strongdm 2.6.4 → 3.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.git/ORIG_HEAD +1 -1
- data/.git/index +0 -0
- data/.git/logs/HEAD +3 -3
- data/.git/logs/refs/heads/master +2 -2
- data/.git/logs/refs/remotes/origin/HEAD +1 -1
- data/.git/objects/pack/{pack-9605cb63890b5fed001c49e509929945ac427bf0.idx → pack-cff8d23303f23ddc9aaecebd2f8583a0433ef442.idx} +0 -0
- data/.git/objects/pack/{pack-9605cb63890b5fed001c49e509929945ac427bf0.pack → pack-cff8d23303f23ddc9aaecebd2f8583a0433ef442.pack} +0 -0
- data/.git/packed-refs +5 -2
- data/.git/refs/heads/master +1 -1
- data/.yardopts +1 -0
- data/README.md +13 -10
- data/lib/grpc/drivers_pb.rb +41 -0
- data/lib/grpc/options_pb.rb +1 -0
- data/lib/grpc/plumbing.rb +283 -305
- data/lib/grpc/roles_pb.rb +0 -1
- data/lib/grpc/secret_store_types_pb.rb +25 -0
- data/lib/models/porcelain.rb +272 -245
- data/lib/strongdm.rb +5 -21
- data/lib/svc.rb +5 -330
- data/lib/version +1 -1
- data/lib/version.rb +1 -1
- metadata +4 -8
- data/lib/grpc/role_attachments_pb.rb +0 -77
- data/lib/grpc/role_attachments_services_pb.rb +0 -56
- data/lib/grpc/role_grants_pb.rb +0 -77
- data/lib/grpc/role_grants_services_pb.rb +0 -56
data/lib/strongdm.rb
CHANGED
@@ -28,7 +28,7 @@ module SDM #:nodoc:
|
|
28
28
|
DEFAULT_BASE_RETRY_DELAY = 0.0030 # 30 ms
|
29
29
|
DEFAULT_MAX_RETRY_DELAY = 300 # 300 seconds
|
30
30
|
API_VERSION = "2021-08-23"
|
31
|
-
USER_AGENT = "strongdm-sdk-ruby/2.
|
31
|
+
USER_AGENT = "strongdm-sdk-ruby/3.2.1"
|
32
32
|
private_constant :DEFAULT_MAX_RETRIES, :DEFAULT_BASE_RETRY_DELAY, :DEFAULT_MAX_RETRY_DELAY, :API_VERSION, :USER_AGENT
|
33
33
|
|
34
34
|
# Creates a new strongDM API client.
|
@@ -50,13 +50,12 @@ module SDM #:nodoc:
|
|
50
50
|
@remote_identities = RemoteIdentities.new(host, insecure, self)
|
51
51
|
@remote_identity_groups = RemoteIdentityGroups.new(host, insecure, self)
|
52
52
|
@resources = Resources.new(host, insecure, self)
|
53
|
-
@role_attachments = RoleAttachments.new(host, insecure, self)
|
54
|
-
@role_grants = RoleGrants.new(host, insecure, self)
|
55
53
|
@roles = Roles.new(host, insecure, self)
|
56
54
|
@secret_stores = SecretStores.new(host, insecure, self)
|
57
55
|
@_test_options = Hash.new
|
58
56
|
end
|
59
57
|
|
58
|
+
# @private
|
60
59
|
def get_metadata(method_name, req)
|
61
60
|
return {
|
62
61
|
'x-sdm-authentication': @api_access_key,
|
@@ -82,6 +81,7 @@ module SDM #:nodoc:
|
|
82
81
|
return Base64.strict_encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, signing_key, request_hash))
|
83
82
|
end
|
84
83
|
|
84
|
+
# @private
|
85
85
|
def jitterSleep(iter)
|
86
86
|
dur_max = @base_retry_delay * 2 ** iter
|
87
87
|
if (dur_max > @max_retry_delay)
|
@@ -91,6 +91,7 @@ module SDM #:nodoc:
|
|
91
91
|
sleep(dur)
|
92
92
|
end
|
93
93
|
|
94
|
+
# @private
|
94
95
|
def shouldRetry(iter, err)
|
95
96
|
if (iter >= @max_retries - 1)
|
96
97
|
return false
|
@@ -156,24 +157,6 @@ module SDM #:nodoc:
|
|
156
157
|
#
|
157
158
|
# See {Resources}.
|
158
159
|
attr_reader :resources
|
159
|
-
# RoleAttachments represent relationships between composite roles and the roles
|
160
|
-
# that make up those composite roles. When a composite role is attached to another
|
161
|
-
# role, the permissions granted to members of the composite role are augmented to
|
162
|
-
# include the permissions granted to members of the attached role.
|
163
|
-
#
|
164
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
165
|
-
#
|
166
|
-
# See {RoleAttachments}.
|
167
|
-
attr_reader :role_attachments
|
168
|
-
# RoleGrants represent relationships between composite roles and the roles
|
169
|
-
# that make up those composite roles. When a composite role is attached to another
|
170
|
-
# role, the permissions granted to members of the composite role are augmented to
|
171
|
-
# include the permissions granted to members of the attached role.
|
172
|
-
#
|
173
|
-
# Deprecated: use Role access rules instead.
|
174
|
-
#
|
175
|
-
# See {RoleGrants}.
|
176
|
-
attr_reader :role_grants
|
177
160
|
# A Role has a list of access rules which determine which Resources the members
|
178
161
|
# of the Role have access to. An Account can be a member of multiple Roles via
|
179
162
|
# AccountAttachments.
|
@@ -184,6 +167,7 @@ module SDM #:nodoc:
|
|
184
167
|
#
|
185
168
|
# See {SecretStores}.
|
186
169
|
attr_reader :secret_stores
|
170
|
+
# @private
|
187
171
|
attr_reader :_test_options
|
188
172
|
end
|
189
173
|
end
|
data/lib/svc.rb
CHANGED
@@ -1042,6 +1042,8 @@ module SDM #:nodoc:
|
|
1042
1042
|
# {AuroraMysql}
|
1043
1043
|
# {AuroraPostgres}
|
1044
1044
|
# {AWS}
|
1045
|
+
# {AWSConsole}
|
1046
|
+
# {AWSConsoleStaticKeyPair}
|
1045
1047
|
# {Azure}
|
1046
1048
|
# {AzureCertificate}
|
1047
1049
|
# {AzurePostgres}
|
@@ -1311,336 +1313,6 @@ module SDM #:nodoc:
|
|
1311
1313
|
end
|
1312
1314
|
end
|
1313
1315
|
|
1314
|
-
# RoleAttachments represent relationships between composite roles and the roles
|
1315
|
-
# that make up those composite roles. When a composite role is attached to another
|
1316
|
-
# role, the permissions granted to members of the composite role are augmented to
|
1317
|
-
# include the permissions granted to members of the attached role.
|
1318
|
-
#
|
1319
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
1320
|
-
#
|
1321
|
-
# See {RoleAttachment}.
|
1322
|
-
class RoleAttachments
|
1323
|
-
extend Gem::Deprecate
|
1324
|
-
|
1325
|
-
def initialize(host, insecure, parent)
|
1326
|
-
begin
|
1327
|
-
if insecure
|
1328
|
-
@stub = V1::RoleAttachments::Stub.new(host, :this_channel_is_insecure)
|
1329
|
-
else
|
1330
|
-
cred = GRPC::Core::ChannelCredentials.new()
|
1331
|
-
@stub = V1::RoleAttachments::Stub.new(host, cred)
|
1332
|
-
end
|
1333
|
-
rescue => exception
|
1334
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1335
|
-
end
|
1336
|
-
@parent = parent
|
1337
|
-
end
|
1338
|
-
|
1339
|
-
# Create registers a new RoleAttachment.
|
1340
|
-
#
|
1341
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
1342
|
-
def create(
|
1343
|
-
role_attachment,
|
1344
|
-
deadline: nil
|
1345
|
-
)
|
1346
|
-
req = V1::RoleAttachmentCreateRequest.new()
|
1347
|
-
|
1348
|
-
req.role_attachment = Plumbing::convert_role_attachment_to_plumbing(role_attachment)
|
1349
|
-
tries = 0
|
1350
|
-
plumbing_response = nil
|
1351
|
-
loop do
|
1352
|
-
begin
|
1353
|
-
plumbing_response = @stub.create(req, metadata: @parent.get_metadata("RoleAttachments.Create", req), deadline: deadline)
|
1354
|
-
rescue => exception
|
1355
|
-
if (@parent.shouldRetry(tries, exception))
|
1356
|
-
tries + +@parent.jitterSleep(tries)
|
1357
|
-
next
|
1358
|
-
end
|
1359
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1360
|
-
end
|
1361
|
-
break
|
1362
|
-
end
|
1363
|
-
|
1364
|
-
resp = RoleAttachmentCreateResponse.new()
|
1365
|
-
resp.meta = Plumbing::convert_create_response_metadata_to_porcelain(plumbing_response.meta)
|
1366
|
-
resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
|
1367
|
-
resp.role_attachment = Plumbing::convert_role_attachment_to_porcelain(plumbing_response.role_attachment)
|
1368
|
-
resp
|
1369
|
-
end
|
1370
|
-
|
1371
|
-
deprecate :create, :none, 2022, 6
|
1372
|
-
# Get reads one RoleAttachment by ID.
|
1373
|
-
#
|
1374
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
1375
|
-
def get(
|
1376
|
-
id,
|
1377
|
-
deadline: nil
|
1378
|
-
)
|
1379
|
-
req = V1::RoleAttachmentGetRequest.new()
|
1380
|
-
|
1381
|
-
req.id = (id)
|
1382
|
-
tries = 0
|
1383
|
-
plumbing_response = nil
|
1384
|
-
loop do
|
1385
|
-
begin
|
1386
|
-
plumbing_response = @stub.get(req, metadata: @parent.get_metadata("RoleAttachments.Get", req), deadline: deadline)
|
1387
|
-
rescue => exception
|
1388
|
-
if (@parent.shouldRetry(tries, exception))
|
1389
|
-
tries + +@parent.jitterSleep(tries)
|
1390
|
-
next
|
1391
|
-
end
|
1392
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1393
|
-
end
|
1394
|
-
break
|
1395
|
-
end
|
1396
|
-
|
1397
|
-
resp = RoleAttachmentGetResponse.new()
|
1398
|
-
resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
|
1399
|
-
resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
|
1400
|
-
resp.role_attachment = Plumbing::convert_role_attachment_to_porcelain(plumbing_response.role_attachment)
|
1401
|
-
resp
|
1402
|
-
end
|
1403
|
-
|
1404
|
-
deprecate :get, :none, 2022, 6
|
1405
|
-
# Delete removes a RoleAttachment by ID.
|
1406
|
-
#
|
1407
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
1408
|
-
def delete(
|
1409
|
-
id,
|
1410
|
-
deadline: nil
|
1411
|
-
)
|
1412
|
-
req = V1::RoleAttachmentDeleteRequest.new()
|
1413
|
-
|
1414
|
-
req.id = (id)
|
1415
|
-
tries = 0
|
1416
|
-
plumbing_response = nil
|
1417
|
-
loop do
|
1418
|
-
begin
|
1419
|
-
plumbing_response = @stub.delete(req, metadata: @parent.get_metadata("RoleAttachments.Delete", req), deadline: deadline)
|
1420
|
-
rescue => exception
|
1421
|
-
if (@parent.shouldRetry(tries, exception))
|
1422
|
-
tries + +@parent.jitterSleep(tries)
|
1423
|
-
next
|
1424
|
-
end
|
1425
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1426
|
-
end
|
1427
|
-
break
|
1428
|
-
end
|
1429
|
-
|
1430
|
-
resp = RoleAttachmentDeleteResponse.new()
|
1431
|
-
resp.meta = Plumbing::convert_delete_response_metadata_to_porcelain(plumbing_response.meta)
|
1432
|
-
resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
|
1433
|
-
resp
|
1434
|
-
end
|
1435
|
-
|
1436
|
-
deprecate :delete, :none, 2022, 6
|
1437
|
-
# List gets a list of RoleAttachments matching a given set of criteria.
|
1438
|
-
#
|
1439
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
1440
|
-
def list(
|
1441
|
-
filter,
|
1442
|
-
*args,
|
1443
|
-
deadline: nil
|
1444
|
-
)
|
1445
|
-
req = V1::RoleAttachmentListRequest.new()
|
1446
|
-
req.meta = V1::ListRequestMetadata.new()
|
1447
|
-
page_size_option = @parent._test_options["PageSize"]
|
1448
|
-
if page_size_option.is_a? Integer
|
1449
|
-
req.meta.limit = page_size_option
|
1450
|
-
end
|
1451
|
-
|
1452
|
-
req.filter = Plumbing::quote_filter_args(filter, *args)
|
1453
|
-
resp = Enumerator::Generator.new { |g|
|
1454
|
-
tries = 0
|
1455
|
-
loop do
|
1456
|
-
begin
|
1457
|
-
plumbing_response = @stub.list(req, metadata: @parent.get_metadata("RoleAttachments.List", req), deadline: deadline)
|
1458
|
-
rescue => exception
|
1459
|
-
if (@parent.shouldRetry(tries, exception))
|
1460
|
-
tries + +@parent.jitterSleep(tries)
|
1461
|
-
next
|
1462
|
-
end
|
1463
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1464
|
-
end
|
1465
|
-
tries = 0
|
1466
|
-
plumbing_response.role_attachments.each do |plumbing_item|
|
1467
|
-
g.yield Plumbing::convert_role_attachment_to_porcelain(plumbing_item)
|
1468
|
-
end
|
1469
|
-
break if plumbing_response.meta.next_cursor == ""
|
1470
|
-
req.meta.cursor = plumbing_response.meta.next_cursor
|
1471
|
-
end
|
1472
|
-
}
|
1473
|
-
resp
|
1474
|
-
end
|
1475
|
-
|
1476
|
-
deprecate :list, :none, 2022, 6
|
1477
|
-
end
|
1478
|
-
|
1479
|
-
# RoleGrants represent relationships between composite roles and the roles
|
1480
|
-
# that make up those composite roles. When a composite role is attached to another
|
1481
|
-
# role, the permissions granted to members of the composite role are augmented to
|
1482
|
-
# include the permissions granted to members of the attached role.
|
1483
|
-
#
|
1484
|
-
# Deprecated: use Role access rules instead.
|
1485
|
-
#
|
1486
|
-
# See {RoleGrant}.
|
1487
|
-
class RoleGrants
|
1488
|
-
extend Gem::Deprecate
|
1489
|
-
|
1490
|
-
def initialize(host, insecure, parent)
|
1491
|
-
begin
|
1492
|
-
if insecure
|
1493
|
-
@stub = V1::RoleGrants::Stub.new(host, :this_channel_is_insecure)
|
1494
|
-
else
|
1495
|
-
cred = GRPC::Core::ChannelCredentials.new()
|
1496
|
-
@stub = V1::RoleGrants::Stub.new(host, cred)
|
1497
|
-
end
|
1498
|
-
rescue => exception
|
1499
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1500
|
-
end
|
1501
|
-
@parent = parent
|
1502
|
-
end
|
1503
|
-
|
1504
|
-
# Create registers a new RoleGrant.
|
1505
|
-
#
|
1506
|
-
# Deprecated: use Role access rules instead.
|
1507
|
-
def create(
|
1508
|
-
role_grant,
|
1509
|
-
deadline: nil
|
1510
|
-
)
|
1511
|
-
req = V1::RoleGrantCreateRequest.new()
|
1512
|
-
|
1513
|
-
req.role_grant = Plumbing::convert_role_grant_to_plumbing(role_grant)
|
1514
|
-
tries = 0
|
1515
|
-
plumbing_response = nil
|
1516
|
-
loop do
|
1517
|
-
begin
|
1518
|
-
plumbing_response = @stub.create(req, metadata: @parent.get_metadata("RoleGrants.Create", req), deadline: deadline)
|
1519
|
-
rescue => exception
|
1520
|
-
if (@parent.shouldRetry(tries, exception))
|
1521
|
-
tries + +@parent.jitterSleep(tries)
|
1522
|
-
next
|
1523
|
-
end
|
1524
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1525
|
-
end
|
1526
|
-
break
|
1527
|
-
end
|
1528
|
-
|
1529
|
-
resp = RoleGrantCreateResponse.new()
|
1530
|
-
resp.meta = Plumbing::convert_create_response_metadata_to_porcelain(plumbing_response.meta)
|
1531
|
-
resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
|
1532
|
-
resp.role_grant = Plumbing::convert_role_grant_to_porcelain(plumbing_response.role_grant)
|
1533
|
-
resp
|
1534
|
-
end
|
1535
|
-
|
1536
|
-
deprecate :create, :none, 2022, 6
|
1537
|
-
# Get reads one RoleGrant by ID.
|
1538
|
-
#
|
1539
|
-
# Deprecated: use Role access rules instead.
|
1540
|
-
def get(
|
1541
|
-
id,
|
1542
|
-
deadline: nil
|
1543
|
-
)
|
1544
|
-
req = V1::RoleGrantGetRequest.new()
|
1545
|
-
|
1546
|
-
req.id = (id)
|
1547
|
-
tries = 0
|
1548
|
-
plumbing_response = nil
|
1549
|
-
loop do
|
1550
|
-
begin
|
1551
|
-
plumbing_response = @stub.get(req, metadata: @parent.get_metadata("RoleGrants.Get", req), deadline: deadline)
|
1552
|
-
rescue => exception
|
1553
|
-
if (@parent.shouldRetry(tries, exception))
|
1554
|
-
tries + +@parent.jitterSleep(tries)
|
1555
|
-
next
|
1556
|
-
end
|
1557
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1558
|
-
end
|
1559
|
-
break
|
1560
|
-
end
|
1561
|
-
|
1562
|
-
resp = RoleGrantGetResponse.new()
|
1563
|
-
resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
|
1564
|
-
resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
|
1565
|
-
resp.role_grant = Plumbing::convert_role_grant_to_porcelain(plumbing_response.role_grant)
|
1566
|
-
resp
|
1567
|
-
end
|
1568
|
-
|
1569
|
-
deprecate :get, :none, 2022, 6
|
1570
|
-
# Delete removes a RoleGrant by ID.
|
1571
|
-
#
|
1572
|
-
# Deprecated: use Role access rules instead.
|
1573
|
-
def delete(
|
1574
|
-
id,
|
1575
|
-
deadline: nil
|
1576
|
-
)
|
1577
|
-
req = V1::RoleGrantDeleteRequest.new()
|
1578
|
-
|
1579
|
-
req.id = (id)
|
1580
|
-
tries = 0
|
1581
|
-
plumbing_response = nil
|
1582
|
-
loop do
|
1583
|
-
begin
|
1584
|
-
plumbing_response = @stub.delete(req, metadata: @parent.get_metadata("RoleGrants.Delete", req), deadline: deadline)
|
1585
|
-
rescue => exception
|
1586
|
-
if (@parent.shouldRetry(tries, exception))
|
1587
|
-
tries + +@parent.jitterSleep(tries)
|
1588
|
-
next
|
1589
|
-
end
|
1590
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1591
|
-
end
|
1592
|
-
break
|
1593
|
-
end
|
1594
|
-
|
1595
|
-
resp = RoleGrantDeleteResponse.new()
|
1596
|
-
resp.meta = Plumbing::convert_delete_response_metadata_to_porcelain(plumbing_response.meta)
|
1597
|
-
resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
|
1598
|
-
resp
|
1599
|
-
end
|
1600
|
-
|
1601
|
-
deprecate :delete, :none, 2022, 6
|
1602
|
-
# List gets a list of RoleGrants matching a given set of criteria.
|
1603
|
-
#
|
1604
|
-
# Deprecated: use Role access rules instead.
|
1605
|
-
def list(
|
1606
|
-
filter,
|
1607
|
-
*args,
|
1608
|
-
deadline: nil
|
1609
|
-
)
|
1610
|
-
req = V1::RoleGrantListRequest.new()
|
1611
|
-
req.meta = V1::ListRequestMetadata.new()
|
1612
|
-
page_size_option = @parent._test_options["PageSize"]
|
1613
|
-
if page_size_option.is_a? Integer
|
1614
|
-
req.meta.limit = page_size_option
|
1615
|
-
end
|
1616
|
-
|
1617
|
-
req.filter = Plumbing::quote_filter_args(filter, *args)
|
1618
|
-
resp = Enumerator::Generator.new { |g|
|
1619
|
-
tries = 0
|
1620
|
-
loop do
|
1621
|
-
begin
|
1622
|
-
plumbing_response = @stub.list(req, metadata: @parent.get_metadata("RoleGrants.List", req), deadline: deadline)
|
1623
|
-
rescue => exception
|
1624
|
-
if (@parent.shouldRetry(tries, exception))
|
1625
|
-
tries + +@parent.jitterSleep(tries)
|
1626
|
-
next
|
1627
|
-
end
|
1628
|
-
raise Plumbing::convert_error_to_porcelain(exception)
|
1629
|
-
end
|
1630
|
-
tries = 0
|
1631
|
-
plumbing_response.role_grants.each do |plumbing_item|
|
1632
|
-
g.yield Plumbing::convert_role_grant_to_porcelain(plumbing_item)
|
1633
|
-
end
|
1634
|
-
break if plumbing_response.meta.next_cursor == ""
|
1635
|
-
req.meta.cursor = plumbing_response.meta.next_cursor
|
1636
|
-
end
|
1637
|
-
}
|
1638
|
-
resp
|
1639
|
-
end
|
1640
|
-
|
1641
|
-
deprecate :list, :none, 2022, 6
|
1642
|
-
end
|
1643
|
-
|
1644
1316
|
# A Role has a list of access rules which determine which Resources the members
|
1645
1317
|
# of the Role have access to. An Account can be a member of multiple Roles via
|
1646
1318
|
# AccountAttachments.
|
@@ -1825,6 +1497,9 @@ module SDM #:nodoc:
|
|
1825
1497
|
# See:
|
1826
1498
|
# {AWSStore}
|
1827
1499
|
# {AzureStore}
|
1500
|
+
# {CyberarkConjurStore}
|
1501
|
+
# {CyberarkPAMExperimentalStore}
|
1502
|
+
# {DelineaStore}
|
1828
1503
|
# {GCPStore}
|
1829
1504
|
# {VaultAppRoleStore}
|
1830
1505
|
# {VaultTLSStore}
|
data/lib/version
CHANGED
data/lib/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: strongdm
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 3.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- strongDM Team
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-08-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: grpc
|
@@ -79,8 +79,8 @@ files:
|
|
79
79
|
- "./.git/logs/HEAD"
|
80
80
|
- "./.git/logs/refs/heads/master"
|
81
81
|
- "./.git/logs/refs/remotes/origin/HEAD"
|
82
|
-
- "./.git/objects/pack/pack-
|
83
|
-
- "./.git/objects/pack/pack-
|
82
|
+
- "./.git/objects/pack/pack-cff8d23303f23ddc9aaecebd2f8583a0433ef442.idx"
|
83
|
+
- "./.git/objects/pack/pack-cff8d23303f23ddc9aaecebd2f8583a0433ef442.pack"
|
84
84
|
- "./.git/packed-refs"
|
85
85
|
- "./.git/refs/heads/master"
|
86
86
|
- "./.git/refs/remotes/origin/HEAD"
|
@@ -107,10 +107,6 @@ files:
|
|
107
107
|
- "./lib/grpc/remote_identity_groups_services_pb.rb"
|
108
108
|
- "./lib/grpc/resources_pb.rb"
|
109
109
|
- "./lib/grpc/resources_services_pb.rb"
|
110
|
-
- "./lib/grpc/role_attachments_pb.rb"
|
111
|
-
- "./lib/grpc/role_attachments_services_pb.rb"
|
112
|
-
- "./lib/grpc/role_grants_pb.rb"
|
113
|
-
- "./lib/grpc/role_grants_services_pb.rb"
|
114
110
|
- "./lib/grpc/roles_pb.rb"
|
115
111
|
- "./lib/grpc/roles_services_pb.rb"
|
116
112
|
- "./lib/grpc/secret_store_types_pb.rb"
|
@@ -1,77 +0,0 @@
|
|
1
|
-
# Copyright 2020 StrongDM Inc
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
-
# you may not use this file except in compliance with the License.
|
5
|
-
# You may obtain a copy of the License at
|
6
|
-
#
|
7
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
-
#
|
9
|
-
# Unless required by applicable law or agreed to in writing, software
|
10
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
-
# See the License for the specific language governing permissions and
|
13
|
-
# limitations under the License.
|
14
|
-
#
|
15
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
16
|
-
# source: role_attachments.proto
|
17
|
-
|
18
|
-
require "google/protobuf"
|
19
|
-
|
20
|
-
require "options_pb"
|
21
|
-
require "spec_pb"
|
22
|
-
Google::Protobuf::DescriptorPool.generated_pool.build do
|
23
|
-
add_file("role_attachments.proto", :syntax => :proto3) do
|
24
|
-
add_message "v1.RoleAttachmentCreateRequest" do
|
25
|
-
optional :meta, :message, 1, "v1.CreateRequestMetadata"
|
26
|
-
optional :role_attachment, :message, 2, "v1.RoleAttachment"
|
27
|
-
end
|
28
|
-
add_message "v1.RoleAttachmentCreateResponse" do
|
29
|
-
optional :meta, :message, 1, "v1.CreateResponseMetadata"
|
30
|
-
optional :role_attachment, :message, 2, "v1.RoleAttachment"
|
31
|
-
optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
|
32
|
-
end
|
33
|
-
add_message "v1.RoleAttachmentGetRequest" do
|
34
|
-
optional :meta, :message, 1, "v1.GetRequestMetadata"
|
35
|
-
optional :id, :string, 2
|
36
|
-
end
|
37
|
-
add_message "v1.RoleAttachmentGetResponse" do
|
38
|
-
optional :meta, :message, 1, "v1.GetResponseMetadata"
|
39
|
-
optional :role_attachment, :message, 2, "v1.RoleAttachment"
|
40
|
-
optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
|
41
|
-
end
|
42
|
-
add_message "v1.RoleAttachmentDeleteRequest" do
|
43
|
-
optional :meta, :message, 1, "v1.DeleteRequestMetadata"
|
44
|
-
optional :id, :string, 2
|
45
|
-
end
|
46
|
-
add_message "v1.RoleAttachmentDeleteResponse" do
|
47
|
-
optional :meta, :message, 1, "v1.DeleteResponseMetadata"
|
48
|
-
optional :rate_limit, :message, 2, "v1.RateLimitMetadata"
|
49
|
-
end
|
50
|
-
add_message "v1.RoleAttachmentListRequest" do
|
51
|
-
optional :meta, :message, 1, "v1.ListRequestMetadata"
|
52
|
-
optional :filter, :string, 2
|
53
|
-
end
|
54
|
-
add_message "v1.RoleAttachmentListResponse" do
|
55
|
-
optional :meta, :message, 1, "v1.ListResponseMetadata"
|
56
|
-
repeated :role_attachments, :message, 2, "v1.RoleAttachment"
|
57
|
-
optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
|
58
|
-
end
|
59
|
-
add_message "v1.RoleAttachment" do
|
60
|
-
optional :id, :string, 1
|
61
|
-
optional :composite_role_id, :string, 2
|
62
|
-
optional :attached_role_id, :string, 3
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
67
|
-
module V1
|
68
|
-
RoleAttachmentCreateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachmentCreateRequest").msgclass
|
69
|
-
RoleAttachmentCreateResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachmentCreateResponse").msgclass
|
70
|
-
RoleAttachmentGetRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachmentGetRequest").msgclass
|
71
|
-
RoleAttachmentGetResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachmentGetResponse").msgclass
|
72
|
-
RoleAttachmentDeleteRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachmentDeleteRequest").msgclass
|
73
|
-
RoleAttachmentDeleteResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachmentDeleteResponse").msgclass
|
74
|
-
RoleAttachmentListRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachmentListRequest").msgclass
|
75
|
-
RoleAttachmentListResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachmentListResponse").msgclass
|
76
|
-
RoleAttachment = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleAttachment").msgclass
|
77
|
-
end
|
@@ -1,56 +0,0 @@
|
|
1
|
-
# Copyright 2020 StrongDM Inc
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
-
# you may not use this file except in compliance with the License.
|
5
|
-
# You may obtain a copy of the License at
|
6
|
-
#
|
7
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
-
#
|
9
|
-
# Unless required by applicable law or agreed to in writing, software
|
10
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
-
# See the License for the specific language governing permissions and
|
13
|
-
# limitations under the License.
|
14
|
-
#
|
15
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
16
|
-
# Source: role_attachments.proto for package 'v1'
|
17
|
-
|
18
|
-
require "grpc"
|
19
|
-
require "role_attachments_pb"
|
20
|
-
|
21
|
-
module V1
|
22
|
-
module RoleAttachments
|
23
|
-
# RoleAttachments represent relationships between composite roles and the roles
|
24
|
-
# that make up those composite roles. When a composite role is attached to another
|
25
|
-
# role, the permissions granted to members of the composite role are augmented to
|
26
|
-
# include the permissions granted to members of the attached role.
|
27
|
-
#
|
28
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
29
|
-
class Service
|
30
|
-
include GRPC::GenericService
|
31
|
-
|
32
|
-
self.marshal_class_method = :encode
|
33
|
-
self.unmarshal_class_method = :decode
|
34
|
-
self.service_name = "v1.RoleAttachments"
|
35
|
-
|
36
|
-
# Create registers a new RoleAttachment.
|
37
|
-
#
|
38
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
39
|
-
rpc :Create, V1::RoleAttachmentCreateRequest, V1::RoleAttachmentCreateResponse
|
40
|
-
# Get reads one RoleAttachment by ID.
|
41
|
-
#
|
42
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
43
|
-
rpc :Get, V1::RoleAttachmentGetRequest, V1::RoleAttachmentGetResponse
|
44
|
-
# Delete removes a RoleAttachment by ID.
|
45
|
-
#
|
46
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
47
|
-
rpc :Delete, V1::RoleAttachmentDeleteRequest, V1::RoleAttachmentDeleteResponse
|
48
|
-
# List gets a list of RoleAttachments matching a given set of criteria.
|
49
|
-
#
|
50
|
-
# Deprecated: use multi-role via AccountAttachments instead.
|
51
|
-
rpc :List, V1::RoleAttachmentListRequest, V1::RoleAttachmentListResponse
|
52
|
-
end
|
53
|
-
|
54
|
-
Stub = Service.rpc_stub_class
|
55
|
-
end
|
56
|
-
end
|
data/lib/grpc/role_grants_pb.rb
DELETED
@@ -1,77 +0,0 @@
|
|
1
|
-
# Copyright 2020 StrongDM Inc
|
2
|
-
#
|
3
|
-
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
-
# you may not use this file except in compliance with the License.
|
5
|
-
# You may obtain a copy of the License at
|
6
|
-
#
|
7
|
-
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
-
#
|
9
|
-
# Unless required by applicable law or agreed to in writing, software
|
10
|
-
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
-
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
-
# See the License for the specific language governing permissions and
|
13
|
-
# limitations under the License.
|
14
|
-
#
|
15
|
-
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
16
|
-
# source: role_grants.proto
|
17
|
-
|
18
|
-
require "google/protobuf"
|
19
|
-
|
20
|
-
require "options_pb"
|
21
|
-
require "spec_pb"
|
22
|
-
Google::Protobuf::DescriptorPool.generated_pool.build do
|
23
|
-
add_file("role_grants.proto", :syntax => :proto3) do
|
24
|
-
add_message "v1.RoleGrantCreateRequest" do
|
25
|
-
optional :meta, :message, 1, "v1.CreateRequestMetadata"
|
26
|
-
optional :role_grant, :message, 2, "v1.RoleGrant"
|
27
|
-
end
|
28
|
-
add_message "v1.RoleGrantCreateResponse" do
|
29
|
-
optional :meta, :message, 1, "v1.CreateResponseMetadata"
|
30
|
-
optional :role_grant, :message, 2, "v1.RoleGrant"
|
31
|
-
optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
|
32
|
-
end
|
33
|
-
add_message "v1.RoleGrantGetRequest" do
|
34
|
-
optional :meta, :message, 1, "v1.GetRequestMetadata"
|
35
|
-
optional :id, :string, 2
|
36
|
-
end
|
37
|
-
add_message "v1.RoleGrantGetResponse" do
|
38
|
-
optional :meta, :message, 1, "v1.GetResponseMetadata"
|
39
|
-
optional :role_grant, :message, 2, "v1.RoleGrant"
|
40
|
-
optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
|
41
|
-
end
|
42
|
-
add_message "v1.RoleGrantDeleteRequest" do
|
43
|
-
optional :meta, :message, 1, "v1.DeleteRequestMetadata"
|
44
|
-
optional :id, :string, 2
|
45
|
-
end
|
46
|
-
add_message "v1.RoleGrantDeleteResponse" do
|
47
|
-
optional :meta, :message, 1, "v1.DeleteResponseMetadata"
|
48
|
-
optional :rate_limit, :message, 2, "v1.RateLimitMetadata"
|
49
|
-
end
|
50
|
-
add_message "v1.RoleGrantListRequest" do
|
51
|
-
optional :meta, :message, 1, "v1.ListRequestMetadata"
|
52
|
-
optional :filter, :string, 2
|
53
|
-
end
|
54
|
-
add_message "v1.RoleGrantListResponse" do
|
55
|
-
optional :meta, :message, 1, "v1.ListResponseMetadata"
|
56
|
-
repeated :role_grants, :message, 2, "v1.RoleGrant"
|
57
|
-
optional :rate_limit, :message, 3, "v1.RateLimitMetadata"
|
58
|
-
end
|
59
|
-
add_message "v1.RoleGrant" do
|
60
|
-
optional :id, :string, 1
|
61
|
-
optional :resource_id, :string, 2
|
62
|
-
optional :role_id, :string, 3
|
63
|
-
end
|
64
|
-
end
|
65
|
-
end
|
66
|
-
|
67
|
-
module V1
|
68
|
-
RoleGrantCreateRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrantCreateRequest").msgclass
|
69
|
-
RoleGrantCreateResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrantCreateResponse").msgclass
|
70
|
-
RoleGrantGetRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrantGetRequest").msgclass
|
71
|
-
RoleGrantGetResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrantGetResponse").msgclass
|
72
|
-
RoleGrantDeleteRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrantDeleteRequest").msgclass
|
73
|
-
RoleGrantDeleteResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrantDeleteResponse").msgclass
|
74
|
-
RoleGrantListRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrantListRequest").msgclass
|
75
|
-
RoleGrantListResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrantListResponse").msgclass
|
76
|
-
RoleGrant = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("v1.RoleGrant").msgclass
|
77
|
-
end
|