- Notifications
You must be signed in to change notification settings - Fork20
Powershell Module for CyberArk PACLI
License
pspete/PoShPACLI
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
| Master Branch | Latest Build | CodeFactor | Coverage | PowerShell Gallery | License |
|---|---|---|---|---|---|
 |  |  |  | ||
 |  |
Use the native functions of the CyberArk PACLI command line utility translated into PowerShell.
If you are landing here and interested in using PowerShell to automate an aspect of CyberArk,
I recommend investigating mypsPAS module first, to see if you can achieve what you need with the REST API.
An identical process to using the PACLI tool on its own should be followed.
- Check therelationship table to determine what PoShPACLI function exposes which PACLI command.
Set-PVConfiguration must be run before using the module for the first time.This function identifies the location of thePACLI.exe utility to the module.
When starting PACLI, defining a vault, & Authenticating, any values provided forSessionID,Vault name &User name are automatically provided to future PoShPACLI commands.
TheGet-PVConfiguration function is used to view the current values in use by the module.
Execute the sequence of commands to complete a required process.
The module provides the the required parameter values to the PACLI executable.
Output can be piped between PoShPACLI functions:
The table shows how the the PoShPACLI module functions relate to their native PACLI counterparts:
| PACLI Command | PoshPACLI Function |
|---|---|
| INIT | Start-PVPacli |
| TERM | Stop-PVPacli |
| DEFINEFROMFILE | Import-PVVaultDefinition |
| DEFINE | New-PVVaultDefinition |
| CREATELOGONFILE | New-PVLogonFile |
| LOGON | Connect-PVVault |
| LOGOFF | Disconnect-PVVault |
| CTLGETFILENAME | Get-PVCTL |
| CTLADDCERT | Add-PVCTLCertificate |
| CTLLIST | Get-PVCTLCertificate |
| CTLREMOVECERT | Remove-PVCTLCertificate |
| STOREFILE | Add-PVFile |
| FINDFILES | Find-PVFile |
| RETRIEVEFILE | Get-PVFile |
| LOCKFILE | Lock-PVFile |
| MOVEFILE | Move-PVFile |
| DELETEFILE | Remove-PVFile |
| RESETFILE | Reset-PVFile |
| UNDELETEFILE | Restore-PVFile |
| UNLOCKFILE | Unlock-PVFile |
| INSPECTFILE | Get-PVFileActivity |
| ADDFILECATEGORY | Add-PVFileCategory |
| LISTFILECATEGORIES | Get-PVFileCategory |
| DELETEFILECATEGORY | Remove-PVFileCategory |
| UPDATEFILECATEGORY | Set-PVFileCategory |
| FILESLIST | Get-PVFileList |
| FILEVERSIONSLIST | Get-PVFileVersionList |
| FOLDERSLIST | Get-PVFolder |
| MOVEFOLDER | Move-PVFolder |
| ADDFOLDER | New-PVFolder |
| DELETEFOLDER | Remove-PVFolder |
| UNDELETEFOLDER | Restore-PVFolder |
| GROUPDETAILS | Get-PVGroup |
| ADDGROUP | New-PVGroup |
| DELETEGROUP | Remove-PVGroup |
| UPDATEGROUP | Set-PVGroup |
| ADDGROUPMEMBER | Add-PVGroupMember |
| GROUPMEMBERS | Get-PVGroupMember |
| DELETEGROUPMEMBER | Remove-PVGroupMember |
| LDAPBRANCHESLIST | Get-PVLDAPBranch |
| LDAPBRANCHADD | New-PVLDAPBranch |
| LDAPBRANCHDELETE | Remove-PVLDAPBranch |
| LDAPBRANCHUPDATE | Set-PVLDAPBranch |
| LOCATIONSLIST | Get-PVLocation |
| ADDLOCATION | New-PVLocation |
| DELETELOCATION | Remove-PVLocation |
| RENAMELOCATION | Rename-PVLocation |
| UPDATELOCATION | Set-PVLocation |
| MAILUSER | Send-PVMailMessage |
| NETWORKAREASLIST | Get-PVNetworkArea |
| MOVENETWORKAREA | Move-PVNetworkArea |
| ADDNETWORKAREA | New-PVNetworkArea |
| DELETENETWORKAREA | Remove-PVNetworkArea |
| RENAMENETWORKAREA | Rename-PVNetworkArea |
| ADDAREAADDRESS | New-PVNetworkAreaAddress |
| DELETEAREAADDRESS | Remove-PVNetworkAreaAddress |
| VALIDATEOBJECT | Set-PVObjectValidation |
| GENERATEPASSWORD | New-PVPassword |
| STOREPASSWORDOBJECT | Add-PVPasswordObject |
| RETRIEVEPASSWORDOBJECT | Get-PVPasswordObject |
| DELETEPREFFEREDFOLDER | Remove-PVPreferredFolder |
| ADDPREFERREDFOLDER | Add-PVPreferredFolder |
| REQUESTSLIST | Get-PVRequest |
| DELETEREQUEST | Remove-PVRequest |
| REQUESTCONFIRMATIONSTATUS | Get-PVRequestStatus |
| CONFIRMREQUEST | Set-PVRequestStatus |
| ADDRULE | Add-PVRule |
| RULESLIST | Get-PVRule |
| DELETERULE | Remove-PVRule |
| CLOSESAFE | Close-PVSafe |
| SAFEDETAILS | Get-PVSafe |
| ADDSAFE | New-PVSafe |
| OPENSAFE | Open-PVSafe |
| DELETESAFE | Remove-PVSafe |
| RENAMESAFE | Rename-PVSafe |
| RESETSAFE | Reset-PVSafe |
| UPDATESAFE | Set-PVSafe |
| INSPECTSAFE | Get-PVSafeActivity |
| SAFEEVENTSLIST | Get-PVSafeEvent |
| ADDEVENT | Write-PVSafeEvent |
| LISTSAFEFILECATEGORIES | Get-PVSafeFileCategory |
| ADDSAFEFILECATEGORY | New-PVSafeFileCategory |
| DELETESAFEFILECATEGORY | Remove-PVSafeFileCategory |
| UPDATESAFEFILECATEGORY | Set-PVSafeFileCategory |
| ADDSAFESHARE | Add-PVSafeGWAccount |
| DELETESAFESHARE | Remove-PVSafeGWAccount |
| CLEARSAFEHISTORY | Clear-PVSafeHistory |
| SAFESLIST | Get-PVSafeList |
| SAFESLOG | Get-PVSafeLog |
| ADDNOTE | Set-PVSafeNote |
| ADDOWNER | Add-PVSafeOwner |
| OWNERSLIST | Get-PVSafeOwner |
| DELETEOWNER | Remove-PVSafeOwner |
| UPDATEOWNER | Set-PVSafeOwner |
| ADDTRUSTEDNETWORKAREA | Add-PVTrustedNetworkArea |
| DEACTIVATETRUSTEDNETWORKAREA | Disable-PVTrustedNetworkArea |
| ACTIVATETRUSTEDNETWORKAREA | Enable-PVTrustedNetworkArea |
| TRUSTEDNETWORKAREALIST | Get-PVTrustedNetworkArea |
| DELETETRUSTEDNETWORKAREA | Remove-PVTrustedNetworkArea |
| USERDETAILS | Get-PVUser |
| LOCK | Lock-PVUser |
| ADDUSER | New-PVUser |
| DELETEUSER | Remove-PVUser |
| RENAMEUSER | Rename-PVUser |
| UPDATEUSER | Set-PVUser |
| UNLOCK | Unlock-PVUser |
| INSPECTUSER | Get-PVUserActivity |
| CLEARUSERHISTORY | Clear-PVUserHistory |
| USERSLIST | Get-PVUserList |
| SETPASSWORD | Set-PVUserPassword |
| GETUSERPHOTO | Get-PVUserPhoto |
| PUTUSERPHOTO | Set-PVUserPhoto |
| OWNERSAFESLIST | Get-PVUserSafeList |
| ADDUPDATEEXTERNALUSERENTITY | Add-PVExternalUser |
- Requires Powershell v5 (minimum)
- The CyberArk PACLI executable must be present on the same computer as the module.
- PACLI 7.2 was used for development, anything less is considered unsupported for use with this module.
- A CyberArk user with which to authenticate, which has appropriate Vault/Safe permissions.
This repository contains a folder namedPoShPACLI.
The folder and it's contents needs to be present in one of your PowerShell Module Directories.
Use one of the following methods:
Download the module from thePowerShell Gallery.
- PowerShell 5.0 or above required.
From a PowerShell prompt, run:
Install-Module-Name PoShPACLI-Scope CurrentUser
Find your PowerShell Module Paths with the following command:
$env:PSModulePath.split(';')
OR
Extract the archive
Copy thePoShPACLI folder to your "Powershell Modules" directory of choice.
Validate Module Exists on your local machine:
Get-Module-ListAvailable PoShPACLI
Import the module:
Import-Module PoShPACLIList Module Commands:
Get-Command-Module PoShPACLI
Get detailed information on specific commands:
Get-HelpOpen-PVSafe-Full
All notable changes to this project will be documented in theChangelog
- Pete Maan -pspete
This project is licensed under the MIT License - see theLICENSE.md file for details
Any and all contributions to this project are appreciated.See theCONTRIBUTING.md for a few more details.
About
Powershell Module for CyberArk PACLI