Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // AccountID is a specific account ID used for updating, getting and deleting AccountID string // PlatformID of the account object being added PlatformID string // Name name of the account object Name string // Address of the account Address string // SecretType of the account SecretType string // Secret of the account Secret string // AutomaticManagementEnabled if account will be managed AutomaticManagementEnabled bool // ManualManagementReason reason account is not being managed ManualManagementReason string // PlatformProperties for account PlatformProperties string // Search List of keywords to search for in accounts, separated by a space. Search string // SearchType Get accounts that either contain or start with the value specified in the Search parameter. Valid values: contains (default) or startswith SearchType string // Sort Property or properties by which to sort returned accounts, followed by asc (default) or desc to control sort direction. Separate multiple properties with commas, up to a maximum of three properties. Sort string // Offset of the first account that is returned in the collection of results. Offset int // Limit Maximum number of returned accounts. If not specified, the default value is 50. The maximum number that can be specified is 1000. Limit int // Filter Search for accounts filtered by safeName or modificationTime Filter string // Reason to access account Reason string // TicketingSystemName name of the ticketing system TicketingSystemName string // TicketID the ticket ID TicketID string // Version of the secret/password being retrieved Version int // ChangeEntireGroup change account group ChangeEntireGroup bool // Scope of password change on account Scope string // NewPassword to set on account NewPassword string )
View Source
var ( // AppID is the application identity to filter on AppID string // Location is the folder location the Application is located in Location string // AuthType authentication method type AuthType string // AuthValue authentication method value AuthValue string // IsFolder used in path/hash authentication IsFolder bool // AllowInternalScripts allow internal script AllowInternalScripts bool // Desc app description Desc string // AccessPermittedFrom application access starting from AccessPermittedFrom int // AccessPermittedTo application access end at AccessPermittedTo int // ExpirationDate application expirey date ExpirationDate string // BusinessOwnerFName first name BusinessOwnerFName string // BusinessOwnerLName last name BusinessOwnerLName string // BusinessOwnerEmail email BusinessOwnerEmail string // BusinessOwnerPhone phone BusinessOwnerPhone string // Disabled application is disabled Disabled string // AppAuthnMethodID application authentication method ID AppAuthnMethodID string )
View Source
var ( // IgnoreSSLVerify Ignore SSL Verification IgnoreSSLVerify bool // ClientCert path to the client cert file ClientCert string // ClientKey path to the client private key file ClientKey string // Folder in which account resides Folder string // ObjectName in which account resides ObjectName string // Database in which account resides Database string // ConnectionTimeout to wait for CCP ConnectionTimeout string // Query for the account Query string // QueryFormat query format being used QueryFormat string // FailRequestOnPasswordChange if password is currently in a change process FailRequestOnPasswordChange bool // Field that will be parsed and returned from the account Field string )
View Source
var ( // CemOrganization Organization tenant name CemOrganization string // CemNonInteractive NonInteractive logon CemNonInteractive bool // CemPlatform Platform Name CemPlatform string // CemAccountID Account ID CemAccountID string // CemEntityID Entity ID CemEntityID string // CemNonFullAdmin non-full Admin only CemNonFullAdmin bool // CemNonShadowAdmin non-sadow Admin only CemNonShadowAdmin bool // CemFullAdmin Full Admin only CemFullAdmin bool // CemShadowAdmin Shadow Admin CemShadowAdmin bool // CemNextToken Next Token CemNextToken string // CemSessionTokenPath path to session token file CemSessionTokenPath string = "/.cybr/cem.config" // CemEnvAPIKey environment variable of CEM API Key for non-interfactive logon CemEnvAPIKey string = "CEM_APIKEY" )
View Source
var ( // Account conjur account Account string // AuthnLDAP Authenticator Service ID AuthnLDAP string // PolicyBranch branch policy is being loaded into PolicyBranch string // PolicyFilePath path to policy file PolicyFilePath string // VariableID variable ID of a secret VariableID string // NoNewLine no new line when printing secret NoNewLine bool // SecretValue variable secret value SecretValue string // ServiceID used for enabling authenticator ServiceID string // Kind resource kind variable, policy, user, host, group, etc Kind string // InspectResources inspect the resources and provide more info per resource InspectResources bool )
View Source
var ( Username string // Username to logon PAS REST API AuthenticationType string // Authentication type for PAS REST API TenantID string // Tenant ID for Identity authentication InsecureTLS bool // Boolean to decide whether to verify TLS or not BaseURL string // Base URL to send PAS REST API logon request NonInteractive bool // Flag for non-interactive logon Password string // Password for PAS REST API ConcurrentSession bool // Flag to allow concurrent sessions SelectedChallenges []int // Slice of selected challenges for Identity authentication AnswerChallenge identityrequests.AdvanceAuthentication // Answer challenge struct StartOobChallenge identityrequests.AdvanceAuthentication // Start Oob challenge struct PollOOBChallenge identityrequests.AdvanceAuthentication // Poll Oob challenge struct AnswerOOBChallenge identityrequests.AdvanceAuthentication // Answer Oob challenge struct )
Global variables for logon command
View Source
var ( // Active is a flag to search for platforms that are active or not Active bool // PlatformType specifies the type of platform to list PlatformType string // PlatformName specifies the name of the platform to list PlatformName string )
View Source
var ( // SafeName is the name of the safe to create SafeName string // Description is the description for the safe to create Description string // OLACEnabled is the boolean value of whether object-level access is enabled OLACEnabled bool // ManagingCPM is the name of the CPM User that manages accounts in the safe ManagingCPM string // NumberOfVersionsRetention is the number of password versions to retain for accounts within NumberOfVersionsRetention int // NumberOfDaysRetention is the number of days to retain older password versions for NumberOfDaysRetention int // AutoPurgeEnabled is a boolean value as to whether to remove non-compliant accounts automatically AutoPurgeEnabled bool // SafeLocation is the location the safe will be created in the Secure Digital Vault (default: \\) SafeLocation string // TargetSafeName is used by the Update Safe endpoint to refer to TargetSafeName string // UseAccounts use account inside of safe UseAccounts bool // RetrieveAccounts retrieve accounts inside of safe RetrieveAccounts bool // ListAccounts list accounts inside of safe ListAccounts bool // AddAccounts add account inside of safe AddAccounts bool // UpdateAccountContent update account content inside of safe UpdateAccountContent bool // UpdateAccountProperties update account properties inside of safe UpdateAccountProperties bool // InitiateCPMAccountManagementOperations init a cpm account action in safe InitiateCPMAccountManagementOperations bool // SpecifyNextAccountContent specify next account content in safe SpecifyNextAccountContent bool // RenameAccounts rename accounts inside of safe RenameAccounts bool // DeleteAccounts delete accounts inside of safe DeleteAccounts bool // UnlockAccounts unlock accounts inside of safe UnlockAccounts bool // ManageSafe manage this safe ManageSafe bool // ManageSafeMembers manage members of this safe ManageSafeMembers bool // BackupSafe backup the safe BackupSafe bool // ViewAuditLog view audit logs of this safe ViewAuditLog bool // ViewSafeMembers view member so this safe ViewSafeMembers bool // AccessWithoutConfirmation access safe without confirmation AccessWithoutConfirmation bool // CreateFolders create folders in safe CreateFolders bool // DeleteFolders delete folders in safe DeleteFolders bool // MoveAccountsAndFolders move accounts and folders MoveAccountsAndFolders bool // RequestsAuthorizationLevel1 sets as approver of level 1 requests for access RequestsAuthorizationLevel1 bool // RequestsAuthorizationLevel2 sets as approver of level 2 requests for access RequestsAuthorizationLevel2 bool // MemberName name of the member being added to a safe MemberName string //SearchIn search in Vault or Domain SearchIn string // MembershipExpirationDate when membership will expire MembershipExpirationDate string // Role of safe member to determine pre-defined safe permissions Role string // RolePermissions contain the pre-defined safe permissions of defined role RolePermissions map[string]string // User is the user to search for as a safe member User string // Group is the group to search for as a safe member Group string // MemberType is the type of member being added to the safe MemberType string )
View Source
var ( // UserID is the id of a user UserID int // UserType is the usertype of the user UserType string // InitialPassword user password InitialPassword string // AuthenticationMethod user authentication method AuthenticationMethod []string UnauthorizedInterfaces []string // ExpiryDate when user will expire in EPOCH ExpiryDate int // VaultAuthorization vault authorization VaultAuthorization []string // EnableUser if user is enabled EnableUser bool // ChangePasswordOnLogon if user is prompted to change password on logon ChangePasswordOnLogon bool // PasswordNeverExpires if user's password will never expire PasswordNeverExpires bool // DistinguishedName disguished name of user DistinguishedName string // BusinessAddress of user BusinessAddress string // Internet info of user Internet string // Phones of user Phones string // PersonalDetails of user PersonalDetails string )
View Source
var Safe string
Safe is the safe name to filter on
View Source
var ( // Verbose logging Verbose bool )
Functions ¶
Types ¶
type RetrieveAccountQuery ¶
type RetrieveAccountQuery struct { AppID string `query_key:"AppID"` Safe string `query_key:"Safe"` Folder string `query_key:"Folder"` Object string `query_key:"Object"` UserName string `query_key:"UserName"` Address string `query_key:"Address"` Database string `query_key:"Database"` PolicyID string `query_key:"PolicyID"` ConnectionTimeout string `query_key:"ConnectionTimeout"` Query string `query_key:"Query"` QueryFormat string `query_key:"QueryFormat"` FailRequestOnPasswordChange bool `query_key:"FailRequestOnPasswordChange"` }
RetrieveAccountQuery represents valid query parameters when listing accounts
Click to show internal directories.
Click to hide internal directories.