diff --git a/CHANGELOG.md b/CHANGELOG.md index ba08cbd5..7c164ad3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,68 @@ - Continued development to encompass any new documented features of the CyberArk API. - psPAS v7.0... +## [unreleased] + +### Added +- N/A + +### Updated +- N/A + +### Fixed +- N/A + +## **6.1.47** + +### Module update to cover all CyberArk 14.0 API features + +### Added +- `Add-PASPTAExcludedTarget` + - New command, supported from 14.0 +- `Add-PASPTAIncludedTarget` + - New command, supported from 14.0 +- `Add-PASPTAPrivilegedGroup` + - New command, supported from 14.0 +- `Add-PASPTAPrivilegedUser` + - New command, supported from 14.0 +- `Get-PASPTAExcludedTarget` + - New command, supported from 14.0 +- `Get-PASPTAIncludedTarget` + - New command, supported from 14.0 +- `Get-PASPTAPrivilegedGroup` + - New command, supported from 14.0 +- `Get-PASPTAPrivilegedUser` + - New command, supported from 14.0 +- `Remove-PASPTAExcludedTarget` + - New command, supported from 14.0 +- `Remove-PASPTAIncludedTarget` + - New command, supported from 14.0 +- `Remove-PASPTAPrivilegedGroup` + - New command, supported from 14.0 +- `Remove-PASPTAPrivilegedUser` + - New command, supported from 14.0 +- `Get-PASLinkedGroup` + - New experimental command based on undocumented API. + + ### Updated +- `Get-PASAccountActivity` + - Adds Gen2 replacement for deprecated Gen1 API. + - Updates default operation to target Gen2 API. +- `Get-PASPTARiskEvent` + - New filter parameters `FromTime` & `ToTime` + - Fixes output and result paging +- `Set-PASPTARiskEvent` + - New parameters `closeReason` & `reasonText` + - General Fixes +- `New-PASDirectoryMapping` + - New parameters `UsedQuota`, `AuthorizedInterfaces` & `EnableENEWhenDisconnected` +- `Set-PASDirectoryMapping` + - New parameters `UsedQuota`, `AuthorizedInterfaces` & `EnableENEWhenDisconnected` + + ### Fixed +- `Invoke-PASRestMethod` + - Avoids potential error condition when handling errors in ISPSS environments + ## **6.0.30** ### Added diff --git a/LICENSE.md b/LICENSE.md index 349ce36d..cc058144 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,6 +1,6 @@ MIT License -Copyright (c) 2017-2023 Pete Maan +Copyright (c) 2017-2024 Pete Maan Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 9f56b7bd..db967014 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ Through the PVWA REST API, administer CyberArk PAS with PowerShell. -Contains all of the documented API capabilities up to CyberArk v13.2. +Contains all of the documented API capabilities up to CyberArk v14.0. Docs: [https://pspas.pspete.dev](https://pspas.pspete.dev) @@ -965,6 +965,7 @@ Click the below dropdown to view the current list of psPAS functions and their m [`Disable-PASUser`][Disable-PASUser] |**12.6** |Disable CyberArk Users [`Publish-PASDiscoveredAccount`][Publish-PASDiscoveredAccount] |**12.6** |Onboard Discovered Accounts [`Get-PASLinkedAccount`][Get-PASLinkedAccount] |**12.2** |Get details of linked accounts +[`Get-PASLinkedGroup`][Get-PASLinkedGroup] |**12.2** |Get details of linked groups [`Add-PASPersonalAdminAccount`][Add-PASPersonalAdminAccount] |**12.6** |Add Personal Admin Account (Privilege Cloud Only). [`Get-PASPTAGlobalCatalog`][Get-PASPTAGlobalCatalog] |**13.0** |Get Global Catalog connectivity details for PTA. [`Add-PASPTAGlobalCatalog`][Add-PASPTAGlobalCatalog] |**13.0** |Add Global Catalog connectivity details to PTA. @@ -973,7 +974,31 @@ Click the below dropdown to view the current list of psPAS functions and their m [`Set-PASPTARiskEvent`][Set-PASPTARiskEvent] |**13.2** |Update PTA Risk Events [`Get-PASPTARiskSummary`][Get-PASPTARiskSummary] |**13.2** |Get PTA Risk Summary [`New-PASRequestObject`][New-PASRequestObject] |**---** |Format an object to include in an request list - +[`Add-PASPTAIncludedTarget`][Add-PASPTAIncludedTarget] |**14.0** |Includes a PTA Monitored Target +[`Add-PASPTAExcludedTarget`][Add-PASPTAExcludedTarget] |**14.0** |Excludes a PTA Monitored Target +[`Add-PASPTAPrivilegedGroup`][Add-PASPTAPrivilegedGroup] |**14.0** |Configures a PTA Privileged Group +[`Add-PASPTAPrivilegedUser`][Add-PASPTAPrivilegedUser] |**14.0** |Configures a PTA Privileged User +[`Get-PASPTAExcludedTarget`][Get-PASPTAExcludedTarget] |**14.0** |Get PTA Excluded Target +[`Get-PASPTAIncludedTarget`][Get-PASPTAIncludedTarget] |**14.0** |Get PTA Included target +[`Get-PASPTAPrivilegedGroup`][Get-PASPTAPrivilegedGroup] |**14.0** |Get PTA Privileged Group +[`Get-PASPTAPrivilegedUser`][Get-PASPTAPrivilegedUser] |**14.0** |Get PTA Privileged User +[`Remove-PASPTAExcludedTarget`][Remove-PASPTAExcludedTarget] |**14.0** |Remove PTA Excluded Target +[`Remove-PASPTAIncludedTarget`][Remove-PASPTAIncludedTarget] |**14.0** |Remove PTA Included Target +[`Remove-PASPTAPrivilegedGroup`][Remove-PASPTAPrivilegedGroup] |**14.0** |Remove PTA Privileged Group +[`Remove-PASPTAPrivilegedUser`][Remove-PASPTAPrivilegedUser] |**14.0** |Remove PTA Privileged User + +[Add-PASPTAExcludedTarget]:/psPAS/Functions/EventSecurity/Add-PASPTAExcludedTarget.ps1 +[Add-PASPTAIncludedTarget]:/psPAS/Functions/EventSecurity/Add-PASPTAIncludedTarget.ps1 +[Add-PASPTAPrivilegedGroup]:/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedGroup.ps1 +[Add-PASPTAPrivilegedUser]:/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedUser.ps1 +[Get-PASPTAExcludedTarget]:/psPAS/Functions/EventSecurity/Get-PASPTAExcludedTarget.ps1 +[Get-PASPTAIncludedTarget]:/psPAS/Functions/EventSecurity/Get-PASPTAIncludedTarget.ps1 +[Get-PASPTAPrivilegedGroup]:/psPAS/Functions/EventSecurity/Get-PASPTAPrivilegedGroup.ps1 +[Get-PASPTAPrivilegedUser]:/psPAS/Functions/EventSecurity/Get-PASPTAPrivilegedUser.ps1 +[Remove-PASPTAExcludedTarget]:/psPAS/Functions/EventSecurity/Remove-PASPTAExcludedTarget.ps1 +[Remove-PASPTAIncludedTarget]:/psPAS/Functions/EventSecurity/Remove-PASPTAIncludedTarget.ps1 +[Remove-PASPTAPrivilegedGroup]:/psPAS/Functions/EventSecurity/Remove-PASPTAPrivilegedGroup.ps1 +[Remove-PASPTAPrivilegedUser]:/psPAS/Functions/EventSecurity/Remove-PASPTAPrivilegedUser.ps1 [New-PASRequestObject]:/psPAS/Functions/Requests/New-PASRequestObject.ps1 [Get-PASUserTypeInfo]:/psPAS/Functions/User/Get-PASUserTypeInfo.ps1 [Get-PASPTARiskEvent]:/psPAS/Functions/EventSecurity/Get-PASPTARiskEvent.ps1 @@ -984,6 +1009,7 @@ Click the below dropdown to view the current list of psPAS functions and their m [Disable-PASUser]:/psPAS/Functions/User/Disable-PASUser.ps1 [Enable-PASUser]:/psPAS/Functions/User/Enable-PASUser.ps1 [Get-PASLinkedAccount]:/psPAS/Functions/Accounts/Get-PASLinkedAccount.ps1 +[Get-PASLinkedGroup]:/psPAS/Functions/Accounts/Get-PASLinkedGroup.ps1 [Add-PASPersonalAdminAccount]:/psPAS/Functions/Accounts/Add-PASPersonalAdminAccount.ps1 [Publish-PASDiscoveredAccount]:/psPAS/Functions/Accounts/Publish-PASDiscoveredAccount.ps1 [Get-PASPlatformSummary]:/psPAS/Functions/Platforms/Get-PASPlatformSummary.ps1 diff --git a/Tests/Add-PASPTAExcludedTarget.Tests.ps1 b/Tests/Add-PASPTAExcludedTarget.Tests.ps1 new file mode 100644 index 00000000..9aa19658 --- /dev/null +++ b/Tests/Add-PASPTAExcludedTarget.Tests.ps1 @@ -0,0 +1,137 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + + } + + $SomePassword = $('Some_Password' | ConvertTo-SecureString -AsPlainText -Force) + + $InputObj = [pscustomobject]@{ + 'cidr' = '10.10.10.10/32' + + } + + $response = $InputObj | Add-PASPTAExcludedTarget + + } + + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'cidr' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Add-PASPTAExcludedTarget).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/api/pta/API/Administration/properties/CidrExclusionList" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'PATCH' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'has a request body with expected number of properties' { + + ($Script:RequestBody | Get-Member -MemberType NoteProperty).length | Should -Be 1 + + } + + It 'throws error if version requirement not met' { + + $Script:ExternalVersion = '1.0' + + { $InputObj | Add-PASPTAExcludedTarget } | Should -Throw + + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides no output' { + + $response | Should -BeNullOrEmpty + + } + + + } + + } + +} \ No newline at end of file diff --git a/Tests/Add-PASPTAIncludedTarget.Tests.ps1 b/Tests/Add-PASPTAIncludedTarget.Tests.ps1 new file mode 100644 index 00000000..e9f0c14c --- /dev/null +++ b/Tests/Add-PASPTAIncludedTarget.Tests.ps1 @@ -0,0 +1,137 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + + } + + $SomePassword = $('Some_Password' | ConvertTo-SecureString -AsPlainText -Force) + + $InputObj = [pscustomobject]@{ + 'cidr' = '10.10.10.10/32' + + } + + $response = $InputObj | Add-PASPTAIncludedTarget + + } + + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'cidr' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Add-PASPTAIncludedTarget).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/api/pta/API/Administration/properties/CidrInclusionList" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'PATCH' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'has a request body with expected number of properties' { + + ($Script:RequestBody | Get-Member -MemberType NoteProperty).length | Should -Be 1 + + } + + It 'throws error if version requirement not met' { + + $Script:ExternalVersion = '1.0' + + { $InputObj | Add-PASPTAIncludedTarget } | Should -Throw + + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides no output' { + + $response | Should -BeNullOrEmpty + + } + + + } + + } + +} \ No newline at end of file diff --git a/Tests/Add-PASPTAPrivilegedGroup.Tests.ps1 b/Tests/Add-PASPTAPrivilegedGroup.Tests.ps1 new file mode 100644 index 00000000..91475e66 --- /dev/null +++ b/Tests/Add-PASPTAPrivilegedGroup.Tests.ps1 @@ -0,0 +1,139 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + + } + + $SomePassword = $('Some_Password' | ConvertTo-SecureString -AsPlainText -Force) + + $InputObj = [pscustomobject]@{ + 'domain' = 'somedomain.com' + 'group' = 'somegroup' + + } + + $response = $InputObj | Add-PASPTAPrivilegedGroup + + } + + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'domain' }, + @{Parameter = 'group' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Add-PASPTAPrivilegedGroup).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/pta/API/configuration/properties/PrivilegedDomainGroupsList" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'PATCH' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'has a request body with expected number of properties' { + + ($Script:RequestBody | Get-Member -MemberType NoteProperty).length | Should -Be 2 + + } + + It 'throws error if version requirement not met' { + + $Script:ExternalVersion = '1.0' + + { $InputObj | Add-PASPTAPrivilegedGroup } | Should -Throw + + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides no output' { + + $response | Should -BeNullOrEmpty + + } + + + } + + } + +} \ No newline at end of file diff --git a/Tests/Add-PASPTAPrivilegedUser.Tests.ps1 b/Tests/Add-PASPTAPrivilegedUser.Tests.ps1 new file mode 100644 index 00000000..23569266 --- /dev/null +++ b/Tests/Add-PASPTAPrivilegedUser.Tests.ps1 @@ -0,0 +1,139 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + + } + + $SomePassword = $('Some_Password' | ConvertTo-SecureString -AsPlainText -Force) + + $InputObj = [pscustomobject]@{ + 'platform' = 'APPLICATION' + 'user' = 'someuser' + + } + + $response = $InputObj | Add-PASPTAPrivilegedUser + + } + + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'platform' }, + @{Parameter = 'user' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Add-PASPTAPrivilegedUser).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/pta/API/configuration/properties/PrivilegedUsersList" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'PATCH' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'has a request body with expected number of properties' { + + ($Script:RequestBody | Get-Member -MemberType NoteProperty).length | Should -Be 2 + + } + + It 'throws error if version requirement not met' { + + $Script:ExternalVersion = '1.0' + + { $InputObj | Add-PASPTAPrivilegedUser } | Should -Throw + + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides no output' { + + $response | Should -BeNullOrEmpty + + } + + + } + + } + +} \ No newline at end of file diff --git a/Tests/Get-PASAccountActivity.Tests.ps1 b/Tests/Get-PASAccountActivity.Tests.ps1 index 49db7fe1..1f45073e 100644 --- a/Tests/Get-PASAccountActivity.Tests.ps1 +++ b/Tests/Get-PASAccountActivity.Tests.ps1 @@ -35,44 +35,94 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { - BeforeEach { + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'AccountID' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Get-PASAccountActivity).Parameters["$Parameter"].Attributes.Mandatory | + Select-Object -Unique | Should -Be $true + + } + - Mock Invoke-PASRestMethod -MockWith { - [pscustomobject]@{'GetAccountActivitiesResult' = [pscustomobject]@{ - 'prop1' = 'val1' - 'prop2' = 'val2' - 'prop3' = 'val3' + + } + + Context 'Input - Gen 1' { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [pscustomobject]@{'GetAccountActivitiesResult' = [pscustomobject]@{ + 'prop1' = 'val1' + 'prop2' = 'val2' + 'prop3' = 'val3' + } } } + + $InputObj = [pscustomobject]@{ + 'AccountID' = '66_6' + + } + + $response = $InputObj | Get-PASAccountActivity -UseGen1API -Verbose } - $InputObj = [pscustomobject]@{ - 'AccountID' = '66_6' + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It } - $response = $InputObj | Get-PASAccountActivity -Verbose - } + It 'sends request to expected endpoint' { - Context 'Mandatory Parameters' { + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { - $Parameters = @{Parameter = 'AccountID' } + $URI -eq "$($Script:BaseURI)/WebServices/PIMServices.svc/Accounts/66_6/Activities" - It 'specifies parameter as mandatory' -TestCases $Parameters { + } -Times 1 -Exactly -Scope It - param($Parameter) + } - (Get-Command Get-PASAccountActivity).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It } + It 'sends request with no body' { + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Body -eq $null } -Times 1 -Exactly -Scope It + + } } + Context 'Input - Gen 2' { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [pscustomobject]@{'Activities' = [pscustomobject]@{ + 'prop1' = 'val1' + 'prop2' = 'val2' + 'prop3' = 'val3' + } + } + } + + $InputObj = [pscustomobject]@{ + 'AccountID' = '66_6' + } - Context 'Input' { + $response = $InputObj | Get-PASAccountActivity -Verbose + } It 'sends request' { @@ -84,7 +134,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { - $URI -eq "$($Script:BaseURI)/WebServices/PIMServices.svc/Accounts/66_6/Activities" + $URI -eq "$($Script:BaseURI)/api/Accounts/66_6/Activities" } -Times 1 -Exactly -Scope It @@ -104,7 +154,26 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } - Context 'Output' { + Context 'Output - Gen 1' { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [pscustomobject]@{'GetAccountActivitiesResult' = [pscustomobject]@{ + 'prop1' = 'val1' + 'prop2' = 'val2' + 'prop3' = 'val3' + } + } + } + + $InputObj = [pscustomobject]@{ + 'AccountID' = '66_6' + + } + + $response = $InputObj | Get-PASAccountActivity -UseGen1API -Verbose + } It 'provides output' { @@ -126,6 +195,49 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { + } + + Context 'Output - Gen 2' { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [pscustomobject]@{'Activities' = [pscustomobject]@{ + 'prop1' = 'val1' + 'prop2' = 'val2' + 'prop3' = 'val3' + } + } + } + + $InputObj = [pscustomobject]@{ + 'AccountID' = '66_6' + + } + + $response = $InputObj | Get-PASAccountActivity -Verbose + } + + It 'provides output' { + + $response | Should -Not -Be null + + } + + It 'has output with expected number of properties' { + + ($response | Get-Member -MemberType NoteProperty).length | Should -Be 3 + + } + + It 'outputs object with expected typename' { + + $response | Get-Member | Select-Object -ExpandProperty typename -Unique | Should -Be psPAS.CyberArk.Vault.Account.Activity.Gen2 + + } + + + } } diff --git a/Tests/Get-PASLinkedGroup.Tests.ps1 b/Tests/Get-PASLinkedGroup.Tests.ps1 new file mode 100644 index 00000000..0e1163ff --- /dev/null +++ b/Tests/Get-PASLinkedGroup.Tests.ps1 @@ -0,0 +1,130 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [pscustomobject]@{ + 'LinkedAccounts' = [pscustomobject]@{ + 'prop5' = 'val5' + 'prop6' = 'val6' + 'prop7' = 'val7' + 'prop8' = 'val8' + 'prop9' = 'val9' + } + 'LinkedGroupId' = 123 + 'LinkedGroupName' = 'SomeName' + 'LinkedGroupPolicyName' = 'SomeName' + + } + } + + $InputObj = [pscustomobject]@{ + 'AccountID' = '66_6' + + } + + $response = $InputObj | Get-PASLinkedGroup -Verbose + } + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'id' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Get-PASLinkedGroup).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + + + } + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/api/ExtendedAccounts/66_6/LinkedAccounts" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Body -eq $null } -Times 1 -Exactly -Scope It + + } + + } + + Context 'Output' { + + It 'provides output' { + + $response | Should -Not -Be null + + } + + It 'has output with expected number of properties' { + + ($response | Get-Member -MemberType NoteProperty).length | Should -Be 3 + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Get-PASPTAExcludedTarget.Tests.ps1 b/Tests/Get-PASPTAExcludedTarget.Tests.ps1 new file mode 100644 index 00000000..d7c36cf0 --- /dev/null +++ b/Tests/Get-PASPTAExcludedTarget.Tests.ps1 @@ -0,0 +1,130 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'propertykey' = 'CidrExclusionList' + 'categorykey' = 'MonitoredTargets' + 'ActualValue' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } + } + + $response = Get-PASPTAExcludedTarget + } + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/pta/API/administration" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Body -eq $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '1.0' + { Get-PASPTAExcludedTarget } | Should -Throw + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'propertykey' = 'CidrExclusionList' + 'categorykey' = 'MonitoredTargets' + 'ActualValue' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } + } + + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + It 'provides output' { + + Get-PASPTAExcludedTarget | Should -Not -BeNullOrEmpty + + } + + It 'has output with expected number of properties' { + + (Get-PASPTAExcludedTarget | Get-Member -MemberType NoteProperty).length | Should -Be 2 + + } + + It 'outputs object with expected typename' { + + Get-PASPTAExcludedTarget | Get-Member | Select-Object -ExpandProperty typename -Unique | Should -Be psPAS.CyberArk.Vault.PTA.MonitoredTarget + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Get-PASPTAIncludedTarget.Tests.ps1 b/Tests/Get-PASPTAIncludedTarget.Tests.ps1 new file mode 100644 index 00000000..9083a602 --- /dev/null +++ b/Tests/Get-PASPTAIncludedTarget.Tests.ps1 @@ -0,0 +1,130 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'propertykey' = 'CidrInclusionList' + 'categorykey' = 'MonitoredTargets' + 'actualValue' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } + } + + $response = Get-PASPTAIncludedTarget + } + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/pta/API/administration" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Body -eq $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '1.0' + { Get-PASPTAIncludedTarget } | Should -Throw + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'propertykey' = 'CidrInclusionList' + 'categorykey' = 'MonitoredTargets' + 'actualValue' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } + } + + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + It 'provides output' { + + Get-PASPTAIncludedTarget | Should -Not -BeNullOrEmpty + + } + + It 'has output with expected number of properties' { + + (Get-PASPTAIncludedTarget | Get-Member -MemberType NoteProperty).length | Should -Be 2 + + } + + It 'outputs object with expected typename' { + + Get-PASPTAIncludedTarget | Get-Member | Select-Object -ExpandProperty typename -Unique | Should -Be psPAS.CyberArk.Vault.PTA.MonitoredTarget + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Get-PASPTAPrivilegedGroup.Tests.ps1 b/Tests/Get-PASPTAPrivilegedGroup.Tests.ps1 new file mode 100644 index 00000000..c0addbb8 --- /dev/null +++ b/Tests/Get-PASPTAPrivilegedGroup.Tests.ps1 @@ -0,0 +1,128 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'propertykey' = 'PrivilegedDomainGroupsList' + 'ActualValue' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } + } + + $response = Get-PASPTAPrivilegedGroup + } + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/pta/API/configuration" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Body -eq $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '1.0' + { Get-PASPTAPrivilegedGroup } | Should -Throw + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'propertykey' = 'PrivilegedDomainGroupsList' + 'ActualValue' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } + } + + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + It 'provides output' { + + Get-PASPTAPrivilegedGroup | Should -Not -BeNullOrEmpty + + } + + It 'has output with expected number of properties' { + + (Get-PASPTAPrivilegedGroup | Get-Member -MemberType NoteProperty).length | Should -Be 2 + + } + + It 'outputs object with expected typename' { + + Get-PASPTAPrivilegedGroup | Get-Member | Select-Object -ExpandProperty typename -Unique | Should -Be psPAS.CyberArk.Vault.PTA.PrivilegedDomainGroupsList + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Get-PASPTAPrivilegedUser.Tests.ps1 b/Tests/Get-PASPTAPrivilegedUser.Tests.ps1 new file mode 100644 index 00000000..512a72a2 --- /dev/null +++ b/Tests/Get-PASPTAPrivilegedUser.Tests.ps1 @@ -0,0 +1,128 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'propertykey' = 'PrivilegedUsersList' + 'ActualValue' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } + } + + $response = Get-PASPTAPrivilegedUser + } + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/pta/API/configuration" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Body -eq $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '1.0' + { Get-PASPTAPrivilegedUser } | Should -Throw + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + BeforeEach { + + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'propertykey' = 'PrivilegedUsersList' + 'ActualValue' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } + } + + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + It 'provides output' { + + Get-PASPTAPrivilegedUser | Should -Not -BeNullOrEmpty + + } + + It 'has output with expected number of properties' { + + (Get-PASPTAPrivilegedUser | Get-Member -MemberType NoteProperty).length | Should -Be 2 + + } + + It 'outputs object with expected typename' { + + Get-PASPTAPrivilegedUser | Get-Member | Select-Object -ExpandProperty typename -Unique | Should -Be psPAS.CyberArk.Vault.PTA.PrivilegedUsersList + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Get-PASPTARiskEvent.Tests.ps1 b/Tests/Get-PASPTARiskEvent.Tests.ps1 index 7fde8501..b936c151 100644 --- a/Tests/Get-PASPTARiskEvent.Tests.ps1 +++ b/Tests/Get-PASPTARiskEvent.Tests.ps1 @@ -40,7 +40,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { BeforeEach { Mock Invoke-PASRestMethod -MockWith { - [PSCustomObject]@{'addsaferesult' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } } + } $Script:BaseURI = 'https://SomeURL/SomeApp' @@ -65,6 +65,32 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } + It 'uses expected date filter - date range' { + Get-PASPTARiskEvent -FromTime (Get-Date -Year 1979 -Month 11 -Day 12 -Hour 0 -Minute 0 -Second 0 -Millisecond 0) -ToTime (Get-Date -Year 2023 -Day 22 -Month 1 -Hour 0 -Minute 0 -Second 0 -Millisecond 0) + #311212800000 1674345600000 + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + $URI -eq "$($Script:BaseURI)/API/pta/API/Risks/RisksEvents/?filter=detectionTime%20BETWEEN%20%22311212800000%22%20TO%20%221674345600000%22" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected date filter - before date' { + Get-PASPTARiskEvent -ToTime (Get-Date -Year 2023 -Day 22 -Month 1 -Hour 0 -Minute 0 -Second 0 -Millisecond 0) #1674345600000 + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + $URI -eq "$($Script:BaseURI)/API/pta/API/Risks/RisksEvents/?filter=detectionTime%20lte%20%221674345600000%22" + + } -Times 1 -Exactly -Scope It + } + + It 'uses expected date filter - after date' { + Get-PASPTARiskEvent -FromTime (Get-Date -Year 2023 -Day 22 -Month 1 -Hour 0 -Minute 0 -Second 0 -Millisecond 0) #1674345600000 + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + $URI -eq "$($Script:BaseURI)/API/pta/API/Risks/RisksEvents/?filter=detectionTime%20gte%20%221674345600000%22" + + } -Times 1 -Exactly -Scope It + } + It 'uses expected method' { Get-PASPTARiskEvent Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'GET' } -Times 1 -Exactly -Scope It @@ -93,7 +119,11 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { BeforeEach { Mock Invoke-PASRestMethod -MockWith { - [PSCustomObject]@{'addsaferesult' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } } + [PSCustomObject]@{ + 'totalEntities' = 1 + 'totalpages' = 0 + 'entities' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } + } } $Script:BaseURI = 'https://SomeURL/SomeApp' @@ -109,7 +139,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { It 'has output with expected number of properties' { - (Get-PASPTARiskEvent | Get-Member -MemberType NoteProperty).length | Should -Be 1 + (Get-PASPTARiskEvent | Get-Member -MemberType NoteProperty).length | Should -Be 2 } @@ -119,7 +149,19 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } + It 'processes NextLink' { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'totalEntities' = 799 + 'totalpages' = 10 + 'entities' = @([PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' }, [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' }, [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' }) + } + } + #$script:iteration = 1 + Get-PASPTARiskEvent + Assert-MockCalled Invoke-PASRestMethod -Times 10 -Exactly -Scope It + } } diff --git a/Tests/New-PASDirectoryMapping.Tests.ps1 b/Tests/New-PASDirectoryMapping.Tests.ps1 index eab84819..f452f7bc 100644 --- a/Tests/New-PASDirectoryMapping.Tests.ps1 +++ b/Tests/New-PASDirectoryMapping.Tests.ps1 @@ -118,6 +118,12 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { $Script:ExternalVersion = '0.0' } + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '13.9' + { $InputObj | New-PASDirectoryMapping -MappingAuthorizations RestoreAllSafes, BackupAllSafes -VaultGroups 'Group1', 'Group2' -UserActivityLogPeriod 10 -UsedQuota 10 } | Should -Throw + $Script:ExternalVersion = '0.0' + } + } } diff --git a/Tests/Remove-PASPTAExcludedTarget.Tests.ps1 b/Tests/Remove-PASPTAExcludedTarget.Tests.ps1 new file mode 100644 index 00000000..4cec9aa7 --- /dev/null +++ b/Tests/Remove-PASPTAExcludedTarget.Tests.ps1 @@ -0,0 +1,113 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + + } + + $InputObj = [pscustomobject]@{ + 'ID' = '999' + + } + $response = $InputObj | Remove-PASPTAExcludedTarget + } + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'ID' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Remove-PASPTAExcludedTarget).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/api/pta/API/Administration/properties/CidrExclusionList/999" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'DELETE' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Body -eq $null } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '1.0' + { $InputObj | Remove-PASPTAExcludedTarget } | Should -Throw + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides no output' { + + $response | Should -BeNullOrEmpty + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Remove-PASPTAIncludedTarget.Tests.ps1 b/Tests/Remove-PASPTAIncludedTarget.Tests.ps1 new file mode 100644 index 00000000..3d8a24ca --- /dev/null +++ b/Tests/Remove-PASPTAIncludedTarget.Tests.ps1 @@ -0,0 +1,115 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + + } + + $InputObj = [pscustomobject]@{ + 'ID' = '999' + + } + $response = $InputObj | Remove-PASPTAIncludedTarget + } + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'ID' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Remove-PASPTAIncludedTarget).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/api/pta/API/Administration/properties/CidrInclusionList/999" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'DELETE' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Body -eq $null } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '1.0' + { $InputObj | Remove-PASPTAIncludedTarget } | Should -Throw + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides no output' { + + $response | Should -BeNullOrEmpty + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Remove-PASPTAPrivilegedGroup.Tests.ps1 b/Tests/Remove-PASPTAPrivilegedGroup.Tests.ps1 new file mode 100644 index 00000000..3c225949 --- /dev/null +++ b/Tests/Remove-PASPTAPrivilegedGroup.Tests.ps1 @@ -0,0 +1,115 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + + } + + $InputObj = [pscustomobject]@{ + 'ID' = '999' + + } + $response = $InputObj | Remove-PASPTAPrivilegedGroup + } + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'ID' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Remove-PASPTAPrivilegedGroup).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/pta/API/configuration/properties/PrivilegedDomainGroupsList/999" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'DELETE' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Body -eq $null } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '1.0' + { $InputObj | Remove-PASPTAPrivilegedGroup } | Should -Throw + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides no output' { + + $response | Should -BeNullOrEmpty + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Remove-PASPTAPrivilegedUser.Tests.ps1 b/Tests/Remove-PASPTAPrivilegedUser.Tests.ps1 new file mode 100644 index 00000000..a26bb01c --- /dev/null +++ b/Tests/Remove-PASPTAPrivilegedUser.Tests.ps1 @@ -0,0 +1,115 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $Script:BaseURI = 'https://SomeURL/SomeApp' + $Script:ExternalVersion = '0.0' + $Script:WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + + } + + $InputObj = [pscustomobject]@{ + 'ID' = '999' + + } + $response = $InputObj | Remove-PASPTAPrivilegedUser + } + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'ID' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Remove-PASPTAPrivilegedUser).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:BaseURI)/API/pta/API/configuration/properties/PrivilegedUsersList/999" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'DELETE' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with no body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Body -eq $null } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '1.0' + { $InputObj | Remove-PASPTAPrivilegedUser } | Should -Throw + $Script:ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides no output' { + + $response | Should -BeNullOrEmpty + + } + + } + + } + +} \ No newline at end of file diff --git a/Tests/Set-PASDirectoryMapping.Tests.ps1 b/Tests/Set-PASDirectoryMapping.Tests.ps1 index 7ba73981..240ef07c 100644 --- a/Tests/Set-PASDirectoryMapping.Tests.ps1 +++ b/Tests/Set-PASDirectoryMapping.Tests.ps1 @@ -87,6 +87,12 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { $Script:ExternalVersion = '0.0' } + It 'throws error if version requirement not met' { + $Script:ExternalVersion = '13.9' + { $InputObj | Set-PASDirectoryMapping -UsedQuota 10 } | Should -Throw + $Script:ExternalVersion = '0.0' + } + } } diff --git a/Tests/Set-PASPTARiskEvent.Tests.ps1 b/Tests/Set-PASPTARiskEvent.Tests.ps1 index f4a41f4c..14c51c53 100644 --- a/Tests/Set-PASPTARiskEvent.Tests.ps1 +++ b/Tests/Set-PASPTARiskEvent.Tests.ps1 @@ -40,7 +40,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { BeforeEach { Mock Invoke-PASRestMethod -MockWith { - [PSCustomObject]@{'addsaferesult' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } } + [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } } $Script:BaseURI = 'https://SomeURL/SomeApp' @@ -50,29 +50,29 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } It 'sends request' { - Set-PASPTARiskEvent -EventID 1234 -Status CLOSED + Set-PASPTARiskEvent -ID 1234 -Status CLOSED Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It } It 'sends request to expected endpoint' { - Set-PASPTARiskEvent -EventID 1234 -Status CLOSED + Set-PASPTARiskEvent -ID 1234 -Status CLOSED Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { - $URI -match "$($Script:BaseURI)/API/pta/API/Risks/RiskEvents/1234" + $URI -match "$($Script:BaseURI)/api/pta/API/Risks/RisksEvents/1234" } -Times 1 -Exactly -Scope It } It 'uses expected method' { - Set-PASPTARiskEvent -EventID 1234 -Status CLOSED + Set-PASPTARiskEvent -ID 1234 -Status CLOSED Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'PATCH' } -Times 1 -Exactly -Scope It } It 'sends request with expected body' { - Set-PASPTARiskEvent -EventID 1234 -Status CLOSED + Set-PASPTARiskEvent -ID 1234 -Status CLOSED Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Body -ne $null @@ -83,7 +83,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { It 'throws error if version requirement not met' { $Script:ExternalVersion = '1.0' - { Set-PASPTARiskEvent -EventID 1234 -Status CLOSED } | Should -Throw + { Set-PASPTARiskEvent -ID 1234 -Status CLOSED } | Should -Throw $Script:ExternalVersion = '0.0' } @@ -93,7 +93,7 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { BeforeEach { Mock Invoke-PASRestMethod -MockWith { - [PSCustomObject]@{'addsaferesult' = [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2' } } + [PSCustomObject]@{'Prop1' = 'Val1'; 'Prop2' = 'Val2'; 'Prop3' = 'Val2'; 'Prop4' = 'Val2'; 'Prop5' = 'Val2' } } $Script:BaseURI = 'https://SomeURL/SomeApp' @@ -103,19 +103,19 @@ Describe $($PSCommandPath -Replace '.Tests.ps1') { } It 'provides output' { - Set-PASPTARiskEvent -EventID 1234 -Status CLOSED | Should -Not -BeNullOrEmpty + Set-PASPTARiskEvent -ID 1234 -Status CLOSED | Should -Not -BeNullOrEmpty } It 'has output with expected number of properties' { - (Set-PASPTARiskEvent -EventID 1234 -Status CLOSED | Get-Member -MemberType NoteProperty).length | Should -Be 1 + (Set-PASPTARiskEvent -ID 1234 -Status CLOSED | Get-Member -MemberType NoteProperty).length | Should -Be 5 } It 'outputs object with expected typename' { - Set-PASPTARiskEvent -EventID 1234 -Status CLOSED | Get-Member | Select-Object -ExpandProperty typename -Unique | Should -Be psPAS.CyberArk.Vault.PTA.Event.Risk + Set-PASPTARiskEvent -ID 1234 -Status CLOSED | Get-Member | Select-Object -ExpandProperty typename -Unique | Should -Be psPAS.CyberArk.Vault.PTA.Event.Risk } diff --git a/docs/collections/_commands/Add-PASPTAExcludedTarget.md b/docs/collections/_commands/Add-PASPTAExcludedTarget.md new file mode 100644 index 00000000..e010b601 --- /dev/null +++ b/docs/collections/_commands/Add-PASPTAExcludedTarget.md @@ -0,0 +1,94 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Add-PASPTAExcludedTarget +schema: 2.0.0 +title: Add-PASPTAExcludedTarget +--- + +# Add-PASPTAExcludedTarget + +## SYNOPSIS +Adds Excluded target IP/subnet value in PTA administration configuration + +## SYNTAX + +``` +Add-PASPTAExcludedTarget [-cidr] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Adds Excluded target IP/subnet value in PTA administration configuration + +## EXAMPLES + +### Example 1 +```powershell +Add-PASPTAExcludedTarget -cidr 192.168.60.10/24 +``` + +Adds 192.168.60.10/24 as an excluded target in PTA administration + +## PARAMETERS + +### -cidr +IP/Subnet cidr value + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Add-PASPTAExcludedTarget](https://pspas.pspete.dev/commands/Add-PASPTAExcludedTarget) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm) diff --git a/docs/collections/_commands/Add-PASPTAGlobalCatalog.md b/docs/collections/_commands/Add-PASPTAGlobalCatalog.md index 5ab44f1d..b51582af 100644 --- a/docs/collections/_commands/Add-PASPTAGlobalCatalog.md +++ b/docs/collections/_commands/Add-PASPTAGlobalCatalog.md @@ -40,7 +40,7 @@ Adds Global Catalog to PTA configuration ## PARAMETERS ### -ldap_certificate -Base-64 encoded X.509 SSL certificate of the Global Catalog server - without cert header/footer --BEGIN/END. +Base-64 encoded X.509 SSL certificate of the Global Catalog server. Must be specified if `ssl` parameter is specified as `true`. ```yaml diff --git a/docs/collections/_commands/Add-PASPTAIncludedTarget.md b/docs/collections/_commands/Add-PASPTAIncludedTarget.md new file mode 100644 index 00000000..440d421a --- /dev/null +++ b/docs/collections/_commands/Add-PASPTAIncludedTarget.md @@ -0,0 +1,94 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Add-PASPTAIncludedTarget +schema: 2.0.0 +title: Add-PASPTAIncludedTarget +--- + +# Add-PASPTAIncludedTarget + +## SYNOPSIS +Adds Included target IP/subnet value in PTA administration configuration + +## SYNTAX + +``` +Add-PASPTAIncludedTarget [-cidr] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Adds Included target IP/subnet value in PTA administration configuration + +## EXAMPLES + +### Example 1 +```powershell +Add-PASPTAIncludedTarget -cidr 192.168.60.10/24 +``` + +Adds 192.168.60.10/24 as an included target in PTA administration + +## PARAMETERS + +### -cidr +IP/Subnet cidr value + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Add-PASPTAIncludedTarget](https://pspas.pspete.dev/commands/Add-PASPTAIncludedTarget) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm) diff --git a/docs/collections/_commands/Add-PASPTAPrivilegedGroup.md b/docs/collections/_commands/Add-PASPTAPrivilegedGroup.md new file mode 100644 index 00000000..7123dd2f --- /dev/null +++ b/docs/collections/_commands/Add-PASPTAPrivilegedGroup.md @@ -0,0 +1,109 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedGroup +schema: 2.0.0 +title: Add-PASPTAPrivilegedGroup +--- + +# Add-PASPTAPrivilegedGroup + +## SYNOPSIS +Adds an AD group to PrivilegedDomainGroupsList in PTA + +## SYNTAX + +``` +Add-PASPTAPrivilegedGroup [-domain] [-group] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Adds an AD group to PrivilegedDomainGroupsList in PTA configuration + +## EXAMPLES + +### Example 1 +```powershell +Add-PASPTAPrivilegedGroup -domain SomeDomain.com -group SomeGroup +``` + +Adds SomeGroup as to PrivilegedDomainGroupsList in PTA + +## PARAMETERS + +### -domain +A domain name in an FQDN format, such as domain.com + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -group +A group name defined as privileged + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedGroup](https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedGroup) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateSecurity.htm) diff --git a/docs/collections/_commands/Add-PASPTAPrivilegedUser.md b/docs/collections/_commands/Add-PASPTAPrivilegedUser.md new file mode 100644 index 00000000..216f0350 --- /dev/null +++ b/docs/collections/_commands/Add-PASPTAPrivilegedUser.md @@ -0,0 +1,109 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedUser +schema: 2.0.0 +title: Add-PASPTAPrivilegedUser +--- + +# Add-PASPTAPrivilegedUser + +## SYNOPSIS +Adds an user to PrivilegedUsersList in PTA + +## SYNTAX + +``` +Add-PASPTAPrivilegedUser [-platform] [-user] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Adds an user to PrivilegedUsersList in PTA configuration + +## EXAMPLES + +### Example 1 +```powershell +Add-PASPTAPrivilegedUser -platform WINDOWS -user AdminUser +``` + +Adds AdminUser to PrivilegedUsersList in PTA + +## PARAMETERS + +### -platform +The platform of the privileged user (UNIX, WINDOWS, ORACLE, CLOUD_AWS, CLOUD_AZURE, APPLICATION) + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -user +A privileged user or a regex for the privileged users + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedUser](https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedUser) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateSecurity.htm) diff --git a/docs/collections/_commands/Get-PASAccountActivity.md b/docs/collections/_commands/Get-PASAccountActivity.md index 7ca75939..42ef0f51 100644 --- a/docs/collections/_commands/Get-PASAccountActivity.md +++ b/docs/collections/_commands/Get-PASAccountActivity.md @@ -14,15 +14,19 @@ Returns activities for an account. ## SYNTAX +### Gen2 (Default) ``` Get-PASAccountActivity [-AccountID] [] ``` +### Gen1 +``` +Get-PASAccountActivity [-AccountID] [-UseGen1API] [] +``` + ## DESCRIPTION Returns activities for a specific account identified by its AccountID. -Depreciated from version 13.2 - ## EXAMPLES ### EXAMPLE 1 @@ -32,6 +36,13 @@ Get-PASAccount -Keywords root -Safe UNIXSafe | Get-PASAccountActivity Will return the account activity for the account output by Get-PASAccount +### EXAMPLE 2 +``` +Get-PASAccountActivity -id 123_4 -useGen1API +``` + +Will return the account activity for the account using the Gen1 API + ## PARAMETERS ### -AccountID @@ -49,6 +60,23 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` +### -UseGen1API +Specify to force use of the Gen1 API + +Gen1 API is Depreciated from version 13.2 + +```yaml +Type: SwitchParameter +Parameter Sets: Gen1 +Aliases: UseClassicAPI + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/docs/collections/_commands/Get-PASLinkedGroup.md b/docs/collections/_commands/Get-PASLinkedGroup.md new file mode 100644 index 00000000..52b6b656 --- /dev/null +++ b/docs/collections/_commands/Get-PASLinkedGroup.md @@ -0,0 +1,62 @@ +--- +external help file: psPAS-help.xml +Module Name: psPAS +online version: +schema: 2.0.0 +title: Get-PASLinkedGroup +--- + +# Get-PASLinkedGroup + +## SYNOPSIS +Gets linked group details + +## SYNTAX + +``` +Get-PASLinkedGroup [-id] [] +``` + +## DESCRIPTION +Gets details of associated linked groups for a given accountID + +Requires CyberArk Version 12.2 or higher. + +## EXAMPLES + +### Example 1 +```powershell +Get-PASLinkedGroup -id 66_6 +``` + +Gets linked group details associated with account with ID 66_6 + +## PARAMETERS + +### -id +The account id + +```yaml +Type: String +Parameter Sets: (All) +Aliases: AccountID + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Get-PASLinkedGroup](https://pspas.pspete.dev/commands/Get-PASLinkedGroup) diff --git a/docs/collections/_commands/Get-PASPTAExcludedTarget.md b/docs/collections/_commands/Get-PASPTAExcludedTarget.md new file mode 100644 index 00000000..8bd4f645 --- /dev/null +++ b/docs/collections/_commands/Get-PASPTAExcludedTarget.md @@ -0,0 +1,48 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Get-PASPTAExcludedTarget +schema: 2.0.0 +title: Get-PASPTAExcludedTarget +--- + +# Get-PASPTAExcludedTarget + +## SYNOPSIS +Get excluded target from the PTA + +## SYNTAX + +``` +Get-PASPTAExcludedTarget [] +``` + +## DESCRIPTION +Returns excluded target properties from PTA security configuration + +## EXAMPLES + +### Example 1 +```powershell +Get-PASPTAExcludedTarget +``` + +Returns all configured excluded targets + +## PARAMETERS + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Get-PASPTAExcludedTarget](https://pspas.pspete.dev/commands/Get-PASPTAExcludedTarget) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetAdministration.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetAdministration.htm) diff --git a/docs/collections/_commands/Get-PASPTAIncludedTarget.md b/docs/collections/_commands/Get-PASPTAIncludedTarget.md new file mode 100644 index 00000000..3f95f3fc --- /dev/null +++ b/docs/collections/_commands/Get-PASPTAIncludedTarget.md @@ -0,0 +1,48 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Get-PASPTAIncludedTarget +schema: 2.0.0 +title: Get-PASPTAIncludedTarget +--- + +# Get-PASPTAIncludedTarget + +## SYNOPSIS +Returns included target property from PTA + +## SYNTAX + +``` +Get-PASPTAIncludedTarget [] +``` + +## DESCRIPTION +Returns included target property from PTA security configuration + +## EXAMPLES + +### Example 1 +```powershell +Get-PASPTAIncludedTarget +``` + +Returns all configured included targets from PTA configuration + +## PARAMETERS + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedGroup](https://pspas.pspete.dev/commands/Get-PASPTAIncludedTarget) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetAdministration.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetAdministration.htm) diff --git a/docs/collections/_commands/Get-PASPTAPrivilegedGroup.md b/docs/collections/_commands/Get-PASPTAPrivilegedGroup.md new file mode 100644 index 00000000..6df27305 --- /dev/null +++ b/docs/collections/_commands/Get-PASPTAPrivilegedGroup.md @@ -0,0 +1,48 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedGroup +schema: 2.0.0 +title: Get-PASPTAPrivilegedGroup +--- + +# Get-PASPTAPrivilegedGroup + +## SYNOPSIS +Get configured PTA PrivilegedDomainGroupsList + +## SYNTAX + +``` +Get-PASPTAPrivilegedGroup [] +``` + +## DESCRIPTION +Return PrivilegedDomainGroupsList from PTA + +## EXAMPLES + +### Example 1 +```powershell +Get-PASPTAPrivilegedGroup +``` + +Return PrivilegedDomainGroupsList from PTA + +## PARAMETERS + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedGroup](https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedGroup) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetSecurity.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetSecurity.htm) diff --git a/docs/collections/_commands/Get-PASPTAPrivilegedUser.md b/docs/collections/_commands/Get-PASPTAPrivilegedUser.md new file mode 100644 index 00000000..3a9f7dcb --- /dev/null +++ b/docs/collections/_commands/Get-PASPTAPrivilegedUser.md @@ -0,0 +1,64 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedUser +schema: 2.0.0 +title: Get-PASPTAPrivilegedUser +--- + +# Get-PASPTAPrivilegedUser + +## SYNOPSIS +Get PTA PrivilegedUsersList + +## SYNTAX + +``` +Get-PASPTAPrivilegedUser [[-ValueType] ] [] +``` + +## DESCRIPTION +Return PrivilegedUsersList from PTA + +## EXAMPLES + +### Example 1 +```powershell +Get-PASPTAPrivilegedUser +``` + +Return PrivilegedUsersList PTA security configuration + +## PARAMETERS + +### -ValueType +Specify to return ActualValue or DefaultValue. +ActualValue is returned by default. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedUser](https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedUser) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetSecurity.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetSecurity.htm) diff --git a/docs/collections/_commands/Get-PASPTARiskEvent.md b/docs/collections/_commands/Get-PASPTARiskEvent.md index 6966dbdc..56d12d79 100644 --- a/docs/collections/_commands/Get-PASPTARiskEvent.md +++ b/docs/collections/_commands/Get-PASPTARiskEvent.md @@ -1,8 +1,10 @@ --- +category: PSPAS external help file: psPAS-help.xml Module Name: psPAS online version: https://pspas.pspete.dev/commands/Get-PASPTARiskEvent schema: 2.0.0 +title: Get-PASPTARiskEvent --- # Get-PASPTARiskEvent @@ -12,9 +14,16 @@ Output all PTA Risk Events ## SYNTAX +### 13.2 (Default) ``` -Get-PASPTARiskEvent [[-type] ] [[-status] ] [[-sort] ] [[-page] ] - [[-size] ] [] +Get-PASPTARiskEvent [[-type] ] [[-status] ] [[-sort] ] [[-size] ] + [] +``` + +### 14.0 +``` +Get-PASPTARiskEvent [[-type] ] [[-status] ] [-FromTime ] [-ToTime ] + [[-sort] ] [[-size] ] [] ``` ## DESCRIPTION @@ -84,8 +93,12 @@ Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -page -The page number, starting with 0 +### -size +The maximum number of returned events in a given page. + +If not specified, the server limits the results to 100. + +The maximum number that can be specified is 1000. ```yaml Type: Int32 @@ -93,27 +106,42 @@ Parameter Sets: (All) Aliases: Required: False -Position: 4 +Position: 5 Default value: 0 Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -size -The maximum number of returned events in a given page. +### -FromTime +Filter by start time of a detection time window -If not specified, the server limits the results to 100. +Requires 14.0 -The maximum number that can be specified is 1000. +```yaml +Type: DateTime +Parameter Sets: 14.0 +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -ToTime +Filter by end time of a detection time window + +Requires 14.0 ```yaml -Type: Int32 -Parameter Sets: (All) +Type: DateTime +Parameter Sets: 14.0 Aliases: Required: False -Position: 5 -Default value: 0 +Position: Named +Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` diff --git a/docs/collections/_commands/New-PASDirectoryMapping.md b/docs/collections/_commands/New-PASDirectoryMapping.md index acf7b1c7..06a4feba 100644 --- a/docs/collections/_commands/New-PASDirectoryMapping.md +++ b/docs/collections/_commands/New-PASDirectoryMapping.md @@ -17,7 +17,8 @@ Adds a new Directory Mapping for an existing directory ``` New-PASDirectoryMapping [-DirectoryName] [-MappingName] [-LDAPBranch] [-DomainGroups] [[-VaultGroups] ] [[-Location] ] [[-LDAPQuery] ] - [[-MappingAuthorizations] ] [[-UserActivityLogPeriod] ] [-WhatIf] [-Confirm] + [[-MappingAuthorizations] ] [[-UserActivityLogPeriod] ] [-UsedQuota ] + [-AuthorizedInterfaces ] [-EnableENEWhenDisconnected ] [-WhatIf] [-Confirm] [] ``` @@ -236,6 +237,57 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -AuthorizedInterfaces +Sets the authorized interface from the available interfaces defined by the license. + +Requires 14.0 + +```yaml +Type: String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -EnableENEWhenDisconnected +Whether or not to monitor this user type's activity. + +Requires 14.0 + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -UsedQuota +Sets the disk quota allocated to the user in MB. + +Requires 14.0 + +```yaml +Type: Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/docs/collections/_commands/Remove-PASPTAExcludedTarget.md b/docs/collections/_commands/Remove-PASPTAExcludedTarget.md new file mode 100644 index 00000000..945f08cd --- /dev/null +++ b/docs/collections/_commands/Remove-PASPTAExcludedTarget.md @@ -0,0 +1,94 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Remove-PASPTAExcludedTarget +schema: 2.0.0 +title: Remove-PASPTAExcludedTarget +--- + +# Remove-PASPTAExcludedTarget + +## SYNOPSIS +Removes excluded target from PTA + +## SYNTAX + +``` +Remove-PASPTAExcludedTarget [-ID] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Remove configured excluded target + +## EXAMPLES + +### Example 1 +```powershell +Remove-PASPTAExcludedTarget -ID 65b6aa31721d9b5f3a56ca7e +``` + +Removes excluded target matching ID + +## PARAMETERS + +### -ID +The ID of the Excluded Target to remove + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Remove-PASPTAExcludedTarget](https://pspas.pspete.dev/commands/Remove-PASPTAExcludedTarget) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm) diff --git a/docs/collections/_commands/Remove-PASPTAIncludedTarget.md b/docs/collections/_commands/Remove-PASPTAIncludedTarget.md new file mode 100644 index 00000000..680f9ead --- /dev/null +++ b/docs/collections/_commands/Remove-PASPTAIncludedTarget.md @@ -0,0 +1,94 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Remove-PASPTAIncludedTarget +schema: 2.0.0 +title: Remove-PASPTAIncludedTarget +--- + +# Remove-PASPTAIncludedTarget + +## SYNOPSIS +Remove PTA included target + +## SYNTAX + +``` +Remove-PASPTAIncludedTarget [-ID] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Remove configured included target from PTA + +## EXAMPLES + +### Example 1 +```powershell +Remove-PASPTAIncludedTarget -ID 65b6aa31721d9b5f3a56ca7e +``` + +Removes included target matching ID + +## PARAMETERS + +### -ID +The ID of the target to remove + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Remove-PASPTAIncludedTarget](https://pspas.pspete.dev/commands/Remove-PASPTAIncludedTarget) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm) diff --git a/docs/collections/_commands/Remove-PASPTAPrivilegedGroup.md b/docs/collections/_commands/Remove-PASPTAPrivilegedGroup.md new file mode 100644 index 00000000..5e76457e --- /dev/null +++ b/docs/collections/_commands/Remove-PASPTAPrivilegedGroup.md @@ -0,0 +1,94 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedGroup +schema: 2.0.0 +title: Remove-PASPTAPrivilegedGroup +--- + +# Remove-PASPTAPrivilegedGroup + +## SYNOPSIS +Deletes PTA configured privileged group + +## SYNTAX + +``` +Remove-PASPTAPrivilegedGroup [-ID] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Delete privileged group configured in PTA + +## EXAMPLES + +### Example 1 +```powershell +Remove-PASPTAPrivilegedGroup -ID 65b6aa31721d9b5f3a56ca7e +``` + +Deletes group configuration matching ID + +## PARAMETERS + +### -ID +The ID of the group configuration to delete + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedGroup](https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedGroup) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm) diff --git a/docs/collections/_commands/Remove-PASPTAPrivilegedUser.md b/docs/collections/_commands/Remove-PASPTAPrivilegedUser.md new file mode 100644 index 00000000..75d7847e --- /dev/null +++ b/docs/collections/_commands/Remove-PASPTAPrivilegedUser.md @@ -0,0 +1,94 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedUser +schema: 2.0.0 +title: Remove-PASPTAPrivilegedUser +--- + +# Remove-PASPTAPrivilegedUser + +## SYNOPSIS +Delete configured privileged user from PTA + +## SYNTAX + +``` +Remove-PASPTAPrivilegedUser [-ID] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Deletes configured privileged user from PTA + +## EXAMPLES + +### Example 1 +```powershell +Remove-PASPTAPrivilegedUser -ID 65b6aa31721d9b5f3a56ca7e +``` + +Deletes user configuration matching ID + +## PARAMETERS + +### -ID +The ID of the user configuration to delete + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS + +[https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedUser](https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedUser) + +[https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm](https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm) diff --git a/docs/collections/_commands/Set-PASDirectoryMapping.md b/docs/collections/_commands/Set-PASDirectoryMapping.md index b556ecae..abbf7c65 100644 --- a/docs/collections/_commands/Set-PASDirectoryMapping.md +++ b/docs/collections/_commands/Set-PASDirectoryMapping.md @@ -18,7 +18,8 @@ Updates an existing Directory Mapping for a directory Set-PASDirectoryMapping [-DirectoryName] [-MappingID] [-MappingName] [-LDAPBranch] [[-DomainGroups] ] [[-VaultGroups] ] [[-Location] ] [[-LDAPQuery] ] [[-MappingAuthorizations] ] [[-UserActivityLogPeriod] ] - [-WhatIf] [-Confirm] [] + [-UsedQuota ] [-AuthorizedInterfaces ] [-EnableENEWhenDisconnected ] [-WhatIf] + [-Confirm] [] ``` ## DESCRIPTION @@ -261,6 +262,57 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -AuthorizedInterfaces +Sets the authorized interface from the available interfaces defined by the license. + +Requires 14.0 + +```yaml +Type: String[] +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -EnableENEWhenDisconnected +Whether or not to monitor this user type's activity. + +Requires 14.0 + +```yaml +Type: Boolean +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -UsedQuota +Sets the disk quota allocated to the user in MB. + +Requires 14.0 + +```yaml +Type: Int32 +Parameter Sets: (All) +Aliases: + +Required: False +Position: Named +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). diff --git a/docs/collections/_commands/Set-PASPTARiskEvent.md b/docs/collections/_commands/Set-PASPTARiskEvent.md index 879c53d5..d5d581ce 100644 --- a/docs/collections/_commands/Set-PASPTARiskEvent.md +++ b/docs/collections/_commands/Set-PASPTARiskEvent.md @@ -12,8 +12,15 @@ Update PTA Risk Events ## SYNTAX +### 13.2 (Default) ``` -Set-PASPTARiskEvent [-EventID] [-Status] [-WhatIf] [-Confirm] [] +Set-PASPTARiskEvent -ID [-status] [-WhatIf] [-Confirm] [] +``` + +### 14.0 +``` +Set-PASPTARiskEvent -ID [-status] [-closeReason ] [-reasonText ] [-WhatIf] + [-Confirm] [] ``` ## DESCRIPTION @@ -32,23 +39,61 @@ Close PTA Risk Event with id 1234 ## PARAMETERS -### -EventID -The ID of the risk event +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. ```yaml -Type: String +Type: SwitchParameter Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -closeReason +The close reason for the risk event +Valid Values: +- HANDLED +- NOTREAL +- OTHER +- NONE + +Requires version 14.0 + +```yaml +Type: String +Parameter Sets: 14.0 Aliases: -Required: True -Position: 1 +Required: False +Position: Named Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Status -The status to update on the risk event +### -ID +The ID of the PTA Risk Event ```yaml Type: String @@ -56,40 +101,41 @@ Parameter Sets: (All) Aliases: Required: True -Position: 2 +Position: Named Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -WhatIf -Shows what would happen if the cmdlet runs. -The cmdlet is not run. +### -reasonText +Free text close reason + +Requires version 14.0 ```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: wi +Type: String +Parameter Sets: 14.0 +Aliases: Required: False Position: Named Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` -### -Confirm -Prompts you for confirmation before running the cmdlet. +### -status +The status to update on the risk event ```yaml -Type: SwitchParameter +Type: String Parameter Sets: (All) -Aliases: cf +Aliases: -Required: False -Position: Named +Required: True +Position: 2 Default value: None -Accept pipeline input: False +Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False ``` diff --git a/docs/collections/_commands/Unlock-PASAccount.md b/docs/collections/_commands/Unlock-PASAccount.md index 09510afd..8ccd3ed8 100644 --- a/docs/collections/_commands/Unlock-PASAccount.md +++ b/docs/collections/_commands/Unlock-PASAccount.md @@ -157,4 +157,7 @@ Minimum CyberArk version 11.6 (Unlock Account) [https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Checkin-account.htm](https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Checkin-account.htm) -[https://docs.cyberark.com/Product-Doc/OnlineHelp/pas/Latest/en/Content/PASIMP/AutoUnlockinPSM.htm](https://docs.cyberark.com/Product-Doc/OnlineHelp/pas/Latest/en/Content/PASIMP/AutoUnlockinPSM.htm) \ No newline at end of file +[https://docs.cyberark.com/Product-Doc/OnlineHelp/pas/Latest/en/Content/PASIMP/AutoUnlockinPSM.htm](https://docs.cyberark.com/Product-Doc/OnlineHelp/pas/Latest/en/Content/PASIMP/AutoUnlockinPSM.htm) + +[https://docs.cyberark.com/PAS/Latest/en/Content/SDK/Unlock-account.htm](https://docs.cyberark.com/PAS/Latest/en/Content/SDK/Unlock-account.htm) + diff --git a/docs/collections/_docs/10-compatibility.md b/docs/collections/_docs/10-compatibility.md index 8f5e1d80..c4588604 100644 --- a/docs/collections/_docs/10-compatibility.md +++ b/docs/collections/_docs/10-compatibility.md @@ -177,15 +177,40 @@ If version requirement criteria are not met, operations may be prevented. [`Disable-PASUser`][Disable-PASUser] |**12.6** |Disable CyberArk Users [`Publish-PASDiscoveredAccount`][Publish-PASDiscoveredAccount] |**12.6** |Onboard Discovered Accounts [`Get-PASLinkedAccount`][Get-PASLinkedAccount] |**12.2** |Get details of linked accounts +[`Get-PASLinkedGroup`][Get-PASLinkedGroup] |**12.2** |Get details of linked groups [`Add-PASPersonalAdminAccount`][Add-PASPersonalAdminAccount] |**12.6** |Add Personal Admin Account (Privilege Cloud Only). [`Get-PASPTAGlobalCatalog`][Get-PASPTAGlobalCatalog] |**13.0** |Get Global Catalog connectivity details for PTA. [`Add-PASPTAGlobalCatalog`][Add-PASPTAGlobalCatalog] |**13.0** |Add Global Catalog connectivity details to PTA. [`Get-PASUserTypeInfo`][Get-PASUserTypeInfo] |**13.2** |Get User Type Info -[`Get-PASPTARiskEvent`][Get-PASPTARiskEvent] |**13.2** |Get PTA Risk Events -[`Set-PASPTARiskEvent`][Set-PASPTARiskEvent] |**13.2** |Update PTA Risk Events +[`Get-PASPTARiskEvent`][Get-PASPTARiskEvent] |**13.2** ([Notes](#get-pasptariskevent)) |Get PTA Risk Events +[`Set-PASPTARiskEvent`][Set-PASPTARiskEvent] |**13.2** ([Notes](#set-pasptariskevent)) |Update PTA Risk Events [`Get-PASPTARiskSummary`][Get-PASPTARiskSummary] |**13.2** |Get PTA Risk Summary [`New-PASRequestObject`][New-PASRequestObject] |**---** |Format an object to include in an request list - +[`Add-PASPTAExcludedTarget`][Add-PASPTAExcludedTarget] |**14.0** |Excludes a PTA Monitored Target +[`Add-PASPTAIncludedTarget`][Add-PASPTAIncludedTarget] |**14.0** |Includes a PTA Monitored Target +[`Add-PASPTAPrivilegedGroup`][Add-PASPTAPrivilegedGroup] |**14.0** |Configures a PTA Privileged Group +[`Add-PASPTAPrivilegedUser`][Add-PASPTAPrivilegedUser] |**14.0** |Configures a PTA Privileged User +[`Get-PASPTAExcludedTarget`][Get-PASPTAExcludedTarget] |**14.0** |Get PTA Excluded Target +[`Get-PASPTAIncludedTarget`][Get-PASPTAIncludedTarget] |**14.0** |Get PTA Included target +[`Get-PASPTAPrivilegedGroup`][Get-PASPTAPrivilegedGroup] |**14.0** |Get PTA Privileged Group +[`Get-PASPTAPrivilegedUser`][Get-PASPTAPrivilegedUser] |**14.0** |Get PTA Privileged User +[`Remove-PASPTAExcludedTarget`][Remove-PASPTAExcludedTarget] |**14.0** |Remove PTA Excluded Target +[`Remove-PASPTAIncludedTarget`][Remove-PASPTAIncludedTarget] |**14.0** |Remove PTA Included Target +[`Remove-PASPTAPrivilegedGroup`][Remove-PASPTAPrivilegedGroup] |**14.0** |Remove PTA Privileged Group +[`Remove-PASPTAPrivilegedUser`][Remove-PASPTAPrivilegedUser] |**14.0** |Remove PTA Privileged User + +[Add-PASPTAExcludedTarget]:/commands/Add-PASPTAExcludedTarget +[Add-PASPTAIncludedTarget]:/commands/Add-PASPTAIncludedTarget +[Add-PASPTAPrivilegedGroup]:/commands/Add-PASPTAPrivilegedGroup +[Add-PASPTAPrivilegedUser]:/commands/Add-PASPTAPrivilegedUser +[Get-PASPTAExcludedTarget]:/commands/Get-PASPTAExcludedTarget +[Get-PASPTAIncludedTarget]:/commands/Get-PASPTAIncludedTarget +[Get-PASPTAPrivilegedGroup]:/commands/Get-PASPTAPrivilegedGroup +[Get-PASPTAPrivilegedUser]:/commands/Get-PASPTAPrivilegedUser +[Remove-PASPTAExcludedTarget]:/commands/Remove-PASPTAExcludedTarget +[Remove-PASPTAIncludedTarget]:/commands/Remove-PASPTAIncludedTarget +[Remove-PASPTAPrivilegedGroup]:/commands/Remove-PASPTAPrivilegedGroup +[Remove-PASPTAPrivilegedUser]:/commands/Remove-PASPTAPrivilegedUser [New-PASRequestObject]:/commands/New-PASRequestObject [Get-PASUserTypeInfo]:/commands/Get-PASUserTypeInfo [Get-PASPTARiskEvent]:/commands/Get-PASPTARiskEvent @@ -194,6 +219,7 @@ If version requirement criteria are not met, operations may be prevented. [Get-PASPTAGlobalCatalog]:/commands/Get-PASPTAGlobalCatalog [Add-PASPTAGlobalCatalog]:/commands/Add-PASPTAGlobalCatalog [Get-PASLinkedAccount]:/commands/Get-PASLinkedAccount +[Get-PASLinkedGroup]:/commands/Get-PASLinkedGroup [Add-PASPersonalAdminAccount]:/commands/Add-PASPersonalAdminAccount [Publish-PASDiscoveredAccount]:/commands/Publish-PASDiscoveredAccount [Enable-PASUser]:/commands/Enable-PASUser @@ -527,12 +553,24 @@ If version requirement criteria are not met, operations may be prevented. - Supports: - `UserActivityLogPeriod`. +- Version 14.0 introduced new API parameters. + - Supports: + - `UsedQuota` + - `AuthorizedInterfaces` + - `EnableENEWhenDisconnected` + ### Set-PASDirectoryMapping - Version 10.10 introduced a new API endpoint. - Supports: - `UserActivityLogPeriod`. +- Version 14.0 introduced new API parameters. + - Supports: + - `UsedQuota` + - `AuthorizedInterfaces` + - `EnableENEWhenDisconnected` + ### Add-PASDiscoveredAccount - Version 10.8 introduced a new API endpoint. @@ -632,4 +670,16 @@ If version requirement criteria are not met, operations may be prevented. ### Unlock-PASAccount -- Unlock (not check-in) assumed to work from 11.6 \ No newline at end of file +- Unlock (not check-in) assumed to work from 11.6 (officially supported from 14.0) + +### Get-PASPTARiskEvent + +- Version 14 introduced new filter parameters + - `FromTime` + - `ToTime` + +### Set-PASPTARiskEvent + +- Version 14 introduced new parameters + - `closeReason` + - `reasonText` \ No newline at end of file diff --git a/docs/collections/_drafts/2024-01-27-pspas-release-6-1.md b/docs/collections/_drafts/2024-01-27-pspas-release-6-1.md new file mode 100644 index 00000000..9ad5b8d5 --- /dev/null +++ b/docs/collections/_drafts/2024-01-27-pspas-release-6-1.md @@ -0,0 +1,20 @@ +--- +title: "psPAS Release 6.1" +date: 2024-01-27 00:00:00 +tags: + - Release Notes +--- + +## 6.1.0 (January 27 2024) + +### Module update to cover all CyberArk 14.0 API features + +### Added +- N/A + +### Changed +- N/A + +### Fixed +- N/A + diff --git a/docs/collections/_posts/2023-03-06-pspas-release-5-6.md b/docs/collections/_posts/2023-03-06-pspas-release-5-6.md index f21f3e6b..3a5a1ecb 100644 --- a/docs/collections/_posts/2023-03-06-pspas-release-5-6.md +++ b/docs/collections/_posts/2023-03-06-pspas-release-5-6.md @@ -17,7 +17,7 @@ tags: - New-PASSession --- -## **5.6.135 (July ?? 2023)** +## **5.6.135 (July 31st 2023)** ### Module update to cover all CyberArk 13.2 API features diff --git a/docs/collections/_posts/2023-09-06-pspas-release-6-0.md b/docs/collections/_posts/2023-09-06-pspas-release-6-0.md index 95ff49bb..560b6ecc 100644 --- a/docs/collections/_posts/2023-09-06-pspas-release-6-0.md +++ b/docs/collections/_posts/2023-09-06-pspas-release-6-0.md @@ -18,7 +18,6 @@ tags: - Add-PASApplication - Set-PASPTAEvent - Set-PASPTARiskEvent - --- ## **6.0.30** @@ -87,4 +86,5 @@ tags: - Adds logic to determine correct Identity tenant URL based on provided Privileged Cloud Subdomain value. - Both Privileged Cloud API URL & Identity Portal URL are required to be specified if subdomain value is not provided. - Service User authentication for Shared Services introduced in recent previous versions requires installation of `IdentityCommand` module and specification of additional attribute. - - See [the docs](https://pspas.pspete.dev/docs/authentication/#shared-services-authentication) & [New-PASSession](https://pspas.pspete.dev/commands/New-PASSession) for full details. \ No newline at end of file + - See [the docs](https://pspas.pspete.dev/docs/authentication/#shared-services-authentication) & [New-PASSession](https://pspas.pspete.dev/commands/New-PASSession) for full details. + diff --git a/docs/collections/_posts/2024-02-01-pspas-release-6-1.md b/docs/collections/_posts/2024-02-01-pspas-release-6-1.md new file mode 100644 index 00000000..a360d572 --- /dev/null +++ b/docs/collections/_posts/2024-02-01-pspas-release-6-1.md @@ -0,0 +1,64 @@ +--- +title: "psPAS Release 6.1" +date: 2024-02-01 00:00:00 +tags: + - Release Notes + - Add-PASPTAExcludedTarget + - Add-PASPTAIncludedTarget + - Add-PASPTAPrivilegedGroup + - Add-PASPTAPrivilegedUser + - Get-PASPTAExcludedTarget + - Get-PASPTAIncludedTarget + - Get-PASPTAPrivilegedGroup + - Get-PASPTAPrivilegedUser + - Remove-PASPTAExcludedTarget + - Remove-PASPTAIncludedTarget + - Remove-PASPTAPrivilegedGroup + - Remove-PASPTAPrivilegedUser + - Get-PASLinkedGroup + - Get-PASAccountActivity + - Get-PASPTARiskEvent + - New-PASDirectoryMapping + - Set-PASDirectoryMapping + - Invoke-PASRestMethod +--- + +## **6.1.47** + +### Module update to cover all CyberArk 14.0 API features + +### Added +- New commands supported from 14.0: + - `Add-PASPTAExcludedTarget` + - `Add-PASPTAIncludedTarget` + - `Add-PASPTAPrivilegedGroup` + - `Add-PASPTAPrivilegedUser` + - `Get-PASPTAExcludedTarget` + - `Get-PASPTAIncludedTarget` + - `Get-PASPTAPrivilegedGroup` + - `Get-PASPTAPrivilegedUser` + - `Remove-PASPTAExcludedTarget` + - `Remove-PASPTAIncludedTarget` + - `Remove-PASPTAPrivilegedGroup` + - `Remove-PASPTAPrivilegedUser` +- `Get-PASLinkedGroup` + - New experimental command based on undocumented API. + + ### Updated +- `Get-PASAccountActivity` + - Adds Gen2 replacement for deprecated Gen1 API. + - Updates default operation to target Gen2 API. +- `Get-PASPTARiskEvent` + - New filter parameters `FromTime` & `ToTime` + - Fixes output and result paging +- `Set-PASPTARiskEvent` + - New parameters `closeReason` & `reasonText` + - General Fixes +- `New-PASDirectoryMapping` + - New parameters `UsedQuota`, `AuthorizedInterfaces` & `EnableENEWhenDisconnected` +- `Set-PASDirectoryMapping` + - New parameters `UsedQuota`, `AuthorizedInterfaces` & `EnableENEWhenDisconnected` + + ### Fixed +- `Invoke-PASRestMethod` + - Avoids potential error condition when handling errors in ISPSS environments \ No newline at end of file diff --git a/psPAS/Functions/Accounts/Get-PASAccountActivity.ps1 b/psPAS/Functions/Accounts/Get-PASAccountActivity.ps1 index 32d1eb0d..fb426aaf 100644 --- a/psPAS/Functions/Accounts/Get-PASAccountActivity.ps1 +++ b/psPAS/Functions/Accounts/Get-PASAccountActivity.ps1 @@ -1,38 +1,89 @@ # .ExternalHelp psPAS-help.xml function Get-PASAccountActivity { - [CmdletBinding()] + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSReviewUnusedParameter', 'UseGen1API', Justification = 'False Positive')] + [CmdletBinding(DefaultParameterSetName = 'Gen2')] param( [parameter( Mandatory = $true, - ValueFromPipelinebyPropertyName = $true + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = 'Gen2' + )] + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = 'Gen1' )] [Alias('id')] - [string]$AccountID + [string]$AccountID, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $false, + ParameterSetName = 'Gen1' + )] + [Alias('UseClassicAPI')] + [switch]$UseGen1API ) - BEGIN { - #!Depreciated above 13.2 - Assert-VersionRequirement -MaximumVersion 13.2 - }#begin + BEGIN { }#begin PROCESS { - #Create request URL - $URI = "$Script:BaseURI/WebServices/PIMServices.svc/Accounts/$($AccountID | + switch ($PSCmdlet.ParameterSetName) { - Get-EscapedString)/Activities" + 'Gen1' { + + #!Depreciated above 13.2 + Assert-VersionRequirement -MaximumVersion 13.2 + #URL for Request + $URI = "$Script:BaseURI/WebServices/PIMServices.svc" + + break + + } + + default { + + Assert-VersionRequirement -RequiredVersion 13.2 + #URL for Request + $URI = "$Script:BaseURI/api" + + } + + } + + #Create request URL + $URI = "$URI/Accounts/$($AccountID | Get-EscapedString)/Activities" #Send request to web service $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession If ($null -ne $result) { - #Return Results - $result.GetAccountActivitiesResult | + switch ($PSCmdlet.ParameterSetName) { + + 'Gen1' { + + $result = $result.GetAccountActivitiesResult + $typename = 'psPAS.CyberArk.Vault.Account.Activity' + + break - Add-ObjectDetail -typename psPAS.CyberArk.Vault.Account.Activity + } + + default { + + $result = $result.Activities + $typename = 'psPAS.CyberArk.Vault.Account.Activity.Gen2' + + } + + } + + #Return Results + $result | Add-ObjectDetail -typename $typename } diff --git a/psPAS/Functions/Accounts/Get-PASLinkedGroup.ps1 b/psPAS/Functions/Accounts/Get-PASLinkedGroup.ps1 new file mode 100644 index 00000000..b37e7a8d --- /dev/null +++ b/psPAS/Functions/Accounts/Get-PASLinkedGroup.ps1 @@ -0,0 +1,40 @@ +# .ExternalHelp psPAS-help.xml +Function Get-PASLinkedGroup { + [CmdletBinding()] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [Alias('AccountID')] + [string]$id + + ) + + BEGIN { + + #Assume this is possible since Link/Unlink account capability in the newer UI + Assert-VersionRequirement -RequiredVersion 12.2 + + }#begin + + PROCESS { + + #Create URL for Request + $URI = "$Script:BaseURI/api/ExtendedAccounts/$id/LinkedAccounts" + + #Send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession + + If ($null -ne $result) { + + #Return Results + $result | Select-Object -Property * -ExcludeProperty LinkedAccounts | Add-ObjectDetail -typename psPAS.CyberArk.Vault.Account.LinkedGroup + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Add-PASPTAExcludedTarget.ps1 b/psPAS/Functions/EventSecurity/Add-PASPTAExcludedTarget.ps1 new file mode 100644 index 00000000..765ca2b7 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Add-PASPTAExcludedTarget.ps1 @@ -0,0 +1,35 @@ +# .ExternalHelp psPAS-help.xml +Function Add-PASPTAExcludedTarget { + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$cidr + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/api/pta/API/Administration/properties/CidrExclusionList" + + #Create body of request + $Body = $PSBoundParameters | Get-PASParameter | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess($cidr, 'Add PTA Excluded Monitored Target')) { + + #send request to web service + Invoke-PASRestMethod -Uri $URI -Method PATCH -Body $Body -WebSession $Script:WebSession + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Add-PASPTAIncludedTarget.ps1 b/psPAS/Functions/EventSecurity/Add-PASPTAIncludedTarget.ps1 new file mode 100644 index 00000000..9480f5d0 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Add-PASPTAIncludedTarget.ps1 @@ -0,0 +1,35 @@ +# .ExternalHelp psPAS-help.xml +Function Add-PASPTAIncludedTarget { + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$cidr + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/api/pta/API/Administration/properties/CidrInclusionList" + + #Create body of request + $Body = $PSBoundParameters | Get-PASParameter | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess($cidr, 'Add PTA Included Monitored Target')) { + + #send request to web service + Invoke-PASRestMethod -Uri $URI -Method PATCH -Body $Body -WebSession $Script:WebSession + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedGroup.ps1 b/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedGroup.ps1 new file mode 100644 index 00000000..8a001162 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedGroup.ps1 @@ -0,0 +1,41 @@ +# .ExternalHelp psPAS-help.xml +Function Add-PASPTAPrivilegedGroup { + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$domain, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$group + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/API/pta/API/configuration/properties/PrivilegedDomainGroupsList" + + #Create body of request + $Body = $PSBoundParameters | Get-PASParameter | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess($group, 'Add PTA Privileged Domain Group Configuration')) { + + #send request to web service + Invoke-PASRestMethod -Uri $URI -Method PATCH -Body $Body -WebSession $Script:WebSession + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedUser.ps1 b/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedUser.ps1 new file mode 100644 index 00000000..24c39d27 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Add-PASPTAPrivilegedUser.ps1 @@ -0,0 +1,42 @@ +# .ExternalHelp psPAS-help.xml +Function Add-PASPTAPrivilegedUser { + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateSet('UNIX', 'WINDOWS', 'ORACLE', 'CLOUD_AWS', 'CLOUD_AZURE', 'APPLICATION')] + [string]$platform, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$user + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/API/pta/API/configuration/properties/PrivilegedUsersList" + + #Create body of request + $Body = $PSBoundParameters | Get-PASParameter | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess($user, 'Add PTA Privileged User Configuration')) { + + #send request to web service + Invoke-PASRestMethod -Uri $URI -Method PATCH -Body $Body -WebSession $Script:WebSession + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Get-PASPTAExcludedTarget.ps1 b/psPAS/Functions/EventSecurity/Get-PASPTAExcludedTarget.ps1 new file mode 100644 index 00000000..e5699490 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Get-PASPTAExcludedTarget.ps1 @@ -0,0 +1,31 @@ +# .ExternalHelp psPAS-help.xml +Function Get-PASPTAExcludedTarget { + [CmdletBinding()] + param( ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/API/pta/API/administration" + + #Send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession + + If ($null -ne $result) { + + #Return Results + $result | Where-Object { ($PSItem.propertykey -eq 'CidrExclusionList') -and ($PSItem.categorykey -eq 'MonitoredTargets') } | + Select-Object -ExpandProperty 'ActualValue' | + Add-ObjectDetail -typename psPAS.CyberArk.Vault.PTA.MonitoredTarget + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Get-PASPTAIncludedTarget.ps1 b/psPAS/Functions/EventSecurity/Get-PASPTAIncludedTarget.ps1 new file mode 100644 index 00000000..32203b83 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Get-PASPTAIncludedTarget.ps1 @@ -0,0 +1,31 @@ +# .ExternalHelp psPAS-help.xml +Function Get-PASPTAIncludedTarget { + [CmdletBinding()] + param( ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/API/pta/API/administration" + + #Send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession + + If ($null -ne $result) { + + #Return Results + $result | Where-Object { ($PSItem.propertykey -eq 'CidrInclusionList') -and ($PSItem.categorykey -eq 'MonitoredTargets') } | + Select-Object -ExpandProperty 'actualValue' | + Add-ObjectDetail -typename psPAS.CyberArk.Vault.PTA.MonitoredTarget + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Get-PASPTAPrivilegedGroup.ps1 b/psPAS/Functions/EventSecurity/Get-PASPTAPrivilegedGroup.ps1 new file mode 100644 index 00000000..fdd0cc62 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Get-PASPTAPrivilegedGroup.ps1 @@ -0,0 +1,31 @@ +# .ExternalHelp psPAS-help.xml +Function Get-PASPTAPrivilegedGroup { + [CmdletBinding()] + param( ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/API/pta/API/configuration" + + #Send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession + + If ($null -ne $result) { + + #Return Results + $result | Where-Object { $PSItem.propertykey -eq 'PrivilegedDomainGroupsList' } | + Select-Object -ExpandProperty 'ActualValue' | + Add-ObjectDetail -typename psPAS.CyberArk.Vault.PTA.PrivilegedDomainGroupsList + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Get-PASPTAPrivilegedUser.ps1 b/psPAS/Functions/EventSecurity/Get-PASPTAPrivilegedUser.ps1 new file mode 100644 index 00000000..8fb01cec --- /dev/null +++ b/psPAS/Functions/EventSecurity/Get-PASPTAPrivilegedUser.ps1 @@ -0,0 +1,42 @@ +# .ExternalHelp psPAS-help.xml +Function Get-PASPTAPrivilegedUser { + [CmdletBinding()] + param( + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateSet('ActualValue', 'DefaultValue')] + [string]$ValueType + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + $ReturnValue = 'ActualValue' + }#begin + + PROCESS { + + If ($PSBoundParameters.ContainsKey('ValueType')) { + $ReturnValue = $ValueType + } + #Create request URL + $URI = "$Script:BaseURI/API/pta/API/configuration" + + #Send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession + + If ($null -ne $result) { + + #Return Results + $result | Where-Object { $PSItem.propertykey -eq 'PrivilegedUsersList' } | + Select-Object -ExpandProperty $ReturnValue | + Add-ObjectDetail -typename psPAS.CyberArk.Vault.PTA.PrivilegedUsersList + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Get-PASPTARiskEvent.ps1 b/psPAS/Functions/EventSecurity/Get-PASPTARiskEvent.ps1 index 6c2e20b2..abf5bedd 100644 --- a/psPAS/Functions/EventSecurity/Get-PASPTARiskEvent.ps1 +++ b/psPAS/Functions/EventSecurity/Get-PASPTARiskEvent.ps1 @@ -1,37 +1,69 @@ # .ExternalHelp psPAS-help.xml Function Get-PASPTARiskEvent { - [CmdletBinding()] + [CmdletBinding(DefaultParameterSetName = '13.2')] param( [parameter( Mandatory = $false, - ValueFromPipelinebyPropertyName = $true + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' + )] + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '13.2' )] [ValidateSet('RISK_UNCONSTRAINED_DELEGATION', 'RISK_RISKY_SPN')] [string]$type, [parameter( Mandatory = $false, - ValueFromPipelinebyPropertyName = $true + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' + )] + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '13.2' )] [ValidateSet('OPEN', 'CLOSED')] [string]$status, [parameter( Mandatory = $false, - ValueFromPipelinebyPropertyName = $true + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' + )] + [datetime]$FromTime, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' + )] + [datetime]$ToTime, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' + )] + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '13.2' )] [ValidateSet('detectionTime', 'score')] [string]$sort, [parameter( Mandatory = $false, - ValueFromPipelinebyPropertyName = $true + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' )] - [int]$page, - [parameter( Mandatory = $false, - ValueFromPipelinebyPropertyName = $true + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '13.2' )] [ValidateRange(1, 1000)] [int]$size @@ -39,8 +71,9 @@ Function Get-PASPTARiskEvent { ) BEGIN { - Assert-VersionRequirement -RequiredVersion 13.2 + Assert-VersionRequirement -RequiredVersion $PSCmdlet.ParameterSetName $Parameters = [Collections.Generic.List[Object]]::New(@('type', 'status')) + $TimeParameters = [Collections.Generic.List[Object]]::New(@('FromTime', 'ToTime')) }#begin PROCESS { @@ -49,7 +82,48 @@ Function Get-PASPTARiskEvent { $URI = "$Script:BaseURI/API/pta/API/Risks/RisksEvents/" $filterParameters = $PSBoundParameters | Get-PASParameter -ParametersToKeep $Parameters - $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove $Parameters + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove @($Parameters + $TimeParameters) + + switch ($PSCmdlet.ParameterSetName) { + + '14.0' { + + switch ($PSBoundParameters) { + + { $PSItem.ContainsKey('FromTime') } { + + $FromTimeValue = """$($FromTime | ConvertTo-UnixTime -Milliseconds)""" + $Operator = 'gte' + + } + + { $PSItem.ContainsKey('ToTime') } { + + $ToTimeValue = """$($ToTime | ConvertTo-UnixTime -Milliseconds)""" + $Operator = 'lte' + + } + { $PSItem.ContainsKey('FromTime') -and $PSItem.ContainsKey('ToTime') } { + + $TimeValue = "BETWEEN $FromTimeValue TO $ToTimeValue" + continue + + } + { $PSItem.ContainsKey('FromTime') -or $PSItem.ContainsKey('ToTime') } { + + $TimeValue = "$Operator ${FromTimeValue}${ToTimeValue}" + continue + + } + + } + + $filterParameters['detectionTime'] = $TimeValue + + } + + } + $FilterString = $filterParameters | ConvertTo-FilterString -QuoteValue If ($null -ne $FilterString) { @@ -71,10 +145,46 @@ Function Get-PASPTARiskEvent { #Send request to web service $result = Invoke-PASRestMethod -Uri $URI -Method GET -WebSession $Script:WebSession - If ($null -ne $result) { + $Total = $result.totalEntities + + If ($Total -gt 0) { + + #Set events as output collection + $Events = [Collections.Generic.List[Object]]::New(@($result.entities)) + + #Split Request URL into baseURI & any query string value + $URLString = $URI.Split('?') + $URI = $URLString[0] + $queryString = $URLString[1] + + $TotalPages = $result.totalpages + + For ( $Offset = 1 ; $Offset -lt $TotalPages ; $Offset++ ) { + + #While more risk events to return, create nextLink query value + $nextLink = "page=$Offset" + + if ($null -ne $queryString) { + + #If original request contained a queryString, concatenate with nextLink value. + $nextLink = "$queryString&$nextLink" + + } + + + #Request nextLink. Add Risk Events to output collection. + $Null = $Events.AddRange((Invoke-PASRestMethod -Uri "$URI`?$nextLink" -Method GET -WebSession $Script:WebSession).entities) + + } + + $Output = $Events + + } + + If ($null -ne $Output) { #Return Results - $result | Add-ObjectDetail -typename psPAS.CyberArk.Vault.PTA.Event.Risk + $Output | Add-ObjectDetail -typename psPAS.CyberArk.Vault.PTA.Event.Risk } diff --git a/psPAS/Functions/EventSecurity/Remove-PASPTAExcludedTarget.ps1 b/psPAS/Functions/EventSecurity/Remove-PASPTAExcludedTarget.ps1 new file mode 100644 index 00000000..fd883feb --- /dev/null +++ b/psPAS/Functions/EventSecurity/Remove-PASPTAExcludedTarget.ps1 @@ -0,0 +1,32 @@ +# .ExternalHelp psPAS-help.xml +Function Remove-PASPTAExcludedTarget { + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$ID + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/api/pta/API/Administration/properties/CidrExclusionList/$ID" + + if ($PSCmdlet.ShouldProcess($ID, 'Delete PTA Excluded Monitored Target')) { + + #send request to web service + Invoke-PASRestMethod -Uri $URI -Method DELETE -WebSession $Script:WebSession + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Remove-PASPTAIncludedTarget.ps1 b/psPAS/Functions/EventSecurity/Remove-PASPTAIncludedTarget.ps1 new file mode 100644 index 00000000..4aee3794 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Remove-PASPTAIncludedTarget.ps1 @@ -0,0 +1,32 @@ +# .ExternalHelp psPAS-help.xml +Function Remove-PASPTAIncludedTarget { + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$ID + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/api/pta/API/Administration/properties/CidrInclusionList/$ID" + + if ($PSCmdlet.ShouldProcess($ID, 'Delete PTA Included Monitored Target')) { + + #send request to web service + Invoke-PASRestMethod -Uri $URI -Method DELETE -WebSession $Script:WebSession + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Remove-PASPTAPrivilegedGroup.ps1 b/psPAS/Functions/EventSecurity/Remove-PASPTAPrivilegedGroup.ps1 new file mode 100644 index 00000000..4b484596 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Remove-PASPTAPrivilegedGroup.ps1 @@ -0,0 +1,32 @@ +# .ExternalHelp psPAS-help.xml +Function Remove-PASPTAPrivilegedGroup { + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$ID + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/API/pta/API/configuration/properties/PrivilegedDomainGroupsList/$ID" + + if ($PSCmdlet.ShouldProcess($ID, 'Delete PTA Privileged Domain Group Configuration')) { + + #send request to web service + Invoke-PASRestMethod -Uri $URI -Method DELETE -WebSession $Script:WebSession + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Remove-PASPTAPrivilegedUser.ps1 b/psPAS/Functions/EventSecurity/Remove-PASPTAPrivilegedUser.ps1 new file mode 100644 index 00000000..f17fc146 --- /dev/null +++ b/psPAS/Functions/EventSecurity/Remove-PASPTAPrivilegedUser.ps1 @@ -0,0 +1,32 @@ +# .ExternalHelp psPAS-help.xml +Function Remove-PASPTAPrivilegedUser { + [CmdletBinding(SupportsShouldProcess = $true)] + param( + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [string]$ID + ) + + BEGIN { + Assert-VersionRequirement -RequiredVersion 14.0 + }#begin + + PROCESS { + + #Create request URL + $URI = "$Script:BaseURI/API/pta/API/configuration/properties/PrivilegedUsersList/$ID" + + if ($PSCmdlet.ShouldProcess($ID, 'Delete PTA Privileged User Configuration')) { + + #send request to web service + Invoke-PASRestMethod -Uri $URI -Method DELETE -WebSession $Script:WebSession + + } + + }#process + + END { }#end + +} \ No newline at end of file diff --git a/psPAS/Functions/EventSecurity/Set-PASPTARiskEvent.ps1 b/psPAS/Functions/EventSecurity/Set-PASPTARiskEvent.ps1 index 847f7c07..d11b6332 100644 --- a/psPAS/Functions/EventSecurity/Set-PASPTARiskEvent.ps1 +++ b/psPAS/Functions/EventSecurity/Set-PASPTARiskEvent.ps1 @@ -1,33 +1,61 @@ # .ExternalHelp psPAS-help.xml Function Set-PASPTARiskEvent { - [CmdletBinding(SupportsShouldProcess)] + [CmdletBinding(SupportsShouldProcess, DefaultParameterSetName = '13.2')] param( [parameter( Mandatory = $true, - ValueFromPipelinebyPropertyName = $true + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '13.2' )] - [string]$EventID, + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' + )] + [string]$ID, [parameter( Mandatory = $true, - ValueFromPipelinebyPropertyName = $true + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '13.2' + )] + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' )] [ValidateSet('OPEN', 'CLOSED')] - [string]$Status + [string]$status, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' + )] + [ValidateSet('HANDLED', 'NOTREAL', 'OTHER', 'NONE')] + [string]$closeReason, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true, + ParameterSetName = '14.0' + )] + [ValidateLength(0, 100)] + [string]$reasonText ) BEGIN { - Assert-VersionRequirement -RequiredVersion 13.2 + Assert-VersionRequirement -RequiredVersion $PSCmdlet.ParameterSetName }#begin PROCESS { #Create request URL - $URI = "$Script:BaseURI/API/pta/API/Risks/RiskEvents/$EventID" + $URI = "$Script:BaseURI/api/pta/API/Risks/RisksEvents/$ID" #Get Parameters to include in request - $Body = $PSBoundParameters | Get-PASParameter -ParametersToRemove EventID | ConvertTo-Json + $Body = $PSBoundParameters | Get-PASParameter -ParametersToRemove ID | ConvertTo-Json if ($PSCmdlet.ShouldProcess($EventID, 'Update Event Status')) { diff --git a/psPAS/Functions/LDAPDirectories/New-PASDirectoryMapping.ps1 b/psPAS/Functions/LDAPDirectories/New-PASDirectoryMapping.ps1 index 4beff915..157e5de4 100644 --- a/psPAS/Functions/LDAPDirectories/New-PASDirectoryMapping.ps1 +++ b/psPAS/Functions/LDAPDirectories/New-PASDirectoryMapping.ps1 @@ -56,7 +56,27 @@ function New-PASDirectoryMapping { ValueFromPipelinebyPropertyName = $true )] [ValidateRange(1, 3650)] - [int]$UserActivityLogPeriod + [int]$UserActivityLogPeriod, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true + )] + [int]$UsedQuota, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateSet('PIMSU', 'PSM', 'PSMP', 'PVWA', 'WINCLIENT', 'PTA', 'PACLI', 'NAPI', 'XAPI', 'HTTPGW', + 'EVD', 'PIMSu', 'AIMApp', 'CPM', 'PVWAApp', 'PSMApp', 'AppPrv', 'AIMApp', 'PSMPApp', 'GUI')] + [string[]]$AuthorizedInterfaces, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true + )] + [boolean]$EnableENEWhenDisconnected ) @@ -96,6 +116,14 @@ function New-PASDirectoryMapping { } + { $_ -match 'UsedQuota|AuthorizedInterfaces|EnableENEWhenDisconnected' } { + + #v10.7 + Assert-VersionRequirement -RequiredVersion 14.0 + Continue + + } + Default { #v10.4 diff --git a/psPAS/Functions/LDAPDirectories/Set-PASDirectoryMapping.ps1 b/psPAS/Functions/LDAPDirectories/Set-PASDirectoryMapping.ps1 index 9a3b1c1e..7d490f41 100644 --- a/psPAS/Functions/LDAPDirectories/Set-PASDirectoryMapping.ps1 +++ b/psPAS/Functions/LDAPDirectories/Set-PASDirectoryMapping.ps1 @@ -62,7 +62,27 @@ function Set-PASDirectoryMapping { ValueFromPipelinebyPropertyName = $true )] [ValidateRange(1, 3650)] - [int]$UserActivityLogPeriod + [int]$UserActivityLogPeriod, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true + )] + [int]$UsedQuota, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateSet('PIMSU', 'PSM', 'PSMP', 'PVWA', 'WINCLIENT', 'PTA', 'PACLI', 'NAPI', 'XAPI', 'HTTPGW', + 'EVD', 'PIMSu', 'AIMApp', 'CPM', 'PVWAApp', 'PSMApp', 'AppPrv', 'AIMApp', 'PSMPApp', 'GUI')] + [string[]]$AuthorizedInterfaces, + + [parameter( + Mandatory = $false, + ValueFromPipelinebyPropertyName = $true + )] + [boolean]$EnableENEWhenDisconnected ) @@ -97,6 +117,14 @@ function Set-PASDirectoryMapping { } + { $_ -match 'UsedQuota|AuthorizedInterfaces|EnableENEWhenDisconnected' } { + + #v10.7 + Assert-VersionRequirement -RequiredVersion 14.0 + Continue + + } + } #Create URL for request diff --git a/psPAS/Private/ConvertTo-FilterString.ps1 b/psPAS/Private/ConvertTo-FilterString.ps1 index 3d9580ef..a58c4deb 100644 --- a/psPAS/Private/ConvertTo-FilterString.ps1 +++ b/psPAS/Private/ConvertTo-FilterString.ps1 @@ -79,6 +79,12 @@ Encloses value of the key/value pair in quotes. } + detectionTime { + + $null = $FilterList.Add("$PSItem $($Parameters[$PSItem])") + + } + default { $value = $($Parameters[$PSItem]) diff --git a/psPAS/Private/Invoke-PASRestMethod.ps1 b/psPAS/Private/Invoke-PASRestMethod.ps1 index 5adf004f..ab412537 100644 --- a/psPAS/Private/Invoke-PASRestMethod.ps1 +++ b/psPAS/Private/Invoke-PASRestMethod.ps1 @@ -240,16 +240,19 @@ If ($null -ne $($ResponseException)) { - try { + $ErrorMessage = $ResponseException + $ErrorID = $null + $ThisException = $ResponseException | ConvertFrom-Json -ErrorAction SilentlyContinue - $ThisException = $ResponseException | ConvertFrom-Json -ErrorAction Stop - $ErrorMessage = $ThisException | Select-Object -ExpandProperty error_description -ErrorAction Stop - $ErrorID = $($ThisException | Select-Object -ExpandProperty error -ErrorAction Stop) + switch ($ThisException) { - } catch { + { $null -ne $PSItem.error_description } { + $ErrorMessage = $ThisException | Select-Object -ExpandProperty error_description + } - $ErrorMessage = $ResponseException - $ErrorID = $null + { $null -ne $PSItem.error } { + $ErrorID = $ThisException | Select-Object -ExpandProperty error + } } diff --git a/psPAS/en-US/psPAS-help.xml b/psPAS/en-US/psPAS-help.xml index 68b01e58..bf82b76f 100644 --- a/psPAS/en-US/psPAS-help.xml +++ b/psPAS/en-US/psPAS-help.xml @@ -6170,6 +6170,122 @@ Add-PASDiscoveredAccount -UserName ServiceUser -Address 1.2.3.4 -discoveryDate ( + + + Add-PASPTAExcludedTarget + Add + PASPTAExcludedTarget + + Adds Excluded target IP/subnet value in PTA administration configuration + + + + Adds Excluded target IP/subnet value in PTA administration configuration + + + + Add-PASPTAExcludedTarget + + cidr + + IP/Subnet cidr value + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + cidr + + IP/Subnet cidr value + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Add-PASPTAExcludedTarget -cidr 192.168.60.10/24 + + Adds 192.168.60.10/24 as an excluded target in PTA administration + + + + + + https://pspas.pspete.dev/commands/Add-PASPTAExcludedTarget + https://pspas.pspete.dev/commands/Add-PASPTAExcludedTarget + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm + + + Add-PASPTAGlobalCatalog @@ -6190,7 +6306,7 @@ Add-PASDiscoveredAccount -UserName ServiceUser -Address 1.2.3.4 -discoveryDate ( ldap_certificate - Base-64 encoded X.509 SSL certificate of the Global Catalog server - without cert header/footer --BEGIN/END. Must be specified if `ssl` parameter is specified as `true`. + Base-64 encoded X.509 SSL certificate of the Global Catalog server. Must be specified if `ssl` parameter is specified as `true`. String @@ -6265,7 +6381,7 @@ Add-PASDiscoveredAccount -UserName ServiceUser -Address 1.2.3.4 -discoveryDate ( ldap_certificate - Base-64 encoded X.509 SSL certificate of the Global Catalog server - without cert header/footer --BEGIN/END. Must be specified if `ssl` parameter is specified as `true`. + Base-64 encoded X.509 SSL certificate of the Global Catalog server. Must be specified if `ssl` parameter is specified as `true`. String @@ -6362,6 +6478,402 @@ Add-PASDiscoveredAccount -UserName ServiceUser -Address 1.2.3.4 -discoveryDate ( + + + Add-PASPTAIncludedTarget + Add + PASPTAIncludedTarget + + Adds Included target IP/subnet value in PTA administration configuration + + + + Adds Included target IP/subnet value in PTA administration configuration + + + + Add-PASPTAIncludedTarget + + cidr + + IP/Subnet cidr value + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + cidr + + IP/Subnet cidr value + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Add-PASPTAIncludedTarget -cidr 192.168.60.10/24 + + Adds 192.168.60.10/24 as an included target in PTA administration + + + + + + https://pspas.pspete.dev/commands/Add-PASPTAIncludedTarget + https://pspas.pspete.dev/commands/Add-PASPTAIncludedTarget + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm + + + + + + Add-PASPTAPrivilegedGroup + Add + PASPTAPrivilegedGroup + + Adds an AD group to PrivilegedDomainGroupsList in PTA + + + + Adds an AD group to PrivilegedDomainGroupsList in PTA configuration + + + + Add-PASPTAPrivilegedGroup + + domain + + A domain name in an FQDN format, such as domain.com + + String + + String + + + None + + + group + + A group name defined as privileged + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + domain + + A domain name in an FQDN format, such as domain.com + + String + + String + + + None + + + group + + A group name defined as privileged + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Add-PASPTAPrivilegedGroup -domain SomeDomain.com -group SomeGroup + + Adds SomeGroup as to PrivilegedDomainGroupsList in PTA + + + + + + https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedGroup + https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedGroup + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateSecurity.htm + + + + + + Add-PASPTAPrivilegedUser + Add + PASPTAPrivilegedUser + + Adds an user to PrivilegedUsersList in PTA + + + + Adds an user to PrivilegedUsersList in PTA configuration + + + + Add-PASPTAPrivilegedUser + + platform + + The platform of the privileged user (UNIX, WINDOWS, ORACLE, CLOUD_AWS, CLOUD_AZURE, APPLICATION) + + String + + String + + + None + + + user + + A privileged user or a regex for the privileged users + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + platform + + The platform of the privileged user (UNIX, WINDOWS, ORACLE, CLOUD_AWS, CLOUD_AZURE, APPLICATION) + + String + + String + + + None + + + user + + A privileged user or a regex for the privileged users + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Add-PASPTAPrivilegedUser -platform WINDOWS -user AdminUser + + Adds AdminUser to PrivilegedUsersList in PTA + + + + + + https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedUser + https://pspas.pspete.dev/commands/Add-PASPTAPrivilegedUser + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateAdministration.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/UpdateSecurity.htm + + + Add-PASPTARule @@ -11720,7 +12232,6 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Returns activities for a specific account identified by its AccountID. - Depreciated from version 13.2 @@ -11737,6 +12248,18 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None + + UseGen1API + + Specify to force use of the Gen1 API + Gen1 API is Depreciated from version 13.2 + + + SwitchParameter + + + False + @@ -11752,6 +12275,19 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None + + UseGen1API + + Specify to force use of the Gen1 API + Gen1 API is Depreciated from version 13.2 + + SwitchParameter + + SwitchParameter + + + False + @@ -11768,6 +12304,13 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn Will return the account activity for the account output by Get-PASAccount + + -------------------------- EXAMPLE 2 -------------------------- + Get-PASAccountActivity -id 123_4 -useGen1API + + Will return the account activity for the account using the Gen1 API + + @@ -14162,6 +14705,73 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn + + + Get-PASLinkedGroup + Get + PASLinkedGroup + + Gets linked group details + + + + Gets details of associated linked groups for a given accountID + Requires CyberArk Version 12.2 or higher. + + + + Get-PASLinkedGroup + + id + + The account id + + String + + String + + + None + + + + + + id + + The account id + + String + + String + + + None + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Get-PASLinkedGroup -id 66_6 + + Gets linked group details associated with account with ID 66_6 + + + + + + https://pspas.pspete.dev/commands/Get-PASLinkedGroup + https://pspas.pspete.dev/commands/Get-PASLinkedGroup + + + Get-PASLoggedOnUser @@ -16272,6 +16882,51 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn + + + Get-PASPTAExcludedTarget + Get + PASPTAExcludedTarget + + Get excluded target from the PTA + + + + Returns excluded target properties from PTA security configuration + + + + Get-PASPTAExcludedTarget + + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Get-PASPTAExcludedTarget + + Returns all configured excluded targets + + + + + + https://pspas.pspete.dev/commands/Get-PASPTAExcludedTarget + https://pspas.pspete.dev/commands/Get-PASPTAExcludedTarget + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetAdministration.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetAdministration.htm + + + Get-PASPTAGlobalCatalog @@ -16317,6 +16972,166 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn + + + Get-PASPTAIncludedTarget + Get + PASPTAIncludedTarget + + Returns included target property from PTA + + + + Returns included target property from PTA security configuration + + + + Get-PASPTAIncludedTarget + + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Get-PASPTAIncludedTarget + + Returns all configured included targets from PTA configuration + + + + + + https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedGroup + https://pspas.pspete.dev/commands/Get-PASPTAIncludedTarget + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetAdministration.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetAdministration.htm + + + + + + Get-PASPTAPrivilegedGroup + Get + PASPTAPrivilegedGroup + + Get configured PTA PrivilegedDomainGroupsList + + + + Return PrivilegedDomainGroupsList from PTA + + + + Get-PASPTAPrivilegedGroup + + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Get-PASPTAPrivilegedGroup + + Return PrivilegedDomainGroupsList from PTA + + + + + + https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedGroup + https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedGroup + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetSecurity.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetSecurity.htm + + + + + + Get-PASPTAPrivilegedUser + Get + PASPTAPrivilegedUser + + Get PTA PrivilegedUsersList + + + + Return PrivilegedUsersList from PTA + + + + Get-PASPTAPrivilegedUser + + ValueType + + Specify to return ActualValue or DefaultValue. ActualValue is returned by default. + + String + + String + + + None + + + + + + ValueType + + Specify to return ActualValue or DefaultValue. ActualValue is returned by default. + + String + + String + + + None + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Get-PASPTAPrivilegedUser + + Return PrivilegedUsersList PTA security configuration + + + + + + https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedUser + https://pspas.pspete.dev/commands/Get-PASPTAPrivilegedUser + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetSecurity.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetSecurity.htm + + + Get-PASPTARemediation @@ -16417,10 +17232,12 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - page + + size - The page number, starting with 0 + The maximum number of returned events in a given page. + If not specified, the server limits the results to 100. + The maximum number that can be specified is 1000. Int32 @@ -16429,19 +17246,31 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn 0 - - size + + FromTime - The maximum number of returned events in a given page. - If not specified, the server limits the results to 100. - The maximum number that can be specified is 1000. + Filter by start time of a detection time window + Requires 14.0 - Int32 + DateTime - Int32 + DateTime - 0 + None + + + ToTime + + Filter by end time of a detection time window + Requires 14.0 + + DateTime + + DateTime + + + None @@ -16485,10 +17314,12 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn None - - page + + size - The page number, starting with 0 + The maximum number of returned events in a given page. + If not specified, the server limits the results to 100. + The maximum number that can be specified is 1000. Int32 @@ -16497,19 +17328,31 @@ PS > $Role | Add-PASSafeMember -SafeName NewSafe -MemberName User23 -SearchIn 0 - - size + + FromTime - The maximum number of returned events in a given page. - If not specified, the server limits the results to 100. - The maximum number that can be specified is 1000. + Filter by start time of a detection time window + Requires 14.0 - Int32 + DateTime - Int32 + DateTime - 0 + None + + + ToTime + + Filter by end time of a detection time window + Requires 14.0 + + DateTime + + DateTime + + + None @@ -20747,6 +21590,45 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess False + + AuthorizedInterfaces + + Sets the authorized interface from the available interfaces defined by the license. + Requires 14.0 + + String[] + + String[] + + + None + + + EnableENEWhenDisconnected + + Whether or not to monitor this user type's activity. + Requires 14.0 + + Boolean + + Boolean + + + None + + + UsedQuota + + Sets the disk quota allocated to the user in MB. + Requires 14.0 + + Int32 + + Int32 + + + None + @@ -20887,6 +21769,45 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess False + + AuthorizedInterfaces + + Sets the authorized interface from the available interfaces defined by the license. + Requires 14.0 + + String[] + + String[] + + + None + + + EnableENEWhenDisconnected + + Whether or not to monitor this user type's activity. + Requires 14.0 + + Boolean + + Boolean + + + None + + + UsedQuota + + Sets the disk quota allocated to the user in MB. + Requires 14.0 + + Int32 + + Int32 + + + None + @@ -30512,56 +31433,531 @@ Publish-PASDiscoveredAccount -id 66_6 -PlatformID WinDomain -safeName SomeSafe - - -------------------------- EXAMPLE 1 -------------------------- - Remove-PASPolicyACL -PolicyID UNIXSSH -Id 13 + -------------------------- EXAMPLE 1 -------------------------- + Remove-PASPolicyACL -PolicyID UNIXSSH -Id 13 + + Deletes Rule with ID of 13 from UNIXSSH platform. + + + + + + https://pspas.pspete.dev/commands/Remove-PASPolicyACL + https://pspas.pspete.dev/commands/Remove-PASPolicyACL + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20Policy%20ACL.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20Policy%20ACL.htm + + + + + + Remove-PASPrivateSSHKey + Remove + PASPrivateSSHKey + + Deletes an MFA caching SSH key. + + + + Deletes an MFA caching SSH key for connecting to targets via PSM for SSH. Either deletes your key, or the key for another specific user. If deleting a key for another user, the user who runs this command must be at the same vault location level or higher, and requires the "Reset Users' Passwords" permission in the Vault. + Requires CyberArk Version 12.1 or higher. + + + + Remove-PASPrivateSSHKey + + UserID + + The numerical id of the user to delete the key for. + + Int32 + + Int32 + + + 0 + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + + + + UserID + + The numerical id of the user to delete the key for. + + Int32 + + Int32 + + + 0 + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + PS C:\> Remove-PASPrivateSSHKey + + Deletes your MFA caching SSH key. + + + + -------------------------- Example 2 -------------------------- + PS C:\> Remove-PASPrivateSSHKey -UserID 646 + + Deletes MFA caching SSH key for user with id 646. + + + + + + https://pspas.pspete.dev/commands/Remove-PASPrivateSSHKey + https://pspas.pspete.dev/commands/Remove-PASPrivateSSHKey + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20MFA%20caching%20SSH%20key.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20MFA%20caching%20SSH%20key.htm + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20MFA%20caching%20SSH%20key%20for%20another%20user.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20MFA%20caching%20SSH%20key%20for%20another%20user.htm + + + + + + Remove-PASPTAExcludedTarget + Remove + PASPTAExcludedTarget + + Removes excluded target from PTA + + + + Remove configured excluded target + + + + Remove-PASPTAExcludedTarget + + ID + + The ID of the Excluded Target to remove + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + ID + + The ID of the Excluded Target to remove + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Remove-PASPTAExcludedTarget -ID 65b6aa31721d9b5f3a56ca7e + + Removes excluded target matching ID + + + + + + https://pspas.pspete.dev/commands/Remove-PASPTAExcludedTarget + https://pspas.pspete.dev/commands/Remove-PASPTAExcludedTarget + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm + + + + + + Remove-PASPTAIncludedTarget + Remove + PASPTAIncludedTarget + + Remove PTA included target + + + + Remove configured included target from PTA + + + + Remove-PASPTAIncludedTarget + + ID + + The ID of the target to remove + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + ID + + The ID of the target to remove + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Remove-PASPTAIncludedTarget -ID 65b6aa31721d9b5f3a56ca7e + + Removes included target matching ID + + + + + + https://pspas.pspete.dev/commands/Remove-PASPTAIncludedTarget + https://pspas.pspete.dev/commands/Remove-PASPTAIncludedTarget + + + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm + + + + + + Remove-PASPTAPrivilegedGroup + Remove + PASPTAPrivilegedGroup + + Deletes PTA configured privileged group + + + + Delete privileged group configured in PTA + + + + Remove-PASPTAPrivilegedGroup + + ID + + The ID of the group configuration to delete + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + ID + + The ID of the group configuration to delete + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + Remove-PASPTAPrivilegedGroup -ID 65b6aa31721d9b5f3a56ca7e - Deletes Rule with ID of 13 from UNIXSSH platform. + Deletes group configuration matching ID - https://pspas.pspete.dev/commands/Remove-PASPolicyACL - https://pspas.pspete.dev/commands/Remove-PASPolicyACL + https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedGroup + https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedGroup - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20Policy%20ACL.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20Policy%20ACL.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm - Remove-PASPrivateSSHKey + Remove-PASPTAPrivilegedUser Remove - PASPrivateSSHKey + PASPTAPrivilegedUser - Deletes an MFA caching SSH key. + Delete configured privileged user from PTA - Deletes an MFA caching SSH key for connecting to targets via PSM for SSH. Either deletes your key, or the key for another specific user. If deleting a key for another user, the user who runs this command must be at the same vault location level or higher, and requires the "Reset Users' Passwords" permission in the Vault. - Requires CyberArk Version 12.1 or higher. + Deletes configured privileged user from PTA - Remove-PASPrivateSSHKey - - UserID + Remove-PASPTAPrivilegedUser + + ID - The numerical id of the user to delete the key for. + The ID of the user configuration to delete - Int32 + String - Int32 + String - 0 + None - - Confirm + + WhatIf - Prompts you for confirmation before running the cmdlet. + Shows what would happen if the cmdlet runs. The cmdlet is not run. SwitchParameter @@ -30569,10 +31965,10 @@ Publish-PASDiscoveredAccount -id 66_6 -PlatformID WinDomain -safeName SomeSafe - False - - WhatIf + + Confirm - Shows what would happen if the cmdlet runs. The cmdlet is not run. + Prompts you for confirmation before running the cmdlet. SwitchParameter @@ -30583,22 +31979,22 @@ Publish-PASDiscoveredAccount -id 66_6 -PlatformID WinDomain -safeName SomeSafe - - - UserID + + ID - The numerical id of the user to delete the key for. + The ID of the user configuration to delete - Int32 + String - Int32 + String - 0 + None - - Confirm + + WhatIf - Prompts you for confirmation before running the cmdlet. + Shows what would happen if the cmdlet runs. The cmdlet is not run. SwitchParameter @@ -30607,10 +32003,10 @@ Publish-PASDiscoveredAccount -id 66_6 -PlatformID WinDomain -safeName SomeSafe - False - - WhatIf + + Confirm - Shows what would happen if the cmdlet runs. The cmdlet is not run. + Prompts you for confirmation before running the cmdlet. SwitchParameter @@ -30630,31 +32026,20 @@ Publish-PASDiscoveredAccount -id 66_6 -PlatformID WinDomain -safeName SomeSafe - -------------------------- Example 1 -------------------------- - PS C:\> Remove-PASPrivateSSHKey + Remove-PASPTAPrivilegedUser -ID 65b6aa31721d9b5f3a56ca7e - Deletes your MFA caching SSH key. - - - - -------------------------- Example 2 -------------------------- - PS C:\> Remove-PASPrivateSSHKey -UserID 646 - - Deletes MFA caching SSH key for user with id 646. + Deletes user configuration matching ID - https://pspas.pspete.dev/commands/Remove-PASPrivateSSHKey - https://pspas.pspete.dev/commands/Remove-PASPrivateSSHKey - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20MFA%20caching%20SSH%20key.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20MFA%20caching%20SSH%20key.htm + https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedUser + https://pspas.pspete.dev/commands/Remove-PASPTAPrivilegedUser - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20MFA%20caching%20SSH%20key%20for%20another%20user.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20MFA%20caching%20SSH%20key%20for%20another%20user.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm + https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/DeleteSecurity.htm @@ -32817,6 +34202,45 @@ Set-PASAccount -AccountID 29_3 -operations $actions False + + AuthorizedInterfaces + + Sets the authorized interface from the available interfaces defined by the license. + Requires 14.0 + + String[] + + String[] + + + None + + + EnableENEWhenDisconnected + + Whether or not to monitor this user type's activity. + Requires 14.0 + + Boolean + + Boolean + + + None + + + UsedQuota + + Sets the disk quota allocated to the user in MB. + Requires 14.0 + + Int32 + + Int32 + + + None + @@ -32975,6 +34399,45 @@ Set-PASAccount -AccountID 29_3 -operations $actions False + + AuthorizedInterfaces + + Sets the authorized interface from the available interfaces defined by the license. + Requires 14.0 + + String[] + + String[] + + + None + + + EnableENEWhenDisconnected + + Whether or not to monitor this user type's activity. + Requires 14.0 + + Boolean + + Boolean + + + None + + + UsedQuota + + Sets the disk quota allocated to the user in MB. + Requires 14.0 + + Int32 + + Int32 + + + None + @@ -34618,165 +36081,319 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector - Minimum Version CyberArk 11.3 + Minimum Version CyberArk 11.3 + + + + + -------------------------- EXAMPLE 1 -------------------------- + Set-PASPTAEvent -EventID $id + + + + + + + + https://pspas.pspete.dev/commands/Set-PASPTAEvent + https://pspas.pspete.dev/commands/Set-PASPTAEvent + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/CloseOpenSecurityEvent.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/CloseOpenSecurityEvent.htm + + + + + + Set-PASPTARemediation + Set + PASPTARemediation + + Updates automatic remediation settings in PTA + + + + Updates automatic remediation settings configured in PTA + + + + Set-PASPTARemediation + + changePassword_SuspectedCredentialsTheft + + Indicate if Change Password on Suspected Credential Theft the command is active + + Boolean + + Boolean + + + False + + + changePassword_OverPassTheHash + + Indicate if the Change Password on Over Pass The Hash command is active + + Boolean + + Boolean + + + False + + + reconcilePassword_SuspectedPasswordChange + + Indicate if the Reconcile Password on Suspected Password Change command is active + + Boolean + + Boolean + + + False + + + pendAccount_UnmanagedPrivilegedAccount + + Indicate if the Add Unmanaged Accounts to Pending Accounts command is active + + Boolean + + Boolean + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + changePassword_SuspectedCredentialsTheft + + Indicate if Change Password on Suspected Credential Theft the command is active + + Boolean + + Boolean + + + False + + + changePassword_OverPassTheHash + + Indicate if the Change Password on Over Pass The Hash command is active + + Boolean + + Boolean + + + False + + + reconcilePassword_SuspectedPasswordChange + + Indicate if the Reconcile Password on Suspected Password Change command is active + + Boolean + + Boolean + + + False + + + pendAccount_UnmanagedPrivilegedAccount + + Indicate if the Add Unmanaged Accounts to Pending Accounts command is active + + Boolean + + Boolean + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + Minimum Version CyberArk 10.4 -------------------------- EXAMPLE 1 -------------------------- - Set-PASPTAEvent -EventID $id + Set-PASPTARemediation -changePassword_SuspectedCredentialsTheft $true - + Enables the "Change password on Suspected Credentials Theft" rule. + + + + -------------------------- EXAMPLE 2 -------------------------- + Set-PASPTARemediation -reconcilePassword_SuspectedPasswordChange $false + + Disables the "reconcile on suspected password change" rule. - https://pspas.pspete.dev/commands/Set-PASPTAEvent - https://pspas.pspete.dev/commands/Set-PASPTAEvent + https://pspas.pspete.dev/commands/Set-PASPTARemediation + https://pspas.pspete.dev/commands/Set-PASPTARemediation - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/CloseOpenSecurityEvent.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/CloseOpenSecurityEvent.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/AutomaticRemediation_UpdateConfiguration.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/AutomaticRemediation_UpdateConfiguration.htm - Set-PASPTARemediation + Set-PASPTARiskEvent Set - PASPTARemediation + PASPTARiskEvent - Updates automatic remediation settings in PTA + Update PTA Risk Events - Updates automatic remediation settings configured in PTA + Update the status of a risk event to open or closed. + Requires minimum version of 13.2 - Set-PASPTARemediation - - changePassword_SuspectedCredentialsTheft + Set-PASPTARiskEvent + + status - Indicate if Change Password on Suspected Credential Theft the command is active + The status to update on the risk event - Boolean + String - Boolean + String - False + None - - changePassword_OverPassTheHash + + WhatIf - Indicate if the Change Password on Over Pass The Hash command is active + Shows what would happen if the cmdlet runs. The cmdlet is not run. - Boolean - Boolean + SwitchParameter False - - reconcilePassword_SuspectedPasswordChange + + Confirm - Indicate if the Reconcile Password on Suspected Password Change command is active + Prompts you for confirmation before running the cmdlet. - Boolean - Boolean + SwitchParameter False - - pendAccount_UnmanagedPrivilegedAccount + + closeReason - Indicate if the Add Unmanaged Accounts to Pending Accounts command is active + The close reason for the risk event Valid Values: - HANDLED + - NOTREAL + - OTHER + - NONE + + Requires version 14.0 - Boolean + String - Boolean + String - False + None - - WhatIf + + ID - Shows what would happen if the cmdlet runs. The cmdlet is not run. + The ID of the PTA Risk Event + String - SwitchParameter + String - False + None - - Confirm + + reasonText - Prompts you for confirmation before running the cmdlet. + Free text close reason + Requires version 14.0 + String - SwitchParameter + String - False + None - - changePassword_SuspectedCredentialsTheft - - Indicate if Change Password on Suspected Credential Theft the command is active - - Boolean - - Boolean - - - False - - - changePassword_OverPassTheHash - - Indicate if the Change Password on Over Pass The Hash command is active - - Boolean - - Boolean - - - False - - - reconcilePassword_SuspectedPasswordChange - - Indicate if the Reconcile Password on Suspected Password Change command is active - - Boolean - - Boolean - - - False - - - pendAccount_UnmanagedPrivilegedAccount - - Indicate if the Add Unmanaged Accounts to Pending Accounts command is active - - Boolean - - Boolean - - - False - WhatIf @@ -34801,110 +36418,15 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector False - - - - - - Minimum Version CyberArk 10.4 - - - - - -------------------------- EXAMPLE 1 -------------------------- - Set-PASPTARemediation -changePassword_SuspectedCredentialsTheft $true - - Enables the "Change password on Suspected Credentials Theft" rule. - - - - -------------------------- EXAMPLE 2 -------------------------- - Set-PASPTARemediation -reconcilePassword_SuspectedPasswordChange $false - - Disables the "reconcile on suspected password change" rule. - - - - - - https://pspas.pspete.dev/commands/Set-PASPTARemediation - https://pspas.pspete.dev/commands/Set-PASPTARemediation - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/AutomaticRemediation_UpdateConfiguration.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/AutomaticRemediation_UpdateConfiguration.htm - - - - - - Set-PASPTARiskEvent - Set - PASPTARiskEvent - - Update PTA Risk Events - - - - Update the status of a risk event to open or closed. - Requires minimum version of 13.2 - - - - Set-PASPTARiskEvent - - EventID - - The ID of the risk event - - String - - String - - - None - - - Status - - The status to update on the risk event - - String - - String - - - None - - - WhatIf - - Shows what would happen if the cmdlet runs. The cmdlet is not run. - - - SwitchParameter - - - False - - - Confirm - - Prompts you for confirmation before running the cmdlet. - - - SwitchParameter - - - False - - - - - - EventID + + closeReason - The ID of the risk event + The close reason for the risk event Valid Values: - HANDLED + - NOTREAL + - OTHER + - NONE + + Requires version 14.0 String @@ -34913,10 +36435,10 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - - Status + + ID - The status to update on the risk event + The ID of the PTA Risk Event String @@ -34925,29 +36447,30 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - - WhatIf + + reasonText - Shows what would happen if the cmdlet runs. The cmdlet is not run. + Free text close reason + Requires version 14.0 - SwitchParameter + String - SwitchParameter + String - False + None - - Confirm + + status - Prompts you for confirmation before running the cmdlet. + The status to update on the risk event - SwitchParameter + String - SwitchParameter + String - False + None @@ -39522,6 +41045,10 @@ Start-PASAccountImportJob -source "SomeSource" -accountsList $Accountshttps://docs.cyberark.com/Product-Doc/OnlineHelp/pas/Latest/en/Content/PASIMP/AutoUnlockinPSM.htm https://docs.cyberark.com/Product-Doc/OnlineHelp/pas/Latest/en/Content/PASIMP/AutoUnlockinPSM.htm + + https://docs.cyberark.com/PAS/Latest/en/Content/SDK/Unlock-account.htm + https://docs.cyberark.com/PAS/Latest/en/Content/SDK/Unlock-account.htm + diff --git a/psPAS/psPAS.psd1 b/psPAS/psPAS.psd1 index 636b50f4..54d46283 100644 --- a/psPAS/psPAS.psd1 +++ b/psPAS/psPAS.psd1 @@ -16,7 +16,7 @@ # CompanyName = '' # Copyright statement for this module - Copyright = '(c) 2017-2023 Pete Maan. All rights reserved.' + Copyright = '(c) 2017-2024 Pete Maan. All rights reserved.' # Description of the functionality provided by this module Description = 'Module for CyberArk Privileged Access Security Web Service REST API' @@ -230,7 +230,20 @@ 'Get-PASPTARiskEvent', 'Set-PASPTARiskEvent', 'Get-PASPTARiskSummary', - 'Get-PASUserTypeInfo' + 'Get-PASUserTypeInfo', + 'Get-PASPTAPrivilegedUser', + 'Get-PASPTAPrivilegedGroup', + 'Remove-PASPTAPrivilegedUser', + 'Remove-PASPTAPrivilegedGroup', + 'Add-PASPTAPrivilegedUser', + 'Add-PASPTAPrivilegedGroup', + 'Get-PASPTAIncludedTarget', + 'Get-PASPTAExcludedTarget', + 'Add-PASPTAIncludedTarget', + 'Add-PASPTAExcludedTarget', + 'Remove-PASPTAIncludedTarget', + 'Remove-PASPTAExcludedTarget', + 'Get-PASLinkedGroup' ) #AliasesToExport = @() diff --git a/psPAS/xml/psPAS.CyberArk.Vault.Account.Formats.ps1xml b/psPAS/xml/psPAS.CyberArk.Vault.Account.Formats.ps1xml index 24265387..04a4f310 100644 --- a/psPAS/xml/psPAS.CyberArk.Vault.Account.Formats.ps1xml +++ b/psPAS/xml/psPAS.CyberArk.Vault.Account.Formats.ps1xml @@ -148,6 +148,56 @@ + + psPAS.CyberArk.Vault.Account.Activity.Gen2 + + psPAS.CyberArk.Vault.Account.Activity.Gen2 + + + + + + + + + + + + + + + + + + + (get-date 1/1/1970).addseconds($_.Date) + + + Alert + + + User + + + Action + + + ActionID + + + ClientID + + + MoreInfo + + + Reason + + + + + + psPAS.CyberArk.Vault.Account.LinkedAccount diff --git a/psPAS/xml/psPAS.CyberArk.Vault.Directory.Formats.ps1xml b/psPAS/xml/psPAS.CyberArk.Vault.Directory.Formats.ps1xml index a376c039..b9a5ede3 100644 --- a/psPAS/xml/psPAS.CyberArk.Vault.Directory.Formats.ps1xml +++ b/psPAS/xml/psPAS.CyberArk.Vault.Directory.Formats.ps1xml @@ -157,6 +157,7 @@ + @@ -179,7 +180,9 @@ MappingAuthorizations - + + UsedQuota + @@ -239,6 +242,15 @@ LogonToHour + + UsedQuota + + + AuthorizedInterfaces + + + EnableENEWhenDisconnected + diff --git a/psPAS/xml/psPAS.CyberArk.Vault.PTA.Formats.ps1xml b/psPAS/xml/psPAS.CyberArk.Vault.PTA.Formats.ps1xml index 9393d2bf..9ece3592 100644 --- a/psPAS/xml/psPAS.CyberArk.Vault.PTA.Formats.ps1xml +++ b/psPAS/xml/psPAS.CyberArk.Vault.PTA.Formats.ps1xml @@ -115,25 +115,32 @@ - entities + id + + + type - totalEntities + status - filter + closeReason - sort + reasonText - page + + (get-date 1/1/1970).addseconds($_.detectionTime/1000) + + + score - size + riskAccount - totalPages + riskService