strongdm 2.5.0 → 2.6.0

data/lib/grpc/remote_identity_groups_pb.rb

@@ -0,0 +1,55 @@
+# Copyright 2020 StrongDM Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: remote_identity_groups.proto
+
+require "google/protobuf"
+
+require "options_pb"
+require "spec_pb"
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("remote_identity_groups.proto", :syntax => :proto3) do
+    add_message "v1.RemoteIdentityGroupGetRequest" do
+      optional :meta, :message, 1, "v1.GetRequestMetadata"
+      optional :id, :string, 2
+    end
+    add_message "v1.RemoteIdentityGroupGetResponse" do
+      optional :meta, :message, 1, "v1.GetResponseMetadata"
+      optional :remote_identity_group, :message, 2, "v1.RemoteIdentityGroup"
+      optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
+    end
+    add_message "v1.RemoteIdentityGroupListRequest" do
+      optional :meta, :message, 1, "v1.ListRequestMetadata"
+      optional :filter, :string, 2
+    end
+    add_message "v1.RemoteIdentityGroupListResponse" do
+      optional :meta, :message, 1, "v1.ListResponseMetadata"
+      repeated :remote_identity_groups, :message, 2, "v1.RemoteIdentityGroup"
+      optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
+    end
+    add_message "v1.RemoteIdentityGroup" do
+      optional :id, :string, 1
+      optional :name, :string, 2
+    end
+  end
+end
+
+module V1
+  RemoteIdentityGroupGetRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RemoteIdentityGroupGetRequest").msgclass
+  RemoteIdentityGroupGetResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RemoteIdentityGroupGetResponse").msgclass
+  RemoteIdentityGroupListRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RemoteIdentityGroupListRequest").msgclass
+  RemoteIdentityGroupListResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RemoteIdentityGroupListResponse").msgclass
+  RemoteIdentityGroup = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RemoteIdentityGroup").msgclass
+end

data/lib/grpc/remote_identity_groups_services_pb.rb

@@ -0,0 +1,58 @@
+# Copyright 2020 StrongDM Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# Source: remote_identity_groups.proto for package 'v1'
+
+require "grpc"
+require "remote_identity_groups_pb"
+
+module V1
+  module RemoteIdentityGroups
+    # A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts.
+    # An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.
+    class Service
+      include GRPC::GenericService
+
+      self.marshal_class_method = :encode
+      self.unmarshal_class_method = :decode
+      self.service_name = "v1.RemoteIdentityGroups"
+
+      # // Create registers a new RemoteIdentityGroup.
+      # rpc Create(RemoteIdentityGroupCreateRequest) returns (RemoteIdentityGroupCreateResponse) {
+      #     option (v1.method_options).method = "post";
+      #     option (v1.method_options).url = "/v1/remote-identity-groups";
+      # }
+      #
+      # Get reads one RemoteIdentityGroup by ID.
+      rpc :Get, V1::RemoteIdentityGroupGetRequest, V1::RemoteIdentityGroupGetResponse
+      # // Update replaces all the fields of a RemoteIdentityGroup by ID.
+      # rpc Update(RemoteIdentityGroupUpdateRequest) returns (RemoteIdentityGroupUpdateResponse) {
+      #     option (v1.method_options).method = "put";
+      #     option (v1.method_options).url = "/v1/remote-identity-groups/{id}";
+      # }
+      #
+      # // Delete removes a RemoteIdentityGroup by ID.
+      # rpc Delete(RemoteIdentityGroupDeleteRequest) returns (RemoteIdentityGroupDeleteResponse) {
+      #     option (v1.method_options).method = "delete";
+      #     option (v1.method_options).url = "/v1/remote-identity-groups/{id}";
+      # }
+      #
+      # List gets a list of RemoteIdentityGroups matching a given set of criteria.
+      rpc :List, V1::RemoteIdentityGroupListRequest, V1::RemoteIdentityGroupListResponse
+    end
+
+    Stub = Service.rpc_stub_class
+  end
+end

data/lib/models/porcelain.rb

@@ -39,6 +39,10 @@ module SDM
     attr_accessor :name
 
     attr_accessor :port
+
+    attr_accessor :remote_identity_group_id
+
+    attr_accessor :remote_identity_healthcheck_username
     # ID of the secret store containing credentials for this resource, if any.
     attr_accessor :secret_store_id
     # Tags is a map of key, value pairs.
@@ -56,6 +60,8 @@ module SDM
       id: nil,
       name: nil,
       port: nil,
+      remote_identity_group_id: nil,
+      remote_identity_healthcheck_username: nil,
       secret_store_id: nil,
       tags: nil
     )
@@ -70,6 +76,8 @@ module SDM
       @id = id == nil ? "" : id
       @name = name == nil ? "" : name
       @port = port == nil ? 0 : port
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @remote_identity_healthcheck_username = remote_identity_healthcheck_username == nil ? "" : remote_identity_healthcheck_username
       @secret_store_id = secret_store_id == nil ? "" : secret_store_id
       @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
     end
@@ -163,6 +171,10 @@ module SDM
     attr_accessor :name
 
     attr_accessor :port
+
+    attr_accessor :remote_identity_group_id
+
+    attr_accessor :remote_identity_healthcheck_username
     # ID of the secret store containing credentials for this resource, if any.
     attr_accessor :secret_store_id
     # Tags is a map of key, value pairs.
@@ -179,6 +191,8 @@ module SDM
       id: nil,
       name: nil,
       port: nil,
+      remote_identity_group_id: nil,
+      remote_identity_healthcheck_username: nil,
       secret_store_id: nil,
       tags: nil,
       token: nil
@@ -191,6 +205,8 @@ module SDM
       @id = id == nil ? "" : id
       @name = name == nil ? "" : name
       @port = port == nil ? 0 : port
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @remote_identity_healthcheck_username = remote_identity_healthcheck_username == nil ? "" : remote_identity_healthcheck_username
       @secret_store_id = secret_store_id == nil ? "" : secret_store_id
       @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
       @token = token == nil ? "" : token
@@ -619,11 +635,11 @@ module SDM
 
   # AccountGrants connect a resource directly to an account, giving the account the permission to connect to that resource.
   class AccountGrant
-    # The id of the attached role of this AccountGrant.
+    # The account id of this AccountGrant.
     attr_accessor :account_id
     # Unique identifier of the AccountGrant.
     attr_accessor :id
-    # The id of the composite role of this AccountGrant.
+    # The resource id of this AccountGrant.
     attr_accessor :resource_id
     # The timestamp when the resource will be granted. Optional. Both start_at
     # and end_at must be defined together, or not defined at all.
@@ -787,6 +803,10 @@ module SDM
 
     attr_accessor :region
 
+    attr_accessor :remote_identity_group_id
+
+    attr_accessor :remote_identity_healthcheck_username
+
     attr_accessor :role_arn
 
     attr_accessor :role_external_id
@@ -809,6 +829,8 @@ module SDM
       id: nil,
       name: nil,
       region: nil,
+      remote_identity_group_id: nil,
+      remote_identity_healthcheck_username: nil,
       role_arn: nil,
       role_external_id: nil,
       secret_access_key: nil,
@@ -826,6 +848,8 @@ module SDM
       @id = id == nil ? "" : id
       @name = name == nil ? "" : name
       @region = region == nil ? "" : region
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @remote_identity_healthcheck_username = remote_identity_healthcheck_username == nil ? "" : remote_identity_healthcheck_username
       @role_arn = role_arn == nil ? "" : role_arn
       @role_external_id = role_external_id == nil ? "" : role_external_id
       @secret_access_key = secret_access_key == nil ? "" : secret_access_key
@@ -2593,6 +2617,10 @@ module SDM
     attr_accessor :id
     # Unique human-readable name of the Resource.
     attr_accessor :name
+
+    attr_accessor :remote_identity_group_id
+
+    attr_accessor :remote_identity_healthcheck_username
     # ID of the secret store containing credentials for this resource, if any.
     attr_accessor :secret_store_id
 
@@ -2609,6 +2637,8 @@ module SDM
       healthy: nil,
       id: nil,
       name: nil,
+      remote_identity_group_id: nil,
+      remote_identity_healthcheck_username: nil,
       secret_store_id: nil,
       service_account_key: nil,
       tags: nil
@@ -2621,6 +2651,8 @@ module SDM
       @healthy = healthy == nil ? false : healthy
       @id = id == nil ? "" : id
       @name = name == nil ? "" : name
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @remote_identity_healthcheck_username = remote_identity_healthcheck_username == nil ? "" : remote_identity_healthcheck_username
       @secret_store_id = secret_store_id == nil ? "" : secret_store_id
       @service_account_key = service_account_key == nil ? "" : service_account_key
       @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
@@ -2988,6 +3020,10 @@ module SDM
     attr_accessor :name
 
     attr_accessor :port
+
+    attr_accessor :remote_identity_group_id
+
+    attr_accessor :remote_identity_healthcheck_username
     # ID of the secret store containing credentials for this resource, if any.
     attr_accessor :secret_store_id
     # Tags is a map of key, value pairs.
@@ -3005,6 +3041,8 @@ module SDM
       id: nil,
       name: nil,
       port: nil,
+      remote_identity_group_id: nil,
+      remote_identity_healthcheck_username: nil,
       secret_store_id: nil,
       tags: nil
     )
@@ -3019,6 +3057,8 @@ module SDM
       @id = id == nil ? "" : id
       @name = name == nil ? "" : name
       @port = port == nil ? 0 : port
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @remote_identity_healthcheck_username = remote_identity_healthcheck_username == nil ? "" : remote_identity_healthcheck_username
       @secret_store_id = secret_store_id == nil ? "" : secret_store_id
       @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
     end
@@ -3112,6 +3152,10 @@ module SDM
     attr_accessor :name
 
     attr_accessor :port
+
+    attr_accessor :remote_identity_group_id
+
+    attr_accessor :remote_identity_healthcheck_username
     # ID of the secret store containing credentials for this resource, if any.
     attr_accessor :secret_store_id
     # Tags is a map of key, value pairs.
@@ -3128,6 +3172,8 @@ module SDM
       id: nil,
       name: nil,
       port: nil,
+      remote_identity_group_id: nil,
+      remote_identity_healthcheck_username: nil,
       secret_store_id: nil,
       tags: nil,
       token: nil
@@ -3140,6 +3186,8 @@ module SDM
       @id = id == nil ? "" : id
       @name = name == nil ? "" : name
       @port = port == nil ? 0 : port
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @remote_identity_healthcheck_username = remote_identity_healthcheck_username == nil ? "" : remote_identity_healthcheck_username
       @secret_store_id = secret_store_id == nil ? "" : secret_store_id
       @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
       @token = token == nil ? "" : token
@@ -4921,6 +4969,200 @@ module SDM
     end
   end
 
+  # RemoteIdentities define the username to be used for a specific account
+  # when connecting to a remote resource using that group.
+  class RemoteIdentity
+    # The account for this remote identity.
+    attr_accessor :account_id
+    # Unique identifier of the RemoteIdentity.
+    attr_accessor :id
+    # The remote identity group.
+    attr_accessor :remote_identity_group_id
+    # The username to be used as the remote identity for this account.
+    attr_accessor :username
+
+    def initialize(
+      account_id: nil,
+      id: nil,
+      remote_identity_group_id: nil,
+      username: nil
+    )
+      @account_id = account_id == nil ? "" : account_id
+      @id = id == nil ? "" : id
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @username = username == nil ? "" : username
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
+  # RemoteIdentityCreateResponse reports how the RemoteIdentities were created in the system.
+  class RemoteIdentityCreateResponse
+    # Reserved for future use.
+    attr_accessor :meta
+    # Rate limit information.
+    attr_accessor :rate_limit
+    # The created RemoteIdentity.
+    attr_accessor :remote_identity
+
+    def initialize(
+      meta: nil,
+      rate_limit: nil,
+      remote_identity: nil
+    )
+      @meta = meta == nil ? nil : meta
+      @rate_limit = rate_limit == nil ? nil : rate_limit
+      @remote_identity = remote_identity == nil ? nil : remote_identity
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
+  # RemoteIdentityDeleteResponse returns information about a RemoteIdentity that was deleted.
+  class RemoteIdentityDeleteResponse
+    # Reserved for future use.
+    attr_accessor :meta
+    # Rate limit information.
+    attr_accessor :rate_limit
+
+    def initialize(
+      meta: nil,
+      rate_limit: nil
+    )
+      @meta = meta == nil ? nil : meta
+      @rate_limit = rate_limit == nil ? nil : rate_limit
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
+  # RemoteIdentityGetResponse returns a requested RemoteIdentity.
+  class RemoteIdentityGetResponse
+    # Reserved for future use.
+    attr_accessor :meta
+    # Rate limit information.
+    attr_accessor :rate_limit
+    # The requested RemoteIdentity.
+    attr_accessor :remote_identity
+
+    def initialize(
+      meta: nil,
+      rate_limit: nil,
+      remote_identity: nil
+    )
+      @meta = meta == nil ? nil : meta
+      @rate_limit = rate_limit == nil ? nil : rate_limit
+      @remote_identity = remote_identity == nil ? nil : remote_identity
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
+  # A RemoteIdentityGroup defines a group of remote identities.
+  class RemoteIdentityGroup
+    # Unique identifier of the RemoteIdentityGroup.
+    attr_accessor :id
+    # Unique human-readable name of the RemoteIdentityGroup.
+    attr_accessor :name
+
+    def initialize(
+      id: nil,
+      name: nil
+    )
+      @id = id == nil ? "" : id
+      @name = name == nil ? "" : name
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
+  # RemoteIdentityGroupGetResponse returns a requested RemoteIdentityGroup.
+  class RemoteIdentityGroupGetResponse
+    # Reserved for future use.
+    attr_accessor :meta
+    # Rate limit information.
+    attr_accessor :rate_limit
+    # The requested RemoteIdentityGroup.
+    attr_accessor :remote_identity_group
+
+    def initialize(
+      meta: nil,
+      rate_limit: nil,
+      remote_identity_group: nil
+    )
+      @meta = meta == nil ? nil : meta
+      @rate_limit = rate_limit == nil ? nil : rate_limit
+      @remote_identity_group = remote_identity_group == nil ? nil : remote_identity_group
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
+  # RemoteIdentityUpdateResponse returns the fields of a RemoteIdentity after it has been updated by
+  # a RemoteIdentityUpdateRequest.
+  class RemoteIdentityUpdateResponse
+    # Reserved for future use.
+    attr_accessor :meta
+    # Rate limit information.
+    attr_accessor :rate_limit
+    # The updated RemoteIdentity.
+    attr_accessor :remote_identity
+
+    def initialize(
+      meta: nil,
+      rate_limit: nil,
+      remote_identity: nil
+    )
+      @meta = meta == nil ? nil : meta
+      @rate_limit = rate_limit == nil ? nil : rate_limit
+      @remote_identity = remote_identity == nil ? nil : remote_identity
+    end
+
+    def to_json(options = {})
+      hash = {}
+      self.instance_variables.each do |var|
+        hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
+      end
+      hash.to_json
+    end
+  end
+
   # ResourceCreateResponse reports how the Resources were created in the system.
   class ResourceCreateResponse
     # Reserved for future use.
@@ -5578,6 +5820,10 @@ module SDM
     attr_accessor :port_forwarding
 
     attr_accessor :port_override
+
+    attr_accessor :remote_identity_group_id
+
+    attr_accessor :remote_identity_healthcheck_username
     # ID of the secret store containing credentials for this resource, if any.
     attr_accessor :secret_store_id
     # Tags is a map of key, value pairs.
@@ -5596,6 +5842,8 @@ module SDM
       port: nil,
       port_forwarding: nil,
       port_override: nil,
+      remote_identity_group_id: nil,
+      remote_identity_healthcheck_username: nil,
       secret_store_id: nil,
       tags: nil,
       username: nil
@@ -5610,6 +5858,8 @@ module SDM
       @port = port == nil ? 0 : port
       @port_forwarding = port_forwarding == nil ? false : port_forwarding
       @port_override = port_override == nil ? 0 : port_override
+      @remote_identity_group_id = remote_identity_group_id == nil ? "" : remote_identity_group_id
+      @remote_identity_healthcheck_username = remote_identity_healthcheck_username == nil ? "" : remote_identity_healthcheck_username
       @secret_store_id = secret_store_id == nil ? "" : secret_store_id
       @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
       @username = username == nil ? "" : username

data/lib/strongdm.rb

@@ -28,7 +28,7 @@ module SDM #:nodoc:
     DEFAULT_BASE_RETRY_DELAY = 0.0030 # 30 ms
     DEFAULT_MAX_RETRY_DELAY = 300 # 300 seconds
     API_VERSION = "2021-08-23"
-    USER_AGENT = "strongdm-sdk-ruby/2.5.0"
+    USER_AGENT = "strongdm-sdk-ruby/2.6.0"
     private_constant :DEFAULT_MAX_RETRIES, :DEFAULT_BASE_RETRY_DELAY, :DEFAULT_MAX_RETRY_DELAY, :API_VERSION, :USER_AGENT
 
     # Creates a new strongDM API client.
@@ -47,6 +47,8 @@ module SDM #:nodoc:
       @accounts = Accounts.new(host, insecure, self)
       @control_panel = ControlPanel.new(host, insecure, self)
       @nodes = Nodes.new(host, insecure, self)
+      @remote_identities = RemoteIdentities.new(host, insecure, self)
+      @remote_identity_groups = RemoteIdentityGroups.new(host, insecure, self)
       @resources = Resources.new(host, insecure, self)
       @role_attachments = RoleAttachments.new(host, insecure, self)
       @role_grants = RoleGrants.new(host, insecure, self)
@@ -140,6 +142,15 @@ module SDM #:nodoc:
     #
     # See {Nodes}.
     attr_reader :nodes
+    # RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.
+    #
+    # See {RemoteIdentities}.
+    attr_reader :remote_identities
+    # A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts.
+    # An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.
+    #
+    # See {RemoteIdentityGroups}.
+    attr_reader :remote_identity_groups
     # Resources are databases, servers, clusters, websites, or clouds that strongDM
     # delegates access to.
     #