strongdm 1.0.8 → 1.0.14

data/lib/strongdm.rb

@@ -37,11 +37,13 @@ module SDM
       @account_attachments = AccountAttachments.new(host, insecure, self)
       @account_grants = AccountGrants.new(host, insecure, self)
       @accounts = Accounts.new(host, insecure, self)
+      @control_panel = ControlPanel.new(host, insecure, self)
       @nodes = Nodes.new(host, insecure, self)
       @resources = Resources.new(host, insecure, self)
       @role_attachments = RoleAttachments.new(host, insecure, self)
       @role_grants = RoleGrants.new(host, insecure, self)
       @roles = Roles.new(host, insecure, self)
+      @secret_stores = SecretStores.new(host, insecure, self)
       @_test_options = Hash.new
     end
 
@@ -90,19 +92,19 @@ module SDM
 
     # API authentication token (read-only).
     attr_reader :api_access_key
-    # AccountAttachments assign an account to a role.
+    # AccountAttachments assign an account to a role or composite role.
     attr_reader :account_attachments
     # AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.
     attr_reader :account_grants
-    # Accounts are users that have access to strongDM.
-    # There are two types of accounts:
-    # 1. **Regular users:** humans who are authenticated through username and password or SSO
-    # 2. **Service users:** machines that are authneticated using a service token
+    # Accounts are users that have access to strongDM. There are two types of accounts:
+    # 1. **Users:** humans who are authenticated through username and password or SSO.
+    # 2. **Service Accounts:** machines that are authenticated using a service token.
     attr_reader :accounts
-    # Nodes make up the strongDM network, and allow your users to connect securely to your resources.
-    # There are two types of nodes:
-    # 1. **Relay:** creates connectivity to your datasources, while maintaining the egress-only nature of your firewall
-    # 1. **Gateways:** a relay that also listens for connections from strongDM clients
+    # ControlPanel contains all administrative controls.
+    attr_reader :control_panel
+    # Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:
+    # - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
+    # - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.
     attr_reader :nodes
 
     attr_reader :resources
@@ -122,6 +124,8 @@ module SDM
     # grant access to the combined resources associated with a set of child roles.
     # Each user can be a member of one Role or composite role.
     attr_reader :roles
+    # SecretStores are servers where resource secrets (passwords, keys) are stored.
+    attr_reader :secret_stores
     attr_reader :_test_options
   end
 end

data/lib/svc.rb

@@ -24,7 +24,7 @@ Dir[File.join(__dir__, "grpc", "*.rb")].each { |file| require file }
 Dir[File.join(__dir__, "models", "*.rb")].each { |file| require file }
 
 module SDM
-  # AccountAttachments assign an account to a role.
+  # AccountAttachments assign an account to a role or composite role.
   class AccountAttachments
     def initialize(host, insecure, parent)
       begin
@@ -310,10 +310,9 @@ module SDM
     end
   end
 
-  # Accounts are users that have access to strongDM.
-  # There are two types of accounts:
-  # 1. **Regular users:** humans who are authenticated through username and password or SSO
-  # 2. **Service users:** machines that are authneticated using a service token
+  # Accounts are users that have access to strongDM. There are two types of accounts:
+  # 1. **Users:** humans who are authenticated through username and password or SSO.
+  # 2. **Service Accounts:** machines that are authenticated using a service token.
   class Accounts
     def initialize(host, insecure, parent)
       begin
@@ -487,10 +486,54 @@ module SDM
     end
   end
 
-  # Nodes make up the strongDM network, and allow your users to connect securely to your resources.
-  # There are two types of nodes:
-  # 1. **Relay:** creates connectivity to your datasources, while maintaining the egress-only nature of your firewall
-  # 1. **Gateways:** a relay that also listens for connections from strongDM clients
+  # ControlPanel contains all administrative controls.
+  class ControlPanel
+    def initialize(host, insecure, parent)
+      begin
+        if insecure
+          @stub = V1::ControlPanel::Stub.new(host, :this_channel_is_insecure)
+        else
+          cred = GRPC::Core::ChannelCredentials.new()
+          @stub = V1::ControlPanel::Stub.new(host, cred)
+        end
+      rescue => exception
+        raise Plumbing::convert_error_to_porcelain(exception)
+      end
+      @parent = parent
+    end
+
+    # GetSSHCAPublicKey retrieves the SSH CA public key.
+    def get_sshca_public_key(
+      deadline: nil
+    )
+      req = V1::ControlPanelGetSSHCAPublicKeyRequest.new()
+
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.get_sshca_public_key(req, metadata: @parent.get_metadata("ControlPanel.GetSSHCAPublicKey", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = ControlPanelGetSSHCAPublicKeyResponse.new()
+      resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.public_key = (plumbing_response.public_key)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+  end
+
+  # Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:
+  # - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
+  # - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.
   class Nodes
     def initialize(host, insecure, parent)
       begin
@@ -1304,4 +1347,176 @@ module SDM
       resp
     end
   end
+
+  # SecretStores are servers where resource secrets (passwords, keys) are stored.
+  class SecretStores
+    def initialize(host, insecure, parent)
+      begin
+        if insecure
+          @stub = V1::SecretStores::Stub.new(host, :this_channel_is_insecure)
+        else
+          cred = GRPC::Core::ChannelCredentials.new()
+          @stub = V1::SecretStores::Stub.new(host, cred)
+        end
+      rescue => exception
+        raise Plumbing::convert_error_to_porcelain(exception)
+      end
+      @parent = parent
+    end
+
+    def create(
+      secret_store,
+      deadline: nil
+    )
+      req = V1::SecretStoreCreateRequest.new()
+
+      req.secret_store = Plumbing::convert_secret_store_to_plumbing(secret_store)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.create(req, metadata: @parent.get_metadata("SecretStores.Create", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = SecretStoreCreateResponse.new()
+      resp.meta = Plumbing::convert_create_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.secret_store = Plumbing::convert_secret_store_to_porcelain(plumbing_response.secret_store)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # Get reads one SecretStore by ID.
+    def get(
+      id,
+      deadline: nil
+    )
+      req = V1::SecretStoreGetRequest.new()
+
+      req.id = (id)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.get(req, metadata: @parent.get_metadata("SecretStores.Get", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = SecretStoreGetResponse.new()
+      resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.secret_store = Plumbing::convert_secret_store_to_porcelain(plumbing_response.secret_store)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # Update patches a SecretStore by ID.
+    def update(
+      secret_store,
+      deadline: nil
+    )
+      req = V1::SecretStoreUpdateRequest.new()
+
+      req.secret_store = Plumbing::convert_secret_store_to_plumbing(secret_store)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.update(req, metadata: @parent.get_metadata("SecretStores.Update", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = SecretStoreUpdateResponse.new()
+      resp.meta = Plumbing::convert_update_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.secret_store = Plumbing::convert_secret_store_to_porcelain(plumbing_response.secret_store)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # Delete removes a SecretStore by ID.
+    def delete(
+      id,
+      deadline: nil
+    )
+      req = V1::SecretStoreDeleteRequest.new()
+
+      req.id = (id)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.delete(req, metadata: @parent.get_metadata("SecretStores.Delete", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = SecretStoreDeleteResponse.new()
+      resp.meta = Plumbing::convert_delete_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # List gets a list of SecretStores matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      req = V1::SecretStoreListRequest.new()
+      req.meta = V1::ListRequestMetadata.new()
+      page_size_option = @parent._test_options["PageSize"]
+      if page_size_option.is_a? Integer
+        req.meta.limit = page_size_option
+      end
+
+      req.filter = Plumbing::quote_filter_args(filter, *args)
+      resp = Enumerator::Generator.new { |g|
+        tries = 0
+        loop do
+          begin
+            plumbing_response = @stub.list(req, metadata: @parent.get_metadata("SecretStores.List", req), deadline: deadline)
+          rescue => exception
+            if (@parent.shouldRetry(tries, exception))
+              tries + +@parent.jitterSleep(tries)
+              next
+            end
+            raise Plumbing::convert_error_to_porcelain(exception)
+          end
+          tries = 0
+          plumbing_response.secret_stores.each do |plumbing_item|
+            g.yield Plumbing::convert_secret_store_to_porcelain(plumbing_item)
+          end
+          break if plumbing_response.meta.next_cursor == ""
+          req.meta.cursor = plumbing_response.meta.next_cursor
+        end
+      }
+      resp
+    end
+  end
 end

data/lib/version

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "1.0.8"
+  VERSION = "1.0.14"
 end

data/lib/version.rb

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "1.0.8"
+  VERSION = "1.0.14"
 end

data/strongdm.gemspec

@@ -7,7 +7,7 @@ Gem::Specification.new do |s|
   s.platform = Gem::Platform::RUBY
   s.authors = ["strongDM Team"]
   s.email = ["sdk-feedback@strongdm.com"]
-  s.homepage = "http://rubygems.org/gems/strongdm"
+  s.homepage = "https://github.com/strongdm/strongdm-sdk-ruby"
   s.summary = "strongDM SDK for the Ruby programming language."
   s.description = "strongDM Ruby Library for automating interactions with strongDM."
   s.licenses = ["Apache-2.0"]

metadata

@@ -1,73 +1,73 @@
 --- !ruby/object:Gem::Specification
 name: strongdm
 version: !ruby/object:Gem::Version
-  version: 1.0.8
+  version: 1.0.14
 platform: ruby
 authors:
 - strongDM Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-07-23 00:00:00.000000000 Z
+date: 2020-11-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.27.0
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.27.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.27.0
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.27.0
 - !ruby/object:Gem::Dependency
   name: grpc-tools
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.27.0
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.27.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.27.0
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 1.27.0
 - !ruby/object:Gem::Dependency
   name: openssl
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 2.1.2
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: 2.1.2
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 2.1.2
 description: strongDM Ruby Library for automating interactions with strongDM.
@@ -88,6 +88,10 @@ files:
 - doc/SDM/AKS.html
 - doc/SDM/AKSBasicAuth.html
 - doc/SDM/AKSServiceAccount.html
+- doc/SDM/AWSStore.html
+- doc/SDM/AccessRuleCreateResponse.html
+- doc/SDM/AccessRuleDeleteResponse.html
+- doc/SDM/AccessRuleUpdateResponse.html
 - doc/SDM/AccountAttachment.html
 - doc/SDM/AccountAttachmentCreateOptions.html
 - doc/SDM/AccountAttachmentCreateResponse.html
@@ -118,8 +122,9 @@ files:
 - doc/SDM/Client.html
 - doc/SDM/Clustrix.html
 - doc/SDM/Cockroach.html
+- doc/SDM/ControlPanel.html
+- doc/SDM/ControlPanelGetSSHCAPublicKeyResponse.html
 - doc/SDM/CreateResponseMetadata.html
-- doc/SDM/DB2.html
 - doc/SDM/DB2LUW.html
 - doc/SDM/DB2i.html
 - doc/SDM/DeadlineExceededError.html
@@ -189,6 +194,12 @@ files:
 - doc/SDM/SQLServer.html
 - doc/SDM/SSH.html
 - doc/SDM/SSHCert.html
+- doc/SDM/SecretStore.html
+- doc/SDM/SecretStoreCreateResponse.html
+- doc/SDM/SecretStoreDeleteResponse.html
+- doc/SDM/SecretStoreGetResponse.html
+- doc/SDM/SecretStoreUpdateResponse.html
+- doc/SDM/SecretStores.html
 - doc/SDM/Service.html
 - doc/SDM/Snowflake.html
 - doc/SDM/Sybase.html
@@ -196,13 +207,21 @@ files:
 - doc/SDM/Teradata.html
 - doc/SDM/UpdateResponseMetadata.html
 - doc/SDM/User.html
+- doc/SDM/VaultTLSStore.html
+- doc/SDM/VaultTokenStore.html
 - doc/V1.html
+- doc/V1/AccessRules.html
+- doc/V1/AccessRules/Service.html
 - doc/V1/AccountAttachments.html
 - doc/V1/AccountAttachments/Service.html
 - doc/V1/AccountGrants.html
 - doc/V1/AccountGrants/Service.html
 - doc/V1/Accounts.html
 - doc/V1/Accounts/Service.html
+- doc/V1/Audits.html
+- doc/V1/Audits/Service.html
+- doc/V1/ControlPanel.html
+- doc/V1/ControlPanel/Service.html
 - doc/V1/Nodes.html
 - doc/V1/Nodes/Service.html
 - doc/V1/Resources.html
@@ -213,6 +232,10 @@ files:
 - doc/V1/RoleGrants/Service.html
 - doc/V1/Roles.html
 - doc/V1/Roles/Service.html
+- doc/V1/SecretStoreHealths.html
+- doc/V1/SecretStoreHealths/Service.html
+- doc/V1/SecretStores.html
+- doc/V1/SecretStores/Service.html
 - doc/V1/Tags.html
 - doc/created.rid
 - doc/css/fonts.css
@@ -266,19 +289,26 @@ files:
 - doc/lib/version.html
 - doc/strongdm_gemspec.html
 - doc/table_of_contents.html
+- examples/Gemfile
+- examples/listUsers.rb
 - lib/errors/errors.rb
+- lib/grpc/access_rules_pb.rb
+- lib/grpc/access_rules_services_pb.rb
 - lib/grpc/account_attachments_pb.rb
 - lib/grpc/account_attachments_services_pb.rb
 - lib/grpc/account_grants_pb.rb
 - lib/grpc/account_grants_services_pb.rb
 - lib/grpc/accounts_pb.rb
 - lib/grpc/accounts_services_pb.rb
+- lib/grpc/audits_pb.rb
+- lib/grpc/audits_services_pb.rb
+- lib/grpc/control_panel_pb.rb
+- lib/grpc/control_panel_services_pb.rb
 - lib/grpc/drivers_pb.rb
 - lib/grpc/nodes_pb.rb
 - lib/grpc/nodes_services_pb.rb
 - lib/grpc/options_pb.rb
 - lib/grpc/plumbing.rb
-- lib/grpc/protoc-gen-swagger/options/annotations_pb.rb
 - lib/grpc/resources_pb.rb
 - lib/grpc/resources_services_pb.rb
 - lib/grpc/role_attachments_pb.rb
@@ -287,6 +317,10 @@ files:
 - lib/grpc/role_grants_services_pb.rb
 - lib/grpc/roles_pb.rb
 - lib/grpc/roles_services_pb.rb
+- lib/grpc/secret_store_healths_pb.rb
+- lib/grpc/secret_store_healths_services_pb.rb
+- lib/grpc/secret_stores_pb.rb
+- lib/grpc/secret_stores_services_pb.rb
 - lib/grpc/spec_pb.rb
 - lib/grpc/tags_pb.rb
 - lib/models/porcelain.rb
@@ -295,7 +329,7 @@ files:
 - lib/version
 - lib/version.rb
 - strongdm.gemspec
-homepage: http://rubygems.org/gems/strongdm
+homepage: https://github.com/strongdm/strongdm-sdk-ruby
 licenses:
 - Apache-2.0
 metadata: {}
@@ -314,8 +348,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.3.6
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: strongDM SDK for the Ruby programming language.