class Conjur::HostFactory
A Host
Factory is a way to allow clients to create Conjur
hosts without giving them any other access to Conjur
.
Each Host
Factory can have 0 or more tokens, each of which is a random string that has an associated expiration and optional CIDR
restriction. A user or machine who has a host factory token can use it to create new hosts, or to rotate the API
keys of existing hosts.
@see API#host_factory_create_host @see HostFactoryToken
Public Instance Methods
Create a new token.
@see create_tokens
# File lib/conjur/host_factory.rb, line 59 def create_token expiration, cidr: nil create_tokens(expiration, cidr: cidr).first end
Create one or more host factory tokens. Each token can be used to create hosts, using {API#host_factory_create_host}.
@param expiration [Time] the future time at which the token will stop working. @param count [Integer] the number of (identical) tokens to create (default: 1). @param cidr [String] a CIDR
restriction on the usage of the token. @return [Array<HostFactoryToken>] the token or tokens.
# File lib/conjur/host_factory.rb, line 44 def create_tokens expiration, count: 1, cidr: nil options = {} options[:expiration] = expiration.iso8601 options[:host_factory] = id options[:count] = count options[:cidr] = cidr if cidr response = JSON.parse url_for(:host_factory_create_tokens, credentials, id).post(options) response.map do |data| HostFactoryToken.new data, credentials end end
Enumerate the tokens on the host factory.
@return [Array<HostFactoryToken>] the token or tokens.
# File lib/conjur/host_factory.rb, line 66 def tokens # Tokens list is not returned by +show+ if the caller doesn't have permission return nil unless self.attributes['tokens'] self.attributes['tokens'].collect do |data| HostFactoryToken.new data, credentials end end