Class: SDM::Client

Inherits:
Object
  • Object
show all
Defined in:
lib/strongdm.rb

Overview

Client bundles all the services together and initializes them.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(api_access_key, api_secret_key, host: "app.strongdm.com:443", insecure: false, retry_rate_limit_errors: true, page_limit: 0) ⇒ Client

Creates a new strongDM API client.

Raises:

  • (TypeError) 


38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
 
# File 'lib/strongdm.rb', line 38

def initialize(api_access_key, api_secret_key, host: "app.strongdm.com:443", insecure: false, retry_rate_limit_errors: true, page_limit: 0)
  raise TypeError, "client access key must be a string" unless api_access_key.kind_of?(String)
  raise TypeError, "client secret key must be a string" unless api_secret_key.kind_of?(String)
  raise TypeError, "client host must be a string" unless host.kind_of?(String)
  @api_access_key = api_access_key.strip
  @api_secret_key = Base64.strict_decode64(api_secret_key.strip)
  @base_retry_delay = DEFAULT_BASE_RETRY_DELAY
  @max_retry_delay = DEFAULT_MAX_RETRY_DELAY
  @retry_factor = DEFAULT_RETRY_FACTOR
  @retry_jitter = DEFAULT_RETRY_JITTER
  @page_limit = page_limit
  @retry_rate_limit_errors = retry_rate_limit_errors
  @snapshot_time = nil
  # Initialize method interceptor for request/response hooks
  @interceptor = MethodInterceptor.new(self)
  @encryption_interceptor = SecretEncryptionInterceptor.new(self)
  @encryption_interceptor.setup(@interceptor)
  begin
    if insecure
      @channel = GRPC::Core::Channel.new(host, {}, :this_channel_is_insecure)
    else
      cred = GRPC::Core::ChannelCredentials.new()
      @channel = GRPC::Core::Channel.new(host, {}, cred)
    end
  rescue => exception
    raise Plumbing::convert_error_to_porcelain(exception)
  end
  @access_requests = AccessRequests.new(@channel, self)
  @access_request_events_history = AccessRequestEventsHistory.new(@channel, self)
  @access_requests_history = AccessRequestsHistory.new(@channel, self)
  @account_attachments = AccountAttachments.new(@channel, self)
  @account_attachments_history = AccountAttachmentsHistory.new(@channel, self)
  @account_grants = AccountGrants.new(@channel, self)
  @account_grants_history = AccountGrantsHistory.new(@channel, self)
  @account_permissions = AccountPermissions.new(@channel, self)
  @account_resources = AccountResources.new(@channel, self)
  @account_resources_history = AccountResourcesHistory.new(@channel, self)
  @accounts = Accounts.new(@channel, self)
  @accounts_groups = AccountsGroups.new(@channel, self)
  @accounts_groups_history = AccountsGroupsHistory.new(@channel, self)
  @accounts_history = AccountsHistory.new(@channel, self)
  @activities = Activities.new(@channel, self)
  @approval_workflow_approvers = ApprovalWorkflowApprovers.new(@channel, self)
  @approval_workflow_approvers_history = ApprovalWorkflowApproversHistory.new(@channel, self)
  @approval_workflow_steps = ApprovalWorkflowSteps.new(@channel, self)
  @approval_workflow_steps_history = ApprovalWorkflowStepsHistory.new(@channel, self)
  @approval_workflows = ApprovalWorkflows.new(@channel, self)
  @approval_workflows_history = ApprovalWorkflowsHistory.new(@channel, self)
  @control_panel = ControlPanel.new(@channel, self)
  @discovery_connectors = DiscoveryConnectors.new(@channel, self)
  @granted_account_entitlements = GrantedAccountEntitlements.new(@channel, self)
  @granted_resource_entitlements = GrantedResourceEntitlements.new(@channel, self)
  @granted_role_entitlements = GrantedRoleEntitlements.new(@channel, self)
  @roles = Roles.new(@channel, self)
  @groups = Groups.new(@channel, self)
  @groups_history = GroupsHistory.new(@channel, self)
  @groups_roles = GroupsRoles.new(@channel, self)
  @groups_roles_history = GroupsRolesHistory.new(@channel, self)
  @health_checks = HealthChecks.new(@channel, self)
  @identity_aliases = IdentityAliases.new(@channel, self)
  @identity_aliases_history = IdentityAliasesHistory.new(@channel, self)
  @identity_sets = IdentitySets.new(@channel, self)
  @identity_sets_history = IdentitySetsHistory.new(@channel, self)
  @managed_secrets = ManagedSecrets.new(@channel, self)
  @nodes = Nodes.new(@channel, self)
  @nodes_history = NodesHistory.new(@channel, self)
  @organization_history = OrganizationHistory.new(@channel, self)
  @peering_group_nodes = PeeringGroupNodes.new(@channel, self)
  @peering_group_peers = PeeringGroupPeers.new(@channel, self)
  @peering_group_resources = PeeringGroupResources.new(@channel, self)
  @peering_groups = PeeringGroups.new(@channel, self)
  @policies = Policies.new(@channel, self)
  @policies_history = PoliciesHistory.new(@channel, self)
  @proxy_cluster_keys = ProxyClusterKeys.new(@channel, self)
  @queries = Queries.new(@channel, self)
  @remote_identities = RemoteIdentities.new(@channel, self)
  @remote_identities_history = RemoteIdentitiesHistory.new(@channel, self)
  @remote_identity_groups = RemoteIdentityGroups.new(@channel, self)
  @remote_identity_groups_history = RemoteIdentityGroupsHistory.new(@channel, self)
  @replays = Replays.new(@channel, self)
  @resources = Resources.new(@channel, self)
  @resources_history = ResourcesHistory.new(@channel, self)
  @role_resources = RoleResources.new(@channel, self)
  @role_resources_history = RoleResourcesHistory.new(@channel, self)
  @roles_history = RolesHistory.new(@channel, self)
  @secret_stores = SecretStores.new(@channel, self)
  @secret_engines = SecretEngines.new(@channel, self)
  @secret_store_healths = SecretStoreHealths.new(@channel, self)
  @secret_stores_history = SecretStoresHistory.new(@channel, self)
  @workflow_approvers = WorkflowApprovers.new(@channel, self)
  @workflow_approvers_history = WorkflowApproversHistory.new(@channel, self)
  @workflow_roles = WorkflowRoles.new(@channel, self)
  @workflow_roles_history = WorkflowRolesHistory.new(@channel, self)
  @workflows = Workflows.new(@channel, self)
  @workflows_history = WorkflowsHistory.new(@channel, self)
end

Instance Attribute Details

#access_request_events_historyObject (readonly)

AccessRequestEventsHistory provides records of all changes to the state of an AccessRequest.

See AccessRequestEventsHistory.



254
255
256
 
# File 'lib/strongdm.rb', line 254

def access_request_events_history
  @access_request_events_history
end

#access_requestsObject (readonly)

AccessRequests are requests for access to a resource that may match a Workflow.

See AccessRequests.



250
251
252
 
# File 'lib/strongdm.rb', line 250

def access_requests
  @access_requests
end

#access_requests_historyObject (readonly)

AccessRequestsHistory provides records of all changes to the state of an AccessRequest.

See AccessRequestsHistory.



258
259
260
 
# File 'lib/strongdm.rb', line 258

def access_requests_history
  @access_requests_history
end

#account_attachmentsObject (readonly)

AccountAttachments assign an account to a role.

See AccountAttachments.



262
263
264
 
# File 'lib/strongdm.rb', line 262

def 
  @account_attachments
end

#account_attachments_historyObject (readonly)

AccountAttachmentsHistory records all changes to the state of an AccountAttachment.

See AccountAttachmentsHistory.



266
267
268
 
# File 'lib/strongdm.rb', line 266

def 
  @account_attachments_history
end

#account_grantsObject (readonly)

AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

See AccountGrants.



270
271
272
 
# File 'lib/strongdm.rb', line 270

def 
  @account_grants
end

#account_grants_historyObject (readonly)

AccountGrantsHistory records all changes to the state of an AccountGrant.

See AccountGrantsHistory.



274
275
276
 
# File 'lib/strongdm.rb', line 274

def 
  @account_grants_history
end

#account_permissionsObject (readonly)

AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

See AccountPermissions.



279
280
281
 
# File 'lib/strongdm.rb', line 279

def 
  @account_permissions
end

#account_resourcesObject (readonly)

AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

See AccountResources.



284
285
286
 
# File 'lib/strongdm.rb', line 284

def 
  @account_resources
end

#account_resources_historyObject (readonly)

AccountResourcesHistory records all changes to the state of a AccountResource.

See AccountResourcesHistory.



288
289
290
 
# File 'lib/strongdm.rb', line 288

def 
  @account_resources_history
end

#accountsObject (readonly)

Accounts are users that have access to strongDM. There are two types of accounts:

  1. Users: humans who are authenticated through username and password or SSO.
  2. Service Accounts: machines that are authenticated using a service token.
  3. Tokens are access keys with permissions that can be used for authentication.

See Accounts.



295
296
297
 
# File 'lib/strongdm.rb', line 295

def accounts
  @accounts
end

#accounts_groupsObject (readonly)

An AccountGroup links an account and a group.

See AccountsGroups.



299
300
301
 
# File 'lib/strongdm.rb', line 299

def accounts_groups
  @accounts_groups
end

#accounts_groups_historyObject (readonly)

AccountsGroupsHistory records all changes to the state of an AccountGroup.

See AccountsGroupsHistory.



303
304
305
 
# File 'lib/strongdm.rb', line 303

def accounts_groups_history
  @accounts_groups_history
end

#accounts_historyObject (readonly)

AccountsHistory records all changes to the state of an Account.

See AccountsHistory.



307
308
309
 
# File 'lib/strongdm.rb', line 307

def accounts_history
  @accounts_history
end

#activitiesObject (readonly)

An Activity is a record of an action taken against a strongDM deployment, e.g. a user creation, resource deletion, sso configuration change, etc. The Activities service is read-only.

See Activities.



313
314
315
 
# File 'lib/strongdm.rb', line 313

def activities
  @activities
end

#api_access_keyObject (readonly)

API authentication token (read-only).



242
243
244
 
# File 'lib/strongdm.rb', line 242

def api_access_key
  @api_access_key
end

#approval_workflow_approversObject (readonly)

ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep

See ApprovalWorkflowApprovers.



317
318
319
 
# File 'lib/strongdm.rb', line 317

def approval_workflow_approvers
  @approval_workflow_approvers
end

#approval_workflow_approvers_historyObject (readonly)

ApprovalWorkflowApproversHistory records all changes to the state of an ApprovalWorkflowApprover.

See ApprovalWorkflowApproversHistory.



321
322
323
 
# File 'lib/strongdm.rb', line 321

def approval_workflow_approvers_history
  @approval_workflow_approvers_history
end

#approval_workflow_stepsObject (readonly)

ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow

See ApprovalWorkflowSteps.



325
326
327
 
# File 'lib/strongdm.rb', line 325

def approval_workflow_steps
  @approval_workflow_steps
end

#approval_workflow_steps_historyObject (readonly)

ApprovalWorkflowStepsHistory records all changes to the state of an ApprovalWorkflowStep.

See ApprovalWorkflowStepsHistory.



329
330
331
 
# File 'lib/strongdm.rb', line 329

def approval_workflow_steps_history
  @approval_workflow_steps_history
end

#approval_workflowsObject (readonly)

ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.

See ApprovalWorkflows.



334
335
336
 
# File 'lib/strongdm.rb', line 334

def approval_workflows
  @approval_workflows
end

#approval_workflows_historyObject (readonly)

ApprovalWorkflowsHistory records all changes to the state of an ApprovalWorkflow.

See ApprovalWorkflowsHistory.



338
339
340
 
# File 'lib/strongdm.rb', line 338

def approval_workflows_history
  @approval_workflows_history
end

#base_retry_delayObject (readonly)

Returns the value of attribute base_retry_delay.



237
238
239
 
# File 'lib/strongdm.rb', line 237

def base_retry_delay
  @base_retry_delay
end

#control_panelObject (readonly)

ControlPanel contains all administrative controls.

See SDM::ControlPanel.



342
343
344
 
# File 'lib/strongdm.rb', line 342

def control_panel
  @control_panel
end

#discovery_connectorsObject (readonly)

A Discovery Connector is a configuration object for performing Resource Scans in remote systems such as AWS, GCP, Azure, and other systems.

See DiscoveryConnectors.



347
348
349
 
# File 'lib/strongdm.rb', line 347

def discovery_connectors
  @discovery_connectors
end

#granted_account_entitlementsObject (readonly)

GrantedAccountEntitlements enumerates the resources to which an account has been granted access. The GrantedAccountEntitlements service is read-only.

See GrantedAccountEntitlements.



352
353
354
 
# File 'lib/strongdm.rb', line 352

def 
  @granted_account_entitlements
end

#granted_resource_entitlementsObject (readonly)

GrantedResourceEntitlements enumerates the accounts that have been granted access to a given resource. The GrantedResourceEntitlements service is read-only.

See GrantedResourceEntitlements.



357
358
359
 
# File 'lib/strongdm.rb', line 357

def granted_resource_entitlements
  @granted_resource_entitlements
end

#granted_role_entitlementsObject (readonly)

GrantedRoleEntitlements enumerates the resources to which a role grants access. The GrantedRoleEntitlements service is read-only.

See GrantedRoleEntitlements.



362
363
364
 
# File 'lib/strongdm.rb', line 362

def granted_role_entitlements
  @granted_role_entitlements
end

#groupsObject (readonly)

A Group is a set of principals.

See Groups.



372
373
374
 
# File 'lib/strongdm.rb', line 372

def groups
  @groups
end

#groups_historyObject (readonly)

GroupsHistory records all changes to the state of a Group.

See GroupsHistory.



376
377
378
 
# File 'lib/strongdm.rb', line 376

def groups_history
  @groups_history
end

#groups_rolesObject (readonly)

A GroupRole is an assignment of a Group to a Role.

See GroupsRoles.



380
381
382
 
# File 'lib/strongdm.rb', line 380

def groups_roles
  @groups_roles
end

#groups_roles_historyObject (readonly)

GroupsRolesHistory records all changes to the state of a GroupRole.

See GroupsRolesHistory.



384
385
386
 
# File 'lib/strongdm.rb', line 384

def groups_roles_history
  @groups_roles_history
end

#health_checksObject (readonly)

HealthChecks lists the last healthcheck between each node and resource. Note the unconventional capitalization here is to prevent having a collision with GRPC

See HealthChecks.



389
390
391
 
# File 'lib/strongdm.rb', line 389

def health_checks
  @health_checks
end

#identity_aliasesObject (readonly)

IdentityAliases assign an alias to an account within an IdentitySet. The alias is used as the username when connecting to a identity supported resource.

See IdentityAliases.



394
395
396
 
# File 'lib/strongdm.rb', line 394

def identity_aliases
  @identity_aliases
end

#identity_aliases_historyObject (readonly)

IdentityAliasesHistory records all changes to the state of a IdentityAlias.

See IdentityAliasesHistory.



398
399
400
 
# File 'lib/strongdm.rb', line 398

def identity_aliases_history
  @identity_aliases_history
end

#identity_setsObject (readonly)

A IdentitySet is a named grouping of Identity Aliases for Accounts. An Account's relationship to a IdentitySet is defined via IdentityAlias objects.

See IdentitySets.



403
404
405
 
# File 'lib/strongdm.rb', line 403

def identity_sets
  @identity_sets
end

#identity_sets_historyObject (readonly)

IdentitySetsHistory records all changes to the state of a IdentitySet.

See IdentitySetsHistory.



407
408
409
 
# File 'lib/strongdm.rb', line 407

def identity_sets_history
  @identity_sets_history
end

#interceptorObject (readonly)

Method interceptor for request/response hooks (read-only).



246
247
248
 
# File 'lib/strongdm.rb', line 246

def interceptor
  @interceptor
end

#managed_secretsObject (readonly)

ManagedSecret is a private vertical for creating, reading, updating, deleting, listing and rotating the managed secrets in the secrets engines as an authenticated user.

See ManagedSecrets.



413
414
415
 
# File 'lib/strongdm.rb', line 413

def managed_secrets
  @managed_secrets
end

#max_retry_delayObject (readonly)

Returns the value of attribute max_retry_delay.



238
239
240
 
# File 'lib/strongdm.rb', line 238

def max_retry_delay
  @max_retry_delay
end

#nodesObject (readonly)

Nodes make up the StrongDM network, and allow your users to connect securely to your resources. There are three types of nodes:

  1. Relay: creates connectivity to your datasources, while maintaining the egress-only nature of your firewall
  2. Gateway: a relay that also listens for connections from StrongDM clients
  3. Proxy Cluster: a cluster of workers that together mediate access from clients to resources

See Nodes.



421
422
423
 
# File 'lib/strongdm.rb', line 421

def nodes
  @nodes
end

#nodes_historyObject (readonly)

NodesHistory records all changes to the state of a Node.

See NodesHistory.



425
426
427
 
# File 'lib/strongdm.rb', line 425

def nodes_history
  @nodes_history
end

#organization_historyObject (readonly)

OrganizationHistory records all changes to the state of an Organization.

See OrganizationHistory.



429
430
431
 
# File 'lib/strongdm.rb', line 429

def organization_history
  @organization_history
end

#page_limitObject

Returns the value of attribute page_limit.



239
240
241
 
# File 'lib/strongdm.rb', line 239

def page_limit
  @page_limit
end

#peering_group_nodesObject (readonly)

PeeringGroupNodes provides the building blocks necessary to obtain attach a node to a peering group.

See PeeringGroupNodes.



433
434
435
 
# File 'lib/strongdm.rb', line 433

def peering_group_nodes
  @peering_group_nodes
end

#peering_group_peersObject (readonly)

PeeringGroupPeers provides the building blocks necessary to link two peering groups.

See PeeringGroupPeers.



437
438
439
 
# File 'lib/strongdm.rb', line 437

def peering_group_peers
  @peering_group_peers
end

#peering_group_resourcesObject (readonly)

PeeringGroupResources provides the building blocks necessary to obtain attach a resource to a peering group.

See PeeringGroupResources.



441
442
443
 
# File 'lib/strongdm.rb', line 441

def peering_group_resources
  @peering_group_resources
end

#peering_groupsObject (readonly)

PeeringGroups provides the building blocks necessary to obtain explicit network topology and routing.

See PeeringGroups.



445
446
447
 
# File 'lib/strongdm.rb', line 445

def peering_groups
  @peering_groups
end

#policiesObject (readonly)

Policies are the collection of one or more statements that enforce fine-grained access control for the users of an organization.

See Policies.



450
451
452
 
# File 'lib/strongdm.rb', line 450

def policies
  @policies
end

#policies_historyObject (readonly)

PoliciesHistory records all changes to the state of a Policy.

See PoliciesHistory.



454
455
456
 
# File 'lib/strongdm.rb', line 454

def policies_history
  @policies_history
end

#proxy_cluster_keysObject (readonly)

Proxy Cluster Keys are authentication keys for all proxies within a cluster. The proxies within a cluster share the same key. One cluster can have multiple keys in order to facilitate key rotation.

See ProxyClusterKeys.



460
461
462
 
# File 'lib/strongdm.rb', line 460

def proxy_cluster_keys
  @proxy_cluster_keys
end

#queriesObject (readonly)

A Query is a record of a single client request to a resource, such as a SQL query. Long-running SSH, RDP, or Kubernetes interactive sessions also count as queries. The Queries service is read-only.

See Queries.



466
467
468
 
# File 'lib/strongdm.rb', line 466

def queries
  @queries
end

#remote_identitiesObject (readonly)

RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

See RemoteIdentities.



470
471
472
 
# File 'lib/strongdm.rb', line 470

def remote_identities
  @remote_identities
end

#remote_identities_historyObject (readonly)

RemoteIdentitiesHistory records all changes to the state of a RemoteIdentity.

See RemoteIdentitiesHistory.



474
475
476
 
# File 'lib/strongdm.rb', line 474

def remote_identities_history
  @remote_identities_history
end

#remote_identity_groupsObject (readonly)

A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

See RemoteIdentityGroups.



479
480
481
 
# File 'lib/strongdm.rb', line 479

def remote_identity_groups
  @remote_identity_groups
end

#remote_identity_groups_historyObject (readonly)

RemoteIdentityGroupsHistory records all changes to the state of a RemoteIdentityGroup.

See RemoteIdentityGroupsHistory.



483
484
485
 
# File 'lib/strongdm.rb', line 483

def remote_identity_groups_history
  @remote_identity_groups_history
end

#replaysObject (readonly)

A Replay captures the data transferred over a long-running SSH, RDP, or Kubernetes interactive session (otherwise referred to as a query). The Replays service is read-only.

See Replays.



488
489
490
 
# File 'lib/strongdm.rb', line 488

def replays
  @replays
end

#resourcesObject (readonly)

Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

See Resources.



493
494
495
 
# File 'lib/strongdm.rb', line 493

def resources
  @resources
end

#resources_historyObject (readonly)

ResourcesHistory records all changes to the state of a Resource.

See ResourcesHistory.



497
498
499
 
# File 'lib/strongdm.rb', line 497

def resources_history
  @resources_history
end

#role_resourcesObject (readonly)

RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

See RoleResources.



502
503
504
 
# File 'lib/strongdm.rb', line 502

def role_resources
  @role_resources
end

#role_resources_historyObject (readonly)

RoleResourcesHistory records all changes to the state of a RoleResource.

See RoleResourcesHistory.



506
507
508
 
# File 'lib/strongdm.rb', line 506

def role_resources_history
  @role_resources_history
end

#rolesObject (readonly)

A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

See Roles.



368
369
370
 
# File 'lib/strongdm.rb', line 368

def roles
  @roles
end

#roles_historyObject (readonly)

RolesHistory records all changes to the state of a Role.

See RolesHistory.



510
511
512
 
# File 'lib/strongdm.rb', line 510

def roles_history
  @roles_history
end

#secret_enginesObject (readonly)

See SecretEngines.



518
519
520
 
# File 'lib/strongdm.rb', line 518

def secret_engines
  @secret_engines
end

#secret_store_healthsObject (readonly)

SecretStoreHealths exposes health states for secret stores.

See SecretStoreHealths.



522
523
524
 
# File 'lib/strongdm.rb', line 522

def secret_store_healths
  @secret_store_healths
end

#secret_storesObject (readonly)

SecretStores are servers where resource secrets (passwords, keys) are stored.

See SecretStores.



514
515
516
 
# File 'lib/strongdm.rb', line 514

def secret_stores
  @secret_stores
end

#secret_stores_historyObject (readonly)

SecretStoresHistory records all changes to the state of a SecretStore.

See SecretStoresHistory.



526
527
528
 
# File 'lib/strongdm.rb', line 526

def secret_stores_history
  @secret_stores_history
end

#snapshot_timeObject

Optional timestamp at which to provide historical data



244
245
246
 
# File 'lib/strongdm.rb', line 244

def snapshot_time
  @snapshot_time
end

#workflow_approversObject (readonly)

WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.

See WorkflowApprovers.



530
531
532
 
# File 'lib/strongdm.rb', line 530

def workflow_approvers
  @workflow_approvers
end

#workflow_approvers_historyObject (readonly)

WorkflowApproversHistory provides records of all changes to the state of a WorkflowApprover.

See WorkflowApproversHistory.



534
535
536
 
# File 'lib/strongdm.rb', line 534

def workflow_approvers_history
  @workflow_approvers_history
end

#workflow_rolesObject (readonly)

WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

See WorkflowRoles.



539
540
541
 
# File 'lib/strongdm.rb', line 539

def workflow_roles
  @workflow_roles
end

#workflow_roles_historyObject (readonly)

WorkflowRolesHistory provides records of all changes to the state of a WorkflowRole

See WorkflowRolesHistory.



543
544
545
 
# File 'lib/strongdm.rb', line 543

def workflow_roles_history
  @workflow_roles_history
end

#workflowsObject (readonly)

Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.

See Workflows.



549
550
551
 
# File 'lib/strongdm.rb', line 549

def workflows
  @workflows
end

#workflows_historyObject (readonly)

WorkflowsHistory provides records of all changes to the state of a Workflow.

See WorkflowsHistory.



553
554
555
 
# File 'lib/strongdm.rb', line 553

def workflows_history
  @workflows_history
end

Instance Method Details

#closeObject

Closes this client and releases all resources held by it.



136
137
138
139
140
141
142
 
# File 'lib/strongdm.rb', line 136

def close
  begin
    @channel.close()
  rescue => exception
    raise Plumbing::convert_error_to_porcelain(exception)
  end
end

#max_retriesObject

Deprecated. 


233
234
235
 
# File 'lib/strongdm.rb', line 233

def max_retries
  3
end

#sign(method_name, msg_bytes) ⇒ Object 



154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
 
# File 'lib/strongdm.rb', line 154

def sign(method_name, msg_bytes)
  current_utc_date = Time.now.utc
  date = sprintf("%04d-%02d-%02d", current_utc_date.year, current_utc_date.month, current_utc_date.day)

  signing_key = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, @api_secret_key, date)
  signing_key = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, signing_key, "sdm_api_v1")

  sha_req = Digest::SHA256.new
  sha_req << method_name
  sha_req << "\n"
  sha_req << msg_bytes
  request_hash = sha_req.digest

  return Base64.strict_encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, signing_key, request_hash))
end

#snapshot_at(snapshot_time) ⇒ Object

Constructs a read-only client that will provide historical data from the provided timestamp. See SnapshotClient.



226
227
228
229
230
 
# File 'lib/strongdm.rb', line 226

def snapshot_at(snapshot_time)
  client = self.clone
  client.snapshot_time = snapshot_time
  return SnapshotClient.new(client)
end