Sha256: f229dcb15b4d25a3e8a38480b774fc5228d29f3f263b8616973235462a4991c9
Contents?: true
Size: 1.06 KB
Versions: 5
Compression:
Stored size: 1.06 KB
Contents
module Conjur module Policy module Types class Retire < Base attribute :record, kind: :resource self.description = %( Move a Role or Resource to the attic. From our [CLI reference](/cli#retiring): > When you no longer need a role or resource in Conjur, you `retire` it. > This is different than deleting it. When you retire an item, all of > its memberships and privileges are revoked and its ownership is > transferred to the `attic` user. This is a special user in Conjur that > is created when you first bootstrap your Conjur endpoint. By > retiring rather than deleting items, the integrity of the immutable > audit log is preserved. > > You can unretire items by logging in as the > 'attic' user and transferring their ownership to another role. The > 'attic' user's API key is stored as a variable in Conjur at > `conjur/users/attic/api-key`. It is owned by the 'security_admin' > group. ) self.example = %( - !retire record: !user DoubleOhSeven ) def to_s "Retire #{record}" end end end end end
Version data entries
5 entries across 5 versions & 1 rubygems