public/Update-VPASPSMSettingsByPlatformID.ps1
|
<#
.Synopsis UPDATE PSM SETTINGS BY PLATFORMID CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO UPDATE PSM SETTINGS LIKE CONNECTION COMPONENTS AND PSMSERVERID FOR A SPECIFIC PLATFORM .LINK https://vpasmodule.com/commands/Update-VPASPSMSettingsByPlatformID .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER PlatformID Unique PlatformID that will be updated .PARAMETER ConnectionComponentID Unique ConnectionComponentID that will be added or removed .PARAMETER Action Which action will be taken on the updated fields Possible values: ADD, REMOVE .PARAMETER PSMServerID Unique target PSMServerID that will be added or removed .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $UpdatePSMSettingsStatus = Update-VPASPSMSettingsByPlatformID -PlatformID {PLATFORMID VALUE} -ConnectionComponentID {CONNECTION COMPONENT ID VALUE} -Action {ACTION VALUE} .EXAMPLE $UpdatePSMSettingsStatus = Update-VPASPSMSettingsByPlatformID -PlatformID {PLATFORMID VALUE} -PSMServerID {PSM SERVER ID VALUE} .EXAMPLE $InputParameters = @{ PlatformID = "TargetPlatformID" ConnectionComponentID = "PSM-RDP" Action = "ADD"|"REMOVE" } $UpdatePSMSettingsStatus = Update-VPASPSMSettingsByPlatformID -InputParameters $InputParameters .EXAMPLE $InputParameters = @{ PlatformID = "TargetPlatformID" PSMServerID = "PSM-NewServerID" } $UpdatePSMSettingsStatus = Update-VPASPSMSettingsByPlatformID -InputParameters $InputParameters .OUTPUTS $true if successful --- $false if failed #> function Update-VPASPSMSettingsByPlatformID{ [OutputType([bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target platformID to update (for example: WinServerLocal)")] [Parameter(Mandatory=$true,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target platformID to update (for example: WinServerLocal)")] [String]$PlatformID, [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Unique ID of the target connection component (for example: PSM-RDP)")] [String]$ConnectionComponentID, [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Which action to update the platform (for example: ADD, REMOVE)")] [ValidateSet('ADD','REMOVE')] [String]$Action, [Parameter(Mandatory=$true,ParameterSetName='Set2',ValueFromPipelineByPropertyName=$true,HelpMessage="Unique AccountID of the target account (for example: 22_123)")] [String]$PSMServerID, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("PlatformID","ConnectionComponentID","Action") MandatoryKeys = @("PlatformID","ConnectionComponentID","Action") } set2 = @{ AcceptableKeys = @("PlatformID","PSMServerID") MandatoryKeys = @("PlatformID","PSMServerID") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO UPDATE PLATFORM" Write-VPASOutput -str $_ -type E return $false } try{ Write-Verbose "INVOKING PLATFORMID HELPER FUNCTION" $platID = Get-VPASPlatformIDHelper -token $token -platformID $PlatformID if($platID -eq -1){ $log = Write-VPASTextRecorder -inputval "COULD NOT FIND TARGET PLATFORMID: $PlatformID" -token $token -LogType MISC $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "COULD NOT FIND TARGET PLATFORMID: $PlatformID" Write-VPASOutput -str "COULD NOT FIND TARGET PLATFORMID: $PlatformID" -type E return $false } else{ Write-Verbose "GETTING CURRENT PLATFORM PSM SETTINGS" $curvals = Get-VPASPSMSettingsByPlatformID -token $token -PlatformID $PlatformID $curPSMServerID = $curvals.PSMServerId $curPSMConnectors = @() $res = $curvals.PSMConnectors foreach($rec in $res){ $minirec = @{ PSMConnectorID = $rec.PSMConnectorID Enabled = $rec.Enabled } $curPSMConnectors += $minirec } if(![String]::IsNullOrEmpty($ConnectionComponentID) -and [String]::IsNullOrEmpty($Action)){ Write-VPASOutput -str "$ConnectionComponentID PASSED WITH NO ACTION, ADD OR REMOVE $ConnectionComponentID : " -type Y $Action = Read-Host } $params = @{} Write-Verbose "INITIALIZING API PARAMS" if([String]::IsNullOrEmpty($ConnectionComponentID)){ $params += @{ PSMConnectors = $curPSMConnectors } } else{ Write-Verbose "HANDLING $ConnectionComponentID AND ACTION INTO API PARAMS" $arrNew = @() $foundConnector = $false foreach($providedRec in $curPSMConnectors){ $Enabled = $providedRec.Enabled $PSMConnector = $providedRec.PSMConnectorID if($PSMConnector -eq $ConnectionComponentID){ $foundConnector = $true if($Action -eq "ADD"){ $log = Write-VPASTextRecorder -inputval "CONNECTION COMPONENT ALREADY EXISTS IN $PlatformID" -token $token -LogType MISC $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-VPASOutput -str "CONNECTION COMPONENT ALREADY EXISTS ON $PlatformID" -type E Write-Verbose "CONNECTION COMPONENT ALREADY EXISTS IN $PlatformID" Write-Verbose "RETURNING FALSE" return $false } elseif($Action -eq "REMOVE"){ Write-Verbose "$ConnectionComponentID WILL BE IGNORED FROM API PARAMETERS" } } else{ $arrADD = @{ PSMConnectorID = $PSMConnector Enabled = $Enabled } $arrNew += $arrADD } } if(!$foundConnector -and $Action -eq "ADD"){ $arrADD = @{ PSMConnectorID = $ConnectionComponentID Enabled = $true } $arrNew += $arrADD } $params += @{ PSMConnectors = $arrNew } } if([String]::IsNullOrEmpty($PSMServerID)){ $params += @{ PSMServerId = $curPSMServerID } } else{ Write-Verbose "ADDING $PSMServerID TO API PARAMS" $params += @{ PSMServerId = $PSMServerID } } $log = Write-VPASTextRecorder -inputval $params -token $token -LogType PARAMS $params = $params | ConvertTo-Json Write-Verbose "MAKING API CALL TO CYBERARK" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/passwordvault/api/Platforms/Targets/$platID/PrivilegedSessionManagement/" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/passwordvault/api/Platforms/Targets/$platID/PrivilegedSessionManagement/" } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "PUT" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method PUT -Body $params -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method PUT -Body $params -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: TRUE" -token $token -LogType MISC Write-Verbose "SUCCESSFULLY UPDATED PSM SETTINGS FOR PLATFORM: $PlatformID" Write-Verbose "RETURNING TRUE" return $true } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "UNABLE TO UPDATE PSM SETTINGS FOR PLATFORM: $PlatformID" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |