diff --git a/Tests/Get-PASVRMDRSystemHealth.Tests.ps1 b/Tests/Get-PASVRMDRSystemHealth.Tests.ps1 new file mode 100644 index 00000000..d219c2a9 --- /dev/null +++ b/Tests/Get-PASVRMDRSystemHealth.Tests.ps1 @@ -0,0 +1,138 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{'vaultStatus' = 'Running'; 'drStatus' = 'Stopped'; 'lastDataReplicationTimestamp' = '1761564797'; 'lastMetadataReplicationTimestamp' = '1761567203' } + } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + + $response = Get-PASVRMDRSystemHealth -DRAddress '192.168.1.2' -servicePassword $SecurePassword + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'DRAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Get-PASVRMDRSystemHealth).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/SystemHealth" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.DRAddress) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Get-PASVRMDRSystemHealth -DRAddress '192.168.1.2' -servicePassword $SecurePassword } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides output' { + + $response | Should -Not -BeNullOrEmpty + + } + + It 'has output with expected number of properties' { + + ($response | Get-Member -MemberType NoteProperty).length | Should -Be 4 + + } + + } + + } + +} diff --git a/Tests/Get-PASVRMServiceConfig.Tests.ps1 b/Tests/Get-PASVRMServiceConfig.Tests.ps1 new file mode 100644 index 00000000..4171ed8c --- /dev/null +++ b/Tests/Get-PASVRMServiceConfig.Tests.ps1 @@ -0,0 +1,144 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{'DefaultTimeout' = '30'; 'DebugLevel' = 'PE(1),PERF(1,2)'; 'LockTimeout' = '30' } + } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + + $response = Get-PASVRMServiceConfig -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'serviceName' }, @{Parameter = 'serverAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Get-PASVRMServiceConfig).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/GetServiceConfig" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.serviceName) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'has a request body with expected number of properties' { + + ($Script:RequestBody | Get-Member -MemberType NoteProperty).length | Should -Be 4 + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Get-PASVRMServiceConfig -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides output' { + + $response | Should -Not -BeNullOrEmpty + + } + + It 'has output with expected number of properties' { + + ($response | Get-Member -MemberType NoteProperty).length | Should -Be 3 + + } + + } + + } + +} diff --git a/Tests/Get-PASVRMServiceConfigParameter.Tests.ps1 b/Tests/Get-PASVRMServiceConfigParameter.Tests.ps1 new file mode 100644 index 00000000..a00d798e --- /dev/null +++ b/Tests/Get-PASVRMServiceConfigParameter.Tests.ps1 @@ -0,0 +1,132 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{'DebugLevel' = 'PE(1),PERF(1,2)' } + } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + + $response = Get-PASVRMServiceConfigParameter -parameterName DebugLevel -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'parameterName' }, @{Parameter = 'serviceName' }, @{Parameter = 'serverAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Get-PASVRMServiceConfigParameter).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/GetServiceConfig/DebugLevel" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.serviceName) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Get-PASVRMServiceConfigParameter -parameterName DebugLevel -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides output' { + + $response | Should -Not -BeNullOrEmpty + + } + + } + + } + +} diff --git a/Tests/Get-PASVRMServiceStatus.Tests.ps1 b/Tests/Get-PASVRMServiceStatus.Tests.ps1 new file mode 100644 index 00000000..fe4c2b6a --- /dev/null +++ b/Tests/Get-PASVRMServiceStatus.Tests.ps1 @@ -0,0 +1,138 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{'status' = 'Running'; 'serviceName' = 'DR'; 'serverAddress' = '192.168.1.1' } + } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + + $response = Get-PASVRMServiceStatus -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'serviceName' }, @{Parameter = 'serverAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Get-PASVRMServiceStatus).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/GetServiceStatus" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.serviceName) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Get-PASVRMServiceStatus -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides output' { + + $response | Should -Not -BeNullOrEmpty + + } + + It 'has output with expected number of properties' { + + ($response | Get-Member -MemberType NoteProperty).length | Should -Be 3 + + } + + } + + } + +} diff --git a/Tests/Invoke-PASVRMFailover.Tests.ps1 b/Tests/Invoke-PASVRMFailover.Tests.ps1 new file mode 100644 index 00000000..3841cdc5 --- /dev/null +++ b/Tests/Invoke-PASVRMFailover.Tests.ps1 @@ -0,0 +1,120 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + + $response = Invoke-PASVRMFailover -DRAddress '192.168.1.2' -servicePassword $SecurePassword -Confirm:$false + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'DRAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Invoke-PASVRMFailover).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/InitiateFailover" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.DRAddress) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Invoke-PASVRMFailover -DRAddress '192.168.1.2' -servicePassword $SecurePassword -Confirm:$false } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + } + +} diff --git a/Tests/Restart-PASVRMService.Tests.ps1 b/Tests/Restart-PASVRMService.Tests.ps1 new file mode 100644 index 00000000..81e3d494 --- /dev/null +++ b/Tests/Restart-PASVRMService.Tests.ps1 @@ -0,0 +1,120 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + + $response = Restart-PASVRMService -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword -Confirm:$false + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'serviceName' }, @{Parameter = 'serverAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Restart-PASVRMService).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/SetServiceStatus/Restart" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.serviceName) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Restart-PASVRMService -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword -Confirm:$false } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + } + +} diff --git a/Tests/Set-PASVRMServiceConfig.Tests.ps1 b/Tests/Set-PASVRMServiceConfig.Tests.ps1 new file mode 100644 index 00000000..1b30b1e9 --- /dev/null +++ b/Tests/Set-PASVRMServiceConfig.Tests.ps1 @@ -0,0 +1,137 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { + [PSCustomObject]@{ + 'results' = @( + [PSCustomObject]@{'name' = 'DefaultTimeout'; 'value' = '30'; 'status' = 'Success' } + ) + } + } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + $params = @{ 'DefaultTimeout' = '30' } + + $response = Set-PASVRMServiceConfig -parameters $params -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword -Confirm:$false + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'parameters' }, @{Parameter = 'serviceName' }, @{Parameter = 'serverAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Set-PASVRMServiceConfig).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/SetServiceConfig" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.parameters) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Set-PASVRMServiceConfig -parameters $params -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword -Confirm:$false } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + Context 'Output' { + + It 'provides output' { + + $response | Should -Not -BeNullOrEmpty + + } + + } + + } + +} diff --git a/Tests/Start-PASVRMService.Tests.ps1 b/Tests/Start-PASVRMService.Tests.ps1 new file mode 100644 index 00000000..a4fc7e33 --- /dev/null +++ b/Tests/Start-PASVRMService.Tests.ps1 @@ -0,0 +1,120 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + + $response = Start-PASVRMService -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword -Confirm:$false + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'serviceName' }, @{Parameter = 'serverAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Start-PASVRMService).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/SetServiceStatus/Start" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.serviceName) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Start-PASVRMService -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword -Confirm:$false } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + } + +} diff --git a/Tests/Stop-PASVRMService.Tests.ps1 b/Tests/Stop-PASVRMService.Tests.ps1 new file mode 100644 index 00000000..a3da9e9e --- /dev/null +++ b/Tests/Stop-PASVRMService.Tests.ps1 @@ -0,0 +1,120 @@ +Describe $($PSCommandPath -Replace '.Tests.ps1') { + + BeforeAll { + #Get Current Directory + $Here = Split-Path -Parent $PSCommandPath + + #Assume ModuleName from Repository Root folder + $ModuleName = Split-Path (Split-Path $Here -Parent) -Leaf + + #Resolve Path to Module Directory + $ModulePath = Resolve-Path "$Here\..\$ModuleName" + + #Define Path to Module Manifest + $ManifestPath = Join-Path "$ModulePath" "$ModuleName.psd1" + + if ( -not (Get-Module -Name $ModuleName -All)) { + + Import-Module -Name "$ManifestPath" -ArgumentList $true -Force -ErrorAction Stop + + } + + $Script:RequestBody = $null + $psPASSession = [ordered]@{ + BaseURI = 'https://SomeURL/SomeApp' + User = $null + ExternalVersion = [System.Version]'0.0' + WebSession = New-Object Microsoft.PowerShell.Commands.WebRequestSession + StartTime = $null + ElapsedTime = $null + LastCommand = $null + LastCommandTime = $null + LastCommandResults = $null + } + + New-Variable -Name psPASSession -Value $psPASSession -Scope Script -Force + + } + + + AfterAll { + + $Script:RequestBody = $null + + } + + InModuleScope $(Split-Path (Split-Path (Split-Path -Parent $PSCommandPath) -Parent) -Leaf ) { + + BeforeEach { + Mock Invoke-PASRestMethod -MockWith { } + + $SecurePassword = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force + + $response = Stop-PASVRMService -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword -Confirm:$false + + } + + + Context 'Mandatory Parameters' { + + $Parameters = @{Parameter = 'serviceName' }, @{Parameter = 'serverAddress' }, @{Parameter = 'servicePassword' } + + It 'specifies parameter as mandatory' -TestCases $Parameters { + + param($Parameter) + + (Get-Command Stop-PASVRMService).Parameters["$Parameter"].Attributes.Mandatory | Should -Be $true + + } + + } + + + + Context 'Input' { + + It 'sends request' { + + Assert-MockCalled Invoke-PASRestMethod -Times 1 -Exactly -Scope It + + } + + It 'sends request to expected endpoint' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $URI -eq "$($Script:psPASSession.BaseURI)/API/VaultActions/SetServiceStatus/Stop" + + } -Times 1 -Exactly -Scope It + + } + + It 'uses expected method' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { $Method -match 'POST' } -Times 1 -Exactly -Scope It + + } + + It 'sends request with expected body' { + + Assert-MockCalled Invoke-PASRestMethod -ParameterFilter { + + $Script:RequestBody = $Body | ConvertFrom-Json + + ($Script:RequestBody.serviceName) -ne $null + + } -Times 1 -Exactly -Scope It + + } + + It 'throws error if version requirement not met' { + $psPASSession.ExternalVersion = '1.0' + { Stop-PASVRMService -serviceName DR -serverAddress '192.168.1.1' -servicePassword $SecurePassword -Confirm:$false } | Should -Throw + $psPASSession.ExternalVersion = '0.0' + } + + } + + } + +} diff --git a/docs/collections/_commands/Get-PASVRMDRSystemHealth.md b/docs/collections/_commands/Get-PASVRMDRSystemHealth.md new file mode 100644 index 00000000..86569c8b --- /dev/null +++ b/docs/collections/_commands/Get-PASVRMDRSystemHealth.md @@ -0,0 +1,113 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Get-PASVRMDRSystemHealth +schema: 2.0.0 +title: Get-PASVRMDRSystemHealth +--- + +# Get-PASVRMDRSystemHealth + +## SYNOPSIS +Gets the DR system health check including replication status + +## SYNTAX + +``` +Get-PASVRMDRSystemHealth [[-BaseURI] ] [-DRAddress] [[-serviceUserName] ] + [-servicePassword] [-ProgressAction ] [] +``` + +## DESCRIPTION +This method evaluates the overall system health of the DR environment. + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Get-PASVRMDRSystemHealth -DRAddress dr-vault.company.com -servicePassword $password +``` + +Retrieves the DR system health status including replication information + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server. +If not specified, uses the BaseURI from New-PASSession + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 0 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -DRAddress +The IP address or hostname of the DR Vault server + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The PARAgent password as a SecureString + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +### System.String + +### System.Security.SecureString + +## OUTPUTS + +### System.Object +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_commands/Get-PASVRMServiceConfig.md b/docs/collections/_commands/Get-PASVRMServiceConfig.md new file mode 100644 index 00000000..14f1b388 --- /dev/null +++ b/docs/collections/_commands/Get-PASVRMServiceConfig.md @@ -0,0 +1,126 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Get-PASVRMServiceConfig +schema: 2.0.0 +title: Get-PASVRMServiceConfig +--- + +# Get-PASVRMServiceConfig + +## SYNOPSIS +This method gets the current value for a specific configuration parameter. + +## SYNTAX + +``` +Get-PASVRMServiceConfig [[-BaseURI] ] [-serviceName] [-serverAddress] + [[-serviceUserName] ] [-servicePassword] [-ProgressAction ] + [] +``` + +## DESCRIPTION +Gets the current values for all Disaster Recovery (DR) configuration parameters. + +Returns Primary Vault configuration values including DefaultTimeout, DebugLevel, LockTimeout, and all DR-specific parameters. + +## EXAMPLES + +### EXAMPLE 1 +```powershell +Get-PASVRMServiceConfig -serviceName DR -serverAddress "192.168.2.51" -servicePassword $SecurePassword +``` + +Gets all DR configuration parameters for the service at the specified address + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server. +If not specified, uses the BaseURI from New-PASSession. + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceName +The name of the service to manage. +Supported services: Vault, DR + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serverAddress +The IP or host name of the Primary Vault or DR Vault + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 4 +Default value: Administrator +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The PARAgent password as a SecureString + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 5 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_commands/Get-PASVRMServiceConfigParameter.md b/docs/collections/_commands/Get-PASVRMServiceConfigParameter.md new file mode 100644 index 00000000..6a7b37ec --- /dev/null +++ b/docs/collections/_commands/Get-PASVRMServiceConfigParameter.md @@ -0,0 +1,142 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Get-PASVRMServiceConfigParameter +schema: 2.0.0 +title: Get-PASVRMServiceConfigParameter +--- + +# Get-PASVRMServiceConfigParameter + +## SYNOPSIS +Gets a specific DR configuration parameter value + +## SYNTAX + +``` +Get-PASVRMServiceConfigParameter [[-BaseURI] ] [-parameterName] [-serviceName] + [-serverAddress] [[-serviceUserName] ] [-servicePassword] + [-ProgressAction ] [] +``` + +## DESCRIPTION +Retrieves the current value of a specific Disaster Recovery configuration parameter. +Use this command to query individual DR configuration settings from the VRM service. +Requires authentication with the PARAgent service credentials. + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Get-PASVRMServiceConfigParameter -parameterName 'ReplicationInterval' -serviceName DR -serverAddress dr-vault.company.com -servicePassword $password +``` + +Retrieves the value of the ReplicationInterval configuration parameter from the DR service + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server. +If not specified, uses the BaseURI from New-PASSession + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -parameterName +The name of the configuration parameter to retrieve + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceName +The name of the service to query. +Supported services: Vault, DR + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serverAddress +The IP address or hostname of the Primary Vault or DR Vault server + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 4 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 5 +Default value: Administrator +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The PARAgent password as a SecureString + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 6 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_commands/Get-PASVRMServiceStatus.md b/docs/collections/_commands/Get-PASVRMServiceStatus.md new file mode 100644 index 00000000..07066d65 --- /dev/null +++ b/docs/collections/_commands/Get-PASVRMServiceStatus.md @@ -0,0 +1,126 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Get-PASVRMServiceStatus +schema: 2.0.0 +title: Get-PASVRMServiceStatus +--- + +# Get-PASVRMServiceStatus + +## SYNOPSIS +Gets the operational status of a Vault service + +## SYNTAX + +``` +Get-PASVRMServiceStatus [[-BaseURI] ] [-serviceName] [-serverAddress] + [[-serviceUserName] ] [-servicePassword] [-ProgressAction ] + [] +``` + +## DESCRIPTION +This method gets the current operational status of a specified service managed by the Vault Remote Manager. +Requires authentication with the PARAgent service credentials. + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Get-PASVRMServiceStatus -serviceName Vault -serverAddress vault.company.com -servicePassword $password +``` + +Gets the operational status of the Vault service on the specified server + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server, like https://example.com/PasswordVault +If not specified, uses the BaseURI from New-PASSession + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceName +The name of the service to check status for. +Supported services: Vault, DR + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serverAddress +The IP address or hostname of the Primary Vault or DR Vault server + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 4 +Default value: Administrator +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The password of the PARAgent user as a secure string + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 5 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_commands/Invoke-PASVRMFailover.md b/docs/collections/_commands/Invoke-PASVRMFailover.md new file mode 100644 index 00000000..6419954b --- /dev/null +++ b/docs/collections/_commands/Invoke-PASVRMFailover.md @@ -0,0 +1,142 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Invoke-PASVRMFailover +schema: 2.0.0 +title: Invoke-PASVRMFailover +--- + +# Invoke-PASVRMFailover + +## SYNOPSIS +Initiates DR failover to the DR site + +## SYNTAX + +``` +Invoke-PASVRMFailover [[-BaseURI] ] [-DRAddress] [[-serviceUserName] ] + [-servicePassword] [-ProgressAction ] [-WhatIf] [-Confirm] + [] +``` + +## DESCRIPTION +Initiates a disaster recovery failover operation to switch operations to the DR site. +This is a critical operation that should only be performed during an actual disaster recovery scenario or planned failover test. +Requires authentication with the PARAgent service credentials and supports WhatIf for testing. + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Invoke-PASVRMFailover -DRAddress dr-vault.company.com -servicePassword $password -Confirm:$false +``` + +Initiates a failover to the DR Vault at the specified address + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server. +If not specified, uses the BaseURI from New-PASSession + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -DRAddress +The IP address or hostname of the DR Vault server + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 3 +Default value: Administrator +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The PARAgent password as a SecureString + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 4 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_commands/Restart-PASVRMService.md b/docs/collections/_commands/Restart-PASVRMService.md new file mode 100644 index 00000000..080748e2 --- /dev/null +++ b/docs/collections/_commands/Restart-PASVRMService.md @@ -0,0 +1,165 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Restart-PASVRMService +schema: 2.0.0 +title: Restart-PASVRMService +--- + +# Restart-PASVRMService + +## SYNOPSIS +Restarts a Vault or DR service + +## SYNTAX + +``` +Restart-PASVRMService [[-BaseURI] ] [-serviceName] [-serverAddress] + [[-serviceUserName] ] [-servicePassword] [-ProgressAction ] [-WhatIf] + [-Confirm] [] +``` + +## DESCRIPTION +Restarts a specified VRM service (Vault or DR) on the target server. +Use this command to apply configuration changes or recover from service issues. +Requires authentication with the PARAgent service credentials and supports WhatIf for testing. + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Restart-PASVRMService -serviceName DR -serverAddress dr-vault.company.com -servicePassword $password +``` + +Restarts the DR service on the specified server + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server. +If not specified, uses the BaseURI from New-PASSession + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceName +The name of the service to restart. +Supported services: Vault, DR + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serverAddress +The IP address or hostname of the Primary Vault or DR Vault server + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 4 +Default value: Administrator +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The PARAgent password as a SecureString + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 5 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_commands/Set-PASVRMServiceConfig.md b/docs/collections/_commands/Set-PASVRMServiceConfig.md new file mode 100644 index 00000000..95d64f06 --- /dev/null +++ b/docs/collections/_commands/Set-PASVRMServiceConfig.md @@ -0,0 +1,175 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Set-PASVRMServiceConfig +schema: 2.0.0 +title: Set-PASVRMServiceConfig +--- + +# Set-PASVRMServiceConfig + +## SYNOPSIS +Sets one or multiple DR configuration parameters + +## SYNTAX + +``` +Set-PASVRMServiceConfig [[-BaseURI] ] [-parameters] [-serviceName] + [-serverAddress] [[-serviceUserName] ] [-servicePassword] + [-ProgressAction ] [-WhatIf] [-Confirm] [] +``` + +## DESCRIPTION +Sets one or more Disaster Recovery configuration parameters on the VRM service. +Use this command to configure DR replication settings and other operational parameters. +Requires authentication with the PARAgent service credentials and supports WhatIf for testing. + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> $params = @{ 'ReplicationInterval' = '300'; 'MaxRetries' = '5' } +PS C:\> Set-PASVRMServiceConfig -parameters $params -serviceName DR -serverAddress dr-vault.company.com -servicePassword $password +``` + +Sets multiple DR configuration parameters on the specified server + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server. +If not specified, uses the BaseURI from New-PASSession + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -parameters +A hashtable of configuration parameters to set. +Keys are parameter names, values are the desired settings + +```yaml +Type: Hashtable +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceName +The name of the service to configure. +Supported services: Vault, DR + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serverAddress +The IP address or hostname of the Primary Vault or DR Vault server + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 4 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 5 +Default value: Administrator +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The PARAgent password as a SecureString + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 6 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_commands/Start-PASVRMService.md b/docs/collections/_commands/Start-PASVRMService.md new file mode 100644 index 00000000..df8e7fbd --- /dev/null +++ b/docs/collections/_commands/Start-PASVRMService.md @@ -0,0 +1,165 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Start-PASVRMService +schema: 2.0.0 +title: Start-PASVRMService +--- + +# Start-PASVRMService + +## SYNOPSIS +Starts a Vault or DR service + +## SYNTAX + +``` +Start-PASVRMService [[-BaseURI] ] [-serviceName] [-serverAddress] + [[-serviceUserName] ] [-servicePassword] [-ProgressAction ] [-WhatIf] + [-Confirm] [] +``` + +## DESCRIPTION +Starts a specified VRM service (Vault or DR) on the target server. +Use this command to bring services online after maintenance or troubleshooting. +Requires authentication with the PARAgent service credentials and supports WhatIf for testing. + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Start-PASVRMService -serviceName Vault -serverAddress vault.company.com -servicePassword $password +``` + +Starts the Vault service on the specified server + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server. +If not specified, uses the BaseURI from New-PASSession + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceName +The name of the service to start. +Supported services: Vault, DR + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serverAddress +The IP address or hostname of the Primary Vault or DR Vault server + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 4 +Default value: Administrator +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The PARAgent password as a SecureString + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 5 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_commands/Stop-PASVRMService.md b/docs/collections/_commands/Stop-PASVRMService.md new file mode 100644 index 00000000..2400e1d0 --- /dev/null +++ b/docs/collections/_commands/Stop-PASVRMService.md @@ -0,0 +1,165 @@ +--- +category: PSPAS +external help file: psPAS-help.xml +Module Name: psPAS +online version: https://pspas.pspete.dev/commands/Stop-PASVRMService +schema: 2.0.0 +title: Stop-PASVRMService +--- + +# Stop-PASVRMService + +## SYNOPSIS +Stops a Vault or DR service + +## SYNTAX + +``` +Stop-PASVRMService [[-BaseURI] ] [-serviceName] [-serverAddress] + [[-serviceUserName] ] [-servicePassword] [-ProgressAction ] [-WhatIf] + [-Confirm] [] +``` + +## DESCRIPTION +Stops a specified VRM service (Vault or DR) on the target server. +Use this command for maintenance, troubleshooting, or controlled shutdowns. +Requires authentication with the PARAgent service credentials and supports WhatIf for testing. + +## EXAMPLES + +### Example 1 +```powershell +PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Stop-PASVRMService -serviceName Vault -serverAddress vault.company.com -servicePassword $password +``` + +Stops the Vault service on the specified server + +## PARAMETERS + +### -BaseURI +The URL of the PVWA server. +If not specified, uses the BaseURI from New-PASSession + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 1 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceName +The name of the service to stop. +Supported services: Vault, DR + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 2 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serverAddress +The IP address or hostname of the Primary Vault or DR Vault server + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: True +Position: 3 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -serviceUserName +The PARAgent user name. +Defaults to Administrator + +```yaml +Type: String +Parameter Sets: (All) +Aliases: + +Required: False +Position: 4 +Default value: Administrator +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -servicePassword +The PARAgent password as a SecureString + +```yaml +Type: SecureString +Parameter Sets: (All) +Aliases: + +Required: True +Position: 5 +Default value: None +Accept pipeline input: True (ByPropertyName) +Accept wildcard characters: False +``` + +### -WhatIf +Shows what would happen if the cmdlet runs. +The cmdlet is not run. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: wi + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -Confirm +Prompts you for confirmation before running the cmdlet. + +```yaml +Type: SwitchParameter +Parameter Sets: (All) +Aliases: cf + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -WhatIf +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### CommonParameters +This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). + +## INPUTS + +## OUTPUTS + +## NOTES + +## RELATED LINKS diff --git a/docs/collections/_pages/commands.md b/docs/collections/_pages/commands.md index 67d54af5..c8fc5f52 100644 --- a/docs/collections/_pages/commands.md +++ b/docs/collections/_pages/commands.md @@ -244,6 +244,15 @@ A psPAS command may not appear in the below list due to it not being explicitly [Remove PTA Syslog Configuration][Remove PTA Syslog Configuration] | [Remove-PASPTASyslog][Remove-PASPTASyslog] [Set PTA SMTP Configuration][Set PTA SMTP Configuration] | [Set-PASPTASMTP][Set-PASPTASMTP] [List Account Search Properties][List Account Search Properties] | [Get-PASAccountSearchProperty][Get-PASAccountSearchProperty] +[Get all configuration values][Get all configuration values] | [Get-PASVRMServiceConfig][Get-PASVRMServiceConfig] +[Get specific configuration parameter value][Get specific configuration parameter value] | [Get-PASVRMServiceConfigParameter][Get-PASVRMServiceConfigParameter] +[Set service configuration][Set service configuration] | [Set-PASVRMServiceConfig][Set-PASVRMServiceConfig] +[Get service status][Get service status] | [Get-PASVRMServiceStatus][Get-PASVRMServiceStatus] +[Set service status to START][Set service status to START] | [Start-PASVRMService][Start-PASVRMService] +[Set service status to STOP][Set service status to STOP] | [Stop-PASVRMService][Stop-PASVRMService] +[Set service status to RESTART][Set service status to RESTART] | [Restart-PASVRMService][Restart-PASVRMService] +[Get DR system health check][Get DR system health check] | [Get-PASVRMDRSystemHealth][Get-PASVRMDRSystemHealth] +[Initiate DR failover][Initiate DR failover] | [Invoke-PASVRMFailover][Invoke-PASVRMFailover] [Enable-PASTheme]:/psPAS/Functions/Theme/Enable-PASTheme [Remove-PASTheme]:/psPAS/Functions/Theme/Remove-PASTheme @@ -280,6 +289,15 @@ A psPAS command may not appear in the below list due to it not being explicitly [Remove-PASPTASyslog]:/psPAS/Functions/PTA/Remove-PASPTASyslog [Set-PASPTASMTP]:/psPAS/Functions/PTA/Set-PASPTASMTP [Get-PASAccountSearchProperty]:/psPAS/Functions/Accounts/Get-PASAccountSearchProperty +[Get-PASVRMServiceConfig]:/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceConfig +[Get-PASVRMServiceConfigParameter]:/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceConfigParameter +[Set-PASVRMServiceConfig]:/psPAS/Functions/VaultRemoteManager/Set-PASVRMServiceConfig +[Get-PASVRMServiceStatus]:/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceStatus +[Start-PASVRMService]:/psPAS/Functions/VaultRemoteManager/Start-PASVRMService +[Stop-PASVRMService]:/psPAS/Functions/VaultRemoteManager/Stop-PASVRMService +[Restart-PASVRMService]:/psPAS/Functions/VaultRemoteManager/Restart-PASVRMService +[Get-PASVRMDRSystemHealth]:/psPAS/Functions/VaultRemoteManager/Get-PASVRMDRSystemHealth +[Invoke-PASVRMFailover]:/psPAS/Functions/VaultRemoteManager/Invoke-PASVRMFailover [Get-PASUserTypeInfo]:/commands/Get-PASUserTypeInfo [Get-PASPTARiskEvent]:/commands/Get-PASPTARiskEvent [Set-PASPTARiskEvent]:/commands/Set-PASPTARiskEvent @@ -465,6 +483,15 @@ A psPAS command may not appear in the below list due to it not being explicitly [Remove PTA Syslog Configuration]:https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/RemovePTASyslog.htm [Set PTA SMTP Configuration]:https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/SetPTASMTP.htm [List Account Search Properties]:https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/GetAccountSearchProperties.htm +[Get all configuration values]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-get-service-config.htm +[Get specific configuration parameter value]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-get-service-config-parameter.htm +[Set service configuration]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-set-service-config-.htm +[Get service status]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-get-service-status.htm +[Set service status to START]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-set-service-status-start.htm +[Set service status to STOP]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-set-service-status-stop.htm +[Set service status to RESTART]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-set-service-status-restart.htm +[Get DR system health check]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-system-health.htm +[Initiate DR failover]:https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/server-api-vrm-initiate-dr-failover.htm [Get incoming request list]:https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/GetIncomingRequestList.htm [Create access request for multiple accounts]:https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/13.2/en/Content/WebServices/Create-multiple-requests.htm [Get risk events]:https://docs.cyberark.com/PAS/Latest/en/Content/WebServices/GetRiskEvents.htm diff --git a/psPAS/Functions/VaultRemoteManager/Get-PASVRMDRSystemHealth.ps1 b/psPAS/Functions/VaultRemoteManager/Get-PASVRMDRSystemHealth.ps1 new file mode 100644 index 00000000..45b1b306 --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Get-PASVRMDRSystemHealth.ps1 @@ -0,0 +1,83 @@ +# .ExternalHelp psPAS-help.xml +function Get-PASVRMDRSystemHealth { + [CmdletBinding()] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$DRAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/SystemHealth" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + }#process + + end { }#end + +} diff --git a/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceConfig.ps1 b/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceConfig.ps1 new file mode 100644 index 00000000..7e07aeea --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceConfig.ps1 @@ -0,0 +1,91 @@ +# .ExternalHelp psPAS-help.xml +function Get-PASVRMServiceConfig { + [CmdletBinding()] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateSet('Vault', 'DR')] + [string]$serviceName, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serverAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/GetServiceConfig" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + }#process + + end { }#end + +} diff --git a/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceConfigParameter.ps1 b/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceConfigParameter.ps1 new file mode 100644 index 00000000..69c392c3 --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceConfigParameter.ps1 @@ -0,0 +1,118 @@ +# .ExternalHelp psPAS-help.xml +function Get-PASVRMServiceConfigParameter { + [CmdletBinding()] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateSet( + 'AccessVaultForInactivity', + 'ActivateManualFailover', + 'CheckInterval', + 'CheckRetriesCount', + 'CheckRetriesInterval', + 'EnableCheck', + 'EnableDbsync', + 'EnableFailover', + 'EnableReplicate', + 'EnableTrace', + 'FailoverMode', + 'LastDataReplicationTimestamp', + 'NextBinaryLogNumberToStartAt', + 'ReplicateInterval', + 'ReplicateRetriesInterval', + 'DefaultTimeout', + 'DebugLevel', + 'LockTimeout' + )] + [string]$parameterName, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateSet('Vault', 'DR')] + [string]$serviceName, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serverAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/GetServiceConfig/$parameterName" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI, parameterName + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + }#process + + end { }#end + +} diff --git a/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceStatus.ps1 b/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceStatus.ps1 new file mode 100644 index 00000000..b9e2e43f --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Get-PASVRMServiceStatus.ps1 @@ -0,0 +1,91 @@ +# .ExternalHelp psPAS-help.xml +function Get-PASVRMServiceStatus { + [CmdletBinding()] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateSet('Vault', 'DR')] + [string]$serviceName, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serverAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/GetServiceStatus" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + }#process + + end { }#end + +} diff --git a/psPAS/Functions/VaultRemoteManager/Invoke-PASVRMFailover.ps1 b/psPAS/Functions/VaultRemoteManager/Invoke-PASVRMFailover.ps1 new file mode 100644 index 00000000..301bbe38 --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Invoke-PASVRMFailover.ps1 @@ -0,0 +1,87 @@ +# .ExternalHelp psPAS-help.xml +function Invoke-PASVRMFailover { + [CmdletBinding(SupportsShouldProcess)] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$DRAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/InitiateFailover" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess($DRAddress, 'Initiate DR Failover')) { + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + } + + }#process + + end { }#end + +} diff --git a/psPAS/Functions/VaultRemoteManager/Restart-PASVRMService.ps1 b/psPAS/Functions/VaultRemoteManager/Restart-PASVRMService.ps1 new file mode 100644 index 00000000..093b0d2e --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Restart-PASVRMService.ps1 @@ -0,0 +1,95 @@ +# .ExternalHelp psPAS-help.xml +function Restart-PASVRMService { + [CmdletBinding(SupportsShouldProcess)] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateSet('Vault', 'DR')] + [string]$serviceName, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serverAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/SetServiceStatus/Restart" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess("$serviceName on $serverAddress", 'Restart Service')) { + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + } + + }#process + + end { }#end + +} diff --git a/psPAS/Functions/VaultRemoteManager/Set-PASVRMServiceConfig.ps1 b/psPAS/Functions/VaultRemoteManager/Set-PASVRMServiceConfig.ps1 new file mode 100644 index 00000000..0aa0423b --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Set-PASVRMServiceConfig.ps1 @@ -0,0 +1,129 @@ +# .ExternalHelp psPAS-help.xml +function Set-PASVRMServiceConfig { + [CmdletBinding(SupportsShouldProcess)] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateScript( { + $allowedKeys = @( + 'AccessVaultForInactivity', + 'ActivateManualFailover', + 'CheckInterval', + 'CheckRetriesCount', + 'CheckRetriesInterval', + 'EnableCheck', + 'EnableDbsync', + 'EnableFailover', + 'EnableReplicate', + 'EnableTrace', + 'FailoverMode', + 'LastDataReplicationTimestamp', + 'NextBinaryLogNumberToStartAt', + 'ReplicateInterval', + 'ReplicateRetriesInterval', + 'DefaultTimeout', + 'DebugLevel', + 'LockTimeout' + ) + $invalidKeys = $_.Keys | Where-Object { $_ -notin $allowedKeys } + if ($invalidKeys) { + throw "Invalid parameter name(s): $($invalidKeys -join ', '). Allowed parameters: $($allowedKeys -join ', ')" + } + $true + })] + [hashtable]$parameters, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateSet('Vault', 'DR')] + [string]$serviceName, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serverAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/SetServiceConfig" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess("$serviceName on $serverAddress", 'Set Service Configuration')) { + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + } + + }#process + + end { }#end + +} diff --git a/psPAS/Functions/VaultRemoteManager/Start-PASVRMService.ps1 b/psPAS/Functions/VaultRemoteManager/Start-PASVRMService.ps1 new file mode 100644 index 00000000..5d8b1f7e --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Start-PASVRMService.ps1 @@ -0,0 +1,95 @@ +# .ExternalHelp psPAS-help.xml +function Start-PASVRMService { + [CmdletBinding(SupportsShouldProcess)] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateSet('Vault', 'DR')] + [string]$serviceName, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serverAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/SetServiceStatus/Start" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess("$serviceName on $serverAddress", 'Start Service')) { + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + } + + }#process + + end { }#end + +} diff --git a/psPAS/Functions/VaultRemoteManager/Stop-PASVRMService.ps1 b/psPAS/Functions/VaultRemoteManager/Stop-PASVRMService.ps1 new file mode 100644 index 00000000..5e147be7 --- /dev/null +++ b/psPAS/Functions/VaultRemoteManager/Stop-PASVRMService.ps1 @@ -0,0 +1,95 @@ +# .ExternalHelp psPAS-help.xml +function Stop-PASVRMService { + [CmdletBinding(SupportsShouldProcess)] + param( + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [string]$BaseURI, + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [ValidateSet('Vault', 'DR')] + [string]$serviceName, + + [parameter( + Mandatory = $true, + ValueFromPipelinebyPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serverAddress, + + [parameter( + Mandatory = $false, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [string]$serviceUserName = 'Administrator', + # Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements + # REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + [parameter( + Mandatory = $true, + ValueFromPipelineByPropertyName = $true + )] + [ValidateNotNullOrEmpty()] + [securestring]$servicePassword + ) + + begin { + Assert-VersionRequirement -SelfHosted + Assert-VersionRequirement -RequiredVersion 15.0 + }#begin + + process { + + #Use the BaseURI from the session (New-PASSession) if not provided + if (-not $PSBoundParameters.ContainsKey('BaseURI')) { + $BaseURI = $psPASSession.BaseURI + } + + #Create URL for request + $URI = "$BaseURI/API/VaultActions/SetServiceStatus/Stop" + + #Get Parameters for request body + $boundParameters = $PSBoundParameters | Get-PASParameter -ParametersToRemove BaseURI + + #deal with Password SecureString + if ($PSBoundParameters.ContainsKey('servicePassword')) { + + #Include decoded password in request + $boundParameters['servicePassword'] = $(ConvertTo-InsecureString -SecureString $servicePassword) + + } + + #Ensure serviceUserName is always included (use default if not provided) + if (-not $PSBoundParameters.ContainsKey('serviceUserName')) { + $boundParameters['serviceUserName'] = $serviceUserName + } + + #Create body of request + $body = $boundParameters | ConvertTo-Json + + if ($PSCmdlet.ShouldProcess("$serviceName on $serverAddress", 'Stop Service')) { + + #send request to web service + $result = Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body + + if ($null -ne $result) { + + #output returned data + $result + + } + + } + + }#process + + end { }#end + +} diff --git a/psPAS/en-US/psPAS-help.xml b/psPAS/en-US/psPAS-help.xml index 1e2a3d79..b4092e0f 100644 --- a/psPAS/en-US/psPAS-help.xml +++ b/psPAS/en-US/psPAS-help.xml @@ -23224,23 +23224,35 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess - Import-PASConnectionComponent - Import - PASConnectionComponent + Get-PASVRMDRSystemHealth + Get + PASVRMDRSystemHealth - Import a new connection component. + Gets the DR system health check including replication status - Allows administrators to import a new connection component, such as those available to download from the CyberArk Marketplace. + This method evaluates the overall system health of the DR environment. - Import-PASConnectionComponent + Get-PASVRMDRSystemHealth + + BaseURI + + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession + + String + + String + + + None + - ImportFile + DRAddress - The zip file that contains the connection component. + The IP address or hostname of the DR Vault server String @@ -23249,35 +23261,49 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - WhatIf + + serviceUserName - Shows what would happen if the cmdlet runs. The cmdlet is not run. + The PARAgent user name. Defaults to Administrator + String - SwitchParameter + String - False + None - - Confirm + + servicePassword - Prompts you for confirmation before running the cmdlet. + The PARAgent password as a SecureString + SecureString - SwitchParameter + SecureString - False + None + + BaseURI + + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession + + String + + String + + + None + - ImportFile + DRAddress - The zip file that contains the connection component. + The IP address or hostname of the DR Vault server String @@ -23286,77 +23312,101 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - WhatIf + + servicePassword - Shows what would happen if the cmdlet runs. The cmdlet is not run. + The PARAgent password as a SecureString - SwitchParameter + SecureString - SwitchParameter + SecureString - False + None - - Confirm + + serviceUserName - Prompts you for confirmation before running the cmdlet. + The PARAgent user name. Defaults to Administrator - SwitchParameter + String - SwitchParameter + String - False + None - - + + + + System.String + + + + + + + + System.Security.SecureString + + + + + + + + + + System.Object + + + + + + - Minimum CyberArk version 10.3 + - -------------------------- EXAMPLE 1 -------------------------- - Import-PASConnectionComponent -ImportFile ConnectionComponent.zip + -------------------------- Example 1 -------------------------- + PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Get-PASVRMDRSystemHealth -DRAddress dr-vault.company.com -servicePassword $password - Imports ConnectionComponent.zip Connection Component + Retrieves the DR system health status including replication information - https://pspas.pspete.dev/commands/Import-PASConnectionComponent - https://pspas.pspete.dev/commands/Import-PASConnectionComponent - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ImportConnComponent.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ImportConnComponent.htm + Online Version: + https://pspas.pspete.dev/commands/Get-PASVRMDRSystemHealth - Import-PASPlatform - Import - PASPlatform + Get-PASVRMServiceConfig + Get + PASVRMServiceConfig - Import a new platform + This method gets the current value for a specific configuration parameter. - Import a new CPM platform. + Gets the current values for all Disaster Recovery (DR) configuration parameters. + Returns Primary Vault configuration values including DefaultTimeout, DebugLevel, LockTimeout, and all DR-specific parameters. - Import-PASPlatform - - ImportFile + Get-PASVRMServiceConfig + + BaseURI - The zip file that contains the platform. + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession. String @@ -23365,57 +23415,10 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - WhatIf - - Shows what would happen if the cmdlet runs. The cmdlet is not run. - - - SwitchParameter - - - False - - - Confirm - - Prompts you for confirmation before running the cmdlet. - - - SwitchParameter - - - False - - - - Import-PASPlatform - - WhatIf - - Shows what would happen if the cmdlet runs. The cmdlet is not run. - - - SwitchParameter - - - False - - - Confirm - - Prompts you for confirmation before running the cmdlet. - - - SwitchParameter - - - False - - - Description + + serviceName - A description value for the platform + The name of the service to manage. Supported services: Vault, DR String @@ -23424,10 +23427,10 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - PlatformId + + serverAddress - Set a PlatformId for the imported platform + The IP or host name of the Primary Vault or DR Vault String @@ -23436,62 +23439,26 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - PlatformName + + serviceUserName - Set a name for the imported platform + The PARAgent user name. Defaults to Administrator String String - None - - - - Import-PASPlatform - - WhatIf - - Shows what would happen if the cmdlet runs. The cmdlet is not run. - - - SwitchParameter - - - False - - - Confirm - - Prompts you for confirmation before running the cmdlet. - - - SwitchParameter - - - False - - - Force - - Specify to force update of an existing platform, replacing it with the imported platform - - - SwitchParameter - - - False + Administrator - - PlatformId + + servicePassword - Set a PlatformId for the imported platform + The PARAgent password as a SecureString - String + SecureString - String + SecureString None @@ -23499,10 +23466,10 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess - - ImportFile + + BaseURI - The zip file that contains the platform. + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession. String @@ -23511,74 +23478,50 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - WhatIf + + serviceName - Shows what would happen if the cmdlet runs. The cmdlet is not run. + The name of the service to manage. Supported services: Vault, DR - SwitchParameter + String - SwitchParameter + String - False + None - - Confirm + + serverAddress - Prompts you for confirmation before running the cmdlet. + The IP or host name of the Primary Vault or DR Vault - SwitchParameter + String - SwitchParameter + String - False + None - - Description + + serviceUserName - A description value for the platform - - String - - String - - - None - - - Force - - Specify to force update of an existing platform, replacing it with the imported platform - - SwitchParameter - - SwitchParameter - - - False - - - PlatformId - - Set a PlatformId for the imported platform + The PARAgent user name. Defaults to Administrator String String - None + Administrator - - PlatformName + + servicePassword - Set a name for the imported platform + The PARAgent password as a SecureString - String + SecureString - String + SecureString None @@ -23588,71 +23531,44 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess - Minimum CyberArk version 10.2 + -------------------------- EXAMPLE 1 -------------------------- - Import-PASPlatform -ImportFile CustomApp.zip - - Imports CustomApp.zip Platform package - - - - -------------------------- EXAMPLE 2 -------------------------- - Import-PASPlatform -PlatformId CustomAppV2 -PlatformName CustomApp-V2 -Description "Platform for Custom App Version 2" - - Imports Platform side by side with existing Platform - - - - -------------------------- EXAMPLE 3 -------------------------- - Import-PASPlatform -PlatformId CustomApp -Force + Get-PASVRMServiceConfig -serviceName DR -serverAddress "192.168.2.51" -servicePassword $SecurePassword - Updates existing Platform with new package + Gets all DR configuration parameters for the service at the specified address - https://pspas.pspete.dev/commands/Import-PASPlatform - https://pspas.pspete.dev/commands/Import-PASPlatform - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ImportPlatform.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ImportPlatform.htm - - - https://docs.cyberark.com/pam-self-hosted/latest/en/content/webservices/updateplatformwithstoredplatform.htm - https://docs.cyberark.com/pam-self-hosted/latest/en/content/webservices/updateplatformwithstoredplatform.htm - - - https://docs.cyberark.com/pam-self-hosted/latest/en/content/webservices/importstoredplatformpatch.htm - https://docs.cyberark.com/pam-self-hosted/latest/en/content/webservices/importstoredplatformpatch.htm + Online Version: + https://pspas.pspete.dev/commands/Get-PASVRMServiceConfig - Import-PASThemeImage - Import - PASThemeImage + Get-PASVRMServiceConfigParameter + Get + PASVRMServiceConfigParameter - Adds an image used by a theme + Gets a specific DR configuration parameter value - Adds an image used by a theme to the system. - Requires Vault Admin Privileges + Retrieves the current value of a specific Disaster Recovery configuration parameter. Use this command to query individual DR configuration settings from the VRM service. Requires authentication with the PARAgent service credentials. - Import-PASThemeImage - - Name + Get-PASVRMServiceConfigParameter + + BaseURI - The name of the image + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession String @@ -23662,9 +23578,9 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - ImageFile + parameterName - The image file to add + The name of the configuration parameter to retrieve String @@ -23673,35 +23589,61 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - WhatIf + + serviceName - Shows what would happen if the cmdlet runs. The cmdlet is not run. + The name of the service to query. Supported services: Vault, DR + String - SwitchParameter + String - False + None - - Confirm + + serverAddress - Prompts you for confirmation before running the cmdlet. + The IP address or hostname of the Primary Vault or DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + String - SwitchParameter + String - False + Administrator + + + servicePassword + + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + SecureString + + SecureString + + + None - - Name + + BaseURI - The name of the image + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession String @@ -23711,9 +23653,9 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - ImageFile + parameterName - The image file to add + The name of the configuration parameter to retrieve String @@ -23722,29 +23664,53 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - WhatIf + + serviceName - Shows what would happen if the cmdlet runs. The cmdlet is not run. + The name of the service to query. Supported services: Vault, DR - SwitchParameter + String - SwitchParameter + String - False + None - - Confirm + + serverAddress - Prompts you for confirmation before running the cmdlet. + The IP address or hostname of the Primary Vault or DR Vault server - SwitchParameter + String - SwitchParameter + String - False + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String + + String + + + Administrator + + + servicePassword + + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + SecureString + + SecureString + + + None @@ -23757,42 +23723,39 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess -------------------------- Example 1 -------------------------- - PS C:\> Import-PASThemeImage -Name SomeImage -ImageFile SomeImageFile.png + PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Get-PASVRMServiceConfigParameter -parameterName 'ReplicationInterval' -serviceName DR -serverAddress dr-vault.company.com -servicePassword $password - Adds SomeImageFile.png to the system for use in a theme + Retrieves the value of the ReplicationInterval configuration parameter from the DR service - https://pspas.pspete.dev/commands/Import-PASThemeImage - https://pspas.pspete.dev/commands/Import-PASThemeImage - - - https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/rest-api-cust-ui-images-add-image.htm - https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/rest-api-cust-ui-images-add-image.htm + Online Version: + https://pspas.pspete.dev/commands/Get-PASVRMServiceConfigParameter - Import-PASTicketingSystem - Import - PASTicketingSystem + Get-PASVRMServiceStatus + Get + PASVRMServiceStatus - Imports a ticketing system into Privilege Cloud. + Gets the operational status of a Vault service - Imports a custom ticketing system that is not supported by default. + This method gets the current operational status of a specified service managed by the Vault Remote Manager. Requires authentication with the PARAgent service credentials. - Import-PASTicketingSystem - - ImportFile + Get-PASVRMServiceStatus + + BaseURI - A zip file that contains .dll and .xml files to configure the custom ticketing system. + The URL of the PVWA server, like https://example.com/PasswordVault If not specified, uses the BaseURI from New-PASSession String @@ -23801,35 +23764,61 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - WhatIf + + serviceName - Shows what would happen if the cmdlet runs. The cmdlet is not run. + The name of the service to check status for. Supported services: Vault, DR + String - SwitchParameter + String - False + None - - Confirm + + serverAddress - Prompts you for confirmation before running the cmdlet. + The IP address or hostname of the Primary Vault or DR Vault server + String - SwitchParameter + String - False + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String + + String + + + Administrator + + + servicePassword + + The password of the PARAgent user as a secure string + + SecureString + + SecureString + + + None - - ImportFile + + BaseURI - A zip file that contains .dll and .xml files to configure the custom ticketing system. + The URL of the PVWA server, like https://example.com/PasswordVault If not specified, uses the BaseURI from New-PASSession String @@ -23838,80 +23827,98 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - WhatIf + + serviceName - Shows what would happen if the cmdlet runs. The cmdlet is not run. + The name of the service to check status for. Supported services: Vault, DR - SwitchParameter + String - SwitchParameter + String - False + None - - Confirm + + serverAddress - Prompts you for confirmation before running the cmdlet. + The IP address or hostname of the Primary Vault or DR Vault server - SwitchParameter + String - SwitchParameter + String - False + None - - - - - - - - + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String + + String + + + Administrator + + + servicePassword + + The password of the PARAgent user as a secure string + + SecureString + + SecureString + + + None + + + + + + + + + -------------------------- Example 1 -------------------------- - PS C:\> Import-PASTicketingSystem -ImportFile C:\CustomTicketingSystem.zip + PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Get-PASVRMServiceStatus -serviceName Vault -serverAddress vault.company.com -servicePassword $password - Imports the custom ticketing system defined in the CustomTicketingSystem.zip package + Gets the operational status of the Vault service on the specified server - https://pspas.pspete.dev/commands/Import-PASTicketingSystem - https://pspas.pspete.dev/commands/Import-PASTicketingSystem - - - https://docs.cyberark.com/privilege-cloud-shared-services/latest/en/content/privilegecloudapis/privcloud-ticketing-systems-custom-import.htm - https://docs.cyberark.com/privilege-cloud-shared-services/latest/en/content/privilegecloudapis/privcloud-ticketing-systems-custom-import.htm + Online Version: + https://pspas.pspete.dev/commands/Get-PASVRMServiceStatus - Invoke-PASCPMOperation - Invoke - PASCPMOperation + Import-PASConnectionComponent + Import + PASConnectionComponent - Marks accounts for CPM Verify, Change or Reconcile operations + Import a new connection component. - Accounts Can be flagged for immediate verification, change or reconcile. - CPM Change Options: - Flags a managed account credentials for an immediate CPM password change. - The "Initiate CPM password management operations" permission is required. - Sets a password to use for an account's next CPM change. - The "Initiate CPM password management operations" & "Specify next password value" permission is required. - Updates the account's password only in the Vault (without affecting the credentials on the target device). - The "Update password value" permission is required. - Verify & Reconcile both require "Initiate CPM password management operations" - Gen 1 Verify is not supported in Privilege Cloud + Allows administrators to import a new connection component, such as those available to download from the CyberArk Marketplace. - Invoke-PASCPMOperation - - AccountID + Import-PASConnectionComponent + + ImportFile - The unique ID of the account. + The zip file that contains the connection component. String @@ -23920,17 +23927,6 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - VerifyTask - - Initiates a verify task - - - SwitchParameter - - - False - WhatIf @@ -23954,12 +23950,91 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess False + + + + ImportFile + + The zip file that contains the connection component. + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + Minimum CyberArk version 10.3 + + + + + -------------------------- EXAMPLE 1 -------------------------- + Import-PASConnectionComponent -ImportFile ConnectionComponent.zip + + Imports ConnectionComponent.zip Connection Component + + + + + + https://pspas.pspete.dev/commands/Import-PASConnectionComponent + https://pspas.pspete.dev/commands/Import-PASConnectionComponent + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ImportConnComponent.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ImportConnComponent.htm + + + + + + Import-PASPlatform + Import + PASPlatform + + Import a new platform + + + + Import a new CPM platform. + + - Invoke-PASCPMOperation - - AccountID + Import-PASPlatform + + ImportFile - The unique ID of the account. + The zip file that contains the platform. String @@ -23968,17 +24043,6 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - VerifyTask - - Initiates a verify task - - - SwitchParameter - - - False - WhatIf @@ -24001,12 +24065,13 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess False - - UseGen1API + + + Import-PASPlatform + + WhatIf - Specify to force verification via Gen1 API. - Should be specified for versions earlier than 10.1 - Gen 1 Verify is not supported in Privilege Cloud + Shows what would happen if the cmdlet runs. The cmdlet is not run. SwitchParameter @@ -24014,38 +24079,33 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess False - - - Invoke-PASCPMOperation - - AccountID + + Confirm - The unique ID of the account. + Prompts you for confirmation before running the cmdlet. - String - String + SwitchParameter - None + False - - ChangeTask + + Description - Initiates a change task + A description value for the platform + String - SwitchParameter + String - False + None - - ImmediateChangeByCPM + + PlatformId - Yes/No value, dictating if the account will be scheduled for immediate change. - Specify Yes to initiate a password change by CPM - Relevant for Gen1 API only. - Deprecated from version 13.2 + Set a PlatformId for the imported platform String @@ -24054,13 +24114,10 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None - - ChangeCredsForGroup + + PlatformName - Yes/No value, dictating if all accounts that belong to the same group should have their passwords changed. - This is only relevant for accounts that belong to an account group. - Parameter will be ignored if account does not belong to a group. - Relevant for Gen1 API only. + Set a name for the imported platform String @@ -24069,6 +24126,9 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess None + + + Import-PASPlatform WhatIf @@ -24091,25 +24151,10 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess False - - - Invoke-PASCPMOperation - - AccountID - - The unique ID of the account. - - String - - String - - - None - - ChangeTask + Force - Initiates a change task + Specify to force update of an existing platform, replacing it with the imported platform SwitchParameter @@ -24117,21 +24162,654 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess False - - ChangeEntireGroup + + PlatformId - Boolean value, dictating if all accounts that belong to the same group should have their passwords changed. - This is only relevant for accounts that belong to an account group. - Parameter will be ignored if account does not belong to a group. - Applicable to immediate change via CPM, and password change in the vault only. - Minimum required version 10.1 + Set a PlatformId for the imported platform - Boolean + String - Boolean + String - False + None + + + + + + ImportFile + + The zip file that contains the platform. + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + Description + + A description value for the platform + + String + + String + + + None + + + Force + + Specify to force update of an existing platform, replacing it with the imported platform + + SwitchParameter + + SwitchParameter + + + False + + + PlatformId + + Set a PlatformId for the imported platform + + String + + String + + + None + + + PlatformName + + Set a name for the imported platform + + String + + String + + + None + + + + + + + Minimum CyberArk version 10.2 + + + + + -------------------------- EXAMPLE 1 -------------------------- + Import-PASPlatform -ImportFile CustomApp.zip + + Imports CustomApp.zip Platform package + + + + -------------------------- EXAMPLE 2 -------------------------- + Import-PASPlatform -PlatformId CustomAppV2 -PlatformName CustomApp-V2 -Description "Platform for Custom App Version 2" + + Imports Platform side by side with existing Platform + + + + -------------------------- EXAMPLE 3 -------------------------- + Import-PASPlatform -PlatformId CustomApp -Force + + Updates existing Platform with new package + + + + + + https://pspas.pspete.dev/commands/Import-PASPlatform + https://pspas.pspete.dev/commands/Import-PASPlatform + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ImportPlatform.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ImportPlatform.htm + + + https://docs.cyberark.com/pam-self-hosted/latest/en/content/webservices/updateplatformwithstoredplatform.htm + https://docs.cyberark.com/pam-self-hosted/latest/en/content/webservices/updateplatformwithstoredplatform.htm + + + https://docs.cyberark.com/pam-self-hosted/latest/en/content/webservices/importstoredplatformpatch.htm + https://docs.cyberark.com/pam-self-hosted/latest/en/content/webservices/importstoredplatformpatch.htm + + + + + + Import-PASThemeImage + Import + PASThemeImage + + Adds an image used by a theme + + + + Adds an image used by a theme to the system. + Requires Vault Admin Privileges + + + + Import-PASThemeImage + + Name + + The name of the image + + String + + String + + + None + + + ImageFile + + The image file to add + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + Name + + The name of the image + + String + + String + + + None + + + ImageFile + + The image file to add + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + PS C:\> Import-PASThemeImage -Name SomeImage -ImageFile SomeImageFile.png + + Adds SomeImageFile.png to the system for use in a theme + + + + + + https://pspas.pspete.dev/commands/Import-PASThemeImage + https://pspas.pspete.dev/commands/Import-PASThemeImage + + + https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/rest-api-cust-ui-images-add-image.htm + https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/rest-api-cust-ui-images-add-image.htm + + + + + + Import-PASTicketingSystem + Import + PASTicketingSystem + + Imports a ticketing system into Privilege Cloud. + + + + Imports a custom ticketing system that is not supported by default. + + + + Import-PASTicketingSystem + + ImportFile + + A zip file that contains .dll and .xml files to configure the custom ticketing system. + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + ImportFile + + A zip file that contains .dll and .xml files to configure the custom ticketing system. + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + PS C:\> Import-PASTicketingSystem -ImportFile C:\CustomTicketingSystem.zip + + Imports the custom ticketing system defined in the CustomTicketingSystem.zip package + + + + + + https://pspas.pspete.dev/commands/Import-PASTicketingSystem + https://pspas.pspete.dev/commands/Import-PASTicketingSystem + + + https://docs.cyberark.com/privilege-cloud-shared-services/latest/en/content/privilegecloudapis/privcloud-ticketing-systems-custom-import.htm + https://docs.cyberark.com/privilege-cloud-shared-services/latest/en/content/privilegecloudapis/privcloud-ticketing-systems-custom-import.htm + + + + + + Invoke-PASCPMOperation + Invoke + PASCPMOperation + + Marks accounts for CPM Verify, Change or Reconcile operations + + + + Accounts Can be flagged for immediate verification, change or reconcile. + CPM Change Options: - Flags a managed account credentials for an immediate CPM password change. - The "Initiate CPM password management operations" permission is required. - Sets a password to use for an account's next CPM change. - The "Initiate CPM password management operations" & "Specify next password value" permission is required. - Updates the account's password only in the Vault (without affecting the credentials on the target device). - The "Update password value" permission is required. + Verify & Reconcile both require "Initiate CPM password management operations" + Gen 1 Verify is not supported in Privilege Cloud + + + + Invoke-PASCPMOperation + + AccountID + + The unique ID of the account. + + String + + String + + + None + + + VerifyTask + + Initiates a verify task + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + Invoke-PASCPMOperation + + AccountID + + The unique ID of the account. + + String + + String + + + None + + + VerifyTask + + Initiates a verify task + + + SwitchParameter + + + False + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + UseGen1API + + Specify to force verification via Gen1 API. + Should be specified for versions earlier than 10.1 + Gen 1 Verify is not supported in Privilege Cloud + + + SwitchParameter + + + False + + + + Invoke-PASCPMOperation + + AccountID + + The unique ID of the account. + + String + + String + + + None + + + ChangeTask + + Initiates a change task + + + SwitchParameter + + + False + + + ImmediateChangeByCPM + + Yes/No value, dictating if the account will be scheduled for immediate change. + Specify Yes to initiate a password change by CPM - Relevant for Gen1 API only. + Deprecated from version 13.2 + + String + + String + + + None + + + ChangeCredsForGroup + + Yes/No value, dictating if all accounts that belong to the same group should have their passwords changed. + This is only relevant for accounts that belong to an account group. + Parameter will be ignored if account does not belong to a group. + Relevant for Gen1 API only. + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + Invoke-PASCPMOperation + + AccountID + + The unique ID of the account. + + String + + String + + + None + + + ChangeTask + + Initiates a change task + + + SwitchParameter + + + False + + + ChangeEntireGroup + + Boolean value, dictating if all accounts that belong to the same group should have their passwords changed. + This is only relevant for accounts that belong to an account group. + Parameter will be ignored if account does not belong to a group. + Applicable to immediate change via CPM, and password change in the vault only. + Minimum required version 10.1 + + Boolean + + Boolean + + + False WhatIf @@ -24427,58 +25105,319 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess NewCredentials - Secure String value of the new account password that will be allocated to the account in the Vault. - Only relevant when specifying a password value for the next CPM change, or updating the password only in the vault. - Minimum required version 10.1 + Secure String value of the new account password that will be allocated to the account in the Vault. + Only relevant when specifying a password value for the next CPM change, or updating the password only in the vault. + Minimum required version 10.1 + + SecureString + + SecureString + + + None + + + ChangeEntireGroup + + Boolean value, dictating if all accounts that belong to the same group should have their passwords changed. + This is only relevant for accounts that belong to an account group. + Parameter will be ignored if account does not belong to a group. + Applicable to immediate change via CPM, and password change in the vault only. + Minimum required version 10.1 + + Boolean + + Boolean + + + False + + + ImmediateChangeByCPM + + Yes/No value, dictating if the account will be scheduled for immediate change. + Specify Yes to initiate a password change by CPM - Relevant for Gen1 API only. + Deprecated from version 13.2 + + String + + String + + + None + + + ChangeCredsForGroup + + Yes/No value, dictating if all accounts that belong to the same group should have their passwords changed. + This is only relevant for accounts that belong to an account group. + Parameter will be ignored if account does not belong to a group. + Relevant for Gen1 API only. + + String + + String + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + UseGen1API + + Specify to force verification via Gen1 API. + Should be specified for versions earlier than 10.1 + Gen 1 Verify is not supported in Privilege Cloud + + SwitchParameter + + SwitchParameter + + + False + + + + + + + + + + + + -------------------------- EXAMPLE 1 -------------------------- + Invoke-PASCPMOperation -AccountID $ID -VerifyTask + + Marks an account for verification + + + + -------------------------- EXAMPLE 2 -------------------------- + Invoke-PASCPMOperation -AccountID $ID -VerifyTask -UseGen1API + + Marks an account for verification using the Gen1 API + + + + -------------------------- EXAMPLE 3 -------------------------- + Invoke-PASCPMOperation -AccountID $ID -ChangeTask -ImmediateChangeByCPM Yes + + Marks an account for immediate change using the Gen1 API + Deprecated from version 13.2 + + + + -------------------------- EXAMPLE 4 -------------------------- + Invoke-PASCPMOperation -AccountID $ID -ChangeTask + + Marks an account for immediate change + + + + -------------------------- EXAMPLE 5 -------------------------- + Invoke-PASCPMOperation -AccountID $ID -ChangeTask -ChangeImmediately $true -NewCredentials $SecureString + + Marks an account for immediate change to the specified password value + + + + -------------------------- EXAMPLE 6 -------------------------- + Invoke-PASCPMOperation -AccountID $ID -ChangeTask -NewCredentials $SecureString + + Changes the password for the account in the Vault + + + + -------------------------- EXAMPLE 7 -------------------------- + Invoke-PASCPMOperation -AccountID $ID -ReconcileTask + + Marks an account for immediate reconcile + + + + + + https://pspas.pspete.dev/commands/Invoke-PASCPMOperation + https://pspas.pspete.dev/commands/Invoke-PASCPMOperation + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Verify-credentials-v9-10.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Verify-credentials-v9-10.htm + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Change-credentials-immediately.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Change-credentials-immediately.htm + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/SetNextPassword.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/SetNextPassword.htm + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ChangeCredentialsInVault.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ChangeCredentialsInVault.htm + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Reconcile-account.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Reconcile-account.htm + + + + + + Invoke-PASVRMFailover + Invoke + PASVRMFailover + + Initiates DR failover to the DR site + + + + Initiates a disaster recovery failover operation to switch operations to the DR site. This is a critical operation that should only be performed during an actual disaster recovery scenario or planned failover test. Requires authentication with the PARAgent service credentials and supports WhatIf for testing. + + + + Invoke-PASVRMFailover + + BaseURI + + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession + + String + + String + + + None + + + DRAddress + + The IP address or hostname of the DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String + + String + + + Administrator + + + servicePassword + + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + SecureString + + SecureString + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + BaseURI + + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession - SecureString + String - SecureString + String None - - ChangeEntireGroup + + DRAddress - Boolean value, dictating if all accounts that belong to the same group should have their passwords changed. - This is only relevant for accounts that belong to an account group. - Parameter will be ignored if account does not belong to a group. - Applicable to immediate change via CPM, and password change in the vault only. - Minimum required version 10.1 + The IP address or hostname of the DR Vault server - Boolean + String - Boolean + String - False + None - - ImmediateChangeByCPM + + serviceUserName - Yes/No value, dictating if the account will be scheduled for immediate change. - Specify Yes to initiate a password change by CPM - Relevant for Gen1 API only. - Deprecated from version 13.2 + The PARAgent user name. Defaults to Administrator String String - None + Administrator - - ChangeCredsForGroup + + servicePassword - Yes/No value, dictating if all accounts that belong to the same group should have their passwords changed. - This is only relevant for accounts that belong to an account group. - Parameter will be ignored if account does not belong to a group. - Relevant for Gen1 API only. + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. - String + SecureString - String + SecureString None @@ -24507,20 +25446,6 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess False - - UseGen1API - - Specify to force verification via Gen1 API. - Should be specified for versions earlier than 10.1 - Gen 1 Verify is not supported in Privilege Cloud - - SwitchParameter - - SwitchParameter - - - False - @@ -24531,80 +25456,18 @@ Invoke-RestMethod -Method GET -Uri "$session.BaseURI/SomePath" -WebSession $sess - -------------------------- EXAMPLE 1 -------------------------- - Invoke-PASCPMOperation -AccountID $ID -VerifyTask - - Marks an account for verification - - - - -------------------------- EXAMPLE 2 -------------------------- - Invoke-PASCPMOperation -AccountID $ID -VerifyTask -UseGen1API - - Marks an account for verification using the Gen1 API - - - - -------------------------- EXAMPLE 3 -------------------------- - Invoke-PASCPMOperation -AccountID $ID -ChangeTask -ImmediateChangeByCPM Yes - - Marks an account for immediate change using the Gen1 API - Deprecated from version 13.2 - - - - -------------------------- EXAMPLE 4 -------------------------- - Invoke-PASCPMOperation -AccountID $ID -ChangeTask - - Marks an account for immediate change - - - - -------------------------- EXAMPLE 5 -------------------------- - Invoke-PASCPMOperation -AccountID $ID -ChangeTask -ChangeImmediately $true -NewCredentials $SecureString - - Marks an account for immediate change to the specified password value - - - - -------------------------- EXAMPLE 6 -------------------------- - Invoke-PASCPMOperation -AccountID $ID -ChangeTask -NewCredentials $SecureString - - Changes the password for the account in the Vault - - - - -------------------------- EXAMPLE 7 -------------------------- - Invoke-PASCPMOperation -AccountID $ID -ReconcileTask + -------------------------- Example 1 -------------------------- + PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Invoke-PASVRMFailover -DRAddress dr-vault.company.com -servicePassword $password -Confirm:$false - Marks an account for immediate reconcile + Initiates a failover to the DR Vault at the specified address - https://pspas.pspete.dev/commands/Invoke-PASCPMOperation - https://pspas.pspete.dev/commands/Invoke-PASCPMOperation - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Verify-credentials-v9-10.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Verify-credentials-v9-10.htm - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Change-credentials-immediately.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Change-credentials-immediately.htm - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/SetNextPassword.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/SetNextPassword.htm - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ChangeCredentialsInVault.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/ChangeCredentialsInVault.htm - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Reconcile-account.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Reconcile-account.htm + Online Version: + https://pspas.pspete.dev/commands/Invoke-PASVRMFailover @@ -40480,20 +41343,241 @@ Publish-PASDiscoveredAccount -id 66_6 -PlatformID WinDomain -safeName SomeSafe - -------------------------- Example 1 -------------------------- - PS C:\> Reset-PASTheme + PS C:\> Reset-PASTheme + + Reverts the UI to the default theme + + + + + + https://pspas.pspete.dev/commands/Reset-PASTheme + https://pspas.pspete.dev/commands/Reset-PASTheme + + + https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/rest-api-cust-ui-themes-deactivate.htm + https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/rest-api-cust-ui-themes-deactivate.htm + + + + + + Restart-PASVRMService + Restart + PASVRMService + + Restarts a Vault or DR service + + + + Restarts a specified VRM service (Vault or DR) on the target server. Use this command to apply configuration changes or recover from service issues. Requires authentication with the PARAgent service credentials and supports WhatIf for testing. + + + + Restart-PASVRMService + + BaseURI + + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession + + String + + String + + + None + + + serviceName + + The name of the service to restart. Supported services: Vault, DR + + String + + String + + + None + + + serverAddress + + The IP address or hostname of the Primary Vault or DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String + + String + + + Administrator + + + servicePassword + + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + SecureString + + SecureString + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + BaseURI + + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession + + String + + String + + + None + + + serviceName + + The name of the service to restart. Supported services: Vault, DR + + String + + String + + + None + + + serverAddress + + The IP address or hostname of the Primary Vault or DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String + + String + + + Administrator + + + servicePassword + + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + SecureString + + SecureString + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + WhatIf + + Position: Named Default value: None Accept pipeline input: False Accept wildcard characters: False ``` + + + + + + + None + + + + + + + + + + + + -------------------------- Example 1 -------------------------- + PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Restart-PASVRMService -serviceName DR -serverAddress dr-vault.company.com -servicePassword $password - Reverts the UI to the default theme + Restarts the DR service on the specified server - https://pspas.pspete.dev/commands/Reset-PASTheme - https://pspas.pspete.dev/commands/Reset-PASTheme - - - https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/rest-api-cust-ui-themes-deactivate.htm - https://docs.cyberark.com/pam-self-hosted/latest/en/content/sdk/rest-api-cust-ui-themes-deactivate.htm + Online Version: + https://pspas.pspete.dev/commands/Restart-PASVRMService @@ -50413,31 +51497,213 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector Minimum required version 11.1 - String[] + String[] + + String[] + + + None + + + ExpiryDate + + Expiry Date to set on account. + Default is Never + + DateTime + + DateTime + + + None + + + UserTypeName + + The Type of User to create. + EPVUser type will be created by default. + + String + + String + + + None + + + Disabled + + Whether or not the user will be created as a disabled user + Default is Enabled + + Boolean + + Boolean + + + False + + + Location + + The Vault Location where the user will be created + Default location is "Root" + + String + + String + + + None + + + workStreet + + Business Address detail for the user + Minimum required version 11.1 + + String + + String + + + None + + + workCity + + Business Address detail for the user + Minimum required version 11.1 + + String + + String + + + None + + + workState + + Business Address detail for the user + Minimum required version 11.1 + + String + + String + + + None + + + workZip + + Business Address detail for the user + Minimum required version 11.1 + + String + + String + + + None + + + workCountry + + Business Address detail for the user + Minimum required version 11.1 + + String + + String + + + None + + + homePage + + The user's email address + Minimum required version 11.1 + + String + + String + + + None + + + homeEmail + + The user's email address + Minimum required version 11.1 + + String + + String + + + None + + + businessEmail + + The user's email address + Minimum required version 11.1 + + String + + String + + + None + + + otherEmail + + The user's email address + Minimum required version 11.1 + + String + + String + + + None + + + homeNumber + + The user's phone number + Minimum required version 11.1 + + String - String[] + String None - - ExpiryDate + + businessNumber - Expiry Date to set on account. - Default is Never + The user's phone number + Minimum required version 11.1 - DateTime + String - DateTime + String None - UserTypeName + cellularNumber - The Type of User to create. - EPVUser type will be created by default. + The user's phone number + Minimum required version 11.1 String @@ -50447,23 +51713,23 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - Disabled + faxNumber - Whether or not the user will be created as a disabled user - Default is Enabled + The user's phone number + Minimum required version 11.1 - Boolean + String - Boolean + String - False + None - Location + pagerNumber - The Vault Location where the user will be created - Default location is "Root" + The user's phone number + Minimum required version 11.1 String @@ -50473,9 +51739,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - workStreet + description - Business Address detail for the user + Description Text Minimum required version 11.1 String @@ -50486,10 +51752,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - workCity + FirstName - Business Address detail for the user - Minimum required version 11.1 + The user's first name String @@ -50499,9 +51764,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - workState + MiddleName - Business Address detail for the user + The User's Middle Name Minimum required version 11.1 String @@ -50512,10 +51777,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - workZip + LastName - Business Address detail for the user - Minimum required version 11.1 + The user's last name String @@ -50525,9 +51789,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - workCountry + street - Business Address detail for the user + Address detail for the user Minimum required version 11.1 String @@ -50538,9 +51802,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - homePage + city - The user's email address + Address detail for the user Minimum required version 11.1 String @@ -50551,9 +51815,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - homeEmail + state - The user's email address + Address detail for the user Minimum required version 11.1 String @@ -50564,9 +51828,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - businessEmail + zip - The user's email address + Address detail for the user Minimum required version 11.1 String @@ -50577,9 +51841,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - otherEmail + country - The user's email address + Address detail for the user Minimum required version 11.1 String @@ -50590,9 +51854,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - homeNumber + title - The user's phone number + Personal detail for the user Minimum required version 11.1 String @@ -50603,9 +51867,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - businessNumber + organization - The user's phone number + Personal detail for the user Minimum required version 11.1 String @@ -50616,9 +51880,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - cellularNumber + department - The user's phone number + Personal detail for the user Minimum required version 11.1 String @@ -50629,9 +51893,9 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - faxNumber + profession - The user's phone number + Personal detail for the user Minimum required version 11.1 String @@ -50641,113 +51905,420 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + SwitchParameter + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + SwitchParameter + + SwitchParameter + + + False + + + UseGen1API + + Specify to force usage the Gen1 API endpoint. + Should be specified for versions earlier than 11.1 + + SwitchParameter + + SwitchParameter + + + False + - pagerNumber + loginFromHour - The user's phone number - Minimum required version 11.1 + The start of the timeframe the user account is permitted to authenticate. + Provide an hour of the day in 24-hour format (0-23) + Minimum required version 13.2 - String + Int32 - String + Int32 None - description + loginToHour - Description Text - Minimum required version 11.1 + The end of the timeframe the user account is permitted to authenticate. + Provide an hour of the day in 24-hour format (0-23) + Minimum required version 13.2 - String + Int32 - String + Int32 None - FirstName + userActivityLogRetentionDays - The user's first name + The number of days that a user's account activity records are stored before being deleted. These activity records includes logon, logoff, and user management. + If this parameter is set to zero, user activities in the Vault will not be written in the audit log. + Default value: 90 days + Minimum required version 13.2 - String + Int32 - String + Int32 None - MiddleName + allowedAuthenticationMethods - The User's Middle Name - Minimum required version 11.1 + All the non-Vault authentication methods (specified by ID) that the user can use to log on. + Minimum required version 14.4 - String + String[] - String + String[] None - - LastName + + + + + + + + + + + -------------------------- EXAMPLE 1 -------------------------- + Set-PASUser -id 41 -username Bill -ExpiryDate (get-date).AddDays(5) + + Sets ExpiryDate on Bill's vault user + + + + -------------------------- EXAMPLE 2 -------------------------- + Set-PASUser -id 41 -username Bill -unAuthorizedInterfaces PACLI,GUI + + Sets unAuthorizedInterfaces on Bill's vault user + + + + -------------------------- EXAMPLE 3 -------------------------- + Set-PASUser -id 41 -username Bill -pagerNumber "" + + Clears the pagerNumber property on Bill's vault user + + + + -------------------------- EXAMPLE 4 -------------------------- + Set-PASUser -id 41 -username Bill -unAuthorizedInterfaces @() + + Clears the unAuthorizedInterfaces property on Bill's vault user + + + + -------------------------- EXAMPLE 5 -------------------------- + Set-PASUser -UserName Bill -Disabled $true + + Disables vault user Bill + + + + -------------------------- EXAMPLE 6 -------------------------- + Set-PASUser -id 41 -username Bill -ExpiryDate (get-date 1/1/1970) + + Clear ExpiryDate on Bill's vault user + + + + + + https://pspas.pspete.dev/commands/Set-PASUser + https://pspas.pspete.dev/commands/Set-PASUser + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Users%20Web%20Services%20-%20Update%20User.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Users%20Web%20Services%20-%20Update%20User.htm + + + + + + Set-PASUserPassword + Set + PASUserPassword + + Updates a vault user + + + + Updates an existing user in the vault + + + + Set-PASUserPassword + + id + + The name of the user to update in the vault + + Int32 + + Int32 + + + 0 + + + NewPassword + + The password to set on the account. + Must meet the password complexity requirements + + SecureString + + SecureString + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + id - The user's last name + The name of the user to update in the vault - String + Int32 - String + Int32 - None + 0 - - street + + NewPassword - Address detail for the user - Minimum required version 11.1 + The password to set on the account. + Must meet the password complexity requirements - String + SecureString - String + SecureString None - - city + + WhatIf - Address detail for the user - Minimum required version 11.1 + Shows what would happen if the cmdlet runs. The cmdlet is not run. - String + SwitchParameter - String + SwitchParameter - None + False - - state + + Confirm - Address detail for the user - Minimum required version 11.1 + Prompts you for confirmation before running the cmdlet. - String + SwitchParameter - String + SwitchParameter - None + False - - zip + + + + + + + + + + + -------------------------- EXAMPLE 1 -------------------------- + Set-PASUserPassword -id 123 -NewPassword $SecureString + + Resets password on account with id 123 + + + + + + https://pspas.pspete.dev/commands/Set-PASUserPassword + https://pspas.pspete.dev/commands/Set-PASUserPassword + + + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/SDK/reset-user-password.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/SDK/reset-user-password.htm + + + + + + Set-PASVRMServiceConfig + Set + PASVRMServiceConfig + + Sets one or multiple DR configuration parameters + + + + Sets one or more Disaster Recovery configuration parameters on the VRM service. Use this command to configure DR replication settings and other operational parameters. Requires authentication with the PARAgent service credentials and supports WhatIf for testing. + + + + Set-PASVRMServiceConfig + + BaseURI + + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession + + String + + String + + + None + + + parameters + + A hashtable of configuration parameters to set. Keys are parameter names, values are the desired settings + + Hashtable + + Hashtable + + + None + + + serviceName + + The name of the service to configure. Supported services: Vault, DR + + String + + String + + + None + + + serverAddress + + The IP address or hostname of the Primary Vault or DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String + + String + + + Administrator + + + servicePassword + + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. + + SecureString + + SecureString + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + BaseURI - Address detail for the user - Minimum required version 11.1 + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession String @@ -50756,24 +52327,22 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - - country + + parameters - Address detail for the user - Minimum required version 11.1 + A hashtable of configuration parameters to set. Keys are parameter names, values are the desired settings - String + Hashtable - String + Hashtable None - - title + + serviceName - Personal detail for the user - Minimum required version 11.1 + The name of the service to configure. Supported services: Vault, DR String @@ -50782,11 +52351,10 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - - organization + + serverAddress - Personal detail for the user - Minimum required version 11.1 + The IP address or hostname of the Primary Vault or DR Vault server String @@ -50795,28 +52363,26 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - - department + + serviceUserName - Personal detail for the user - Minimum required version 11.1 + The PARAgent user name. Defaults to Administrator String String - None + Administrator - - profession - - Personal detail for the user - Minimum required version 11.1 + + servicePassword + + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. - String + SecureString - String + SecureString None @@ -50845,74 +52411,145 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector False - - UseGen1API - - Specify to force usage the Gen1 API endpoint. - Should be specified for versions earlier than 11.1 - - SwitchParameter - - SwitchParameter - - - False - - - loginFromHour + + + + + + + + + + + -------------------------- Example 1 -------------------------- + PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> $params = @{ 'ReplicationInterval' = '300'; 'MaxRetries' = '5' } +PS C:\> Set-PASVRMServiceConfig -parameters $params -serviceName DR -serverAddress dr-vault.company.com -servicePassword $password + + Sets multiple DR configuration parameters on the specified server + + + + + + Online Version: + https://pspas.pspete.dev/commands/Set-PASVRMServiceConfig + + + + + + Start-PASAccountImportJob + Start + PASAccountImportJob + + Add multiple accounts to existing Safes. + + + + Sends a list of accounts to be added to existing safes. + Must be authenticated with a user who has Add accounts, Update account content, and Update account properties authorization in at least one Safe. + Returns bulk account upload id or status. + + + + Start-PASAccountImportJob + + source + + Free text that describes the source of the bulk account upload. + + String + + String + + + None + + + accountsList + + List of account objects. Each account object contains the parameters for that account. New-PASAccountObject creates Account Objects with the expected properties. + + Object[] + + Object[] + + + None + + + WhatIf + + Shows what would happen if the cmdlet runs. The cmdlet is not run. + + + SwitchParameter + + + False + + + Confirm + + Prompts you for confirmation before running the cmdlet. + + + SwitchParameter + + + False + + + + + + source - The start of the timeframe the user account is permitted to authenticate. - Provide an hour of the day in 24-hour format (0-23) - Minimum required version 13.2 + Free text that describes the source of the bulk account upload. - Int32 + String - Int32 + String None - - loginToHour + + accountsList - The end of the timeframe the user account is permitted to authenticate. - Provide an hour of the day in 24-hour format (0-23) - Minimum required version 13.2 + List of account objects. Each account object contains the parameters for that account. New-PASAccountObject creates Account Objects with the expected properties. - Int32 + Object[] - Int32 + Object[] None - - userActivityLogRetentionDays + + WhatIf - The number of days that a user's account activity records are stored before being deleted. These activity records includes logon, logoff, and user management. - If this parameter is set to zero, user activities in the Vault will not be written in the audit log. - Default value: 90 days - Minimum required version 13.2 + Shows what would happen if the cmdlet runs. The cmdlet is not run. - Int32 + SwitchParameter - Int32 + SwitchParameter - None + False - - allowedAuthenticationMethods + + Confirm - All the non-Vault authentication methods (specified by ID) that the user can use to log on. - Minimum required version 14.4 + Prompts you for confirmation before running the cmdlet. - String[] + SwitchParameter - String[] + SwitchParameter - None + False @@ -50925,90 +52562,98 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector -------------------------- EXAMPLE 1 -------------------------- - Set-PASUser -id 41 -username Bill -ExpiryDate (get-date).AddDays(5) - - Sets ExpiryDate on Bill's vault user - - - - -------------------------- EXAMPLE 2 -------------------------- - Set-PASUser -id 41 -username Bill -unAuthorizedInterfaces PACLI,GUI - - Sets unAuthorizedInterfaces on Bill's vault user - - - - -------------------------- EXAMPLE 3 -------------------------- - Set-PASUser -id 41 -username Bill -pagerNumber "" - - Clears the pagerNumber property on Bill's vault user - - - - -------------------------- EXAMPLE 4 -------------------------- - Set-PASUser -id 41 -username Bill -unAuthorizedInterfaces @() - - Clears the unAuthorizedInterfaces property on Bill's vault user - - - - -------------------------- EXAMPLE 5 -------------------------- - Set-PASUser -UserName Bill -Disabled $true - - Disables vault user Bill - - - - -------------------------- EXAMPLE 6 -------------------------- - Set-PASUser -id 41 -username Bill -ExpiryDate (get-date 1/1/1970) + $Accounts = @( + +New-PASAccountObject -uploadIndex 1 -userName SomeAccount1 -address domain.com -platformID WinDomain -SafeName SomeSafe + New-PASAccountObject -uploadIndex 2 -userName SomeAccount2 -address domain.com -platformID WinDomain -SafeName SomeSafe + New-PASAccountObject -uploadIndex 3 -userName SomeAccount3 -address domain.com -platformID WinDomain -SafeName SomeSafe + New-PASAccountObject -uploadIndex 4 -userName SomeAccount4 -address domain.com -platformID WinDomain -SafeName SomeSafe +) + +Start-PASAccountImportJob -source "SomeSource" -accountsList $Accounts - Clear ExpiryDate on Bill's vault user + Create & send list of accounts to be added as a bulk operation. - https://pspas.pspete.dev/commands/Set-PASUser - https://pspas.pspete.dev/commands/Set-PASUser + https://pspas.pspete.dev/commands/Start-PASAccountImportJob + https://pspas.pspete.dev/commands/Start-PASAccountImportJob - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Users%20Web%20Services%20-%20Update%20User.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Users%20Web%20Services%20-%20Update%20User.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Create-bulk-upload-of-accounts-v10.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Create-bulk-upload-of-accounts-v10.htm - Set-PASUserPassword - Set - PASUserPassword + Start-PASVRMService + Start + PASVRMService - Updates a vault user + Starts a Vault or DR service - Updates an existing user in the vault + Starts a specified VRM service (Vault or DR) on the target server. Use this command to bring services online after maintenance or troubleshooting. Requires authentication with the PARAgent service credentials and supports WhatIf for testing. - Set-PASUserPassword - - id + Start-PASVRMService + + BaseURI - The name of the user to update in the vault + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession - Int32 + String + + String + + + None + + + serviceName + + The name of the service to start. Supported services: Vault, DR + + String + + String + + + None + + + serverAddress + + The IP address or hostname of the Primary Vault or DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String - Int32 + String - 0 + Administrator - - NewPassword + + servicePassword - The password to set on the account. - Must meet the password complexity requirements + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. SecureString @@ -51042,23 +52687,58 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector - - id + + BaseURI - The name of the user to update in the vault + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession - Int32 + String - Int32 + String - 0 + None - NewPassword + serviceName - The password to set on the account. - Must meet the password complexity requirements + The name of the service to start. Supported services: Vault, DR + + String + + String + + + None + + + serverAddress + + The IP address or hostname of the Primary Vault or DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator + + String + + String + + + Administrator + + + servicePassword + + Seems like Administrator is the only allowed username? https://docs.cyberark.com/pam-self-hosted/15.0/en/content/pasimp/vault-remote-manager.htm#Configurationrequirements REST API docs however doesnt mention this so we leave it as a parameter with default value with the option to change it. SecureString @@ -51091,6 +52771,18 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector False + + WhatIf + + Position: Named Default value: None Accept pipeline input: False Accept wildcard characters: False ``` + + + + + + + None + @@ -51101,45 +52793,40 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector - -------------------------- EXAMPLE 1 -------------------------- - Set-PASUserPassword -id 123 -NewPassword $SecureString + -------------------------- Example 1 -------------------------- + PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Start-PASVRMService -serviceName Vault -serverAddress vault.company.com -servicePassword $password - Resets password on account with id 123 + Starts the Vault service on the specified server - https://pspas.pspete.dev/commands/Set-PASUserPassword - https://pspas.pspete.dev/commands/Set-PASUserPassword - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/SDK/reset-user-password.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/SDK/reset-user-password.htm + Online Version: + https://pspas.pspete.dev/commands/Start-PASVRMService - Start-PASAccountImportJob - Start - PASAccountImportJob + Stop-PASPSMSession + Stop + PASPSMSession - Add multiple accounts to existing Safes. + Terminates a Live PSM Session. - Sends a list of accounts to be added to existing safes. - Must be authenticated with a user who has Add accounts, Update account content, and Update account properties authorization in at least one Safe. - Returns bulk account upload id or status. + Terminates a Live PSM Session identified by the unique ID of the PSM Session. - Start-PASAccountImportJob - - source + Stop-PASPSMSession + + LiveSessionId - Free text that describes the source of the bulk account upload. + The unique ID/SessionGuid of a Live PSM Session. String @@ -51148,18 +52835,6 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - - accountsList - - List of account objects. Each account object contains the parameters for that account. New-PASAccountObject creates Account Objects with the expected properties. - - Object[] - - Object[] - - - None - WhatIf @@ -51185,10 +52860,10 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector - - source + + LiveSessionId - Free text that describes the source of the bulk account upload. + The unique ID/SessionGuid of a Live PSM Session. String @@ -51197,18 +52872,6 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector None - - accountsList - - List of account objects. Each account object contains the parameters for that account. New-PASAccountObject creates Account Objects with the expected properties. - - Object[] - - Object[] - - - None - WhatIf @@ -51238,62 +52901,102 @@ Set-PASPlatformPSMConfig -ID 52 -PSMServerID PSM-LoadBalancer-EMEA -PSMConnector - + Minimum CyberArk Version 10.1 -------------------------- EXAMPLE 1 -------------------------- - $Accounts = @( - -New-PASAccountObject -uploadIndex 1 -userName SomeAccount1 -address domain.com -platformID WinDomain -SafeName SomeSafe - New-PASAccountObject -uploadIndex 2 -userName SomeAccount2 -address domain.com -platformID WinDomain -SafeName SomeSafe - New-PASAccountObject -uploadIndex 3 -userName SomeAccount3 -address domain.com -platformID WinDomain -SafeName SomeSafe - New-PASAccountObject -uploadIndex 4 -userName SomeAccount4 -address domain.com -platformID WinDomain -SafeName SomeSafe -) - -Start-PASAccountImportJob -source "SomeSource" -accountsList $Accounts + Stop-PASPSMSession -LiveSessionId $SessionUUID - Create & send list of accounts to be added as a bulk operation. + Terminates Live PSM Session identified by the session UUID. - https://pspas.pspete.dev/commands/Start-PASAccountImportJob - https://pspas.pspete.dev/commands/Start-PASAccountImportJob + https://pspas.pspete.dev/commands/Stop-PASPSMSession + https://pspas.pspete.dev/commands/Stop-PASPSMSession - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Create-bulk-upload-of-accounts-v10.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Create-bulk-upload-of-accounts-v10.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/PTA-PSM-TerminateSession.htm + https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/PTA-PSM-TerminateSession.htm - Stop-PASPSMSession + Stop-PASVRMService Stop - PASPSMSession + PASVRMService - Terminates a Live PSM Session. + Stops a Vault or DR service - Terminates a Live PSM Session identified by the unique ID of the PSM Session. + Stops a specified VRM service (Vault or DR) on the target server. Use this command for maintenance, troubleshooting, or controlled shutdowns. Requires authentication with the PARAgent service credentials and supports WhatIf for testing. - Stop-PASPSMSession - - LiveSessionId + Stop-PASVRMService + + BaseURI - The unique ID/SessionGuid of a Live PSM Session. + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession + + String + + String + + + None + + + serviceName + + The name of the service to stop. Supported services: Vault, DR + + String + + String + + + None + + + serverAddress + + The IP address or hostname of the Primary Vault or DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator String String + Administrator + + + servicePassword + + The PARAgent password as a SecureString + + SecureString + + SecureString + + None @@ -51321,16 +53024,64 @@ Start-PASAccountImportJob -source "SomeSource" -accountsList $Accounts - - LiveSessionId + + BaseURI - The unique ID/SessionGuid of a Live PSM Session. + The URL of the PVWA server. If not specified, uses the BaseURI from New-PASSession + + String + + String + + + None + + + serviceName + + The name of the service to stop. Supported services: Vault, DR + + String + + String + + + None + + + serverAddress + + The IP address or hostname of the Primary Vault or DR Vault server + + String + + String + + + None + + + serviceUserName + + The PARAgent user name. Defaults to Administrator String String + Administrator + + + servicePassword + + The PARAgent password as a SecureString + + SecureString + + SecureString + + None @@ -51357,31 +53108,40 @@ Start-PASAccountImportJob -source "SomeSource" -accountsList $Accounts False + + WhatIf + + Position: Named Default value: None Accept pipeline input: False Accept wildcard characters: False ``` + + + + + + + None + - Minimum CyberArk Version 10.1 + - -------------------------- EXAMPLE 1 -------------------------- - Stop-PASPSMSession -LiveSessionId $SessionUUID + -------------------------- Example 1 -------------------------- + PS C:\> $password = ConvertTo-SecureString -String 'P@ssw0rd' -AsPlainText -Force +PS C:\> Stop-PASVRMService -serviceName Vault -serverAddress vault.company.com -servicePassword $password - Terminates Live PSM Session identified by the session UUID. + Stops the Vault service on the specified server - https://pspas.pspete.dev/commands/Stop-PASPSMSession - https://pspas.pspete.dev/commands/Stop-PASPSMSession - - - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/PTA-PSM-TerminateSession.htm - https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/PTA-PSM-TerminateSession.htm + Online Version: + https://pspas.pspete.dev/commands/Stop-PASVRMService diff --git a/psPAS/psPAS.psd1 b/psPAS/psPAS.psd1 index 41766bf1..26934a75 100644 --- a/psPAS/psPAS.psd1 +++ b/psPAS/psPAS.psd1 @@ -294,7 +294,16 @@ 'Set-PASDependentLinkedAccount', 'Clear-PASDependentLinkedAccount', 'Import-PASTicketingSystem', - 'Export-PASTicketingSystemLog' + 'Export-PASTicketingSystemLog', + 'Get-PASVRMServiceConfig', + 'Get-PASVRMServiceStatus', + 'Start-PASVRMService', + 'Stop-PASVRMService', + 'Restart-PASVRMService', + 'Get-PASVRMDRSystemHealth', + 'Invoke-PASVRMFailover', + 'Get-PASVRMServiceConfigParameter', + 'Set-PASVRMServiceConfig' )