public/Add-VPASBulkSafes.ps1
|
<#
.Synopsis BULK CREATE SAFES CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO CREATE SAFES IN BULK VIA CSV FILE .LINK https://vpasmodule.com/commands/Add-VPASBulkSafes .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER CSVFile Location of the CSV file containing the target information .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $BulkCreateSafes = Add-VPASBulkSafes -CSVFile {CSVFILE VALUE} .EXAMPLE $InputParameters = @{ CSVFile = "C:\temp\BulkSafes.csv" } $BulkCreateSafes = Add-VPASBulkSafes -InputParameters $InputParameters .OUTPUTS $true if successful --- $false if failed #> function Add-VPASBulkSafes{ [OutputType([bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter filepath of CSV file containing the correct data (for example: C:\Temp\TargetFile.csv)")] [String]$CSVFile, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("CSVFile") MandatoryKeys = @("CSVFile") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO BULK UPLOAD SAFES" Write-VPASOutput -str $_ -type E return $false } try{ if(Test-Path -Path $CSVFile){ write-verbose "$CSVFile EXISTS" } else{ write-verbose "$CSVFile DOES NOT EXIST, EXITING UTILITY" Write-VPASOutput -str "$CSVFile DOES NOT EXIST...PLEASE CONFIRM CSVFILE LOCATION AND TRY AGAIN" -type E Write-VPASOutput -str "RETURNING FALSE" -type E return $false } Write-VPASLogger -LogStr " " -BulkOperation BulkSafeCreation -NewFile Write-Verbose "Initiating Log File" $processrun = $true $counter = 1 $import = Import-Csv -Path $CSVFile foreach($line in $import){ $params = @{} $errorflag = $false $SafeName = $line.SafeName $OLAC = $line.OLAC $VersionRetention = $line.VersionsRetention $DaysRetention = $line.DaysRetention $CPM = $line.CPM $Description = $line.Description #OLAC if([String]::IsNullOrEmpty($OLAC)){ Write-Verbose "OLAC MUST BE SPECIFIED AS EITHER True OR False...SKIPPING RECORD #$counter" Write-VPASOutput -str "OLAC MUST BE SPECIFIED AS EITHER True OR False...SKIPPING RECORD #$counter" -type E Write-VPASLogger -LogStr "OLAC MUST BE SPECIFIED AS EITHER True OR False...SKIPPING RECORD #$counter" -BulkOperation BulkSafeCreation $errorflag = $true $processrun = $false } else{ $OLAC = $OLAC.ToLower() if($OLAC -eq "true"){ $params += @{ OLACEnabled = $OLAC } } elseif($OLAC -eq "false"){ $params += @{ OLACEnabled = $OLAC } } else{ Write-Verbose "OLAC MUST BE SPECIFIED AS EITHER True OR False...SKIPPING RECORD #$counter" Write-VPASOutput -str "OLAC MUST BE SPECIFIED AS EITHER True OR False...SKIPPING RECORD #$counter" -type E Write-VPASLogger -LogStr "OLAC MUST BE SPECIFIED AS EITHER True OR False...SKIPPING RECORD #$counter" -BulkOperation BulkSafeCreation $errorflag = $true $processrun = $false } } #SAFE NAME if([String]::IsNullOrEmpty($SafeName)){ Write-Verbose "SAFENAME MUST BE SPECIFIED...SKIPPING RECORD #$counter" Write-VPASOutput -str "SAFENAME MUST BE SPECIFIED...SKIPPING RECORD #$counter" -type E Write-VPASLogger -LogStr "SAFENAME MUST BE SPECIFIED...SKIPPING RECORD #$counter" -BulkOperation BulkSafeCreation $errorflag = $true $processrun = $false } else{ $params += @{ SafeName = $SafeName } } #SAFE OPTIONS if([String]::IsNullOrEmpty($VersionRetention) -and [String]::IsNullOrEmpty($DaysRetention)){ $targetVal = 7 $params += @{ NumberofDaysRetention = $targetVal } } elseif([String]::IsNullOrEmpty($VersionRetention) -and ![String]::IsNullOrEmpty($DaysRetention)){ try{ $targetVal = [int]$DaysRetention $params += @{ NumberofDaysRetention = $targetVal } }catch{ Write-Verbose "DAYS RETENTION MUST BE AN INTEGER...SKIPPING RECORD #$counter" Write-VPASOutput -str "DAYS RETENTION MUST BE AN INTEGER...SKIPPING RECORD #$counter" -type E Write-VPASLogger -LogStr "DAYS RETENTION MUST BE AN INTEGER...SKIPPING RECORD #$counter" -BulkOperation BulkSafeCreation $errorflag = $true $processrun = $false } } elseif(![String]::IsNullOrEmpty($VersionRetention) -and [String]::IsNullOrEmpty($DaysRetention)){ try{ $targetVal = [int]$VersionRetention $params += @{ NumberOfVersionsRetention = $targetVal } }catch{ Write-Verbose "VERSIONS RETENTION MUST BE AN INTEGER...SKIPPING RECORD #$counter" Write-VPASOutput -str "VERSIONS RETENTION MUST BE AN INTEGER...SKIPPING RECORD #$counter" -type E Write-VPASLogger -LogStr "VERSIONS RETENTION MUST BE AN INTEGER...SKIPPING RECORD #$counter" -BulkOperation BulkSafeCreation $errorflag = $true $processrun = $false } } elseif(![String]::IsNullOrEmpty($VersionRetention) -and ![String]::IsNullOrEmpty($DaysRetention)){ Write-Verbose "EITHER VERSION RETENTION OR DAYS RETENTION CAN BE SPECIFIED, NOT BOTH...SKIPPING RECORD #$counter" Write-VPASOutput -str "EITHER VERSION RETENTION OR DAYS RETENTION CAN BE SPECIFIED, NOT BOTH...SKIPPING RECORD #$counter" -type E Write-VPASLogger -LogStr "EITHER VERSION RETENTION OR DAYS RETENTION CAN BE SPECIFIED, NOT BOTH...SKIPPING RECORD #$counter" -BulkOperation BulkSafeCreation $errorflag = $true $processrun = $false } else{ Write-Verbose "UNKNOWN VALUE FOR DAYS RETENTION AND VERSION RETENTION...SKIPPING RECORD #$counter" Write-VPASOutput -str "UNKNOWN VALUE FOR DAYS RETENTION AND VERSION RETENTION...SKIPPING RECORD #$counter" -type E Write-VPASLogger -LogStr "UNKNOWN VALUE FOR DAYS RETENTION AND VERSION RETENTION...SKIPPING RECORD #$counter" -BulkOperation BulkSafeCreation $errorflag = $true $processrun = $false } #CPM if([String]::IsNullOrEmpty($CPM)){ #DO NOTHING } else{ $params += @{ ManagingCPM = $CPM } } #DESCRIPTION $params += @{ Description = $Description } #MAKE API CALL if($errorflag){ Write-Verbose "PRE-REQS FAILED...SKIPPING RECORD" $processrun = $false } else{ try{ Write-Verbose "MAKING API CALL TO CYBERARK" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA/PasswordVault/API/Safes" } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA/PasswordVault/API/Safes" } $params = $params | ConvertTo-Json if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method POST -Body $params -ContentType "application/json" } if($response){ Write-Verbose "SUCCESSFULLY CREATED SAFE ($SafeName) IN RECORD #$counter" Write-VPASOutput -str "SUCCESSFULLY CREATED SAFE ($SafeName) IN RECORD #$counter" -type G Write-VPASLogger -LogStr "SUCCESSFULLY CREATED SAFE ($SafeName) IN RECORD #$counter" -BulkOperation BulkSafeCreation } else{ Write-Verbose "FAILED TO CREATE SAFE ($SafeName) IN RECORD #$counter" Write-VPASOutput -str "FAILED TO CREATE SAFE ($SafeName) IN RECORD #$counter" -type E Write-VPASLogger -LogStr "FAILED TO CREATE SAFE ($SafeName) IN RECORD #$counter" -BulkOperation BulkSafeCreation $processrun = $false } }catch{ Write-Verbose "FAILED TO CREATE SAFE ($SafeName) IN RECORD #$counter" Write-VPASOutput -str "FAILED TO CREATE SAFE ($SafeName) IN RECORD #$counter" -type E Write-VPASLogger -LogStr "FAILED TO CREATE SAFE ($SafeName) IN RECORD #$counter" -BulkOperation BulkSafeCreation Write-VPASLogger -LogStr "$_" -BulkOperation BulkSafeCreation $processrun = $false } } $counter += 1 } $curUser = $env:UserName $targetLog = "C:\Users\$curUser\AppData\Local\VPASModuleOutputs\Logs\BulkSafeCreationLog.log" if($processrun){ Write-Verbose "UTILITY COMPLETED SUCCESSFULLY...FOR MORE INFORMATION VIEW LOGS LOCATED HERE:" Write-verbose "$targetLog" Write-VPASOutput -str "UTILITY COMPLETED SUCCESSFULLY...FOR MORE INFORMATION VIEW LOGS LOCATED HERE:" -type G Write-VPASOutput -str "$targetLog" -type G } else{ Write-Verbose "UTILITY COMPLETED BUT SOME RECORDS FAILED...FOR MORE INFORMATION VIEW LOGS LOCATED HERE:" Write-verbose "$targetLog" Write-VPASOutput -str "UTILITY COMPLETED BUT SOME RECORDS FAILED...FOR MORE INFORMATION VIEW LOGS LOCATED HERE:" -type E Write-VPASOutput -str "$targetLog" -type E } return $true }catch{ Write-Verbose "FAILED TO RUN BULK SAFE CREATION UTILITY" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |