Package com.strongdm.api

Class Client

java.lang.Object
com.strongdm.api.Client
public class Client extends Object
Client communicates with the strongDM API.

  • Field Details

  • Constructor Details

  • Method Details

    • accessRequests

      public AccessRequests accessRequests()
      AccessRequests are requests for access to a resource that may match a Workflow.

    • accessRequestEventsHistory

      public AccessRequestEventsHistory accessRequestEventsHistory()
      AccessRequestEventsHistory provides records of all changes to the state of an AccessRequest.

    • accessRequestsHistory

      public AccessRequestsHistory accessRequestsHistory()
      AccessRequestsHistory provides records of all changes to the state of an AccessRequest.

    • accountAttachments

      public AccountAttachments accountAttachments()
      AccountAttachments assign an account to a role.

    • accountAttachmentsHistory

      public AccountAttachmentsHistory accountAttachmentsHistory()
      AccountAttachmentsHistory records all changes to the state of an AccountAttachment.

    • accountGrants

      public AccountGrants accountGrants()
      AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

    • accountGrantsHistory

      public AccountGrantsHistory accountGrantsHistory()
      AccountGrantsHistory records all changes to the state of an AccountGrant.

    • accountPermissions

      public AccountPermissions accountPermissions()
      AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

    • accountResources

      public AccountResources accountResources()
      AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

    • accountResourcesHistory

      public AccountResourcesHistory accountResourcesHistory()
      AccountResourcesHistory records all changes to the state of a AccountResource.

    • accounts

      public Accounts accounts()
      Accounts are users that have access to strongDM. There are two types of accounts: 1. **Users:** humans who are authenticated through username and password or SSO. 2. **Service Accounts:** machines that are authenticated using a service token. 3. **Tokens** are access keys with permissions that can be used for authentication.

    • accountsHistory

      public AccountsHistory accountsHistory()
      AccountsHistory records all changes to the state of an Account.

    • activities

      public Activities activities()
      An Activity is a record of an action taken against a strongDM deployment, e.g. a user creation, resource deletion, sso configuration change, etc. The Activities service is read-only.

    • approvalWorkflowApprovers

      public ApprovalWorkflowApprovers approvalWorkflowApprovers()
      ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep

    • approvalWorkflowApproversHistory

      public ApprovalWorkflowApproversHistory approvalWorkflowApproversHistory()
      ApprovalWorkflowApproversHistory records all changes to the state of an ApprovalWorkflowApprover.

    • approvalWorkflowSteps

      public ApprovalWorkflowSteps approvalWorkflowSteps()
      ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow

    • approvalWorkflowStepsHistory

      public ApprovalWorkflowStepsHistory approvalWorkflowStepsHistory()
      ApprovalWorkflowStepsHistory records all changes to the state of an ApprovalWorkflowStep.

    • approvalWorkflows

      public ApprovalWorkflows approvalWorkflows()
      ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.

    • approvalWorkflowsHistory

      public ApprovalWorkflowsHistory approvalWorkflowsHistory()
      ApprovalWorkflowsHistory records all changes to the state of an ApprovalWorkflow.

    • controlPanel

      public ControlPanel controlPanel()
      ControlPanel contains all administrative controls.

    • healthChecks

      public HealthChecks healthChecks()
      HealthChecks lists the last healthcheck between each node and resource. Note the unconventional capitalization here is to prevent having a collision with GRPC

    • identityAliases

      public IdentityAliases identityAliases()
      IdentityAliases assign an alias to an account within an IdentitySet. The alias is used as the username when connecting to a identity supported resource.

    • identityAliasesHistory

      public IdentityAliasesHistory identityAliasesHistory()
      IdentityAliasesHistory records all changes to the state of a IdentityAlias.

    • identitySets

      public IdentitySets identitySets()
      A IdentitySet is a named grouping of Identity Aliases for Accounts. An Account's relationship to a IdentitySet is defined via IdentityAlias objects.

    • identitySetsHistory

      public IdentitySetsHistory identitySetsHistory()
      IdentitySetsHistory records all changes to the state of a IdentitySet.

    • nodes

      public Nodes nodes()
      Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes: - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers. - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

    • nodesHistory

      public NodesHistory nodesHistory()
      NodesHistory records all changes to the state of a Node.

    • organizationHistory

      public OrganizationHistory organizationHistory()
      OrganizationHistory records all changes to the state of an Organization.

    • peeringGroupNodes

      public PeeringGroupNodes peeringGroupNodes()
      PeeringGroupNodes provides the building blocks necessary to obtain attach a node to a peering group.

    • peeringGroupPeers

      public PeeringGroupPeers peeringGroupPeers()
      PeeringGroupPeers provides the building blocks necessary to link two peering groups.

    • peeringGroupResources

      public PeeringGroupResources peeringGroupResources()
      PeeringGroupResources provides the building blocks necessary to obtain attach a resource to a peering group.

    • peeringGroups

      public PeeringGroups peeringGroups()
      PeeringGroups provides the building blocks necessary to obtain explicit network topology and routing.

    • policies

      public Policies policies()
      Policies are the collection of one or more statements that enforce fine-grained access control for the users of an organization.

    • policiesHistory

      public PoliciesHistory policiesHistory()
      PoliciesHistory records all changes to the state of a Policy.

    • proxyClusterKeys

      public ProxyClusterKeys proxyClusterKeys()
      Proxy Cluster Keys are authentication keys for all proxies within a cluster. The proxies within a cluster share the same key. One cluster can have multiple keys in order to facilitate key rotation.

    • queries

      public Queries queries()
      A Query is a record of a single client request to a resource, such as a SQL query. Long-running SSH, RDP, or Kubernetes interactive sessions also count as queries. The Queries service is read-only.

    • remoteIdentities

      @Deprecated public RemoteIdentities remoteIdentities()
      Deprecated.
      RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

    • remoteIdentitiesHistory

      @Deprecated public RemoteIdentitiesHistory remoteIdentitiesHistory()
      Deprecated.
      RemoteIdentitiesHistory records all changes to the state of a RemoteIdentity.

    • remoteIdentityGroups

      @Deprecated public RemoteIdentityGroups remoteIdentityGroups()
      Deprecated.
      A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

    • remoteIdentityGroupsHistory

      @Deprecated public RemoteIdentityGroupsHistory remoteIdentityGroupsHistory()
      Deprecated.
      RemoteIdentityGroupsHistory records all changes to the state of a RemoteIdentityGroup.

    • replays

      public Replays replays()
      A Replay captures the data transferred over a long-running SSH, RDP, or Kubernetes interactive session (otherwise referred to as a query). The Replays service is read-only.

    • resources

      public Resources resources()
      Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

    • resourcesHistory

      public ResourcesHistory resourcesHistory()
      ResourcesHistory records all changes to the state of a Resource.

    • roleResources

      public RoleResources roleResources()
      RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

    • roleResourcesHistory

      public RoleResourcesHistory roleResourcesHistory()
      RoleResourcesHistory records all changes to the state of a RoleResource.

    • roles

      public Roles roles()
      A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

    • rolesHistory

      public RolesHistory rolesHistory()
      RolesHistory records all changes to the state of a Role.

    • secretStores

      public SecretStores secretStores()
      SecretStores are servers where resource secrets (passwords, keys) are stored.

    • secretStoreHealths

      public SecretStoreHealths secretStoreHealths()
      SecretStoreHealths exposes health states for secret stores.

    • secretStoresHistory

      public SecretStoresHistory secretStoresHistory()
      SecretStoresHistory records all changes to the state of a SecretStore.

    • workflowApprovers

      public WorkflowApprovers workflowApprovers()
      WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.

    • workflowApproversHistory

      public WorkflowApproversHistory workflowApproversHistory()
      WorkflowApproversHistory provides records of all changes to the state of a WorkflowApprover.

    • workflowAssignments

      public WorkflowAssignments workflowAssignments()
      WorkflowAssignments links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.

    • workflowAssignmentsHistory

      public WorkflowAssignmentsHistory workflowAssignmentsHistory()
      WorkflowAssignmentsHistory provides records of all changes to the state of a WorkflowAssignment.

    • workflowRoles

      public WorkflowRoles workflowRoles()
      WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

    • workflowRolesHistory

      public WorkflowRolesHistory workflowRolesHistory()
      WorkflowRolesHistory provides records of all changes to the state of a WorkflowRole

    • workflows

      public Workflows workflows()
      Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.

    • workflowsHistory

      public WorkflowsHistory workflowsHistory()
      WorkflowsHistory provides records of all changes to the state of a Workflow.

    • snapshotAt

      public SnapshotClient snapshotAt(Date date)

    • getCallCredentials

      protected io.grpc.CallCredentials getCallCredentials(String methodName, com.google.protobuf.Message req)

    • sign

      public String sign(String methodName, byte[] message)

    • close

      public boolean close() throws InterruptedException
      Attempts to close the underlying grpc connection and waits for ongoing calls to terminate. It will return whether it succeeded before timing out. Can be called multiple times safely.
      Throws:
      InterruptedException

    • close

      public boolean close(long secs) throws InterruptedException
      Attempts to close the underlying grpc connection and waits for ongoing calls to terminate. It will return whether it succeeded before timing out. Can be called multiple times safely.
      Throws:
      InterruptedException

    • close

      public boolean close(long timeout, TimeUnit unit) throws InterruptedException
      Attempts to close the underlying grpc connection and waits for ongoing calls to terminate. It will return whether it succeeded before timing out. Can be called multiple times safely.
      Throws:
      InterruptedException

    • jitterSleep

      public void jitterSleep(int iter)

    • shouldRetry

      public boolean shouldRetry(int iter, Exception e)