strongdm 3.6.1 → 3.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (52) hide show
  1. checksums.yaml +4 -4
  2. data/.git/ORIG_HEAD +1 -1
  3. data/.git/index +0 -0
  4. data/.git/logs/HEAD +3 -3
  5. data/.git/logs/refs/heads/master +2 -2
  6. data/.git/logs/refs/remotes/origin/HEAD +1 -1
  7. data/.git/objects/pack/{pack-c0eff6575c38c9865988c2b59ce4060fff518355.idx → pack-6ff24cd25221e788819ff2b8012b5e54f3c5d426.idx} +0 -0
  8. data/.git/objects/pack/{pack-c0eff6575c38c9865988c2b59ce4060fff518355.pack → pack-6ff24cd25221e788819ff2b8012b5e54f3c5d426.pack} +0 -0
  9. data/.git/packed-refs +3 -2
  10. data/.git/refs/heads/master +1 -1
  11. data/lib/constants.rb +311 -0
  12. data/lib/grpc/account_attachments_history_pb.rb +48 -0
  13. data/lib/grpc/account_attachments_history_services_pb.rb +37 -0
  14. data/lib/grpc/account_grants_history_pb.rb +48 -0
  15. data/lib/grpc/account_grants_history_services_pb.rb +37 -0
  16. data/lib/grpc/account_permissions_pb.rb +48 -0
  17. data/lib/grpc/account_permissions_services_pb.rb +38 -0
  18. data/lib/grpc/account_resources_pb.rb +49 -0
  19. data/lib/grpc/account_resources_services_pb.rb +38 -0
  20. data/lib/grpc/accounts_history_pb.rb +48 -0
  21. data/lib/grpc/accounts_history_services_pb.rb +37 -0
  22. data/lib/grpc/activities_pb.rb +77 -0
  23. data/lib/grpc/activities_services_pb.rb +41 -0
  24. data/lib/grpc/nodes_history_pb.rb +48 -0
  25. data/lib/grpc/nodes_history_services_pb.rb +37 -0
  26. data/lib/grpc/organization_history_pb.rb +74 -0
  27. data/lib/grpc/organization_history_services_pb.rb +37 -0
  28. data/lib/grpc/plumbing.rb +977 -4
  29. data/lib/grpc/queries_pb.rb +67 -0
  30. data/lib/grpc/queries_services_pb.rb +39 -0
  31. data/lib/grpc/remote_identities_history_pb.rb +48 -0
  32. data/lib/grpc/remote_identities_history_services_pb.rb +37 -0
  33. data/lib/grpc/remote_identity_groups_history_pb.rb +48 -0
  34. data/lib/grpc/remote_identity_groups_history_services_pb.rb +37 -0
  35. data/lib/grpc/replays_pb.rb +50 -0
  36. data/lib/grpc/replays_services_pb.rb +38 -0
  37. data/lib/grpc/resources_history_pb.rb +48 -0
  38. data/lib/grpc/resources_history_services_pb.rb +37 -0
  39. data/lib/grpc/role_resources_history_pb.rb +48 -0
  40. data/lib/grpc/role_resources_history_services_pb.rb +37 -0
  41. data/lib/grpc/role_resources_pb.rb +46 -0
  42. data/lib/grpc/role_resources_services_pb.rb +38 -0
  43. data/lib/grpc/roles_history_pb.rb +48 -0
  44. data/lib/grpc/roles_history_services_pb.rb +37 -0
  45. data/lib/grpc/secret_stores_history_pb.rb +48 -0
  46. data/lib/grpc/secret_stores_history_services_pb.rb +37 -0
  47. data/lib/models/porcelain.rb +912 -0
  48. data/lib/strongdm.rb +219 -1
  49. data/lib/svc.rb +1555 -120
  50. data/lib/version +1 -1
  51. data/lib/version.rb +1 -1
  52. metadata +38 -4
@@ -731,6 +731,41 @@ module SDM
731
731
  end
732
732
  end
733
733
 
734
+ # AccountAttachmentHistory records the state of an AccountAttachment at a given point in time,
735
+ # where every change (create or delete) to an AccountAttachment produces an
736
+ # AccountAttachmentHistory record.
737
+ class AccountAttachmentHistory
738
+ # The complete AccountAttachment state at this time.
739
+ attr_accessor :account_attachment
740
+ # The unique identifier of the Activity that produced this change to the AccountAttachment.
741
+ # May be empty for some system-initiated updates.
742
+ attr_accessor :activity_id
743
+ # If this AccountAttachment was deleted, the time it was deleted.
744
+ attr_accessor :deleted_at
745
+ # The time at which the AccountAttachment state was recorded.
746
+ attr_accessor :timestamp
747
+
748
+ def initialize(
749
+ account_attachment: nil,
750
+ activity_id: nil,
751
+ deleted_at: nil,
752
+ timestamp: nil
753
+ )
754
+ @account_attachment = account_attachment == nil ? nil : account_attachment
755
+ @activity_id = activity_id == nil ? "" : activity_id
756
+ @deleted_at = deleted_at == nil ? nil : deleted_at
757
+ @timestamp = timestamp == nil ? nil : timestamp
758
+ end
759
+
760
+ def to_json(options = {})
761
+ hash = {}
762
+ self.instance_variables.each do |var|
763
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
764
+ end
765
+ hash.to_json
766
+ end
767
+ end
768
+
734
769
  # AccountCreateResponse reports how the Accounts were created in the system.
735
770
  class AccountCreateResponse
736
771
  # The created Account.
@@ -932,6 +967,162 @@ module SDM
932
967
  end
933
968
  end
934
969
 
970
+ # AccountGrantHistory records the state of an AccountGrant at a given point in time,
971
+ # where every change (create or delete) to an AccountGrant produces an
972
+ # AccountGrantHistory record.
973
+ class AccountGrantHistory
974
+ # The complete AccountGrant state at this time.
975
+ attr_accessor :account_grant
976
+ # The unique identifier of the Activity that produced this change to the AccountGrant.
977
+ # May be empty for some system-initiated updates.
978
+ attr_accessor :activity_id
979
+ # If this AccountGrant was deleted, the time it was deleted.
980
+ attr_accessor :deleted_at
981
+ # The time at which the AccountGrant state was recorded.
982
+ attr_accessor :timestamp
983
+
984
+ def initialize(
985
+ account_grant: nil,
986
+ activity_id: nil,
987
+ deleted_at: nil,
988
+ timestamp: nil
989
+ )
990
+ @account_grant = account_grant == nil ? nil : account_grant
991
+ @activity_id = activity_id == nil ? "" : activity_id
992
+ @deleted_at = deleted_at == nil ? nil : deleted_at
993
+ @timestamp = timestamp == nil ? nil : timestamp
994
+ end
995
+
996
+ def to_json(options = {})
997
+ hash = {}
998
+ self.instance_variables.each do |var|
999
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
1000
+ end
1001
+ hash.to_json
1002
+ end
1003
+ end
1004
+
1005
+ # AccountHistory records the state of an Account at a given point in time,
1006
+ # where every change (create, update and delete) to an Account produces an
1007
+ # AccountHistory record.
1008
+ class AccountHistory
1009
+ # The complete Account state at this time.
1010
+ attr_accessor :account
1011
+ # The unique identifier of the Activity that produced this change to the Account.
1012
+ # May be empty for some system-initiated updates.
1013
+ attr_accessor :activity_id
1014
+ # If this Account was deleted, the time it was deleted.
1015
+ attr_accessor :deleted_at
1016
+ # The time at which the Account state was recorded.
1017
+ attr_accessor :timestamp
1018
+
1019
+ def initialize(
1020
+ account: nil,
1021
+ activity_id: nil,
1022
+ deleted_at: nil,
1023
+ timestamp: nil
1024
+ )
1025
+ @account = account == nil ? nil : account
1026
+ @activity_id = activity_id == nil ? "" : activity_id
1027
+ @deleted_at = deleted_at == nil ? nil : deleted_at
1028
+ @timestamp = timestamp == nil ? nil : timestamp
1029
+ end
1030
+
1031
+ def to_json(options = {})
1032
+ hash = {}
1033
+ self.instance_variables.each do |var|
1034
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
1035
+ end
1036
+ hash.to_json
1037
+ end
1038
+ end
1039
+
1040
+ # AccountPermission represents an individual API action available to an account.
1041
+ class AccountPermission
1042
+ # The unique identifier of the Account this permission belongs to.
1043
+ attr_accessor :account_id
1044
+ # The most recent time at which the permission was granted. If a permission was
1045
+ # granted, revoked, and granted again, this will reflect the later time.
1046
+ attr_accessor :granted_at
1047
+ # The value of this permission, split into vertical and action e.g.
1048
+ # 'secretstore:List', 'role:update'
1049
+ attr_accessor :permission
1050
+ # The scope of this permission. A global scope means this action can be taken
1051
+ # on any entity; otherwise the action can only be taken on or in the scope of
1052
+ # the scoped id.
1053
+ attr_accessor :scope
1054
+ # The ID to which or in whose context this operation is permitted. e.g. The ID of a
1055
+ # role that a team leader has the abillity to remove and add accounts to, or the
1056
+ # ID of a resource that a user has the permission to connect to. If Scope is global,
1057
+ # scoped id is not populated.
1058
+ attr_accessor :scoped_id
1059
+
1060
+ def initialize(
1061
+ account_id: nil,
1062
+ granted_at: nil,
1063
+ permission: nil,
1064
+ scope: nil,
1065
+ scoped_id: nil
1066
+ )
1067
+ @account_id = account_id == nil ? "" : account_id
1068
+ @granted_at = granted_at == nil ? nil : granted_at
1069
+ @permission = permission == nil ? "" : permission
1070
+ @scope = scope == nil ? "" : scope
1071
+ @scoped_id = scoped_id == nil ? "" : scoped_id
1072
+ end
1073
+
1074
+ def to_json(options = {})
1075
+ hash = {}
1076
+ self.instance_variables.each do |var|
1077
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
1078
+ end
1079
+ hash.to_json
1080
+ end
1081
+ end
1082
+
1083
+ # AccountResource represents an individual access grant of a Account to a Resource.
1084
+ class AccountResource
1085
+ # The unique identifier of the AccountGrant through which the Account was granted access to the Resource.
1086
+ # If empty, access was not granted through an AccountGrant.
1087
+ attr_accessor :account_grant_id
1088
+ # The unique identifier of the Account to which access is granted.
1089
+ attr_accessor :account_id
1090
+ # The time at which access will expire. If empty, this access has no expiration.
1091
+ attr_accessor :expires_at
1092
+ # The most recent time at which access was granted. If access was granted,
1093
+ # revoked, and granted again, this will reflect the later time.
1094
+ attr_accessor :granted_at
1095
+ # The unique identifier of the Resource to which access is granted.
1096
+ attr_accessor :resource_id
1097
+ # The unique identifier of the Role through which the Account was granted access to the Resource.
1098
+ # If empty, access was not granted through an AccountAttachment to a Role.
1099
+ attr_accessor :role_id
1100
+
1101
+ def initialize(
1102
+ account_grant_id: nil,
1103
+ account_id: nil,
1104
+ expires_at: nil,
1105
+ granted_at: nil,
1106
+ resource_id: nil,
1107
+ role_id: nil
1108
+ )
1109
+ @account_grant_id = account_grant_id == nil ? "" : account_grant_id
1110
+ @account_id = account_id == nil ? "" : account_id
1111
+ @expires_at = expires_at == nil ? nil : expires_at
1112
+ @granted_at = granted_at == nil ? nil : granted_at
1113
+ @resource_id = resource_id == nil ? "" : resource_id
1114
+ @role_id = role_id == nil ? "" : role_id
1115
+ end
1116
+
1117
+ def to_json(options = {})
1118
+ hash = {}
1119
+ self.instance_variables.each do |var|
1120
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
1121
+ end
1122
+ hash.to_json
1123
+ end
1124
+ end
1125
+
935
1126
  # AccountUpdateResponse returns the fields of a Account after it has been updated by
936
1127
  # a AccountUpdateRequest.
937
1128
  class AccountUpdateResponse
@@ -961,6 +1152,153 @@ module SDM
961
1152
  end
962
1153
  end
963
1154
 
1155
+ # An Activity is a record of an action taken against a strongDM deployment, e.g.
1156
+ # a user creation, resource deletion, sso configuration change, etc.
1157
+ class Activity
1158
+ # The account who executed this activity. If the actor later has a name or email change,
1159
+ # that change is not reflected here. Actor is a snapshot of the executing account at
1160
+ # the time an activity took place.
1161
+ attr_accessor :actor
1162
+ # The time this activity took effect.
1163
+ attr_accessor :completed_at
1164
+ # A humanized description of the activity.
1165
+ attr_accessor :description
1166
+ # The entities involved in this activity. These entities can be any first class
1167
+ # entity in the strongDM system, eg. a user, a role, a node, an account grant. Not
1168
+ # every activity affects explicit entities.
1169
+ attr_accessor :entities
1170
+ # Unique identifier of the Activity.
1171
+ attr_accessor :id
1172
+ # The IP from which this action was taken.
1173
+ attr_accessor :ip_address
1174
+ # The kind of activity which has taken place.
1175
+ attr_accessor :verb
1176
+
1177
+ def initialize(
1178
+ actor: nil,
1179
+ completed_at: nil,
1180
+ description: nil,
1181
+ entities: nil,
1182
+ id: nil,
1183
+ ip_address: nil,
1184
+ verb: nil
1185
+ )
1186
+ @actor = actor == nil ? nil : actor
1187
+ @completed_at = completed_at == nil ? nil : completed_at
1188
+ @description = description == nil ? "" : description
1189
+ @entities = entities == nil ? [] : entities
1190
+ @id = id == nil ? "" : id
1191
+ @ip_address = ip_address == nil ? "" : ip_address
1192
+ @verb = verb == nil ? "" : verb
1193
+ end
1194
+
1195
+ def to_json(options = {})
1196
+ hash = {}
1197
+ self.instance_variables.each do |var|
1198
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
1199
+ end
1200
+ hash.to_json
1201
+ end
1202
+ end
1203
+
1204
+ class ActivityActor
1205
+ # The external ID of the actor at the time this activity occurred.
1206
+ attr_accessor :activity_external_id
1207
+ # The email of the actor at the time this activity occurred.
1208
+ attr_accessor :email
1209
+ # The first name of the actor at the time this activity occurred.
1210
+ attr_accessor :first_name
1211
+ # Unique identifier of the actor. Immutable.
1212
+ attr_accessor :id
1213
+ # The last name of the actor at the time this activity occurred.
1214
+ attr_accessor :last_name
1215
+
1216
+ def initialize(
1217
+ activity_external_id: nil,
1218
+ email: nil,
1219
+ first_name: nil,
1220
+ id: nil,
1221
+ last_name: nil
1222
+ )
1223
+ @activity_external_id = activity_external_id == nil ? "" : activity_external_id
1224
+ @email = email == nil ? "" : email
1225
+ @first_name = first_name == nil ? "" : first_name
1226
+ @id = id == nil ? "" : id
1227
+ @last_name = last_name == nil ? "" : last_name
1228
+ end
1229
+
1230
+ def to_json(options = {})
1231
+ hash = {}
1232
+ self.instance_variables.each do |var|
1233
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
1234
+ end
1235
+ hash.to_json
1236
+ end
1237
+ end
1238
+
1239
+ class ActivityEntity
1240
+ # The email of the affected entity, if it has one (for example, if it is an account).
1241
+ attr_accessor :email
1242
+ # The external ID of the affected entity, if it has one (for example, if it is an account).
1243
+ attr_accessor :external_id
1244
+ # The unique identifier of the entity this activity affected.
1245
+ attr_accessor :id
1246
+ # A display name representing the affected entity.
1247
+ attr_accessor :name
1248
+ # The type of entity affected, one of the Activity Entities constants.
1249
+ attr_accessor :type
1250
+
1251
+ def initialize(
1252
+ email: nil,
1253
+ external_id: nil,
1254
+ id: nil,
1255
+ name: nil,
1256
+ type: nil
1257
+ )
1258
+ @email = email == nil ? "" : email
1259
+ @external_id = external_id == nil ? "" : external_id
1260
+ @id = id == nil ? "" : id
1261
+ @name = name == nil ? "" : name
1262
+ @type = type == nil ? "" : type
1263
+ end
1264
+
1265
+ def to_json(options = {})
1266
+ hash = {}
1267
+ self.instance_variables.each do |var|
1268
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
1269
+ end
1270
+ hash.to_json
1271
+ end
1272
+ end
1273
+
1274
+ # ActivityGetResponse returns a requested Activity.
1275
+ class ActivityGetResponse
1276
+ # The requested Activity.
1277
+ attr_accessor :activity
1278
+ # Reserved for future use.
1279
+ attr_accessor :meta
1280
+ # Rate limit information.
1281
+ attr_accessor :rate_limit
1282
+
1283
+ def initialize(
1284
+ activity: nil,
1285
+ meta: nil,
1286
+ rate_limit: nil
1287
+ )
1288
+ @activity = activity == nil ? nil : activity
1289
+ @meta = meta == nil ? nil : meta
1290
+ @rate_limit = rate_limit == nil ? nil : rate_limit
1291
+ end
1292
+
1293
+ def to_json(options = {})
1294
+ hash = {}
1295
+ self.instance_variables.each do |var|
1296
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
1297
+ end
1298
+ hash.to_json
1299
+ end
1300
+ end
1301
+
964
1302
  class AmazonEKS
965
1303
  attr_accessor :access_key
966
1304
  # Bind interface
@@ -4843,6 +5181,41 @@ module SDM
4843
5181
  end
4844
5182
  end
4845
5183
 
5184
+ # NodeHistory records the state of a Node at a given point in time,
5185
+ # where every change (create, update and delete) to a Node produces an
5186
+ # NodeHistory record.
5187
+ class NodeHistory
5188
+ # The unique identifier of the Activity that produced this change to the Node.
5189
+ # May be empty for some system-initiated updates.
5190
+ attr_accessor :activity_id
5191
+ # If this Node was deleted, the time it was deleted.
5192
+ attr_accessor :deleted_at
5193
+ # The complete Node state at this time.
5194
+ attr_accessor :node
5195
+ # The time at which the Node state was recorded.
5196
+ attr_accessor :timestamp
5197
+
5198
+ def initialize(
5199
+ activity_id: nil,
5200
+ deleted_at: nil,
5201
+ node: nil,
5202
+ timestamp: nil
5203
+ )
5204
+ @activity_id = activity_id == nil ? "" : activity_id
5205
+ @deleted_at = deleted_at == nil ? nil : deleted_at
5206
+ @node = node == nil ? nil : node
5207
+ @timestamp = timestamp == nil ? nil : timestamp
5208
+ end
5209
+
5210
+ def to_json(options = {})
5211
+ hash = {}
5212
+ self.instance_variables.each do |var|
5213
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
5214
+ end
5215
+ hash.to_json
5216
+ end
5217
+ end
5218
+
4846
5219
  # NodeUpdateResponse returns the fields of a Node after it has been updated by
4847
5220
  # a NodeUpdateRequest.
4848
5221
  class NodeUpdateResponse
@@ -4943,6 +5316,147 @@ module SDM
4943
5316
  end
4944
5317
  end
4945
5318
 
5319
+ class Organization
5320
+ # The Organization's authentication provider.
5321
+ attr_accessor :auth_provider
5322
+ # The time at which the Organization was created.
5323
+ attr_accessor :created_at
5324
+ # The Organization's idle timeout, if enabled.
5325
+ attr_accessor :idle_timeout
5326
+ # Indicates if the Organization has idle timeouts enabled.
5327
+ attr_accessor :idle_timeout_enabled
5328
+ # The Organization's type.
5329
+ attr_accessor :kind
5330
+ # The Organization's local log encryption encoder.
5331
+ attr_accessor :log_local_encoder
5332
+ # The Organization's local log format.
5333
+ attr_accessor :log_local_format
5334
+ # The Organization's local log storage.
5335
+ attr_accessor :log_local_storage
5336
+ # The Organization's remote log encryption encoder.
5337
+ attr_accessor :log_remote_encoder
5338
+ # The Organization's socket path for Socket local log storage.
5339
+ attr_accessor :log_socket_path
5340
+ # The Organization's TCP address for TCP or Syslog local log storage.
5341
+ attr_accessor :log_tcp_address
5342
+ # Indicates if the Organization has multi-factor authentication enabled.
5343
+ attr_accessor :mfa_enabled
5344
+ # The Organization's multi-factor authentication provider, if enabled.
5345
+ attr_accessor :mfa_provider
5346
+ # The Organization's name.
5347
+ attr_accessor :name
5348
+ # Indicates if the Organization requires secret stores.
5349
+ attr_accessor :require_secret_store
5350
+ # The Organization's URL for SAML metadata.
5351
+ attr_accessor :saml_metadata_url
5352
+ # The Organization's SCIM provider.
5353
+ attr_accessor :scim_provider
5354
+ # The Organization's label for sensitive resources.
5355
+ attr_accessor :sensitive_label
5356
+ # The Organization's session timeout, if enabled.
5357
+ attr_accessor :session_timeout
5358
+ # Indicates if the Organization has session timeouts enabled.
5359
+ attr_accessor :session_timeout_enabled
5360
+ # The Organization's SSH certificate authority public key.
5361
+ attr_accessor :ssh_certificate_authority_public_key
5362
+ # The time at which the Organization's SSH certificate authority was last updated.
5363
+ attr_accessor :ssh_certificate_authority_updated_at
5364
+ # The time at which the Organization was last updated.
5365
+ attr_accessor :updated_at
5366
+ # The Organization's web site domain.
5367
+ attr_accessor :websites_subdomain
5368
+
5369
+ def initialize(
5370
+ auth_provider: nil,
5371
+ created_at: nil,
5372
+ idle_timeout: nil,
5373
+ idle_timeout_enabled: nil,
5374
+ kind: nil,
5375
+ log_local_encoder: nil,
5376
+ log_local_format: nil,
5377
+ log_local_storage: nil,
5378
+ log_remote_encoder: nil,
5379
+ log_socket_path: nil,
5380
+ log_tcp_address: nil,
5381
+ mfa_enabled: nil,
5382
+ mfa_provider: nil,
5383
+ name: nil,
5384
+ require_secret_store: nil,
5385
+ saml_metadata_url: nil,
5386
+ scim_provider: nil,
5387
+ sensitive_label: nil,
5388
+ session_timeout: nil,
5389
+ session_timeout_enabled: nil,
5390
+ ssh_certificate_authority_public_key: nil,
5391
+ ssh_certificate_authority_updated_at: nil,
5392
+ updated_at: nil,
5393
+ websites_subdomain: nil
5394
+ )
5395
+ @auth_provider = auth_provider == nil ? "" : auth_provider
5396
+ @created_at = created_at == nil ? nil : created_at
5397
+ @idle_timeout = idle_timeout == nil ? nil : idle_timeout
5398
+ @idle_timeout_enabled = idle_timeout_enabled == nil ? false : idle_timeout_enabled
5399
+ @kind = kind == nil ? "" : kind
5400
+ @log_local_encoder = log_local_encoder == nil ? "" : log_local_encoder
5401
+ @log_local_format = log_local_format == nil ? "" : log_local_format
5402
+ @log_local_storage = log_local_storage == nil ? "" : log_local_storage
5403
+ @log_remote_encoder = log_remote_encoder == nil ? "" : log_remote_encoder
5404
+ @log_socket_path = log_socket_path == nil ? "" : log_socket_path
5405
+ @log_tcp_address = log_tcp_address == nil ? "" : log_tcp_address
5406
+ @mfa_enabled = mfa_enabled == nil ? false : mfa_enabled
5407
+ @mfa_provider = mfa_provider == nil ? "" : mfa_provider
5408
+ @name = name == nil ? "" : name
5409
+ @require_secret_store = require_secret_store == nil ? false : require_secret_store
5410
+ @saml_metadata_url = saml_metadata_url == nil ? "" : saml_metadata_url
5411
+ @scim_provider = scim_provider == nil ? "" : scim_provider
5412
+ @sensitive_label = sensitive_label == nil ? "" : sensitive_label
5413
+ @session_timeout = session_timeout == nil ? nil : session_timeout
5414
+ @session_timeout_enabled = session_timeout_enabled == nil ? false : session_timeout_enabled
5415
+ @ssh_certificate_authority_public_key = ssh_certificate_authority_public_key == nil ? "" : ssh_certificate_authority_public_key
5416
+ @ssh_certificate_authority_updated_at = ssh_certificate_authority_updated_at == nil ? nil : ssh_certificate_authority_updated_at
5417
+ @updated_at = updated_at == nil ? nil : updated_at
5418
+ @websites_subdomain = websites_subdomain == nil ? "" : websites_subdomain
5419
+ end
5420
+
5421
+ def to_json(options = {})
5422
+ hash = {}
5423
+ self.instance_variables.each do |var|
5424
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
5425
+ end
5426
+ hash.to_json
5427
+ end
5428
+ end
5429
+
5430
+ # OrganizationHistoryRecord records the state of an Organization at a given point in time,
5431
+ # where every change to an Organization produces an OrganizationHistoryRecord.
5432
+ class OrganizationHistoryRecord
5433
+ # The unique identifier of the Activity that produced this change to the Organization.
5434
+ # May be empty for some system-initiated organization updates.
5435
+ attr_accessor :activity_id
5436
+ # The complete Organization state at this time.
5437
+ attr_accessor :organization
5438
+ # The time at which the Organization state was recorded.
5439
+ attr_accessor :timestamp
5440
+
5441
+ def initialize(
5442
+ activity_id: nil,
5443
+ organization: nil,
5444
+ timestamp: nil
5445
+ )
5446
+ @activity_id = activity_id == nil ? "" : activity_id
5447
+ @organization = organization == nil ? nil : organization
5448
+ @timestamp = timestamp == nil ? nil : timestamp
5449
+ end
5450
+
5451
+ def to_json(options = {})
5452
+ hash = {}
5453
+ self.instance_variables.each do |var|
5454
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
5455
+ end
5456
+ hash.to_json
5457
+ end
5458
+ end
5459
+
4946
5460
  class Postgres
4947
5461
  # Bind interface
4948
5462
  attr_accessor :bind_interface
@@ -5085,6 +5599,115 @@ module SDM
5085
5599
  end
5086
5600
  end
5087
5601
 
5602
+ # A Query is a record of a single client request to a resource, such as an SQL query.
5603
+ class Query
5604
+ # The email of the account performing this query, at the time the query was executed.
5605
+ # If the account email is later changed, that change will not be reflected via this field.
5606
+ attr_accessor :account_email
5607
+ # The given name of the account performing this query, at the time the query was executed.
5608
+ # If the account is later renamed, that change will not be reflected via this field.
5609
+ attr_accessor :account_first_name
5610
+ # Unique identifier of the Account that performed the Query.
5611
+ attr_accessor :account_id
5612
+ # The family name of the account performing this query, at the time the query was executed.
5613
+ # If the account is later renamed, that change will not be reflected via this field.
5614
+ attr_accessor :account_last_name
5615
+ # The tags of the account accessed, at the time the query was executed. If the account
5616
+ # tags are later changed, that change will not be reflected via this field.
5617
+ attr_accessor :account_tags
5618
+ # The duration of the Query.
5619
+ attr_accessor :duration
5620
+ # The unique ID of the node through which the Resource was accessed.
5621
+ attr_accessor :egress_node_id
5622
+ # Indicates that the body of the Query is encrypted.
5623
+ attr_accessor :encrypted
5624
+ # Unique identifier of the Query.
5625
+ attr_accessor :id
5626
+ # The captured content of the Query.
5627
+ attr_accessor :query_body
5628
+ # The general category of Resource against which Query was performed, e.g. "web" or "cloud".
5629
+ attr_accessor :query_category
5630
+ # The hash of the body of the Query.
5631
+ attr_accessor :query_hash
5632
+ # The symmetric key used to encrypt the body of this Query and its replay if replayable.
5633
+ # If the Query is encrypted, this field contains an encrypted symmetric key in base64 encoding.
5634
+ # This key must be decrypted with the organization's private key to obtain the symmetric key needed to decrypt the body.
5635
+ # If the Query is not encrypted, this field is empty.
5636
+ attr_accessor :query_key
5637
+ # The number of records returned by the Query, for a database Resource.
5638
+ attr_accessor :record_count
5639
+ # The username of the RemoteIdentity used to access the Resource.
5640
+ attr_accessor :remote_identity_username
5641
+ # Indicates that the Query is replayable, e.g. for some SSH or K8s sessions.
5642
+ attr_accessor :replayable
5643
+ # Unique identifier of the Resource against which the Query was performed.
5644
+ attr_accessor :resource_id
5645
+ # The name of the resource accessed, at the time the query was executed. If the resource
5646
+ # is later renamed, that change will not be reflected via this field.
5647
+ attr_accessor :resource_name
5648
+ # The tags of the resource accessed, at the time the query was executed. If the resource
5649
+ # tags are later changed, that change will not be reflected via this field.
5650
+ attr_accessor :resource_tags
5651
+ # The specific type of Resource against which the Query was performed, e.g. "ssh" or "postgres".
5652
+ attr_accessor :resource_type
5653
+ # The time at which the Query was performed.
5654
+ attr_accessor :timestamp
5655
+
5656
+ def initialize(
5657
+ account_email: nil,
5658
+ account_first_name: nil,
5659
+ account_id: nil,
5660
+ account_last_name: nil,
5661
+ account_tags: nil,
5662
+ duration: nil,
5663
+ egress_node_id: nil,
5664
+ encrypted: nil,
5665
+ id: nil,
5666
+ query_body: nil,
5667
+ query_category: nil,
5668
+ query_hash: nil,
5669
+ query_key: nil,
5670
+ record_count: nil,
5671
+ remote_identity_username: nil,
5672
+ replayable: nil,
5673
+ resource_id: nil,
5674
+ resource_name: nil,
5675
+ resource_tags: nil,
5676
+ resource_type: nil,
5677
+ timestamp: nil
5678
+ )
5679
+ @account_email = account_email == nil ? "" : account_email
5680
+ @account_first_name = account_first_name == nil ? "" : account_first_name
5681
+ @account_id = account_id == nil ? "" : account_id
5682
+ @account_last_name = account_last_name == nil ? "" : account_last_name
5683
+ @account_tags = account_tags == nil ? SDM::_porcelain_zero_value_tags() : account_tags
5684
+ @duration = duration == nil ? nil : duration
5685
+ @egress_node_id = egress_node_id == nil ? "" : egress_node_id
5686
+ @encrypted = encrypted == nil ? false : encrypted
5687
+ @id = id == nil ? "" : id
5688
+ @query_body = query_body == nil ? "" : query_body
5689
+ @query_category = query_category == nil ? "" : query_category
5690
+ @query_hash = query_hash == nil ? "" : query_hash
5691
+ @query_key = query_key == nil ? "" : query_key
5692
+ @record_count = record_count == nil ? 0 : record_count
5693
+ @remote_identity_username = remote_identity_username == nil ? "" : remote_identity_username
5694
+ @replayable = replayable == nil ? false : replayable
5695
+ @resource_id = resource_id == nil ? "" : resource_id
5696
+ @resource_name = resource_name == nil ? "" : resource_name
5697
+ @resource_tags = resource_tags == nil ? SDM::_porcelain_zero_value_tags() : resource_tags
5698
+ @resource_type = resource_type == nil ? "" : resource_type
5699
+ @timestamp = timestamp == nil ? nil : timestamp
5700
+ end
5701
+
5702
+ def to_json(options = {})
5703
+ hash = {}
5704
+ self.instance_variables.each do |var|
5705
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
5706
+ end
5707
+ hash.to_json
5708
+ end
5709
+ end
5710
+
5088
5711
  class RDP
5089
5712
  # Bind interface
5090
5713
  attr_accessor :bind_interface
@@ -5666,6 +6289,76 @@ module SDM
5666
6289
  end
5667
6290
  end
5668
6291
 
6292
+ # RemoteIdentityGroupHistory records the state of a RemoteIdentityGroup at a given point in time,
6293
+ # where every change (create, update and delete) to a RemoteIdentityGroup produces an
6294
+ # RemoteIdentityGroupHistory record.
6295
+ class RemoteIdentityGroupHistory
6296
+ # The unique identifier of the Activity that produced this change to the RemoteIdentityGroup.
6297
+ # May be empty for some system-initiated updates.
6298
+ attr_accessor :activity_id
6299
+ # If this RemoteIdentityGroup was deleted, the time it was deleted.
6300
+ attr_accessor :deleted_at
6301
+ # The complete RemoteIdentityGroup state at this time.
6302
+ attr_accessor :remote_identity_group
6303
+ # The time at which the RemoteIdentityGroup state was recorded.
6304
+ attr_accessor :timestamp
6305
+
6306
+ def initialize(
6307
+ activity_id: nil,
6308
+ deleted_at: nil,
6309
+ remote_identity_group: nil,
6310
+ timestamp: nil
6311
+ )
6312
+ @activity_id = activity_id == nil ? "" : activity_id
6313
+ @deleted_at = deleted_at == nil ? nil : deleted_at
6314
+ @remote_identity_group = remote_identity_group == nil ? nil : remote_identity_group
6315
+ @timestamp = timestamp == nil ? nil : timestamp
6316
+ end
6317
+
6318
+ def to_json(options = {})
6319
+ hash = {}
6320
+ self.instance_variables.each do |var|
6321
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
6322
+ end
6323
+ hash.to_json
6324
+ end
6325
+ end
6326
+
6327
+ # RemoteIdentityHistory records the state of a RemoteIdentity at a given point in time,
6328
+ # where every change (create, update and delete) to a RemoteIdentity produces an
6329
+ # RemoteIdentityHistory record.
6330
+ class RemoteIdentityHistory
6331
+ # The unique identifier of the Activity that produced this change to the RemoteIdentity.
6332
+ # May be empty for some system-initiated updates.
6333
+ attr_accessor :activity_id
6334
+ # If this RemoteIdentity was deleted, the time it was deleted.
6335
+ attr_accessor :deleted_at
6336
+ # The complete RemoteIdentity state at this time.
6337
+ attr_accessor :remote_identity
6338
+ # The time at which the RemoteIdentity state was recorded.
6339
+ attr_accessor :timestamp
6340
+
6341
+ def initialize(
6342
+ activity_id: nil,
6343
+ deleted_at: nil,
6344
+ remote_identity: nil,
6345
+ timestamp: nil
6346
+ )
6347
+ @activity_id = activity_id == nil ? "" : activity_id
6348
+ @deleted_at = deleted_at == nil ? nil : deleted_at
6349
+ @remote_identity = remote_identity == nil ? nil : remote_identity
6350
+ @timestamp = timestamp == nil ? nil : timestamp
6351
+ end
6352
+
6353
+ def to_json(options = {})
6354
+ hash = {}
6355
+ self.instance_variables.each do |var|
6356
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
6357
+ end
6358
+ hash.to_json
6359
+ end
6360
+ end
6361
+
5669
6362
  # RemoteIdentityUpdateResponse returns the fields of a RemoteIdentity after it has been updated by
5670
6363
  # a RemoteIdentityUpdateRequest.
5671
6364
  class RemoteIdentityUpdateResponse
@@ -5695,6 +6388,56 @@ module SDM
5695
6388
  end
5696
6389
  end
5697
6390
 
6391
+ # A ReplayChunk represents a single "chunk" of data from the query replay.
6392
+ class ReplayChunk
6393
+ # The raw data of the ReplayChunk. The data is encrypted if the associated Query is encrypted.
6394
+ attr_accessor :data
6395
+ # The list of events of the ReplayChunk. If the Query is encrypted, this field is always empty
6396
+ # and the events can be obtained by decrypting the data using the QueryKey returned with the Query.
6397
+ attr_accessor :events
6398
+
6399
+ def initialize(
6400
+ data: nil,
6401
+ events: nil
6402
+ )
6403
+ @data = data == nil ? "" : data
6404
+ @events = events == nil ? [] : events
6405
+ end
6406
+
6407
+ def to_json(options = {})
6408
+ hash = {}
6409
+ self.instance_variables.each do |var|
6410
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
6411
+ end
6412
+ hash.to_json
6413
+ end
6414
+ end
6415
+
6416
+ # A ReplayChunkEvent represents a single event within a query replay.
6417
+ # The timing information included in each ReplayChunkEvent may be used to replay a session in real time.
6418
+ class ReplayChunkEvent
6419
+ # The raw data of the ReplayChunkEvent.
6420
+ attr_accessor :data
6421
+ # The time duration over which the data in this ReplayChunkEvent was transferred.
6422
+ attr_accessor :duration
6423
+
6424
+ def initialize(
6425
+ data: nil,
6426
+ duration: nil
6427
+ )
6428
+ @data = data == nil ? "" : data
6429
+ @duration = duration == nil ? nil : duration
6430
+ end
6431
+
6432
+ def to_json(options = {})
6433
+ hash = {}
6434
+ self.instance_variables.each do |var|
6435
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
6436
+ end
6437
+ hash.to_json
6438
+ end
6439
+ end
6440
+
5698
6441
  # ResourceCreateResponse reports how the Resources were created in the system.
5699
6442
  class ResourceCreateResponse
5700
6443
  # Reserved for future use.
@@ -5775,6 +6518,41 @@ module SDM
5775
6518
  end
5776
6519
  end
5777
6520
 
6521
+ # ResourceHistory records the state of a Resource at a given point in time,
6522
+ # where every change (create, update and delete) to a Resource produces an
6523
+ # ResourceHistory record.
6524
+ class ResourceHistory
6525
+ # The unique identifier of the Activity that produced this change to the Resource.
6526
+ # May be empty for some system-initiated updates.
6527
+ attr_accessor :activity_id
6528
+ # If this Resource was deleted, the time it was deleted.
6529
+ attr_accessor :deleted_at
6530
+ # The complete Resource state at this time.
6531
+ attr_accessor :resource
6532
+ # The time at which the Resource state was recorded.
6533
+ attr_accessor :timestamp
6534
+
6535
+ def initialize(
6536
+ activity_id: nil,
6537
+ deleted_at: nil,
6538
+ resource: nil,
6539
+ timestamp: nil
6540
+ )
6541
+ @activity_id = activity_id == nil ? "" : activity_id
6542
+ @deleted_at = deleted_at == nil ? nil : deleted_at
6543
+ @resource = resource == nil ? nil : resource
6544
+ @timestamp = timestamp == nil ? nil : timestamp
6545
+ end
6546
+
6547
+ def to_json(options = {})
6548
+ hash = {}
6549
+ self.instance_variables.each do |var|
6550
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
6551
+ end
6552
+ hash.to_json
6553
+ end
6554
+ end
6555
+
5778
6556
  # ResourceUpdateResponse returns the fields of a Resource after it has been updated by
5779
6557
  # a ResourceUpdateRequest.
5780
6558
  class ResourceUpdateResponse
@@ -5923,6 +6701,105 @@ module SDM
5923
6701
  end
5924
6702
  end
5925
6703
 
6704
+ # RoleHistory records the state of a Role at a given point in time,
6705
+ # where every change (create, update and delete) to a Role produces an
6706
+ # RoleHistory record.
6707
+ class RoleHistory
6708
+ # The unique identifier of the Activity that produced this change to the Role.
6709
+ # May be empty for some system-initiated updates.
6710
+ attr_accessor :activity_id
6711
+ # If this Role was deleted, the time it was deleted.
6712
+ attr_accessor :deleted_at
6713
+ # The complete Role state at this time.
6714
+ attr_accessor :role
6715
+ # The time at which the Role state was recorded.
6716
+ attr_accessor :timestamp
6717
+
6718
+ def initialize(
6719
+ activity_id: nil,
6720
+ deleted_at: nil,
6721
+ role: nil,
6722
+ timestamp: nil
6723
+ )
6724
+ @activity_id = activity_id == nil ? "" : activity_id
6725
+ @deleted_at = deleted_at == nil ? nil : deleted_at
6726
+ @role = role == nil ? nil : role
6727
+ @timestamp = timestamp == nil ? nil : timestamp
6728
+ end
6729
+
6730
+ def to_json(options = {})
6731
+ hash = {}
6732
+ self.instance_variables.each do |var|
6733
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
6734
+ end
6735
+ hash.to_json
6736
+ end
6737
+ end
6738
+
6739
+ # RoleResource represents an individual access grant of a Role to a Resource.
6740
+ class RoleResource
6741
+ # The most recent time at which access was granted. If access was granted,
6742
+ # revoked, and granted again, this will reflect the later time.
6743
+ attr_accessor :granted_at
6744
+ # The unique identifier of the Resource to which access is granted.
6745
+ attr_accessor :resource_id
6746
+ # The unique identifier of the Role to which access is granted.
6747
+ attr_accessor :role_id
6748
+
6749
+ def initialize(
6750
+ granted_at: nil,
6751
+ resource_id: nil,
6752
+ role_id: nil
6753
+ )
6754
+ @granted_at = granted_at == nil ? nil : granted_at
6755
+ @resource_id = resource_id == nil ? "" : resource_id
6756
+ @role_id = role_id == nil ? "" : role_id
6757
+ end
6758
+
6759
+ def to_json(options = {})
6760
+ hash = {}
6761
+ self.instance_variables.each do |var|
6762
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
6763
+ end
6764
+ hash.to_json
6765
+ end
6766
+ end
6767
+
6768
+ # RoleResourceHistory records the state of a RoleResource at a given point in time,
6769
+ # where every change (create or delete) to a RoleResource produces an
6770
+ # RoleResourceHistory record.
6771
+ class RoleResourceHistory
6772
+ # The unique identifier of the Activity that produced this change to the RoleResource.
6773
+ # May be empty for some system-initiated updates.
6774
+ attr_accessor :activity_id
6775
+ # If this RoleResource was deleted, the time it was deleted.
6776
+ attr_accessor :deleted_at
6777
+ # The complete RoleResource state at this time.
6778
+ attr_accessor :role_resource
6779
+ # The time at which the RoleResource state was recorded.
6780
+ attr_accessor :timestamp
6781
+
6782
+ def initialize(
6783
+ activity_id: nil,
6784
+ deleted_at: nil,
6785
+ role_resource: nil,
6786
+ timestamp: nil
6787
+ )
6788
+ @activity_id = activity_id == nil ? "" : activity_id
6789
+ @deleted_at = deleted_at == nil ? nil : deleted_at
6790
+ @role_resource = role_resource == nil ? nil : role_resource
6791
+ @timestamp = timestamp == nil ? nil : timestamp
6792
+ end
6793
+
6794
+ def to_json(options = {})
6795
+ hash = {}
6796
+ self.instance_variables.each do |var|
6797
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
6798
+ end
6799
+ hash.to_json
6800
+ end
6801
+ end
6802
+
5926
6803
  # RoleUpdateResponse returns the fields of a Role after it has been updated by
5927
6804
  # a RoleUpdateRequest.
5928
6805
  class RoleUpdateResponse
@@ -6329,6 +7206,41 @@ module SDM
6329
7206
  end
6330
7207
  end
6331
7208
 
7209
+ # SecretStoreHistory records the state of a SecretStore at a given point in time,
7210
+ # where every change (create, update and delete) to a SecretStore produces an
7211
+ # SecretStoreHistory record.
7212
+ class SecretStoreHistory
7213
+ # The unique identifier of the Activity that produced this change to the SecretStore.
7214
+ # May be empty for some system-initiated updates.
7215
+ attr_accessor :activity_id
7216
+ # If this SecretStore was deleted, the time it was deleted.
7217
+ attr_accessor :deleted_at
7218
+ # The complete SecretStore state at this time.
7219
+ attr_accessor :secret_store
7220
+ # The time at which the SecretStore state was recorded.
7221
+ attr_accessor :timestamp
7222
+
7223
+ def initialize(
7224
+ activity_id: nil,
7225
+ deleted_at: nil,
7226
+ secret_store: nil,
7227
+ timestamp: nil
7228
+ )
7229
+ @activity_id = activity_id == nil ? "" : activity_id
7230
+ @deleted_at = deleted_at == nil ? nil : deleted_at
7231
+ @secret_store = secret_store == nil ? nil : secret_store
7232
+ @timestamp = timestamp == nil ? nil : timestamp
7233
+ end
7234
+
7235
+ def to_json(options = {})
7236
+ hash = {}
7237
+ self.instance_variables.each do |var|
7238
+ hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
7239
+ end
7240
+ hash.to_json
7241
+ end
7242
+ end
7243
+
6332
7244
  # SecretStoreUpdateResponse returns the fields of a SecretStore after it has been updated by
6333
7245
  # a SecretStoreUpdateRequest.
6334
7246
  class SecretStoreUpdateResponse