Functions/AccountGroups/New-PASAccountGroup.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
function New-PASAccountGroup {
    <#
.SYNOPSIS
Adds a new account group to the Vault
 
.DESCRIPTION
Defines a new account group in the vault.
The following permissions are required on the safe where the account group will be created:
 - Add Accounts
 - Update Account Content
 - Update Account Properties
  -Create Folders
 
.PARAMETER GroupName
The name of the group to create
 
.PARAMETER GroupPlatformID
The name of the platform for the group.
The associated platform must be set to "PolicyType=Group"
 
.PARAMETER Safe
The Safe where the group will be created
 
.EXAMPLE
New-PASAccountGroup -GroupName UATGroup -GroupPlatform UnixGroup-NonProd -Safe UAT-Team
 
Creates new account group named UATGroup and assigns to platform in the UAT-Team Safe.
 
.INPUTS
All parameters can be piped by property name
 
.OUTPUTS
None
 
.NOTES
Minimum version 9.9.5
 
.LINK
https://pspas.pspete.dev/commands/New-PASAccountGroup
#>

    [CmdletBinding(SupportsShouldProcess)]
    param(
        [parameter(
            Mandatory = $true,
            ValueFromPipelinebyPropertyName = $true
        )]
        [ValidateNotNullOrEmpty()]
        [string]$GroupName,

        [parameter(
            Mandatory = $true,
            ValueFromPipelinebyPropertyName = $true
        )]
        [string]$GroupPlatformID,

        [parameter(
            Mandatory = $true,
            ValueFromPipelinebyPropertyName = $true
        )]
        [string]$Safe
    )

    BEGIN {
        $MinimumVersion = [System.Version]"9.9.5"
    }#begin

    PROCESS {

        Assert-VersionRequirement -ExternalVersion $Script:ExternalVersion -RequiredVersion $MinimumVersion

        #Create URL for Request
        $URI = "$Script:BaseURI/API/AccountGroups/"

        #Create body of request
        $body = $PSBoundParameters | Get-PASParameter | ConvertTo-Json

        if ($PSCmdlet.ShouldProcess($GroupName, "Define New Account Group")) {

            #send request to PAS web service
            Invoke-PASRestMethod -Uri $URI -Method POST -Body $Body -WebSession $Script:WebSession

        }

    }#process

    END { }#end

}