UNPKG

hana-cli

Version:

HANA Developer Command Line Interface

sap-samples.github.io/hana-developer-cli-tool-example/

SAP-samples/hana-developer-cli-tool-example

102 lines (71 loc) 3.07 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# privilegeAnalysis > Command: `privilegeAnalysis` > Category: **Security** > Status: Production Ready ## Description Analyze user or role privileges and generate least-privilege recommendations based on granted system, object, and role privileges. ## Syntax ```bash hana-cli privilegeAnalysis [options] ``` ## Aliases - `privanalysis` - `privanalyze` ## Command Diagram ```mermaid graph TD Start([hana-cli privilegeAnalysis]) --> Input{Input Parameters} Input --> Connect[Create DB connection] Connect --> Target{User or role provided?} Target -->|user| User[Analyze user privileges] Target -->|role| Role[Analyze role privileges] Target -->|none| Current[Analyze current user] User --> Suggestions{--suggest?} Suggestions --> Output[Render privilege summary] Role --> Output Current --> Suggestions Output --> Complete([Command Complete]) style Start fill:#0092d1 style Complete fill:#2ecc71 style Input fill:#f39c12 style Target fill:#f39c12 style Suggestions fill:#f39c12 ``` ## Parameters ### Positional Arguments This command does not accept positional arguments. ### Options | Option | Alias | Type | Default | Description | |---------------|-----------|---------|---------|---------------------------------------------| | `--user` | `-u` | string | - | Target user to analyze. | | `--role` | `-r` | string | - | Target role to analyze. | | `--showUnused`| `--unused`| boolean | `false` | Include unused privileges in the output. | | `--suggest` | `-s` | boolean | `true` | Suggest least-privilege recommendations. | ### Connection Parameters | Option | Alias | Type | Default | Description | |-----------|-------|---------|---------|--------------------------------------------------| | `--admin` | `-a` | boolean | `false` | Connect via admin (default-env-admin.json) | | `--conn` | - | string | - | Connection filename to override default-env.json | ### Troubleshooting | Option | Alias | Type | Default | Description | |--------------------|-----------|---------|---------|------------------------| | `--disableVerbose` | `--quiet` | boolean | `false` | Disable verbose output | | `--debug` | `-d` | boolean | `false` | Enable debug output | For the runtime-generated option list, run: ```bash hana-cli privilegeAnalysis --help ``` ## Examples ### Basic Usage ```bash hana-cli privilegeAnalysis --user TESTUSER --suggest ``` Analyze `TESTUSER` privileges and include least-privilege suggestions. ## Related Commands - `roles` - List roles and role metadata - `users` - List database users - `grantChains` - Visualize privilege inheritance chains See the [Commands Reference](../all-commands.md) for other commands in this category. ## See Also - [Category: Security](..) - [All Commands A-Z](../all-commands.md)