Functions/EventSecurity/Set-PASPTARemediation.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
Function Set-PASPTARemediation {
    <#
    .SYNOPSIS
    Updates automatic remediation settings in PTA
 
    .DESCRIPTION
    Updates automatic remediation settings configured in PTA
 
    .PARAMETER changePassword_SuspectedCredentialsTheft
    Indicate if Change Password on Suspected Credential Theft the command is active
 
    .PARAMETER changePassword_OverPassTheHash
    Indicate if the Change Password on Over Pass The Hash command is active
 
    .PARAMETER reconcilePassword_SuspectedPasswordChange
    Indicate if the Reconcile Password on Suspected Password Change command is active
 
    .PARAMETER pendAccount_UnmanagedPrivilegedAccount
    Indicate if the Add Unmanaged Accounts to Pending Accounts command is active
 
    .EXAMPLE
Set-PASPTARemediation -changePassword_SuspectedCredentialsTheft $true
 
    Enables the "Change password on Suspected Credentials Theft" rule.
    .EXAMPLE
Set-PASPTARemediation -reconcilePassword_SuspectedPasswordChange $false
 
    Disables the "reconcile on suspected password change" rule.
 
    .NOTES
    Minimum Version CyberArk 10.4
    #>

    [CmdletBinding(SupportsShouldProcess)]
    param(
        [parameter(
            Mandatory = $false,
            ValueFromPipelinebyPropertyName = $true
        )]
        [boolean]$changePassword_SuspectedCredentialsTheft,

        [parameter(
            Mandatory = $false,
            ValueFromPipelinebyPropertyName = $true
        )]
        [boolean]$changePassword_OverPassTheHash,

        [parameter(
            Mandatory = $false,
            ValueFromPipelinebyPropertyName = $true
        )]
        [boolean]$reconcilePassword_SuspectedPasswordChange,

        [parameter(
            Mandatory = $false,
            ValueFromPipelinebyPropertyName = $true
        )]
        [boolean]$pendAccount_UnmanagedPrivilegedAccount

    )

    BEGIN {

        $MinimumVersion = [System.Version]"10.4"

    }#begin

    PROCESS {

        Assert-VersionRequirement -ExternalVersion $Script:ExternalVersion -RequiredVersion $MinimumVersion

        #Get all parameters that will be sent in the request
        $boundParameters = $PSBoundParameters | Get-PASParameter

        #Create URL for Request
        $URI = "$Script:BaseURI/API/pta/API/Settings/AutomaticRemediations/"


        #Create body of request
        $body = $boundParameters | ConvertTo-Json

        if($PSCmdlet.ShouldProcess("PTA", "Update Automatic Remediation Config")) {

            #send request to PAS web service
            $result = Invoke-PASRestMethod -Uri $URI -Method PATCH -Body $Body -WebSession $Script:WebSession

            if($result) {

                #Return Results
                $result.automaticRemediation | Add-ObjectDetail -typename "psPAS.CyberArk.Vault.PTA.Remediation"

            }

        }

    }#process

    END {}#end

}