Package com.strongdm.api

Class SnapshotClient

java.lang.Object
com.strongdm.api.SnapshotClient
public class SnapshotClient extends Object
SnapshotClient exposes methods to query historical records at a provided timestamp.

  • Constructor Details

    • SnapshotClient

      protected SnapshotClient(Client parent)

  • Method Details

    • accessRequests

      public SnapshotAccessRequests accessRequests()
      AccessRequests are requests for access to a resource that may match a Workflow.

    • accountAttachments

      public SnapshotAccountAttachments accountAttachments()
      AccountAttachments assign an account to a role.

    • accountGrants

      public SnapshotAccountGrants accountGrants()
      AccountGrants assign a resource directly to an account, giving the account the permission to connect to that resource.

    • accountPermissions

      public SnapshotAccountPermissions accountPermissions()
      AccountPermissions records the granular permissions accounts have, allowing them to execute relevant commands via StrongDM's APIs.

    • accountResources

      public SnapshotAccountResources accountResources()
      AccountResources enumerates the resources to which accounts have access. The AccountResources service is read-only.

    • accounts

      public SnapshotAccounts accounts()
      Accounts are users that have access to strongDM. There are two types of accounts: 1. **Users:** humans who are authenticated through username and password or SSO. 2. **Service Accounts:** machines that are authenticated using a service token. 3. **Tokens** are access keys with permissions that can be used for authentication.

    • approvalWorkflowApprovers

      public SnapshotApprovalWorkflowApprovers approvalWorkflowApprovers()
      ApprovalWorkflowApprovers link approval workflow approvers to an ApprovalWorkflowStep

    • approvalWorkflowSteps

      public SnapshotApprovalWorkflowSteps approvalWorkflowSteps()
      ApprovalWorkflowSteps link approval workflow steps to an ApprovalWorkflow

    • approvalWorkflows

      public SnapshotApprovalWorkflows approvalWorkflows()
      ApprovalWorkflows are the mechanism by which requests for access can be viewed by authorized approvers and be approved or denied.

    • identityAliases

      public SnapshotIdentityAliases identityAliases()
      IdentityAliases assign an alias to an account within an IdentitySet. The alias is used as the username when connecting to a identity supported resource.

    • identitySets

      public SnapshotIdentitySets identitySets()
      A IdentitySet is a named grouping of Identity Aliases for Accounts. An Account's relationship to a IdentitySet is defined via IdentityAlias objects.

    • nodes

      public SnapshotNodes nodes()
      Nodes make up the strongDM network, and allow your users to connect securely to your resources. There are two types of nodes: - **Gateways** are the entry points into network. They listen for connection from the strongDM client, and provide access to databases and servers. - **Relays** are used to extend the strongDM network into segmented subnets. They provide access to databases and servers but do not listen for incoming connections.

    • policies

      public SnapshotPolicies policies()
      Policies are the collection of one or more statements that enforce fine-grained access control for the users of an organization.

    • proxyClusterKeys

      public SnapshotProxyClusterKeys proxyClusterKeys()
      Proxy Cluster Keys are authentication keys for all proxies within a cluster. The proxies within a cluster share the same key. One cluster can have multiple keys in order to facilitate key rotation.

    • remoteIdentities

      @Deprecated public SnapshotRemoteIdentities remoteIdentities()
      Deprecated.
      RemoteIdentities assign a resource directly to an account, giving the account the permission to connect to that resource.

    • remoteIdentityGroups

      @Deprecated public SnapshotRemoteIdentityGroups remoteIdentityGroups()
      Deprecated.
      A RemoteIdentityGroup is a named grouping of Remote Identities for Accounts. An Account's relationship to a RemoteIdentityGroup is defined via RemoteIdentity objects.

    • resources

      public SnapshotResources resources()
      Resources are databases, servers, clusters, websites, or clouds that strongDM delegates access to.

    • roleResources

      public SnapshotRoleResources roleResources()
      RoleResources enumerates the resources to which roles have access. The RoleResources service is read-only.

    • roles

      public SnapshotRoles roles()
      A Role has a list of access rules which determine which Resources the members of the Role have access to. An Account can be a member of multiple Roles via AccountAttachments.

    • secretStores

      public SnapshotSecretStores secretStores()
      SecretStores are servers where resource secrets (passwords, keys) are stored.

    • workflowApprovers

      public SnapshotWorkflowApprovers workflowApprovers()
      WorkflowApprovers is an account or a role with the ability to approve requests bound to a workflow.

    • workflowAssignments

      public SnapshotWorkflowAssignments workflowAssignments()
      WorkflowAssignments links a Resource to a Workflow. The assigned resources are those that a user can request access to via the workflow.

    • workflowRoles

      public SnapshotWorkflowRoles workflowRoles()
      WorkflowRole links a role to a workflow. The linked roles indicate which roles a user must be a part of to request access to a resource via the workflow.

    • workflows

      public SnapshotWorkflows workflows()
      Workflows are the collection of rules that define the resources to which access can be requested, the users that can request that access, and the mechanism for approving those requests which can either be automatic approval or a set of users authorized to approve the requests.