public/Get-VPASDPAStrongAccountDetails.ps1
|
<#
.Synopsis GET DPA STRONG ACCOUNT DETAILS CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO RETRIEVE STRONG ACCOUNT DETAILS FROM DPA .LINK https://vpasmodule.com/commands/Get-VPASDPAStrongAccountDetails .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER StrongAccountID UniqueID of the target strong account in DPA .PARAMETER StrongAccountName Unique name of the target strong account in DPA .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $StrongAccountDetails = Get-VPASDPAStrongAccountDetails -StrongAccountID {STRONG ACCOUNT ID VALUE} .EXAMPLE $StrongAccountDetails = Get-VPASDPAStrongAccountDetails -StrongAccountName {STRONG ACCOUNT NAME VALUE} .EXAMPLE $InputParameters = @{ StrongAccountID = "9284iujwedfh-3456-6788-dggd-flk03945" } $StrongAccountDetails = Get-VPASDPAStrongAccountDetails -InputParameters $InputParameters .EXAMPLE $InputParameters = @{ StrongAccountName = "VpasAPIStrongAccount_VpasAPI" } $StrongAccountDetails = Get-VPASDPAStrongAccountDetails -InputParameters $InputParameters .OUTPUTS If successful: { "secret_id": "9284iujwedfh-3456-6788-dggd-flk03945", "tenant_id": "lkajd0890-1111-aaaa-sdf4-slkfj3089443890", "secret": { "secret_data": "haytbv4r76q4d6qi4rtq3486r9q87n9j47sdr8734hdr97834tr7dbq87hsj72839r723jr723ht4r81bt47cnr97384jrd78/iCA", "tenant_encrypted": true }, "secret_type": "PCloudAccount", "secret_details": { "certFileName": "", "account_domain": "vman.com" }, "is_active": true, "is_rotatable": false, "creation_time": "2024-07-12T02:19:27", "last_modified": "2024-07-12T02:19:27", "secret_name": "VpasAPIStrongAccount2_VpasAPI" } --- $false if failed #> function Get-VPASDPAStrongAccountDetails{ [OutputType('System.Collections.Hashtable',[bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Unique StrongAccountID of the target strong account (for example: 9284iujwedfh-3456-6788-dggd-flk03945)")] [String]$StrongAccountID, [Parameter(Mandatory=$true,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true,HelpMessage="Name of the target strong account (for example: VpasAPIStrongAccount2)")] [String]$StrongAccountName, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("StrongAccountID") MandatoryKeys = @("StrongAccountID") } set2 = @{ AcceptableKeys = @("StrongAccountName") MandatoryKeys = @("StrongAccountName") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO RETRIEVE STRONG ACCOUNT DETAILS" Write-VPASOutput -str $_ -type E return $false } try{ if($SubDomain -eq "N/A"){ Write-VPASOutput -str "SelfHosted + PriviledgeCloud Standard solutions do not support this API Call, returning false" -type E $log = Write-VPASTextRecorder -inputval "SelfHosted + PrivilegeCloud Standard solutions do not support this API Call, returning false" -token $token -LogType MISC $log = Write-VPASTextRecorder -inputval $false -token $token -LogType RETURN return $false } if([String]::IsNullOrEmpty($StrongAccountID)){ Write-Verbose "NO STRONG ACCOUNT ID PROVIDED...INVOKING HELPER FUNCTION TO RETRIEVE UNIQUE STRONG ACCOUNT ID BASED ON SPECIFIED PARAMETERS" $StrongAccountID = Get-VPASDPAStrongAccountIDHelper -token $token -SearchQuery $StrongAccountName Write-Verbose "RETURNING STRONG ACCOUNT ID" } else{ Write-Verbose "STRONG ACCOUNT ID SUPPLIED, SKIPPING HELPER FUNCTION" } if($StrongAccountID -eq -1){ $log = Write-VPASTextRecorder -inputval "COULD NOT FIND TARGET STRONG ACCOUNT ID: $StrongAccountID" -token $token -LogType MISC $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "COULD NOT FIND TARGET STRONG ACCOUNT ID: $StrongAccountID" Write-VPASOutput -str "COULD NOT FIND TARGET STRONG ACCOUNT ID: $StrongAccountID" -type E return $false } else{ write-verbose "MAKING API CALL TO CYBERARK" $uri = "https://$SubDomain.dpa.cyberark.cloud/api/secrets/public/v1/$StrongAccountID" Write-Verbose "CONSTRUCTING URI: $uri" $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURNARRAY Write-Verbose "RETURNING STRONG ACCOUNT DETAILS" return $response } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO RETRIEVE DPA STRONG ACCOUNT DETAILS" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |