Public/New-VenafiTeam.ps1
<# .SYNOPSIS Create a new team .DESCRIPTION Create a new VaaS or TPP team .PARAMETER Name Team name .PARAMETER Owner 1 or more owners for the team For VaaS, this is the unique guid obtained from Get-VenafiIdentity. For TPP, this is the identity ID property from Find-TppIdentity or Get-VenafiIdentity. .PARAMETER Member 1 or more members for the team For VaaS, this is the unique guid obtained from Get-VenafiIdentity. For TPP, this is the identity ID property from Find-TppIdentity or Get-VenafiIdentity. .PARAMETER Role Team role, either 'System Admin', 'PKI Admin', 'Resource Owner' or 'Guest'. VaaS only. .PARAMETER Policy 1 or more policy folder paths this team manages. TPP only. .PARAMETER Product 1 or more product names, 'TLS', 'SSH', and/or 'Code Signing'. TPP only. .PARAMETER Description Team description or purpose. TPP only. .PARAMETER VenafiSession Authentication for the function. The value defaults to the script session object $VenafiSession created by New-VenafiSession. A TPP token or VaaS key can also provided. If providing a TPP token, an environment variable named TppServer must also be set. .EXAMPLE New-VenafiTeam -Name 'My New Team' -Member 'ca7ff555-88d2-4bfc-9efa-2630ac44c1f2' -Owner @('ca7ff555-88d2-4bfc-9efa-2630ac44c1f3', 'ca7ff555-88d2-4bfc-9efa-2630ac44c1f4') -Role 'System Admin' Create a new VaaS team .EXAMPLE New-VenafiTeam -Name 'My New Team' -Member 'ca7ff555-88d2-4bfc-9efa-2630ac44c1f2' -Owner @('ca7ff555-88d2-4bfc-9efa-2630ac44c1f3', 'ca7ff555-88d2-4bfc-9efa-2630ac44c1f4') -Role 'System Admin' -PassThru id : a7d60730-a967-11ec-8832-4d051bf6d0b4 name : My New Team systemRoles : {SYSTEM_ADMIN} productRoles : role : SYSTEM_ADMIN members : {443de910-a6cc-11ec-ad22-018e33741844} owners : {0a2adae0-b22b-11ea-91f3-ebd6dea5452e} companyId : 09b24f81-b22b-11ea-91f3-ebd6dea5452e userMatchingRules : {} modificationDate : 3/21/2022 6:38:40 PM Create a new VaaS team returning the new team .EXAMPLE New-VenafiTeam -Name 'My New Team' -Member 'local:{803f332e-7576-4696-a5a2-8ac6be6b14e6}' -Owner 'local:{803f332e-7576-4696-a5a2-8ac6be6b14e7}' -Product 'TLS' Create a new TPP team .EXAMPLE New-VenafiTeam -Name 'My New Team' -Member 'local:{803f332e-7576-4696-a5a2-8ac6be6b14e6}' -Owner 'local:{803f332e-7576-4696-a5a2-8ac6be6b14e7}' -Product 'TLS' -Policy '\ved\policy\myfolder' Create a new TPP team and assign it to a policy .EXAMPLE New-VenafiTeam -Name 'My New Team' -Member 'local:{803f332e-7576-4696-a5a2-8ac6be6b14e6}' -Owner 'local:{803f332e-7576-4696-a5a2-8ac6be6b14e7}' -Product 'TLS' -Description 'One amazing team' Create a new TPP team with optional description .EXAMPLE New-VenafiTeam -Name 'My New Team' -Member 'local:{803f332e-7576-4696-a5a2-8ac6be6b14e6}' -Owner 'local:{803f332e-7576-4696-a5a2-8ac6be6b14e7}' -Product 'TLS' -PassThru Name : My New Team ID : local:{a6053090-e309-49d9-98a7-28cbe7896c27} Path : \VED\Identity\My New Team FullName : local:My New Team IsGroup : True Members : @{Name=sample-user; ID=local:{6baad36c-7cac-48c8-8e54-000cc22ad88f}; Path=\VED\Identity\sample-user; FullName=local:sample-user; IsGroup=False} Owners : @{Name=sample-owner; ID=local:{d1a76bc7-d3a6-431b-9bea-d2d8780ecd86}; Path=\VED\Identity\sample-owner; FullName=local:sample-owner; IsGroup=False} Create a new TPP team returning the new team .LINK https://api.venafi.cloud/webjars/swagger-ui/index.html#/Teams/create_1 .LINK https://docs.venafi.com/Docs/current/TopNav/Content/SDK/WebSDK/r-SDK-POST-Teams.php #> function New-VenafiTeam { [CmdletBinding()] param ( [Parameter(Mandatory)] [string] $Name, [Parameter(Mandatory)] [string[]] $Owner, [Parameter(Mandatory)] [string[]] $Member, [Parameter(Mandatory, ParameterSetName = 'VaaS')] [ValidateSet('System Admin', 'PKI Admin', 'Resource Owner', 'Guest')] [string] $Role, [Parameter(ParameterSetName = 'TPP')] [ValidateScript( { if ( $_ | Test-TppDnPath ) { $true } else { throw "'$_' is not a valid policy path" } })] [string[]] $Policy, [Parameter(Mandatory, ParameterSetName = 'TPP')] [ValidateSet('TLS', 'SSH', 'Code Signing')] [string[]] $Product, [Parameter(ParameterSetName = 'TPP')] [string] $Description, [Parameter()] [switch] $PassThru, [Parameter()] [psobject] $VenafiSession = $script:VenafiSession ) $platform = Test-VenafiSession -VenafiSession $VenafiSession -Platform $PSCmdlet.ParameterSetName -PassThru $params = @{ VenafiSession = $VenafiSession } if ( $platform -eq 'VaaS' ) { $params.Method = 'Post' $params.UriLeaf = "teams" $params.Body = @{ 'name' = $Name 'role' = $Role.Replace(' ', '_').ToUpper() 'members' = @($Member) 'owners' = @($Owner) 'userMatchingRules' = @() } $response = Invoke-VenafiRestMethod @params } else { $members = foreach ($thisMember in $Member) { if ( $thisMember.StartsWith('local') ) { $memberIdentity = Get-VenafiIdentity -ID $thisMember -VenafiSession $VenafiSession @{ 'PrefixedName' = $memberIdentity.FullName 'PrefixedUniversal' = $memberIdentity.ID } } else { @{'PrefixedUniversal' = $thisMember } } } $owners = foreach ($thisOwner in $Owner) { if ( $thisOwner.StartsWith('local') ) { $ownerIdentity = Get-VenafiIdentity -ID $thisOwner -VenafiSession $VenafiSession @{ 'PrefixedName' = $ownerIdentity.FullName 'PrefixedUniversal' = $ownerIdentity.ID } } else { @{'PrefixedUniversal' = $thisOwner } } } $params.Method = 'Post' $params.UriLeaf = 'Teams/' $params.Body = @{ 'Name' = @{'PrefixedName' = "local:$Name" } 'Members' = @($members) 'Owners' = @($owners) 'Products' = @($Product) } if ( $Policy ) { $params.Body.Add('Assets', @($Policy)) } if ( $Description ) { $params.Body.Add('Description', $Description) } $response = Invoke-VenafiRestMethod @params | Select-Object -ExpandProperty ID } if ( $PassThru ) { $response | Get-VenafiTeam -VenafiSession $VenafiSession } } |