PoShPACLI
PoShPACLI copied to clipboard
Powershell Module for CyberArk PACLI
Powershell PACLI Module for CyberArk EPV
Master Branch | Latest Build | CodeFactor | Coverage | PowerShell Gallery | License |
---|---|---|---|---|---|
Use the native functions of the CyberArk PACLI command line utility translated into PowerShell.
If you are landing here and interested in using PowerShell to automate an aspect of CyberArk,
I recommend investigating my psPAS module first, to see if you can achieve what you need with the REST API.
-
PoShPACLI
- Usage & Examples
- PACLI to PoShPACLI Function Relationship
-
Getting Started
- Prerequisites
- Installation Options
- Changelog
- License
- Contributing
Usage & Examples
An identical process to using the PACLI tool on its own should be followed.
- Check the relationship table to determine what PoShPACLI function exposes which PACLI command.
Initial Configuration
Set-PVConfiguration
must be run before using the module for the first time.
This function identifies the location of the PACLI.exe
utility to the module.
Example: Connecting to a Vault
When starting PACLI, defining a vault, & Authenticating, any values provided for SessionID
, Vault
name & User
name are automatically provided to future PoShPACLI commands.
The Get-PVConfiguration
function is used to view the current values in use by the module.
Example: Add Password Object to Safe
Execute the sequence of commands to complete a required process.
Example: Disconnect from Vault
The module provides the the required parameter values to the PACLI executable.
PACLI Pipeline Examples
Output can be piped between PoShPACLI functions:
Pipeline Example
PACLI to PoShPACLI Function Relationship
The table shows how the the PoShPACLI module functions relate to their native PACLI counterparts:
PACLI Command | PoshPACLI Function |
---|---|
INIT | Start-PVPacli |
TERM | Stop-PVPacli |
DEFINEFROMFILE | Import-PVVaultDefinition |
DEFINE | New-PVVaultDefinition |
CREATELOGONFILE | New-PVLogonFile |
LOGON | Connect-PVVault |
LOGOFF | Disconnect-PVVault |
CTLGETFILENAME | Get-PVCTL |
CTLADDCERT | Add-PVCTLCertificate |
CTLLIST | Get-PVCTLCertificate |
CTLREMOVECERT | Remove-PVCTLCertificate |
STOREFILE | Add-PVFile |
FINDFILES | Find-PVFile |
RETRIEVEFILE | Get-PVFile |
LOCKFILE | Lock-PVFile |
MOVEFILE | Move-PVFile |
DELETEFILE | Remove-PVFile |
RESETFILE | Reset-PVFile |
UNDELETEFILE | Restore-PVFile |
UNLOCKFILE | Unlock-PVFile |
INSPECTFILE | Get-PVFileActivity |
ADDFILECATEGORY | Add-PVFileCategory |
LISTFILECATEGORIES | Get-PVFileCategory |
DELETEFILECATEGORY | Remove-PVFileCategory |
UPDATEFILECATEGORY | Set-PVFileCategory |
FILESLIST | Get-PVFileList |
FILEVERSIONSLIST | Get-PVFileVersionList |
FOLDERSLIST | Get-PVFolder |
MOVEFOLDER | Move-PVFolder |
ADDFOLDER | New-PVFolder |
DELETEFOLDER | Remove-PVFolder |
UNDELETEFOLDER | Restore-PVFolder |
GROUPDETAILS | Get-PVGroup |
ADDGROUP | New-PVGroup |
DELETEGROUP | Remove-PVGroup |
UPDATEGROUP | Set-PVGroup |
ADDGROUPMEMBER | Add-PVGroupMember |
GROUPMEMBERS | Get-PVGroupMember |
DELETEGROUPMEMBER | Remove-PVGroupMember |
LDAPBRANCHESLIST | Get-PVLDAPBranch |
LDAPBRANCHADD | New-PVLDAPBranch |
LDAPBRANCHDELETE | Remove-PVLDAPBranch |
LDAPBRANCHUPDATE | Set-PVLDAPBranch |
LOCATIONSLIST | Get-PVLocation |
ADDLOCATION | New-PVLocation |
DELETELOCATION | Remove-PVLocation |
RENAMELOCATION | Rename-PVLocation |
UPDATELOCATION | Set-PVLocation |
MAILUSER | Send-PVMailMessage |
NETWORKAREASLIST | Get-PVNetworkArea |
MOVENETWORKAREA | Move-PVNetworkArea |
ADDNETWORKAREA | New-PVNetworkArea |
DELETENETWORKAREA | Remove-PVNetworkArea |
RENAMENETWORKAREA | Rename-PVNetworkArea |
ADDAREAADDRESS | New-PVNetworkAreaAddress |
DELETEAREAADDRESS | Remove-PVNetworkAreaAddress |
VALIDATEOBJECT | Set-PVObjectValidation |
GENERATEPASSWORD | New-PVPassword |
STOREPASSWORDOBJECT | Add-PVPasswordObject |
RETRIEVEPASSWORDOBJECT | Get-PVPasswordObject |
DELETEPREFFEREDFOLDER | Remove-PVPreferredFolder |
ADDPREFERREDFOLDER | Add-PVPreferredFolder |
REQUESTSLIST | Get-PVRequest |
DELETEREQUEST | Remove-PVRequest |
REQUESTCONFIRMATIONSTATUS | Get-PVRequestStatus |
CONFIRMREQUEST | Set-PVRequestStatus |
ADDRULE | Add-PVRule |
RULESLIST | Get-PVRule |
DELETERULE | Remove-PVRule |
CLOSESAFE | Close-PVSafe |
SAFEDETAILS | Get-PVSafe |
ADDSAFE | New-PVSafe |
OPENSAFE | Open-PVSafe |
DELETESAFE | Remove-PVSafe |
RENAMESAFE | Rename-PVSafe |
RESETSAFE | Reset-PVSafe |
UPDATESAFE | Set-PVSafe |
INSPECTSAFE | Get-PVSafeActivity |
SAFEEVENTSLIST | Get-PVSafeEvent |
ADDEVENT | Write-PVSafeEvent |
LISTSAFEFILECATEGORIES | Get-PVSafeFileCategory |
ADDSAFEFILECATEGORY | New-PVSafeFileCategory |
DELETESAFEFILECATEGORY | Remove-PVSafeFileCategory |
UPDATESAFEFILECATEGORY | Set-PVSafeFileCategory |
ADDSAFESHARE | Add-PVSafeGWAccount |
DELETESAFESHARE | Remove-PVSafeGWAccount |
CLEARSAFEHISTORY | Clear-PVSafeHistory |
SAFESLIST | Get-PVSafeList |
SAFESLOG | Get-PVSafeLog |
ADDNOTE | Set-PVSafeNote |
ADDOWNER | Add-PVSafeOwner |
OWNERSLIST | Get-PVSafeOwner |
DELETEOWNER | Remove-PVSafeOwner |
UPDATEOWNER | Set-PVSafeOwner |
ADDTRUSTEDNETWORKAREA | Add-PVTrustedNetworkArea |
DEACTIVATETRUSTEDNETWORKAREA | Disable-PVTrustedNetworkArea |
ACTIVATETRUSTEDNETWORKAREA | Enable-PVTrustedNetworkArea |
TRUSTEDNETWORKAREALIST | Get-PVTrustedNetworkArea |
DELETETRUSTEDNETWORKAREA | Remove-PVTrustedNetworkArea |
USERDETAILS | Get-PVUser |
LOCK | Lock-PVUser |
ADDUSER | New-PVUser |
DELETEUSER | Remove-PVUser |
RENAMEUSER | Rename-PVUser |
UPDATEUSER | Set-PVUser |
UNLOCK | Unlock-PVUser |
INSPECTUSER | Get-PVUserActivity |
CLEARUSERHISTORY | Clear-PVUserHistory |
USERSLIST | Get-PVUserList |
SETPASSWORD | Set-PVUserPassword |
GETUSERPHOTO | Get-PVUserPhoto |
PUTUSERPHOTO | Set-PVUserPhoto |
OWNERSAFESLIST | Get-PVUserSafeList |
ADDUPDATEEXTERNALUSERENTITY | Add-PVExternalUser |
Getting Started
Prerequisites
- Requires Powershell v5 (minimum)
- The CyberArk PACLI executable must be present on the same computer as the module.
- PACLI 7.2 was used for development, anything less is considered unsupported for use with this module.
- A CyberArk user with which to authenticate, which has appropriate Vault/Safe permissions.
Installation Options
This repository contains a folder named PoShPACLI
.
The folder and it's contents needs to be present in one of your PowerShell Module Directories.
Use one of the following methods:
Option 1: Install from PowerShell Gallery
Download the module from the PowerShell Gallery.
- PowerShell 5.0 or above required.
From a PowerShell prompt, run:
Install-Module -Name PoShPACLI -Scope CurrentUser
Option 2: Manual Install
Find your PowerShell Module Paths with the following command:
$env:PSModulePath.split(';')
OR
Extract the archive
Copy the PoShPACLI
folder to your "Powershell Modules" directory of choice.
Verification
Validate Module Exists on your local machine:
Get-Module -ListAvailable PoShPACLI
Import the module:
Import-Module PoShPACLI
List Module Commands:
Get-Command -Module PoShPACLI
Get detailed information on specific commands:
Get-Help Open-PVSafe -Full
Changelog
All notable changes to this project will be documented in the Changelog
Author
- Pete Maan - pspete
License
This project is licensed under the MIT License - see the LICENSE.md file for details
Contributing
Any and all contributions to this project are appreciated. See the CONTRIBUTING.md for a few more details.