diff --git a/README.md b/README.md index 7b7eaf6..ff8027f 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ prebuilt integrations (we call them providers) as well as guidance on how to bui This project provides: * a GoLang SDK which can be used in open source and commercial implementations to leverage this community library. -* a Hexa console command line tool which can be used to provision policies to web accessible policy systems. +* a Hexa CLI command line tool which can be used to provision policies to web accessible policy systems. * a GoLang interface ([policyprovider.Provider](/api/policyprovider/platform_interface.go)) enabling the development of new policy provisioning providers. > [!Tip] @@ -59,14 +59,14 @@ cd policy-mapper sh ./build.sh ``` -## Hexa Console Tool +## Hexa CLI Tool -To test the Hexa SDK and or develop using scripts, use the [Hexa console tool](docs/HexaAdmin.md). +To test the Hexa SDK and or develop using scripts, use the [Hexa CLI tool](docs/HexaAdmin.md). -To run the hexa console, simply type `hexa` at the command line once installed. +To run the Hexa CLI, simply type `hexa` at the command line once installed. > [!Note] -> Hexa console currently does not support filenames with spaces. Valid example: add gcp --file=my_key.json +> Hexa CLI currently does not support filenames with spaces. Valid example: add gcp --file=my_key.json ## Hexa Developer Documentation diff --git a/build.sh b/build.sh index f42cff5..3e69a22 100644 --- a/build.sh +++ b/build.sh @@ -21,7 +21,7 @@ go build ./... doTest echo " installing..." go install ./... -printf "Start Hexa console by using the 'hexa' command.\nIf the command is not found, check that the go/bin directory is in your PATH.\n" +printf "Start Hexa CLI by using the 'hexa' command.\nIf the command is not found, check that the go/bin directory is in your PATH.\n" exit # This section is for when policy-models is multi-module - not currently used diff --git a/cmd/hexa/main.go b/cmd/hexa/main.go index a0e4173..69d4f10 100644 --- a/cmd/hexa/main.go +++ b/cmd/hexa/main.go @@ -38,7 +38,7 @@ type CLI struct { Reconcile ReconcileCmd `cmd:"" help:"Reconcile compares a source set of policies another source (file or alias) of policies to determine differences."` Set SetCmd `cmd:"" help:"Set or update policies (e.g. set policies -file=idql.json)"` Show ShowCmd `cmd:"" help:"Show locally stored information about integrations and applications"` - Exit ExitCmd `cmd:"" help:"Exit Hexa console"` + Exit ExitCmd `cmd:"" help:"Exit Hexa CLI"` Help HelpCmd `cmd:"" help:"Show help on a command"` } diff --git a/cmd/hexa/test/README.md b/cmd/hexa/test/README.md index 0e5cbdc..bd4e193 100644 --- a/cmd/hexa/test/README.md +++ b/cmd/hexa/test/README.md @@ -1,3 +1,3 @@ -# Hexa Console Tests +# Hexa CLI Tests Note: The credential files in this directory are mockups for testing purposes only. Do NOT place real credentials in this directory. \ No newline at end of file diff --git a/docs/Developer.md b/docs/Developer.md index a92e262..eb26d9f 100644 --- a/docs/Developer.md +++ b/docs/Developer.md @@ -26,9 +26,9 @@ and other information. For example, the Amazon integration key file looks like: ```
-Hexa Console +Hexa CLI -To add an integration in the hexa console, use the `add` command. +To add an integration in the Hexa CLI, use the `add` command. ```shell % hexa add --file= @@ -108,7 +108,7 @@ func main() { Hexa Get Policies invokes the provider to call to the policy application point to obtain the remote policy and translate it into IDQL.
-Hexa Console +Hexa CLI To retrieve policies from a PAP, use the `get policies` command. Optionally, use the --output flag to direct output to a file rather than the console. ```shell @@ -254,9 +254,9 @@ Once an integration is defined, Hexa can set policies by taking input IDQL polic In some cases (e.g. Amazon AVP), the existing policies are matched (e.g. using meta information or comparison) and the necessary update operations are calculated as part of the update.
-Hexa Console +Hexa CLI -The Hexa console `set policies` command is of the form +The Hexa CLI `set policies` command is of the form ```shell set policies [-d] --file= ``` @@ -457,9 +457,9 @@ Mapping functions support converting GCP Bind policy in JSON format to and from conversion of GCP Common Expression Language (CEL) to IDQL conditions.
-Hexa Console +Hexa CLI -To map files in the hexa console, use the `map to` or `map from` commands as follows: +To map files in the Hexa CLI, use the `map to` or `map from` commands as follows: ```shell % hexa map to gcp input.idql gcpout.json @@ -518,9 +518,9 @@ Mapping functions support converting Amazon Cedar policy to and from IDQL JSON f conversion of Cedar Conditions to IDQL Conditions.
-Hexa Console +Hexa CLI -To map files in the hexa console, use the `map to` or `map from` commands as follows: +To map files in the Hexa CLI, use the `map to` or `map from` commands as follows: ```shell hexa map to cedar input.idql cedarout.txt diff --git a/docs/HexaAdmin.md b/docs/HexaAdmin.md index 1facb79..71f18f0 100644 --- a/docs/HexaAdmin.md +++ b/docs/HexaAdmin.md @@ -1,8 +1,8 @@ ![Hexa](https://hexaorchestration.org/wp-content/themes/hexa/img/logo.svg) -# Hexa Console Tool +# Hexa CLI Tool -The Hexa console tool uses the Hexa SDK to provision access policy to administrative APIs such as Amazon Verified Permissions, and Google Cloud Bind. +The Hexa CLI tool uses the Hexa SDK to provision access policy to administrative APIs such as Amazon Verified Permissions, and Google Cloud Bind. ## Adding an Integration @@ -213,7 +213,7 @@ Help is accessible at any time, using the `help` command. For more details, ente To redirect output for any command to a file, use the `-o` option. If you would like the output to be appended to an existing file, use the `-a` option. -Hexa console maintains a configuration file in order to save previously retrieved integrations and policy administration points. +Hexa CLI maintains a configuration file in order to save previously retrieved integrations and policy administration points. By default, the path is `.hexa/config.json`. This can be overriden by setting the environment variable `$HEXA_HOME`. Hexa can also accept redirected input in order to script a series of commands. For example: diff --git a/docs/WritingAProvider.md b/docs/WritingAProvider.md index 9a7ae52..280efed 100644 --- a/docs/WritingAProvider.md +++ b/docs/WritingAProvider.md @@ -22,7 +22,7 @@ each node into the IDQL equivalent. For an example of this, see: the [/models/fo > [!Note] > Syntactical mappers currently do not have a standardized interface. To see how the existing mappers are used, look at -> the `map` command inside the hexa console [command.go](../cmd/hexa/commands.go). +> the `map` command inside the Hexa CLI [command.go](../cmd/hexa/commands.go). Example invocation of syntactical mapper: ```go diff --git a/examples/platformApps/gcpHelloWorld/README.md b/examples/platformApps/gcpHelloWorld/README.md index edbe6c5..2210fe3 100644 --- a/examples/platformApps/gcpHelloWorld/README.md +++ b/examples/platformApps/gcpHelloWorld/README.md @@ -52,7 +52,7 @@ IAM and Admin -> IAP page and select the deployed app. Toggle "IAP" button. You You can also open the application up in the browser at the URL: https://..r.appspot.com -Use the Hexa Admin tool to Add GCP provider and then download available applications (aka policy application points). +Use the Hexa CLI tool to Add GCP provider and then download available applications (aka policy application points). ## Running on GKE diff --git a/providers/aws/avpProvider/README.md b/providers/aws/avpProvider/README.md index 7fa52f2..910a3ed 100644 --- a/providers/aws/avpProvider/README.md +++ b/providers/aws/avpProvider/README.md @@ -12,7 +12,7 @@ support for Cedar Conditions. | ABAC | Support for attribute conditions | Yes | Yes | | Type | Policy is described 'syntactically' in an exportable
format or implied through 'role' based relationships | Syntactic | Syntactic Mapper | | Attribute Mapping | Attribute names in policy can be mapped to platform | | Yes | -| Hexa Console | Supported in the Hexa Console application | | Yes | +| Hexa CLI | Supported in the Hexa CLI application | | Yes | | Discovery | Supports discovery of Policy Application Points | AVP Instance Discovery | Yes | | Get Policies | Supports retrieval of all policies from a PAP | Yes | Yes | | Set Policies | Supports the ability to apply a set of policies to a PAP | Yes
Individual policy CRUD
Restricted updates | Supported via reconciliation
into CRUD | diff --git a/providers/aws/awsapigwProvider/README.md b/providers/aws/awsapigwProvider/README.md index 08658a5..fdd9a4b 100644 --- a/providers/aws/awsapigwProvider/README.md +++ b/providers/aws/awsapigwProvider/README.md @@ -12,7 +12,7 @@ See: Tutorial: [Build a CRUD API with Lambda and DynamoDB](https://docs.aws.amaz | ABAC | Support for attribute conditions | No | No | | Type | Virtual policy Cognito directory, Dynamo DB for use with Amazon API Gateway | Cognito, DynamoDb, API Gateway | Virtual RBAC | | Attribute Mapping | Attribute names in policy can be mapped to platform | | N/A | -| Hexa Console | Supported in the Hexa Console application | | Yes | +| Hexa CLI | Supported in the Hexa CLI application | | Yes | | Discovery | Supports discovery of Policy Application Points | List UserPools and Resources | Yes | | Get Policies | Supports retrieval of all policies from a PAP | Conversion | Yes | | Set Policies | Supports the ability to apply a set of policies to a PAP | Conversion | Yes | diff --git a/providers/aws/cognitoProvider/README.md b/providers/aws/cognitoProvider/README.md index 1151a18..d7e0e74 100644 --- a/providers/aws/cognitoProvider/README.md +++ b/providers/aws/cognitoProvider/README.md @@ -10,7 +10,7 @@ does this by interrogating User Pools and their associated resources. In general | ABAC | Support for attribute conditions | No | No | | Type | Policy is described 'syntactically' in an exportable
format or implied through 'role' based relationships | Directory Groups | Virtual RBAC | | Attribute Mapping | Attribute names in policy can be mapped to platform | | N/A | -| Hexa Console | Supported in the Hexa Console application | | Yes | +| Hexa CLI | Supported in the Hexa CLI application | | Yes | | Discovery | Supports discovery of Policy Application Points | List UserPools and Resources | Yes | | Get Policies | Supports retrieval of all policies from a PAP | Conversion | Yes | | Set Policies | Supports the ability to apply a set of policies to a PAP | Conversion | Yes | diff --git a/providers/azure/azureProvider/README.md b/providers/azure/azureProvider/README.md index 3c77a4f..5ec97be 100644 --- a/providers/azure/azureProvider/README.md +++ b/providers/azure/azureProvider/README.md @@ -11,7 +11,7 @@ IDQL `resource_id` is the API Name in the Azure portal. Role assignments is extr | ABAC | Support for attribute conditions | No | No | | Type | Roles are converting into IDQL Policy equivalents | Azure Applications | Virtual RBAC | | Attribute Mapping | Attribute names in policy can be mapped to platform | | N/A | -| Hexa Console | Supported in the Hexa Console application | | Yes | +| Hexa CLI | Supported in the Hexa CLI application | | Yes | | Discovery | Supports discovery of Policy Application Points | Lists Azure Apps | Yes | | Get Policies | Supports retrieval of all policies from a PAP | Conversion | Yes | | Set Policies | Supports the ability to apply a set of policies to a PAP | Conversion | Yes | diff --git a/providers/googlecloud/iapProvider/README.md b/providers/googlecloud/iapProvider/README.md index d57e9e0..367e7eb 100644 --- a/providers/googlecloud/iapProvider/README.md +++ b/providers/googlecloud/iapProvider/README.md @@ -10,7 +10,7 @@ support for conversion of Google Condition Expression Language into IDQL's SCIM | ABAC | Support for attribute conditions | Yes | Yes | | Type | Policy is described 'syntactically' in an exportable
format or implied through 'role' based relationships | Syntactic | Syntactic Mapper | | Attribute Mapping | Attribute names in policy can be mapped to platform | | Yes | -| Hexa Console | Supported in the Hexa Console application | | Yes | +| Hexa CLI | Supported in the Hexa CLI application | | Yes | | Discovery | Supports discovery of Policy Application Points | Queries IAP Backend and AppEngine services | Yes | | Get Policies | Supports retrieval of all policies from a PAP | Yes | Yes | | Set Policies | Supports the ability to apply a set of policies to a PAP | Yes | diff --git a/providers/openpolicyagent/README.md b/providers/openpolicyagent/README.md index 7a0fcf9..0a8846c 100644 --- a/providers/openpolicyagent/README.md +++ b/providers/openpolicyagent/README.md @@ -11,7 +11,7 @@ The Open Policy Agent Provider enables the retrieval and provisioning of IDQL po | ABAC | Support for attribute conditions | Yes | Yes | | Type | IDQL Native. Policy is interpreted by OPA Rego processor. | Rego | Deployment of IDQL and Rego policy | | Attribute Mapping | Attribute names in policy can be mapped to platform | | Yes | -| Hexa Console | Supported in the Hexa Console application | | Yes | +| Hexa CLI | Supported in the Hexa CLI application | | Yes | | Discovery | Supports discovery of Policy Application Points | Queries IAP Backend and AppEngine services | Yes | | Get Policies | Supports retrieval of all policies from a PAP | Yes | Yes | | Set Policies | Supports the ability to apply a set of policies to a PAP | Yes | @@ -31,7 +31,7 @@ information, see the [Hexa Policy-OPA project](https://github.com/hexa-org/polic ## Integration Support Notes -In the Hexa Console, adding an OPA integration takes the form: +In the Hexa CLI, adding an OPA integration takes the form: ```shell hexa add opa http myBundle --file=integration.json ```