Agent Flow
Enrollment
sequenceDiagram
actor User
box rgb(230,240,250) On-Premise
participant Agent
end
box rgb(250,240,230) STREAM Cloud
participant Nexus
participant Solaris
participant DB@{ "type" : "database" }
participant KMS
end
User->>Agent: Run enrollment command
activate Agent
Agent-->>User: Prompt for enrollment token
User->>Agent: Provide enrollment token
Agent->>Agent: Generate keys
Agent->>Nexus: Call Enrollment RPC
activate Nexus
Nexus->>Solaris: Forward Enrollment call
activate Solaris
Solaris->>KMS: Store private cloud keys
Solaris->>DB: Create AdapterIdentity
Solaris->>Nexus: Return enrollment result
deactivate Solaris
Nexus->>Agent: Return enrollment result
deactivate Nexus
Agent->>Agent: Store identity
Agent-->>User: Enrollment successful
deactivate Agent
Config update
sequenceDiagram
actor User
box rgb(230,240,250) STREAM Cloud
participant Solaris
participant KMS
participant DB@{ "type" : "database" }
participant MessageBroker@{ "type" : "collections" }
participant Nexus
end
box rgb(230,240,250) On-Premise
participant Agent
end
User->>Solaris: Update agent configuration
activate Solaris
Solaris->>KMS: Get encryption keys (per org)
activate KMS
KMS-->>Solaris: Return keys
deactivate KMS
Solaris->>Solaris: Encrypt plugin configs
Solaris->>DB: Store configs
activate DB
DB-->>Solaris: Return row
deactivate DB
Solaris--)MessageBroker: Publish update message (tunnel.outbound)
Solaris-->>User: Success
deactivate Solaris
MessageBroker--)Nexus: Notify about update
activate Nexus
Nexus->>Nexus: Retrieve Adapter Identity
Nexus->>Nexus: Sign and encrypt payload
Nexus->>Agent: Send message to Adapter Stream
deactivate Nexus
activate Agent
Agent->>Agent: Decrypt and verify
Agent->>Agent: Store and apply config
deactivate Agent
Regular Operation
sequenceDiagram
box rgb(230,240,250) On-Premise
participant ExternalSystem
participant Agent
end
box rgb(230,240,250) STREAM Cloud
participant Nexus
participant Solaris
participant DB@{ "type" : "database" }
participant KMS
end