span>
|
387
|
-
<span class="ruby-keyword">end</span>
|
388
|
-
<span class="ruby-keyword">if</span> <span class="ruby-keyword">not</span> <span class="ruby-identifier">err</span> .<span class="ruby-identifier">is_a?</span> <span class="ruby-constant">GRPC</span><span class="ruby-operator">::</span><span class="ruby-constant">BadStatus</span>
|
389
|
-
<span class="ruby-keyword">return</span> <span class="ruby-keyword">true</span>
|
390
|
-
<span class="ruby-keyword">end</span>
|
391
|
-
<span class="ruby-keyword">return</span> <span class="ruby-identifier">err</span>.<span class="ruby-identifier">code</span>() <span class="ruby-operator">==</span> <span class="ruby-value">13</span>
|
392
|
-
<span class="ruby-keyword">end</span></pre>
|
393
|
-
</div>
|
394
|
-
</div>
|
395
|
-
|
396
|
-
|
397
|
-
</div>
|
398
|
-
|
399
|
-
<div id="method-i-sign" class="method-detail ">
|
400
|
-
<div class="method-heading">
|
401
|
-
<span class="method-name">sign</span><span
|
402
|
-
class="method-args">(method_name, msg_bytes)</span>
|
403
|
-
<span class="method-click-advice">click to toggle source</span>
|
404
|
-
</div>
|
405
|
-
|
406
|
-
<div class="method-description">
|
407
|
-
|
408
|
-
|
409
|
-
<div class="method-source-code" id="sign-source">
|
410
|
-
<pre><span class="ruby-comment"># File lib/strongdm.rb, line 64</span>
|
411
|
-
<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">sign</span>(<span class="ruby-identifier">method_name</span>, <span class="ruby-identifier">msg_bytes</span>)
|
412
|
-
<span class="ruby-identifier">current_utc_date</span> = <span class="ruby-constant">Time</span>.<span class="ruby-identifier">now</span>.<span class="ruby-identifier">utc</span>
|
413
|
-
<span class="ruby-identifier">date</span> = <span class="ruby-identifier">sprintf</span>(<span class="ruby-string">"%04d-%02d-%02d"</span>,<span class="ruby-identifier">current_utc_date</span>.<span class="ruby-identifier">year</span>, <span class="ruby-identifier">current_utc_date</span>.<span class="ruby-identifier">month</span>, <span class="ruby-identifier">current_utc_date</span>.<span class="ruby-identifier">day</span>)
|
414
|
-
|
415
|
-
<span class="ruby-identifier">signing_key</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">HMAC</span>.<span class="ruby-identifier">digest</span>(<span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">SHA256</span>.<span class="ruby-identifier">new</span>, <span class="ruby-ivar">@api_secret_key</span>, <span class="ruby-identifier">date</span>)
|
416
|
-
<span class="ruby-identifier">signing_key</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">HMAC</span>.<span class="ruby-identifier">digest</span>(<span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">SHA256</span>.<span class="ruby-identifier">new</span>, <span class="ruby-identifier">signing_key</span>, <span class="ruby-string">'sdm_api_v1'</span>)
|
417
|
-
|
418
|
-
<span class="ruby-identifier">sha_req</span> = <span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">SHA256</span>.<span class="ruby-identifier">new</span>
|
419
|
-
<span class="ruby-identifier">sha_req</span> <span class="ruby-operator"><<</span> <span class="ruby-identifier">method_name</span>
|
420
|
-
<span class="ruby-identifier">sha_req</span> <span class="ruby-operator"><<</span> <span class="ruby-string">"\n"</span>
|
421
|
-
<span class="ruby-identifier">sha_req</span> <span class="ruby-operator"><<</span> <span class="ruby-identifier">msg_bytes</span>
|
422
|
-
<span class="ruby-identifier">request_hash</span> = <span class="ruby-identifier">sha_req</span>.<span class="ruby-identifier">digest</span>
|
423
|
-
|
424
|
-
<span class="ruby-keyword">return</span> <span class="ruby-constant">Base64</span>.<span class="ruby-identifier">strict_encode64</span>(<span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">HMAC</span>.<span class="ruby-identifier">digest</span>(<span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">Digest</span><span class="ruby-operator">::</span><span class="ruby-constant">SHA256</span>.<span class="ruby-identifier">new</span>, <span class="ruby-identifier">signing_key</span>, <span class="ruby-identifier">request_hash</span>))
|
425
|
-
<span class="ruby-keyword">end</span></pre>
|
426
|
-
</div>
|
427
|
-
</div>
|
428
|
-
|
429
|
-
|
430
|
-
</div>
|
431
|
-
|
432
|
-
</section>
|
433
|
-
|
434
|
-
</section>
|
435
|
-
</main>
|
436
|
-
|
437
|
-
|
438
|
-
<footer id="validator-badges" role="contentinfo">
|
439
|
-
<p><a href="https://validator.w3.org/check/referer">Validate</a>
|
440
|
-
<p>Generated by <a href="https://ruby.github.io/rdoc/">RDoc</a> 6.3.1.
|
441
|
-
<p>Based on <a href="http://deveiate.org/projects/Darkfish-RDoc/">Darkfish</a> by <a href="http://deveiate.org">Michael Granger</a>.
|
442
|
-
</footer>
|
443
|
-
|