Welcome to Sym’s SDK Docs!¶
Sym is the security workflow platform made for engineers, by engineers.
We solve the intent-to-execution gap between policies and workflows by providing fast-moving engineering teams with the just-right primitives to roll out best-practice controls.
These are the Python API docs for Sym. For guides and other help, check out our main docs site.
The SDK docs are broken into several core modules, which are described below. Click on one to see the classes and functions available in your Handlers.
Function annotations to implement Handlers. |
|
Exceptions that can be raised by the Sym Runtime. |
|
Integrations with a host of third-party services. |
|
Workflow templates that can be declaratively provisioned. |
|
Helper methods and convenience tools. |
|
Triggers for the various steps of a |
|
A parameterized instance of a |
|
Tools for describing Sym Resources. |
|
Tools for working with secrets. |
|
Classes for representing Strategies and Integrations, including fully custom Strategies. |
|
An instance of something to request access to. |
|
Representations of Users in both Sym and third parties. |
The Sym SDK is used to customize workflow templates that are exposed by our Terraform provider. Here’s an example using the sym:approve Template!
from sym.sdk.annotations import reducer
from sym.sdk.integrations import pagerduty, okta, slack
@reducer
def get_approvers(evt):
# The import here uses credentials defined in an Integration in Terraform
if pagerduty.is_on_call(evt.user, schedule="id_of_eng_on_call"):
# This is a self-approval in a DM
return slack.user(evt.user)
if evt.payload.fields["urgency"] == "Emergency":
# This is a self-approval in a channel
return slack.channel("#break-glass", allow_self=True)
on_call_mgrs = okta.group("OnCallManagers").members()
# This would cause each on-call manager to be DMed
return slack.group([slack.user(x) for x in on_call_mgrs])
Here’s a video of our CTO Jon doing a walkthrough of SDK functionality.
If you’re interested in using Sym, please reach out!