public/Get-VPASSafeDetails.ps1
|
<#
.Synopsis GET SAFE DETAILS CREATED BY: Vadim Melamed, EMAIL: vpasmodule@gmail.com .DESCRIPTION USE THIS FUNCTION TO GET SAFE DETAILS FOR A SPECIFIED SAFE .LINK https://vpasmodule.com/commands/Get-VPASSafeDetails .PARAMETER token HashTable of data containing various pieces of login information (PVWA, LoginToken, HeaderType, etc). If -token is not passed, function will use last known hashtable generated by New-VPASToken .PARAMETER safe Target unique safe name .PARAMETER IncludeAccounts Switch if to include accounts in the return value or not .PARAMETER InputParameters HashTable of values containing the parameters required to make the API call .EXAMPLE $SafeDetailsJSON = Get-VPASSafeDetails -safe {SAFE VALUE} .EXAMPLE $InputParameters = @{ safe = "TargetSafeName" IncludeAccounts = $true|$false } $SafeDetailsJSON = Get-VPASSafeDetails -InputParameters $InputParameters .OUTPUTS If successful: { "safeUrlId": "TestSafe", "safeName": "TestSafe", "safeNumber": 121, "description": "", "location": "\\", "creator": { "id": "876kjsf-4554364-lkfjg-9bc1-skjdhf876345", "name": "vadim@vman.com" }, "olacEnabled": false, "managingCPM": "", "numberOfVersionsRetention": null, "numberOfDaysRetention": 7, "autoPurgeEnabled": false, "creationTime": 1715299864, "lastModificationTime": 1724029250038895, "accounts": [ { "id": "121_4", "name": "Operating System-WinDomain-vman.com-testdomainuser01" }, { "id": "121_5", "name": "Operating System-WinDomain-vman.com-testdomainuser02" } ], "isExpiredMember": false } --- $false if failed #> function Get-VPASSafeDetails{ [OutputType('System.Object',[bool])] [CmdletBinding(DefaultParameterSetName='Set1')] Param( [Parameter(Mandatory=$true,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true,HelpMessage="Enter target SafeName to query details (for example: TestSafe1)")] [String]$safe, [Parameter(Mandatory=$false,ParameterSetName='Set1',ValueFromPipelineByPropertyName=$true)] [Switch]$IncludeAccounts, [Parameter(Mandatory=$true,ParameterSetName='InputParameters',ValueFromPipelineByPropertyName=$true,HelpMessage="Hashtable of parameters required to make API call, refer to get-help -examples for valid inputs")] [hashtable]$InputParameters, [Parameter(Mandatory=$false,ValueFromPipelineByPropertyName=$true)] [hashtable]$token ) Begin{ $tokenval,$sessionval,$PVWA,$Header,$ISPSS,$IdentityURL,$EnableTextRecorder,$AuditTimeStamp,$NoSSL,$VaultVersion,$HideWarnings,$AuthenticatedAs,$SubDomain,$EnableTroubleshooting = Get-VPASSession -token $token $CommandName = $MyInvocation.MyCommand.Name $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType COMMAND } Process{ try{ if($PSCmdlet.ParameterSetName -eq "InputParameters"){ $KeyHash = @{ set1 = @{ AcceptableKeys = @("safe","IncludeAccounts") MandatoryKeys = @("safe") } } $CheckSet = Test-VPASHashtableKeysHelper -InputHash $InputParameters -KeyHash $KeyHash if(!$CheckSet){ $log = Write-VPASTextRecorder -inputval "FAILED TO FIND TARGET PARAMETER SET" -token $token -LogType MISC Write-Verbose "FAILED TO FIND TARGET PARAMETER SET" Write-VPASOutput -str "FAILED TO FIND TARGET PARAMETER SET...VIEW EXAMPLES BELOW:" -type E $examples = Write-VPASExampleHelper -CommandName $CommandName return $false } else{ foreach($key in $InputParameters.Keys){ Set-Variable -Name $key -Value $InputParameters.$key } } } }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "FAILED TO RETRIEVE SAFE DETAILS" Write-VPASOutput -str $_ -type E return $false } try{ if([String]::IsNullOrWhiteSpace($safe)){ Write-Verbose "INVALID ENTRY" Write-VPASOutput -str "INVALID ENTRY" -type E return $false } write-verbose "MAKING API CALL TO CYBERARK" if($NoSSL){ Write-Verbose "NO SSL ENABLED, USING HTTP INSTEAD OF HTTPS" $uri = "http://$PVWA//PasswordVault/api/Safes/$safe" if($IncludeAccounts){ $uri += "?includeAccounts=true" } } else{ Write-Verbose "SSL ENABLED BY DEFAULT, USING HTTPS" $uri = "https://$PVWA//PasswordVault/api/Safes/$safe" if($IncludeAccounts){ $uri += "?includeAccounts=true" } } $log = Write-VPASTextRecorder -inputval $uri -token $token -LogType URI $log = Write-VPASTextRecorder -inputval "GET" -token $token -LogType METHOD if($sessionval){ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" -WebSession $sessionval } else{ $response = Invoke-RestMethod -Headers @{"Authorization"=$Header} -Uri $uri -Method GET -ContentType "application/json" } $log = Write-VPASTextRecorder -inputval $response -token $token -LogType RETURN Write-Verbose "PARSING DATA FROM CYBERARK" Write-Verbose "RETURNING SAFE DETAILS" return $response }catch{ $log = Write-VPASTextRecorder -inputval $_ -token $token -LogType ERROR $log = Write-VPASTextRecorder -inputval "REST API COMMAND RETURNED: FALSE" -token $token -LogType MISC Write-Verbose "COULD NOT GET DETAILS FOR $safe" Write-VPASOutput -str $_ -type E return $false } } End{ $log = Write-VPASTextRecorder -inputval $CommandName -token $token -LogType DIVIDER } } |