Welcome to Sym’s SDK Docs!¶
Sym is the security workflow platform made for engineers, by engineers.
We solve the intent-to-execution gap between policies and workflows by providing fast-moving engineering teams with the just-right primitives to roll out best-practice controls.
These are the Python API docs for Sym. For guides and other help, check out our main docs site.
The SDK docs are broken into several core modules, which are described below. Click on one to see the classes and functions available in your Handlers.
Function annotations to implement Handlers. |
|
Exceptions that can be raised by the Sym Runtime. |
|
Integrations with a host of third-party services. |
|
Workflow templates that can be declaratively provisioned. |
|
Helper methods and convenience tools. |
|
Triggers for the various steps of a |
|
Models representing Flows, Environments, and Runs. |
|
Models for working with Sym access request forms. |
|
Model for configuring where to send messages when a Request is created. |
|
Representation of different options for routing Sym Requests. |
|
Models for defining permissions required to view or perform actions on Requests. |
|
Tools for describing Sym Resources. |
|
Tools for working with secrets. |
|
Model representing a native Sym Strategy. |
|
Classes for representing Strategies and Integrations, including fully custom Strategies. |
|
An instance of a sym_target to request access to. |
|
Representations of Users in both Sym and third parties. |
The Sym SDK is used to customize workflow templates that are exposed by our Terraform provider. Here’s an example using the sym:approve
Template!
from sym.sdk.annotations import reducer
from sym.sdk.integrations import pagerduty, okta, slack
@reducer
def get_approvers(evt):
# The import here uses credentials defined in an Integration in Terraform
if pagerduty.is_on_call(evt.user, schedule="id_of_eng_on_call"):
# This is a self-approval in a DM
return slack.user(evt.user)
if evt.payload.fields["urgency"] == "Emergency":
# This is a self-approval in a channel
return slack.channel("#break-glass", allow_self=True)
on_call_mgrs = okta.group("OnCallManagers").members()
# This would cause each on-call manager to be DMed
return slack.group([slack.user(x) for x in on_call_mgrs])
If you’re interested in using Sym, please reach out!