def _add_hostfactory_revoke_token(menu: ArgparseWrapper): hostfactory_revoke_token_name = 'token - Revoke a Host Factory token ' \ 'and disable it immediately' hostfactory_revoke_token_usage = 'conjur [global options] hostfactory ' \ 'revoke token [options] [args]' subcommand = menu \ .add_parser(name="token", help='Revoke a Host Factory token and disable it immediately', description=command_description( hostfactory_revoke_token_name, hostfactory_revoke_token_usage), epilog=command_epilog( 'conjur hostfactory revoke token ' '--token "1bcarsc2bqvsxt6cnd74xem8yf15gtma71vp23y315n0z201"' '\t\t' 'Revoke a Host Factory token and disable it immediately\t\t', command='token' ), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) # Options options = subcommand.add_argument_group( title=title_formatter("Options")) options.add_argument('-action_type', default='revoke_token', help=argparse.SUPPRESS) options.add_argument('-t', '--token', metavar='VALUE', required=True, help='(Mandatory) Host Factory token to revoke') options.add_argument('-h', '--help', action='help', help='Display help screen and exit')
def _create_login_parser(self): login_name = 'login - Log in to Conjur server' login_usage = 'conjur [global options] login [options] [args]' login_subparser = self.resource_subparsers \ .add_parser('login', help='Log in to Conjur server', description=command_description(login_name, login_usage), epilog=command_epilog('conjur login \t\t\t\t\t' 'Prompts for the login name and ' 'password to log in to Conjur server\n' ' conjur login -i admin \t\t\t\t' 'Prompts for password of the admin user ' 'to log in to Conjur server\n' ' conjur login -i admin -p Myp@SSw0rds!\t\t' "Logs the admin user in to Conjur server and " "saves the login name and password in either " "the system's credential store or netrc\n" " conjur login -i cucumber/host/myapp" " -p <API_Key>\t" "Logs the myapp host in to Conjur server"), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) return login_subparser
def _create_list_parser(self): list_name = 'list - List resources or information about resources within an' \ ' organization\'s account' list_usage = 'conjur [global options] list [options] [args]' list_subparser = self.resource_subparsers \ .add_parser('list', help='List all available resources belonging to this account', description=command_description(list_name, list_usage), epilog=command_epilog( 'conjur list --kind=variable\t\t\t\t\t\t' 'Filters list by variable\n' ' conjur list --limit=20\t\t\t\t\t\t' 'Lists first 20 resources\n' ' conjur list --offset=4\t\t\t\t\t\t' 'Skips the first 4 resources in the list and displays all the rest\n' ' conjur list --role=myorg:user:superuser\t\t\t\t' 'Shows resources that superuser is entitled to see\n' ' conjur list --search=superuser\t\t\t\t\t' 'Searches for resources with superuser\n' ' conjur list --members-of group:\'aws-apps\'\t\t\t\t' 'Returns all direct members of the \'aws-apps\' group\n' ' conjur list' ' --permitted-roles \'azure-secret\' --privileges execute\t' 'Returns the roles that have the \'execute\' privilege on the ' '\'azure-secret\' resource. Note: If more than one resource in Conjur ' 'uses the same ID, you must specify full resource identifier\n' ), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) return list_subparser
def _add_hostfactory_revoke(hostfactory_subparser: ArgparseWrapper): hostfactory_revoke_name = 'revoke - Revoke a Host Factory token and disable it immediately' hostfactory_revoke_usage = 'conjur [global options] hostfactory ' \ 'revoke <subcommand> [options] [args]' create_cmd = hostfactory_subparser \ .add_parser(name="revoke", help='Revoke a Host Factory token and disable it immediately', description=command_description( hostfactory_revoke_name, hostfactory_revoke_usage), epilog=command_epilog( 'conjur hostfactory revoke token ' '--token "1bcarsc2bqvsxt6cnd74xem8yf15gtma71vp23y315n0z201"' '\t\t\t ' 'Revoke a Host Factory token and disable it immediately.', command='revoke', subcommands=['token'] ), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) hostfactory_revoke_subcommand = create_cmd.add_subparsers(title="Subcommand", dest='action') hostfactory_revoke_options = create_cmd.add_argument_group( title=title_formatter("Options")) hostfactory_revoke_options.add_argument('-h', '--help', action='help', help='Display help screen and exit') return hostfactory_revoke_subcommand
def _add_change_password(sub_parser: ArgparseWrapper): user_change_password_name = 'change-password - Change the password for the logged-in user' user_change_password_usage = 'conjur [global options] user change-password [options] [args]' user_change_password = sub_parser \ .add_parser('change-password', help='Change the password for the logged-in user', description=command_description( user_change_password_name, user_change_password_usage), epilog=command_epilog('conjur user change-password\t\t\t' 'Prompts for a new password for the logged-in user\n' ' conjur user change-password -p Myp@SSw0rds!\t' 'Changes the password for the ' 'logged-in user to Myp@SSw0rds!'), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) user_change_password_options = user_change_password.add_argument_group( title=title_formatter("Options")) user_change_password_options.add_argument( '-p', '--password', metavar='VALUE', help='Provide the new password ' 'for the logged-in user') user_change_password_options.add_argument( '-h', '--help', action='help', help='Display help screen and exit')
def _add_hostfactory_create(hostfactory_subparser: ArgparseWrapper): hostfactory_create_name = 'create - Generate Host Factory token for creating hosts ' \ 'with restrictions or create a host using the Host Factory' hostfactory_create_usage = 'conjur [global options] hostfactory ' \ 'create <subcommand> [options] [args]' create_cmd = hostfactory_subparser \ .add_parser(name="create", help='Generate a Host Factory token for creating hosts,' \ 'or create a host using a Host Factory token', description=command_description( hostfactory_create_name, hostfactory_create_usage), epilog=command_epilog( 'conjur hostfactory create token --hostfactoryid my_factory ' '--cidr 10.10.1.2/31 ' '--duration-days 2\t\t\t ' 'Generate a Host Factory token ' 'for creating hosts with restrictions\t\t' '\nconjur hostfactory create host --id brand-new-token ' '--token 82cv6kk040axyffzvmscpf129k81yq1bzkey3gcgfvjc00pfy41h\t\t\t ' 'Create creates a Host using the HostFactory\t\t', command='create', subcommands=['token', 'host'] ), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) hostfactory_create_subcommand = create_cmd.add_subparsers(title="Subcommand", dest='action') hostfactory_create_options = create_cmd.add_argument_group( title=title_formatter("Options")) hostfactory_create_options.add_argument('-h', '--help', action='help', help='Display help screen and exit') return hostfactory_create_subcommand
def _add_hostfactory_create_host(menu: ArgparseWrapper): name = 'host - Create host using Host Factory' usage = 'conjur [global options] hostfactory ' \ 'create host [options] [args]' hostfactory_create_subcommand_parser = menu \ .add_parser(name="host", help='Create host using Host Factory', description=command_description( name, usage), epilog=command_epilog( 'conjur hostfactory create host --id brand-new-host ' '--token 82cv6kk040axyffzvmscpf129k81yq1bzkey3gcgfvjc00pfy41h\t\t ' 'Create host using Host Factory\t\t', command='host', ), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) # Options create_host = hostfactory_create_subcommand_parser.add_argument_group( title=title_formatter("Options")) # hidden argument to be used to distinguish this action create_host.add_argument('-action_type', default='create_host', help=argparse.SUPPRESS) create_host.add_argument('-i', '--id', metavar='VALUE', required=True, help='(Mandatory) Identifier of host to be created ' 'It will be created within ' 'the account of the Host Factory.') create_host.add_argument('-t', '--token', metavar='VALUE', required=True, help='(Mandatory) A Host Factory token must be provided.') create_host.add_argument('-h', '--help', action='help', help='Display help screen and exit')
def _add_rotate_api_parser(sub_parser: ArgparseWrapper): user_rotate_api_key_name = 'rotate-api-key - Rotate a user’s API key' user_rotate_api_key_usage = 'conjur [global options] user rotate-api-key [options] [args]' user_rotate_api_key_parser = sub_parser \ .add_parser('rotate-api-key', help='Rotate a resource\'s API key', description=command_description( user_rotate_api_key_name, user_rotate_api_key_usage), epilog=command_epilog( 'conjur user rotate-api-key\t\t\t' 'Rotates logged-in user\'s API key\n' ' conjur user rotate-api-key -i joe\t\t' 'Rotates the API key for user joe\n'), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) user_rotate_api_key_options = user_rotate_api_key_parser.add_argument_group( title=title_formatter("Options")) user_rotate_api_key_options.add_argument( '-i', '--id', help='Provide the identifier of the user for whom ' 'you want to rotate the API key ' '(Default: logged-in user)') user_rotate_api_key_options.add_argument( '-h', '--help', action='help', help='Display help screen and exit')
def _create_user_parser(self): user_name = 'user - Manage users' user_usage = 'conjur [global options] user <subcommand> [options] [args]' user_subparser = self.resource_subparsers \ .add_parser('user', help='Manage users', description=command_description(user_name, user_usage), epilog=command_epilog( 'conjur user rotate-api-key\t\t\t' 'Rotates logged-in user\'s API key\n' ' conjur user rotate-api-key -i joe\t\t' 'Rotates the API key for user joe\n' ' conjur user change-password\t\t\t' 'Prompts for password change for the logged-in user\n' ' conjur user change-password -p Myp@SSw0rds!\t' 'Changes the password for the logged-in user to Myp@SSw0rds!', command='user', subcommands=['rotate-api-key', 'change-password']), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) return user_subparser
def _create_logout_parser(self): logout_name = 'logout - Log out and delete local cache' logout_usage = 'conjur [global options] logout [options]' logout_subparser = self.resource_subparsers \ .add_parser('logout', help='Log out from Conjur server and clear local cache', description=command_description(logout_name, logout_usage), epilog=command_epilog('conjur logout\t' 'Logs out the user from the Conjur' ' server and deletes the local ' 'cache (netrc file)'), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) return logout_subparser
def _add_hostfactory_create_token(menu: ArgparseWrapper): hostfactory_create_token_name = 'token - Generate a Host Factory token ' \ 'for creating hosts with restrictions' hostfactory_create_token_usage = 'conjur [global options] hostfactory ' \ 'create token [options] [args]' hostfactory_create_subcommand_parser = menu \ .add_parser(name="token", help='Generate a Host Factory token for creating hosts with restrictions', description=command_description( hostfactory_create_token_name, hostfactory_create_token_usage), epilog=command_epilog( 'conjur hostfactory create token --hostfactoryid my_factory ' '--cidr 10.10.1.2/31 ' '--duration-days 2\t\t ' 'Generate a Host Factory token for creating hosts ' 'with restrictions\t\t', command='token', ), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) # Options create_token = hostfactory_create_subcommand_parser.add_argument_group( title=title_formatter("Options")) create_token.add_argument('-action_type', default='create_token', help=argparse.SUPPRESS) create_token.add_argument('-i', '--hostfactoryid', metavar='VALUE', required=True, help='(Mandatory) Host Factory ID to work with') create_token.add_argument('--cidr', metavar='VALUE', help='(Optional) CIDR containing all' \ 'IP addresses that can use Host Factory ' ' token for creating hosts (for example ' \ '--cidr "10.0.10.0/24,' '10.0.11.1/32,10.0.20.0/24")') create_token.add_argument('-d', '--duration-days', metavar='VALUE', type=int, help='(Optional) Validity (in days) ' 'of Host Factory token.') create_token.add_argument('-dh', '--duration-hours', metavar='VALUE', type=int, help='(Optional) Validity (in hours) ' 'of Host Factory token.') create_token.add_argument('-m', '--duration-minutes', metavar='VALUE', type=int, help='(Optional) Validity (in minutes) ' 'of Host Factory token.') create_token.add_argument('-h', '--help', action='help', help='Display help screen and exit')
def _create_init_parser(self): init_name = 'init - Initialize Conjur configuration' input_usage = 'conjur [global options] init [options] [args]' init_subparser = self.resource_subparsers \ .add_parser('init', help='Initialize Conjur configuration', description=command_description(init_name, input_usage), epilog=command_epilog( 'conjur init -a my_org -u https://conjur\t' 'Initializes Conjur configuration and writes to file (.conjurrc)\n' ' conjur init -u https://conjur-server\t' 'Initializes Conjur configuration and writes to file (.conjurrc)\n' ), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) return init_subparser
def _create_hostfactory_parser(self): hostfactory_name = 'hostfactory - Manage hosts and Host Factory tokens' hostfactory_usage = 'conjur [global options] hostfactory <subcommand> [options] [args]' hostfactory_parser = self.resource_subparsers \ .add_parser('hostfactory', help='Allow creating hosts dynamically and managing Host Factory tokens', description=command_description(hostfactory_name, hostfactory_usage), epilog=command_epilog( 'conjur hostfactory create token --hostfactoryid my_factory ' '--cidr 10.10.1.2/31 ' '--duration-days 2\t\t\t ' 'Creates a token for creating hosts with restrictions\n', command='hostfactory', subcommands=['create']), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) return hostfactory_parser
def _add_policy_update(policy_subparsers: ArgparseWrapper): policy_update_name = 'update - Update existing resources in policy or create new resources' policy_update_usage = 'conjur [global options] policy update [options] [args]' update_policy_parser = policy_subparsers \ .add_parser('update', help='Update existing resources in policy or create new resources', description=command_description(policy_update_name, policy_update_usage), epilog=command_epilog( 'conjur policy update -f /tmp/myPolicy.yml -b root\t' 'Updates existing resources in the policy ' '/tmp/myPolicy.yml under branch root\n'), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) update_options = update_policy_parser.add_argument_group(title=title_formatter("Options")) update_options.add_argument('-f', '--file', required=True, metavar='VALUE', help='Provide policy file name') update_options.add_argument('-b', '--branch', required=True, metavar='VALUE', help='Provide the policy branch name') update_options.add_argument('-h', '--help', action='help', help='Display help screen and exit')
def _create_policy_parser(self): policy_name = 'policy - Manage policies' policy_usage = 'conjur [global options] policy <subcommand> [options] [args]' policy_subparser = self.resource_subparsers \ .add_parser('policy', help='Manage policies', description=command_description(policy_name, policy_usage), epilog=command_epilog( 'conjur policy load -f /tmp/myPolicy.yml -b backend/dev\t' 'Creates and loads the policy myPolicy.yml under branch backend/dev\n' ' conjur policy replace -f /tmp/myPolicy.yml -b root\t\t' 'Replaces the existing policy myPolicy.yml under branch root\n' ' conjur policy update -f /tmp/myPolicy.yml -b root\t\t' 'Updates existing resources in the policy ' '/tmp/myPolicy.yml under branch root\n', command='policy', subcommands=['load', 'replace', 'update']), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) return policy_subparser
def _add_policy_replace(policy_subparsers: ArgparseWrapper): policy_replace_name = 'replace - Fully replace an existing policy' policy_replace_usage = 'conjur [global options] policy replace [options] [args]' replace_policy_parser = policy_subparsers \ .add_parser('replace', help='Fully replace an existing policy', description=command_description(policy_replace_name, policy_replace_usage), epilog=command_epilog( 'conjur policy replace -f /tmp/myPolicy.yml -b root\t\t' 'Replaces the existing policy myPolicy.yml under branch root\n'), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) replace_options = replace_policy_parser.add_argument_group(title=title_formatter("Options")) replace_options.add_argument('-f', '--file', required=True, metavar='VALUE', help='Provide policy file name') replace_options.add_argument('-b', '--branch', required=True, metavar='VALUE', help='Provide the policy branch name') replace_options.add_argument('-h', '--help', action='help', help='Display help screen and exit')
def _add_policy_load(policy_subparsers: ArgparseWrapper): policy_load_name = 'load - Load a policy and create resources' policy_load_usage = 'conjur [global options] policy load [options] [args]' load_policy_parser = policy_subparsers \ .add_parser('load', help='Load a policy and create resources', description=command_description(policy_load_name, policy_load_usage), epilog=command_epilog( 'conjur policy load -f /tmp/myPolicy.yml -b backend/dev\t' 'Creates and loads the policy myPolicy.yml under branch backend/dev\n'), usage=argparse.SUPPRESS, add_help=False, formatter_class=formatter) load_options = load_policy_parser.add_argument_group(title=title_formatter("Options")) load_options.add_argument('-f', '--file', required=True, metavar='VALUE', help='Provide policy file name') load_options.add_argument('-b', '--branch', required=True, metavar='VALUE', help='Provide the policy branch name') load_options.add_argument('-h', '--help', action='help', help='Display help screen and exit')