public/Add-VPASAccountGroup.ps1
|
<#
.Synopsis ADD ACCOUNT GROUP CREATED BY: Vadim Melamed, EMAIL: vmelamed5@gmail.com .DESCRIPTION USE THIS FUNCTION TO ADD ACCOUNT GROUP .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER GroupName Unique target GroupName for the account group An account group is set of accounts that will have the same password synced across the entire group .PARAMETER GroupPlatformID Unique ID that maps to the target GroupPlatform Supply GroupPlatformID to skip any querying for target GroupPlatform .PARAMETER safe Target unique safe name .EXAMPLE $AddAccountGroupStatus = Add-VPASAccountGroup -GroupName {GROUPNAME VALUE} -GroupPlatformID {GROUPPLATFORMID VALUE} -Safe {SAFE VALUE} .OUTPUTS $true if successful $false if failed #> function Add-VPASAccountGroup{ [OutputType([bool])] [CmdletBinding()] Param( [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,HelpMessage="Enter new AccountGroup name (for example: NewAcctGroup1)",Position=0)] [String]$GroupName, [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,HelpMessage="Enter base platformID of the new AccountGroup (for example: GroupPlatformMaster)",Position=1)] [String]$GroupPlatformID, [Parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target Safename of the new AccountGroup (for example: TestSafe1)",Position=2)] [String]$Safe, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true,Position=3)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ Write-Verbose "SUCCESSFULLY PARSED PVWA VALUE" Write-Verbose "SUCCESSFULLY PARSED TOKEN VALUE" Write-Verbose "SUCCESSFULLY PARSED GROUPNAME VALUE: $GroupName" Write-Verbose "SUCCESSFULLY PARSED PLATFORMID VALUE: $GroupPlatformID" Write-Verbose "SUCCESSFULLY PARSED SAFE VALUE: $Safe" try{ $params = @{ GroupName = $GroupName GroupPlatformID = $GroupPlatformID Safe = $Safe } $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS $params = $params | ConvertTo-Json write-verbose "SETUP API PARAMETERS" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/api/AccountGroups/" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/api/AccountGroups/" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "POST" -token $token -LogType METHOD write-verbose "MAKING API CALL TO CYBERARK" if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC Write-Verbose "RETURNING TRUE" return $true }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "UNABLE TO CREATE GROUP: $GroupName" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |