strongdm 8.3.0 → 9.0.0

data/lib/strongdm.rb

@@ -29,7 +29,7 @@ module SDM #:nodoc:
     DEFAULT_BASE_RETRY_DELAY = 0.0030 # 30 ms
     DEFAULT_MAX_RETRY_DELAY = 300 # 300 seconds
     API_VERSION = "2024-03-28"
-    USER_AGENT = "strongdm-sdk-ruby/8.3.0"
+    USER_AGENT = "strongdm-sdk-ruby/9.0.0"
     private_constant :DEFAULT_MAX_RETRIES, :DEFAULT_BASE_RETRY_DELAY, :DEFAULT_MAX_RETRY_DELAY, :API_VERSION, :USER_AGENT
 
     # Creates a new strongDM API client.
@@ -75,6 +75,10 @@ module SDM #:nodoc:
       @approval_workflows = ApprovalWorkflows.new(@channel, self)
       @approval_workflows_history = ApprovalWorkflowsHistory.new(@channel, self)
       @control_panel = ControlPanel.new(@channel, self)
+      @identity_aliases = IdentityAliases.new(@channel, self)
+      @identity_aliases_history = IdentityAliasesHistory.new(@channel, self)
+      @identity_sets = IdentitySets.new(@channel, self)
+      @identity_sets_history = IdentitySetsHistory.new(@channel, self)
       @nodes = Nodes.new(@channel, self)
       @nodes_history = NodesHistory.new(@channel, self)
       @organization_history = OrganizationHistory.new(@channel, self)
@@ -283,6 +287,24 @@ module SDM #:nodoc:
     #
     # See {ControlPanel}.
     attr_reader :control_panel
+    # IdentityAliases assign an alias to an account within an IdentitySet.
+    # The alias is used as the username when connecting to a identity supported resource.
+    #
+    # See {IdentityAliases}.
+    attr_reader :identity_aliases
+    # IdentityAliasesHistory records all changes to the state of a IdentityAlias.
+    #
+    # See {IdentityAliasesHistory}.
+    attr_reader :identity_aliases_history
+    # A IdentitySet is a named grouping of Identity Aliases for Accounts.
+    # An Account's relationship to a IdentitySet is defined via IdentityAlias objects.
+    #
+    # See {IdentitySets}.
+    attr_reader :identity_sets
+    # IdentitySetsHistory records all changes to the state of a IdentitySet.
+    #
+    # See {IdentitySetsHistory}.
+    attr_reader :identity_sets_history
     # Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:
     # - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
     # - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.
@@ -445,6 +467,10 @@ module SDM #:nodoc:
       @approval_workflows = ApprovalWorkflows.new(@channel, self)
       @approval_workflows_history = ApprovalWorkflowsHistory.new(@channel, self)
       @control_panel = ControlPanel.new(@channel, self)
+      @identity_aliases = IdentityAliases.new(@channel, self)
+      @identity_aliases_history = IdentityAliasesHistory.new(@channel, self)
+      @identity_sets = IdentitySets.new(@channel, self)
+      @identity_sets_history = IdentitySetsHistory.new(@channel, self)
       @nodes = Nodes.new(@channel, self)
       @nodes_history = NodesHistory.new(@channel, self)
       @organization_history = OrganizationHistory.new(@channel, self)
@@ -490,6 +516,8 @@ module SDM #:nodoc:
       @approval_workflow_approvers = SnapshotApprovalWorkflowApprovers.new(client.approval_workflow_approvers)
       @approval_workflow_steps = SnapshotApprovalWorkflowSteps.new(client.approval_workflow_steps)
       @approval_workflows = SnapshotApprovalWorkflows.new(client.approval_workflows)
+      @identity_aliases = SnapshotIdentityAliases.new(client.identity_aliases)
+      @identity_sets = SnapshotIdentitySets.new(client.identity_sets)
       @nodes = SnapshotNodes.new(client.nodes)
       @remote_identities = SnapshotRemoteIdentities.new(client.remote_identities)
       @remote_identity_groups = SnapshotRemoteIdentityGroups.new(client.remote_identity_groups)
@@ -545,6 +573,16 @@ module SDM #:nodoc:
     #
     # See {SnapshotApprovalWorkflows}.
     attr_reader :approval_workflows
+    # IdentityAliases assign an alias to an account within an IdentitySet.
+    # The alias is used as the username when connecting to a identity supported resource.
+    #
+    # See {SnapshotIdentityAliases}.
+    attr_reader :identity_aliases
+    # A IdentitySet is a named grouping of Identity Aliases for Accounts.
+    # An Account's relationship to a IdentitySet is defined via IdentityAlias objects.
+    #
+    # See {SnapshotIdentitySets}.
+    attr_reader :identity_sets
     # Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:
     # - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
     # - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

data/lib/svc.rb

@@ -2107,6 +2107,453 @@ module SDM #:nodoc:
     end
   end
 
+  # IdentityAliases assign an alias to an account within an IdentitySet.
+  # The alias is used as the username when connecting to a identity supported resource.
+  #
+  # See {IdentityAlias}.
+  class IdentityAliases
+    extend Gem::Deprecate
+
+    def initialize(channel, parent)
+      begin
+        @stub = V1::IdentityAliases::Stub.new(nil, nil, channel_override: channel)
+      rescue => exception
+        raise Plumbing::convert_error_to_porcelain(exception)
+      end
+      @parent = parent
+    end
+
+    # Create registers a new IdentityAlias.
+    def create(
+      identity_alias,
+      deadline: nil
+    )
+      req = V1::IdentityAliasCreateRequest.new()
+
+      req.identity_alias = Plumbing::convert_identity_alias_to_plumbing(identity_alias)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.create(req, metadata: @parent.get_metadata("IdentityAliases.Create", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = IdentityAliasCreateResponse.new()
+      resp.identity_alias = Plumbing::convert_identity_alias_to_porcelain(plumbing_response.identity_alias)
+      resp.meta = Plumbing::convert_create_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # Get reads one IdentityAlias by ID.
+    def get(
+      id,
+      deadline: nil
+    )
+      req = V1::IdentityAliasGetRequest.new()
+      if not @parent.snapshot_time.nil?
+        req.meta = V1::GetRequestMetadata.new()
+        req.meta.snapshot_at = @parent.snapshot_time
+      end
+
+      req.id = (id)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.get(req, metadata: @parent.get_metadata("IdentityAliases.Get", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = IdentityAliasGetResponse.new()
+      resp.identity_alias = Plumbing::convert_identity_alias_to_porcelain(plumbing_response.identity_alias)
+      resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # Update replaces all the fields of a IdentityAlias by ID.
+    def update(
+      identity_alias,
+      deadline: nil
+    )
+      req = V1::IdentityAliasUpdateRequest.new()
+
+      req.identity_alias = Plumbing::convert_identity_alias_to_plumbing(identity_alias)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.update(req, metadata: @parent.get_metadata("IdentityAliases.Update", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = IdentityAliasUpdateResponse.new()
+      resp.identity_alias = Plumbing::convert_identity_alias_to_porcelain(plumbing_response.identity_alias)
+      resp.meta = Plumbing::convert_update_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # Delete removes a IdentityAlias by ID.
+    def delete(
+      id,
+      deadline: nil
+    )
+      req = V1::IdentityAliasDeleteRequest.new()
+
+      req.id = (id)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.delete(req, metadata: @parent.get_metadata("IdentityAliases.Delete", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = IdentityAliasDeleteResponse.new()
+      resp.meta = Plumbing::convert_delete_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # List gets a list of IdentityAliases matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      req = V1::IdentityAliasListRequest.new()
+      req.meta = V1::ListRequestMetadata.new()
+      if @parent.page_limit > 0
+        req.meta.limit = @parent.page_limit
+      end
+      if not @parent.snapshot_time.nil?
+        req.meta.snapshot_at = @parent.snapshot_time
+      end
+
+      req.filter = Plumbing::quote_filter_args(filter, *args)
+      resp = Enumerator::Generator.new { |g|
+        tries = 0
+        loop do
+          begin
+            plumbing_response = @stub.list(req, metadata: @parent.get_metadata("IdentityAliases.List", req), deadline: deadline)
+          rescue => exception
+            if (@parent.shouldRetry(tries, exception))
+              tries + +@parent.jitterSleep(tries)
+              next
+            end
+            raise Plumbing::convert_error_to_porcelain(exception)
+          end
+          tries = 0
+          plumbing_response.identity_aliases.each do |plumbing_item|
+            g.yield Plumbing::convert_identity_alias_to_porcelain(plumbing_item)
+          end
+          break if plumbing_response.meta.next_cursor == ""
+          req.meta.cursor = plumbing_response.meta.next_cursor
+        end
+      }
+      resp
+    end
+  end
+
+  # SnapshotIdentityAliases exposes the read only methods of the IdentityAliases
+  # service for historical queries.
+  class SnapshotIdentityAliases
+    extend Gem::Deprecate
+
+    def initialize(identity_aliases)
+      @identity_aliases = identity_aliases
+    end
+
+    # Get reads one IdentityAlias by ID.
+    def get(
+      id,
+      deadline: nil
+    )
+      return @identity_aliases.get(
+               id,
+               deadline: deadline,
+             )
+    end
+
+    # List gets a list of IdentityAliases matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      return @identity_aliases.list(
+               filter,
+                            *args,
+                            deadline: deadline,
+             )
+    end
+  end
+
+  # IdentityAliasesHistory records all changes to the state of a IdentityAlias.
+  #
+  # See {IdentityAliasHistory}.
+  class IdentityAliasesHistory
+    extend Gem::Deprecate
+
+    def initialize(channel, parent)
+      begin
+        @stub = V1::IdentityAliasesHistory::Stub.new(nil, nil, channel_override: channel)
+      rescue => exception
+        raise Plumbing::convert_error_to_porcelain(exception)
+      end
+      @parent = parent
+    end
+
+    # List gets a list of IdentityAliasHistory records matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      req = V1::IdentityAliasHistoryListRequest.new()
+      req.meta = V1::ListRequestMetadata.new()
+      if @parent.page_limit > 0
+        req.meta.limit = @parent.page_limit
+      end
+      if not @parent.snapshot_time.nil?
+        req.meta.snapshot_at = @parent.snapshot_time
+      end
+
+      req.filter = Plumbing::quote_filter_args(filter, *args)
+      resp = Enumerator::Generator.new { |g|
+        tries = 0
+        loop do
+          begin
+            plumbing_response = @stub.list(req, metadata: @parent.get_metadata("IdentityAliasesHistory.List", req), deadline: deadline)
+          rescue => exception
+            if (@parent.shouldRetry(tries, exception))
+              tries + +@parent.jitterSleep(tries)
+              next
+            end
+            raise Plumbing::convert_error_to_porcelain(exception)
+          end
+          tries = 0
+          plumbing_response.history.each do |plumbing_item|
+            g.yield Plumbing::convert_identity_alias_history_to_porcelain(plumbing_item)
+          end
+          break if plumbing_response.meta.next_cursor == ""
+          req.meta.cursor = plumbing_response.meta.next_cursor
+        end
+      }
+      resp
+    end
+  end
+
+  # A IdentitySet is a named grouping of Identity Aliases for Accounts.
+  # An Account's relationship to a IdentitySet is defined via IdentityAlias objects.
+  #
+  # See {IdentitySet}.
+  class IdentitySets
+    extend Gem::Deprecate
+
+    def initialize(channel, parent)
+      begin
+        @stub = V1::IdentitySets::Stub.new(nil, nil, channel_override: channel)
+      rescue => exception
+        raise Plumbing::convert_error_to_porcelain(exception)
+      end
+      @parent = parent
+    end
+
+    # Get reads one IdentitySet by ID.
+    def get(
+      id,
+      deadline: nil
+    )
+      req = V1::IdentitySetGetRequest.new()
+      if not @parent.snapshot_time.nil?
+        req.meta = V1::GetRequestMetadata.new()
+        req.meta.snapshot_at = @parent.snapshot_time
+      end
+
+      req.id = (id)
+      tries = 0
+      plumbing_response = nil
+      loop do
+        begin
+          plumbing_response = @stub.get(req, metadata: @parent.get_metadata("IdentitySets.Get", req), deadline: deadline)
+        rescue => exception
+          if (@parent.shouldRetry(tries, exception))
+            tries + +@parent.jitterSleep(tries)
+            next
+          end
+          raise Plumbing::convert_error_to_porcelain(exception)
+        end
+        break
+      end
+
+      resp = IdentitySetGetResponse.new()
+      resp.identity_set = Plumbing::convert_identity_set_to_porcelain(plumbing_response.identity_set)
+      resp.meta = Plumbing::convert_get_response_metadata_to_porcelain(plumbing_response.meta)
+      resp.rate_limit = Plumbing::convert_rate_limit_metadata_to_porcelain(plumbing_response.rate_limit)
+      resp
+    end
+
+    # List gets a list of IdentitySets matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      req = V1::IdentitySetListRequest.new()
+      req.meta = V1::ListRequestMetadata.new()
+      if @parent.page_limit > 0
+        req.meta.limit = @parent.page_limit
+      end
+      if not @parent.snapshot_time.nil?
+        req.meta.snapshot_at = @parent.snapshot_time
+      end
+
+      req.filter = Plumbing::quote_filter_args(filter, *args)
+      resp = Enumerator::Generator.new { |g|
+        tries = 0
+        loop do
+          begin
+            plumbing_response = @stub.list(req, metadata: @parent.get_metadata("IdentitySets.List", req), deadline: deadline)
+          rescue => exception
+            if (@parent.shouldRetry(tries, exception))
+              tries + +@parent.jitterSleep(tries)
+              next
+            end
+            raise Plumbing::convert_error_to_porcelain(exception)
+          end
+          tries = 0
+          plumbing_response.identity_sets.each do |plumbing_item|
+            g.yield Plumbing::convert_identity_set_to_porcelain(plumbing_item)
+          end
+          break if plumbing_response.meta.next_cursor == ""
+          req.meta.cursor = plumbing_response.meta.next_cursor
+        end
+      }
+      resp
+    end
+  end
+
+  # SnapshotIdentitySets exposes the read only methods of the IdentitySets
+  # service for historical queries.
+  class SnapshotIdentitySets
+    extend Gem::Deprecate
+
+    def initialize(identity_sets)
+      @identity_sets = identity_sets
+    end
+
+    # Get reads one IdentitySet by ID.
+    def get(
+      id,
+      deadline: nil
+    )
+      return @identity_sets.get(
+               id,
+               deadline: deadline,
+             )
+    end
+
+    # List gets a list of IdentitySets matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      return @identity_sets.list(
+               filter,
+                            *args,
+                            deadline: deadline,
+             )
+    end
+  end
+
+  # IdentitySetsHistory records all changes to the state of a IdentitySet.
+  #
+  # See {IdentitySetHistory}.
+  class IdentitySetsHistory
+    extend Gem::Deprecate
+
+    def initialize(channel, parent)
+      begin
+        @stub = V1::IdentitySetsHistory::Stub.new(nil, nil, channel_override: channel)
+      rescue => exception
+        raise Plumbing::convert_error_to_porcelain(exception)
+      end
+      @parent = parent
+    end
+
+    # List gets a list of IdentitySetHistory records matching a given set of criteria.
+    def list(
+      filter,
+      *args,
+      deadline: nil
+    )
+      req = V1::IdentitySetHistoryListRequest.new()
+      req.meta = V1::ListRequestMetadata.new()
+      if @parent.page_limit > 0
+        req.meta.limit = @parent.page_limit
+      end
+      if not @parent.snapshot_time.nil?
+        req.meta.snapshot_at = @parent.snapshot_time
+      end
+
+      req.filter = Plumbing::quote_filter_args(filter, *args)
+      resp = Enumerator::Generator.new { |g|
+        tries = 0
+        loop do
+          begin
+            plumbing_response = @stub.list(req, metadata: @parent.get_metadata("IdentitySetsHistory.List", req), deadline: deadline)
+          rescue => exception
+            if (@parent.shouldRetry(tries, exception))
+              tries + +@parent.jitterSleep(tries)
+              next
+            end
+            raise Plumbing::convert_error_to_porcelain(exception)
+          end
+          tries = 0
+          plumbing_response.history.each do |plumbing_item|
+            g.yield Plumbing::convert_identity_set_history_to_porcelain(plumbing_item)
+          end
+          break if plumbing_response.meta.next_cursor == ""
+          req.meta.cursor = plumbing_response.meta.next_cursor
+        end
+      }
+      resp
+    end
+  end
+
   # Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes:
   # - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers.
   # - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.
@@ -4513,6 +4960,8 @@ module SDM #:nodoc:
   # {VaultAppRoleStore}
   # {VaultAppRoleCertSSHStore}
   # {VaultAppRoleCertX509Store}
+  # {VaultAWSEC2Store}
+  # {VaultAWSIAMStore}
   # {VaultTLSStore}
   # {VaultTLSCertSSHStore}
   # {VaultTLSCertX509Store}

data/lib/version

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "8.3.0"
+  VERSION = "9.0.0"
 end

data/lib/version.rb

@@ -13,5 +13,5 @@
 # limitations under the License.
 #
 module SDM
-  VERSION = "8.3.0"
+  VERSION = "9.0.0"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: strongdm
 version: !ruby/object:Gem::Version
-  version: 8.3.0
+  version: 9.0.0
 platform: ruby
 authors:
 - strongDM Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-05-09 00:00:00.000000000 Z
+date: 2024-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: grpc
@@ -81,8 +81,8 @@ files:
 - "./.git/logs/HEAD"
 - "./.git/logs/refs/heads/master"
 - "./.git/logs/refs/remotes/origin/HEAD"
-- "./.git/objects/pack/pack-4261676cf40d688329aa296e253a717a48298b9c.idx"
-- "./.git/objects/pack/pack-4261676cf40d688329aa296e253a717a48298b9c.pack"
+- "./.git/objects/pack/pack-585dae52e145926574c317ae9b4a8c7204dd11f8.idx"
+- "./.git/objects/pack/pack-585dae52e145926574c317ae9b4a8c7204dd11f8.pack"
 - "./.git/packed-refs"
 - "./.git/refs/heads/master"
 - "./.git/refs/remotes/origin/HEAD"
@@ -133,6 +133,14 @@ files:
 - "./lib/grpc/control_panel_pb.rb"
 - "./lib/grpc/control_panel_services_pb.rb"
 - "./lib/grpc/drivers_pb.rb"
+- "./lib/grpc/identity_aliases_history_pb.rb"
+- "./lib/grpc/identity_aliases_history_services_pb.rb"
+- "./lib/grpc/identity_aliases_pb.rb"
+- "./lib/grpc/identity_aliases_services_pb.rb"
+- "./lib/grpc/identity_sets_history_pb.rb"
+- "./lib/grpc/identity_sets_history_services_pb.rb"
+- "./lib/grpc/identity_sets_pb.rb"
+- "./lib/grpc/identity_sets_services_pb.rb"
 - "./lib/grpc/nodes_history_pb.rb"
 - "./lib/grpc/nodes_history_services_pb.rb"
 - "./lib/grpc/nodes_pb.rb"