From 754a9e4da54e10e9cee9d7d02eafdf2a0b21a967 Mon Sep 17 00:00:00 2001 From: Alexander Sageng Date: Tue, 22 Apr 2025 16:30:23 +0200 Subject: [PATCH] Added new folder structure for tenant commands. Added tentant functions --- IdentityCommand/IdentityCommand.psd1 | 11 +++- IdentityCommand/Public/Get-IDTenant.ps1 | 21 ------ IdentityCommand/Public/Get-IDTenantCname.ps1 | 21 ------ .../Public/Get-IDTenantConfiguration.ps1 | 21 ------ .../Remove-IDAuthenticationPolicyBlock.ps1 | 6 ++ .../Policies/Set-IDAuthenticationPolicy.ps1 | 65 +++++++++++++++++++ .../Public/Tenant/Get-IDTenant.ps1 | 29 +++++++++ .../Public/Tenant/Get-IDTenantCdsSuffix.ps1 | 29 +++++++++ .../Public/Tenant/Get-IDTenantCname.ps1 | 27 ++++++++ .../Tenant/Get-IDTenantConfiguration.ps1 | 28 ++++++++ .../Public/Tenant/Get-IDTenantSuffix.ps1 | 29 +++++++++ .../Public/Tenant/Get-IDTenantURL.ps1 | 27 ++++++++ .../Public/Tenant/New-IDTenantCname.ps1 | 33 ++++++++++ .../Public/Tenant/New-IDTenantSuffix.ps1 | 65 +++++++++++++++++++ .../Public/Tenant/Remove-IDTenantCname.ps1 | 53 +++++++++++++++ .../Public/Tenant/Remove-IDTenantSuffix.ps1 | 37 +++++++++++ .../Tenant/Set-IDTenantPreferredCname.ps1 | 53 +++++++++++++++ 17 files changed, 491 insertions(+), 64 deletions(-) delete mode 100644 IdentityCommand/Public/Get-IDTenant.ps1 delete mode 100644 IdentityCommand/Public/Get-IDTenantCname.ps1 delete mode 100644 IdentityCommand/Public/Get-IDTenantConfiguration.ps1 create mode 100644 IdentityCommand/Public/Policies/Set-IDAuthenticationPolicy.ps1 create mode 100644 IdentityCommand/Public/Tenant/Get-IDTenant.ps1 create mode 100644 IdentityCommand/Public/Tenant/Get-IDTenantCdsSuffix.ps1 create mode 100644 IdentityCommand/Public/Tenant/Get-IDTenantCname.ps1 create mode 100644 IdentityCommand/Public/Tenant/Get-IDTenantConfiguration.ps1 create mode 100644 IdentityCommand/Public/Tenant/Get-IDTenantSuffix.ps1 create mode 100644 IdentityCommand/Public/Tenant/Get-IDTenantURL.ps1 create mode 100644 IdentityCommand/Public/Tenant/New-IDTenantCname.ps1 create mode 100644 IdentityCommand/Public/Tenant/New-IDTenantSuffix.ps1 create mode 100644 IdentityCommand/Public/Tenant/Remove-IDTenantCname.ps1 create mode 100644 IdentityCommand/Public/Tenant/Remove-IDTenantSuffix.ps1 create mode 100644 IdentityCommand/Public/Tenant/Set-IDTenantPreferredCname.ps1 diff --git a/IdentityCommand/IdentityCommand.psd1 b/IdentityCommand/IdentityCommand.psd1 index 3cbd2be..0b1c901 100644 --- a/IdentityCommand/IdentityCommand.psd1 +++ b/IdentityCommand/IdentityCommand.psd1 @@ -83,11 +83,19 @@ 'Unlock-IDUser', 'Get-IDTenant', 'Get-IDTenantConfiguration', + 'New-IDTenantCname', + 'Remove-IDTenantCname', 'Get-IDConnector', 'New-IDPlatformToken', 'Get-IDUserRole', 'Get-IDAnalyticsDataset', 'Get-IDTenantCname', + 'Get-IDTenantURL', + 'Set-IDTenantPreferredCname', + 'Get-IDTenantSuffix', + 'New-IDTenantSuffix', + 'Remove-IDTenantSuffix', + 'Get-IDTenantCdsSuffix', 'Get-IDDownloadUrl', 'Get-IDUserIdentifier', 'Invoke-IDSqlcmd', @@ -121,7 +129,8 @@ 'Remove-IDAuthenticationPolicyBlock', 'Get-IDUserOathOTPClientName', 'Get-IDUserPasswordComplexityRequirements', - 'New-IDAuthenticationPolicy' + 'New-IDAuthenticationPolicy', + 'Set-IDAuthenticationPolicy' ) # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export. diff --git a/IdentityCommand/Public/Get-IDTenant.ps1 b/IdentityCommand/Public/Get-IDTenant.ps1 deleted file mode 100644 index 374c253..0000000 --- a/IdentityCommand/Public/Get-IDTenant.ps1 +++ /dev/null @@ -1,21 +0,0 @@ -# .ExternalHelp IdentityCommand-help.xml -function Get-IDTenant { - [CmdletBinding()] - param( ) - - BEGIN { - - $URI = "$($ISPSSSession.tenant_url)/SysInfo/About" - - }#begin - - PROCESS { - - #Send Request - Invoke-IDRestMethod -Uri $URI -Method POST - - }#process - - END {}#end - -} \ No newline at end of file diff --git a/IdentityCommand/Public/Get-IDTenantCname.ps1 b/IdentityCommand/Public/Get-IDTenantCname.ps1 deleted file mode 100644 index e496c80..0000000 --- a/IdentityCommand/Public/Get-IDTenantCname.ps1 +++ /dev/null @@ -1,21 +0,0 @@ -# .ExternalHelp IdentityCommand-help.xml -function Get-IDTenantCname { - [CmdletBinding()] - param( ) - - BEGIN { - - $URI = "$($ISPSSSession.tenant_url)/TenantCnames/UiGet" - - }#begin - - PROCESS { - - #Send Request - Invoke-IDRestMethod -Uri $URI -Method POST - - }#process - - END {}#end - -} \ No newline at end of file diff --git a/IdentityCommand/Public/Get-IDTenantConfiguration.ps1 b/IdentityCommand/Public/Get-IDTenantConfiguration.ps1 deleted file mode 100644 index a38226c..0000000 --- a/IdentityCommand/Public/Get-IDTenantConfiguration.ps1 +++ /dev/null @@ -1,21 +0,0 @@ -# .ExternalHelp IdentityCommand-help.xml -function Get-IDTenantConfiguration { - [CmdletBinding()] - param( ) - - BEGIN { - - $URI = "$($ISPSSSession.tenant_url)/TenantConfig/GetCustomerConfig" - - }#begin - - PROCESS { - - #Send Request - Invoke-IDRestMethod -Uri $URI -Method POST - - }#process - - END {}#end - -} \ No newline at end of file diff --git a/IdentityCommand/Public/Policies/Remove-IDAuthenticationPolicyBlock.ps1 b/IdentityCommand/Public/Policies/Remove-IDAuthenticationPolicyBlock.ps1 index c2a15d4..e55ea7a 100644 --- a/IdentityCommand/Public/Policies/Remove-IDAuthenticationPolicyBlock.ps1 +++ b/IdentityCommand/Public/Policies/Remove-IDAuthenticationPolicyBlock.ps1 @@ -15,6 +15,12 @@ function Remove-IDAuthenticationPolicyBlock { PROCESS { + if ($Name -notlike "/Policy/*") { + + Write-Warning "The name parameter must be in the syntax the '/Policy/'" + break + } + $Body = @{ "path" = $Name diff --git a/IdentityCommand/Public/Policies/Set-IDAuthenticationPolicy.ps1 b/IdentityCommand/Public/Policies/Set-IDAuthenticationPolicy.ps1 new file mode 100644 index 0000000..5b442ba --- /dev/null +++ b/IdentityCommand/Public/Policies/Set-IDAuthenticationPolicy.ps1 @@ -0,0 +1,65 @@ +function Set-IDAuthenticationPolicy { + + [CmdletBinding()] + param + ( + [Parameter(Mandatory = $true, + ValueFromPipelinebyPropertyName = $true)] + $PolicyName, + + [Parameter(Mandatory = $false)] + $Description = "", + + [Parameter(Mandatory = $false)] + [ValidateSet('Role','Global','Collection')] + $LinkType = "Global" + ) + + BEGIN {} #begin + + PROCESS { + + $Plinks = Get-IDAuthenticationPolicyLink + + $PolicyBlock = Get-IDAuthenticationPolicyBlock -Name $PolicyName + $RevStamp = $PolicyBlock | Select-Object -ExpandProperty RevStamp + $Version = $PolicyBlock | Select-Object -ExpandProperty Version + $Version++ + + $Plinks = (ConvertTo-Json -InputObject $Plinks) + + $Body = "{ + + 'plinks' : $($Plinks), + 'policy': { + + 'Newpolicy': 'false', + 'Version': '$($Version)', + 'Path': '/Policy/$PolicyName', + 'RevStamp': '$($Revstamp)', + 'Settings': { + '/Core/Security/CDS/ExternalMFA/ShowQRCode': true + }, + 'Description': '$($Description)' + + } + }" + + #Constructed parameters for the rest call + $RestCall = @{ + + "URI" = "https://$($ISPSSSession.TenantId).id.cyberark.cloud/Policy/SavePolicyBlock3" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "Body" = $Body + "ContentType" = "application/json" + + } + # invoking the rest call + $result = Invoke-IDRestMethod @RestCall + + return $result + } #process + + END {} #end +} diff --git a/IdentityCommand/Public/Tenant/Get-IDTenant.ps1 b/IdentityCommand/Public/Tenant/Get-IDTenant.ps1 new file mode 100644 index 0000000..85fae53 --- /dev/null +++ b/IdentityCommand/Public/Tenant/Get-IDTenant.ps1 @@ -0,0 +1,29 @@ +# .ExternalHelp IdentityCommand-help.xml +function Get-IDTenant { + + [CmdletBinding()] + param( ) + + BEGIN {}#begin + + PROCESS { + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/SysInfo/About" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "ContentType" = "application/json" + + } + + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result.Results.Row + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/Get-IDTenantCdsSuffix.ps1 b/IdentityCommand/Public/Tenant/Get-IDTenantCdsSuffix.ps1 new file mode 100644 index 0000000..a6644e6 --- /dev/null +++ b/IdentityCommand/Public/Tenant/Get-IDTenantCdsSuffix.ps1 @@ -0,0 +1,29 @@ +# .ExternalHelp IdentityCommand-help.xml +function Get-IDTenantCdsSuffix { + + [CmdletBinding()] + param( ) + + BEGIN {}#begin + + PROCESS { + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/Core/GetCdsAliasesForTenant" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "ContentType" = "application/json" + + } + + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result.Results.Row + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/Get-IDTenantCname.ps1 b/IdentityCommand/Public/Tenant/Get-IDTenantCname.ps1 new file mode 100644 index 0000000..b49da89 --- /dev/null +++ b/IdentityCommand/Public/Tenant/Get-IDTenantCname.ps1 @@ -0,0 +1,27 @@ +# .ExternalHelp IdentityCommand-help.xml +function Get-IDTenantCname { + [CmdletBinding()] + param( ) + + BEGIN {}#begin + + PROCESS { + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/TenantCnames/UiGet" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "ContentType" = "application/json" + + } + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result.Results.Row + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/Get-IDTenantConfiguration.ps1 b/IdentityCommand/Public/Tenant/Get-IDTenantConfiguration.ps1 new file mode 100644 index 0000000..d7186cf --- /dev/null +++ b/IdentityCommand/Public/Tenant/Get-IDTenantConfiguration.ps1 @@ -0,0 +1,28 @@ +# .ExternalHelp IdentityCommand-help.xml +function Get-IDTenantConfiguration { + [CmdletBinding()] + param( ) + + BEGIN {}#begin + + PROCESS { + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/TenantConfig/GetCustomerConfig" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "ContentType" = "application/json" + + } + + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/Get-IDTenantSuffix.ps1 b/IdentityCommand/Public/Tenant/Get-IDTenantSuffix.ps1 new file mode 100644 index 0000000..bc4369b --- /dev/null +++ b/IdentityCommand/Public/Tenant/Get-IDTenantSuffix.ps1 @@ -0,0 +1,29 @@ +# .ExternalHelp IdentityCommand-help.xml +function Get-IDTenantSuffix { + + [CmdletBinding()] + param( ) + + BEGIN {}#begin + + PROCESS { + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/Core/GetAliasesForTenant" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "ContentType" = "application/json" + + } + + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result.Results.Row + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/Get-IDTenantURL.ps1 b/IdentityCommand/Public/Tenant/Get-IDTenantURL.ps1 new file mode 100644 index 0000000..46ed095 --- /dev/null +++ b/IdentityCommand/Public/Tenant/Get-IDTenantURL.ps1 @@ -0,0 +1,27 @@ +# .ExternalHelp IdentityCommand-help.xml +function Get-IDTenantURL { + [CmdletBinding()] + param( ) + + BEGIN {}#begin + + PROCESS { + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/TenantCnames/Get" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "ContentType" = "application/json" + + } + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/New-IDTenantCname.ps1 b/IdentityCommand/Public/Tenant/New-IDTenantCname.ps1 new file mode 100644 index 0000000..a29a39f --- /dev/null +++ b/IdentityCommand/Public/Tenant/New-IDTenantCname.ps1 @@ -0,0 +1,33 @@ +# .ExternalHelp IdentityCommand-help.xml +function New-IDTenantCname { + [CmdletBinding()] + param + ( + + [Parameter(Mandatory = $true)] + $cnamePrefix + + ) + + BEGIN {}#begin + + PROCESS { + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/TenantCnames/Register?cnamePrefix=$cnamePrefix" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "ContentType" = "application/json" + + } + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/New-IDTenantSuffix.ps1 b/IdentityCommand/Public/Tenant/New-IDTenantSuffix.ps1 new file mode 100644 index 0000000..7254192 --- /dev/null +++ b/IdentityCommand/Public/Tenant/New-IDTenantSuffix.ps1 @@ -0,0 +1,65 @@ +# .ExternalHelp IdentityCommand-help.xml +function New-IDTenantSuffix { + + [CmdletBinding()] + param + ( + + # The new tenant Suffix + [Parameter(Mandatory = $true)] + $alias, + + # Boolean if it is a Cloud directory alias + [Parameter(Mandatory = $false)] + $cdsAlias = $true, + + # The suffix to be mapped to the new suffix + [Parameter(Mandatory = $true)] + $domain, + + # Whether or not its mapping the new suffix to CDS users or AD/FDS users + [Parameter(Mandatory = $false)] + [ValidateSet("AD&FDS","CDS")] + [Alias('jsutil-radio2')] + $directory = "AD&FDS", + + # Old name, not sure what this does. Perhaps for updating an existing alias + [Parameter(Mandatory = $false)] + $oldname = "" + + ) + + BEGIN {}#begin + + PROCESS { + + $Body = @{ + + "alias" = $alias + "cdsAlias" = $cdsAlias + "domain" = $domain + "jsutil-radio2" = $directory + "oldname" = $oldname + + } + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/Core/StoreAlias" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "Body" = ($Body | ConvertTo-JSON) + "ContentType" = "application/json" + + } + + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/Remove-IDTenantCname.ps1 b/IdentityCommand/Public/Tenant/Remove-IDTenantCname.ps1 new file mode 100644 index 0000000..771823e --- /dev/null +++ b/IdentityCommand/Public/Tenant/Remove-IDTenantCname.ps1 @@ -0,0 +1,53 @@ +# .ExternalHelp IdentityCommand-help.xml +function Remove-IDTenantCname { + [CmdletBinding()] + param + ( + + [Parameter(Mandatory = $true)] + $customCname + + ) + + BEGIN {}#begin + + PROCESS { + + if ($cnamePrefix -like "*.id.cyberark.cloud") { + + $Body = @{ + + "customCname" = $customCname + + } + + } + + else { + + $Body = @{ + + "customCname" = "$($customCname).id.cyberark.cloud" + + } + } + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/TenantCnames/UnRegister" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "Body" = ($Body | ConvertTo-JSON) + "ContentType" = "application/json" + + } + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/Remove-IDTenantSuffix.ps1 b/IdentityCommand/Public/Tenant/Remove-IDTenantSuffix.ps1 new file mode 100644 index 0000000..3a71a1c --- /dev/null +++ b/IdentityCommand/Public/Tenant/Remove-IDTenantSuffix.ps1 @@ -0,0 +1,37 @@ +# .ExternalHelp IdentityCommand-help.xml +function Remove-IDTenantSuffix { + + [CmdletBinding()] + param + ( + + # The new tenant Suffix + [Parameter(Mandatory = $true)] + [array]$Suffixes + + ) + + BEGIN {}#begin + + PROCESS { + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/Core/DeleteAliases" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "Body" = ConvertTo-Json -InputObject $Suffixes + "ContentType" = "application/json" + + } + + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result + + }#process + + END {}#end + +} \ No newline at end of file diff --git a/IdentityCommand/Public/Tenant/Set-IDTenantPreferredCname.ps1 b/IdentityCommand/Public/Tenant/Set-IDTenantPreferredCname.ps1 new file mode 100644 index 0000000..9bab8ea --- /dev/null +++ b/IdentityCommand/Public/Tenant/Set-IDTenantPreferredCname.ps1 @@ -0,0 +1,53 @@ +# .ExternalHelp IdentityCommand-help.xml +function Set-IDTenantPreferredCname { + [CmdletBinding()] + param + ( + + [Parameter(Mandatory = $true)] + $customCname + + ) + + BEGIN {}#begin + + PROCESS { + + if ($cnamePrefix -like "*.id.cyberark.cloud") { + + $Body = @{ + + "customCname" = $customCname + + } + + } + + else { + + $Body = @{ + + "customCname" = "$($customCname).id.cyberark.cloud" + + } + } + + $RestCall = @{ + + "URI" = "$($ISPSSSession.tenant_url)/TenantCnames/SetPreferred" + "Headers" = $($ISPSSSession.WebSession.Headers) + "Method" = "Post" + "Body" = ($Body | ConvertTo-JSON) + "ContentType" = "application/json" + + } + #Send Request + $result = Invoke-IDRestMethod @RestCall + + return $result + + }#process + + END {}#end + +} \ No newline at end of file