Welcome to Sym’s SDK Docs!

Sym is the security workflow platform made for engineers, by engineers.

We solve the intent-to-execution gap between policies and workflows by providing fast-moving engineering teams with the just-right primitives to roll out best-practice controls.

These are the Python API docs for Sym. For guides and other help, check out our main docs site.

The SDK docs are broken into several core modules, which are described below. Click on one to see the classes and functions available in your Handlers.

annotations

Function annotations to implement Handlers.

exceptions

Exceptions that can be raised by the Sym Runtime.

integrations

Integrations with a host of third-party services.

templates

Workflow templates that can be declaratively provisioned.

utils

Helper methods and convenience tools.

event

Triggers for the various steps of a Flow.

flow

A parameterized instance of a Template.

forms

Models for working with Sym access request forms.

request_destination

resource

Tools for describing Sym Resources.

secret

Tools for working with secrets.

strategies

Classes for representing Strategies and Integrations, including fully custom Strategies.

target

An instance of something to request access to.

user

Representations of Users in both Sym and third parties.

The Sym SDK is used to customize workflow templates that are exposed by our Terraform provider. Here’s an example using the sym:approve Template!

from sym.sdk.annotations import reducer
from sym.sdk.integrations import pagerduty, okta, slack

@reducer
def get_approvers(evt):
   # The import here uses credentials defined in an Integration in Terraform
   if pagerduty.is_on_call(evt.user, schedule="id_of_eng_on_call"):
      # This is a self-approval in a DM
      return slack.user(evt.user)

   if evt.payload.fields["urgency"] == "Emergency":
      # This is a self-approval in a channel
      return slack.channel("#break-glass", allow_self=True)

   on_call_mgrs = okta.group("OnCallManagers").members()
   # This would cause each on-call manager to be DMed
   return slack.group([slack.user(x) for x in on_call_mgrs])

Here’s a video of our CTO Jon doing a walkthrough of SDK functionality.

If you’re interested in using Sym, please reach out!