Functions/AccountGroups/Remove-PASAccountGroupMember.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
function Remove-PASAccountGroupMember {
    <#
.SYNOPSIS
Deletes a member of an account group.

.DESCRIPTION
Removes an account member from an account group.
This account can be either a password account or an SSH Key account.
The following permissions are required on the safe:
 - Add Accounts
 - Update Account Content
 - Update Account Properties
  -Create Folders

.PARAMETER AccountID
The unique ID of the account group.

.PARAMETER GroupID
The unique ID of the account group.

.EXAMPLE
Remove-PASAccountGroupMember -AccountID 21_7 -GroupID 21_9

Removes member with ID of 21_& from account group with ID of 21_9

.INPUTS
All parameters can be piped by property name

.OUTPUTS
None

.NOTES
Minimum CyberArk version 9.10

.LINK
https://pspas.pspete.dev/commands/Remove-PASAccountGroupMember
#>

    [CmdletBinding(SupportsShouldProcess)]
    param(
        [parameter(
            Mandatory = $true,
            ValueFromPipelinebyPropertyName = $true
        )]
        [string]$AccountID,

        [parameter(
            Mandatory = $true,
            ValueFromPipelinebyPropertyName = $true
        )]
        [string]$GroupID
    )

    BEGIN {
        $MinimumVersion = [System.Version]"9.10"
    }#begin

    PROCESS {

        Assert-VersionRequirement -ExternalVersion $Script:ExternalVersion -RequiredVersion $MinimumVersion

        #Create URL for Request
        $URI = "$Script:BaseURI/API/AccountGroups/$GroupID/Members/$AccountID"

        if ($PSCmdlet.ShouldProcess($AccountID, "Delete Member from Account Group $($GroupID)")) {

            #send request to PAS web service
            Invoke-PASRestMethod -Uri $URI -Method DELETE -WebSession $Script:WebSession

        }

    }#process

    END { }#end

}