Versions Compared

Version Old Version 1 New Version 2
Changes made by

wiki

wiki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Activities

  • Add Attribute
  • Add Folder
  • Add Global Variable
  • Connect To GVManager
  • Delete Attribute
  • Delete Folder
  • Delete Global Variable
  • Disconnect From GVManager
  • Edit Attribute
  • Edit Folder
  • Edit Global Variable
  • Get Attribute
  • Get Attributes
  • Get Folder
  • Get Folders
  • Get Global Variable
  • Get Global Variables

...

The Add Attribute activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image RemovedImage Added

Parameters:

  • Attribute Name (text box editor type) (type: string):  enter the new attribute's name. E.g. 'Role'
  • Attribute Type (combobox editor type) (type: string): choose the new attribute-s type. E.g. 'Text'
  • Attribute Value (text box editor type) (type: string): enter the new attribute's value. E.g. 'Administrator'
  • Connection (text box editor type) (type: string): GVManager Connection. The Output from Connect To GVManager activity should be used as Input for this parameter.
  • Description (text box editor type) (type: string): enter the new attribute's description.
  • Global Variable ID (text box editor type) (type: string): enter the ID for the parent global variable or choose it from the Global Variables tree, as shown below:

...

  • Output Status (type: boolean): outputs the operation status. If succeeded the output value is 'True', otherwise is 'False'. 

...


Add Folder

This activity closes a request that was initiated to elevate to a PAM role.adds a new Global Variable Folder.   

Activity Parameters

The Close PAM Request activity parameters The Add Folder activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image RemovedImage Added

Parameters:

  • Connection (text box editor type) (type: string): PAM GVManager Connection. The Output from Connect To PAM GVManager activity should be used as Input for this parameter.Request ID
  • Description (text box editor type) (type: string): The identifier (GUID) of the PAM request to be approved.

The Read Only Output variable is the possible output value that the activity will provide:

  • Output Status (type: boolean): outputs the operation status. If succeeded the output value is 'True', otherwise is 'False'. 

Connect To PAM

This activity connects to the privileged account and outputs a PAM connection.

Activity Parameters

The Connect To PAM activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image Removed

Parameters:

  • PAM Hostname enter the new folder's description. E.g. 'New folder description'
  • Folder Name (text box editor type) (type: string):  enter the hostname for the PAM.
  • Password (text box editor type) (type: string): enter the password.
  • Password Binding (text box editor type) (type: string): bind to a variable containing the encrypted password for connection. This parameter is used only when the user wants to send an encrypted password from outside the task, for example Flowster Studio Portal. 
  • Use Secure (combo box editor type) (type: string): choose whether to use secure communication ("https") or standard ('http').
  • Username enter the new folder's name. E.g. 'Cluster1'
  • Parent Folder ID (text box editor type) (type: string): enter the username.

The Read Only Output variable is the possible output value that the activity will provide:

...

Create PAM Request

This activity creates a request to elevate the privileged account to a PAM role.

Activity Parameters

The Create PAM Request activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image Removed

Parameters:

  • Connection (text box editor type) (type: string): PAM Connection. The Output from Connect To PAM activity should be used as Input for this parameter.
  • Justification (text box editor type) (type: string): the user-supplied reason for the elevation request.
  • RequestedTTL (text box editor type) (type: string): the requested expiration time, in seconds.
  • RoleID (text box editor type) (type: string): the unique identifier (GUID) of the PAM role to elevate tonew folder's parent ID , or choose it from the Global Variables tree. If left empty, it will be a root folder, otherwise a subfolder.

The Read Only Output variable is the possible output value that the activity will provide:

  • Output Status (type: List<KeyValuePair<String,String>>boolean): outputs a list of dictionaries containing the request's details. In order to use the output you can use the GetKeyValuePair activity with the keys: 'CreationMethod', 'CreationTime', 'CreatorID',  'ExpirationTime', 'Justification', 'RequestedTime', 'RequestedTTL', 'RequestID', 'RequestStatus' and 'RoleID'.

Disconnect From PAM

This activity disconnects the specified PAM connection. 

Activity Parameters

...

  • the operation status. If succeeded the output value is 'True', otherwise is 'False'. 


Add Global Variable

This activity adds a new Global Variable.   

Activity Parameters

The Add Global Variable activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image RemovedImage Added

Parameters:

  • Connection (text box editor type) (type: string): PAM GVManager Connection. The Output from Connect To PAM GVManager activity should be used as Input for this parameter.

Get PAM Requests

This activity gets a history of previously posted PAM requests.

Activity Parameters

The Get PAM Requests activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image Removed

Parameters:

  • Connection Description (text box editor type) (type: string): PAM Connection. The Output from Connect To PAM activity should be used as Input for this parameter.Filter Role ID enter the new folder's description. E.g. 'New folder description'
  • Folder ID (text box editor type) (type: string): enter the role parent folder's ID for the request to be retrevied.

The Read Only Output variable is the possible output value that the activity will provide:

  • Output (type: List<KeyValuePair<String,String>>): outputs a list of dictionaries containing the request's details. In order to use the output you can use the GetKeyValuePair activity with the keys: 'CreationMethod', 'CreationTime',  'CreatorID',  'ExpirationTime', 'Justification',  'RequestedTime',  'RequestedTTL', 'RequestID', 'RequestStatus' and 'RoleID'.

Get PAM Roles

This activity gets the PAM roles for which the account is a candidate.

Activity Parameters

The Get PAM Roles activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image Removed

Parameters:

  • Connection new variable , or choose it from the Global Variables tree, as shown below:

Image Added  Image Added

  • Variable Name (text box editor type) (type: string): PAM Connection. The Output from Connect To PAM activity should be used as Input for this parameter.Filter Display Name (text box   enter the new variable's name. E.g. 'BinarySSH'
  • Variable Type (combobox editor type) (type: string): enter the display name for the role to be retrieved.

The Read Only Output variable is the possible output value that the activity will provide:

  • Output (type: List<KeyValuePair<String,String>>): outputs a list of dictionaries containing the role's details. In order to use the output you can use the GetKeyValuePair activity with the keys: 'RoleID', 'ApprovalEnabled', 'AvailableFrom', 'AvailableTo', 'AvailabilityWindowEnabled', 'Description', 'DisplayName', 'MFAEnabled' and 'TTL'.

Get PAM Session Info

This activity gets the username of the account that is logged in to the session. 

Activity Parameters

The Get PAM Session Info activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image Removed

Parameters:

  • Connection choose the new variable's type. E.g. 'Binary'. NOTE: If 'Password' type is selected, a password in plain text is required. If 'Binary' type is selected, the full path of the file is required. 
  • Variable Value (text box editor type) (type: string): PAM Connection. The Output from Connect To PAM activity should be used as Input for this parameter.

The Read Only Output variable is the possible output value that the activity will provide:

...

Get Pending PAM Requests

This activity gets a list of pending requests that need approval.

Activity Parameters

The Get Pending PAM Requests activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image Removed

Parameters:

...

The Read Only Output variable is the possible output value that the activity will provide:

  • Output (type: List<KeyValuePair<String,String>>): outputs a list of dictionaries containing the pending request's details. In order to use the output you can use the GetKeyValuePair activity with the keys: 'ApprovalObjectID', 'FIMRequestID', 'RequestorID', 'CreationTime', 'Justification',  'RequestedTime',  'RequestedTTL', 'Requestor' and 'RoleName'.

Reject PAM Request

This activity rejects a PAM request to elevate to a PAM role.

Activity Parameters

The Reject PAM Request activity parameters can be provided by manual inserted values or via IN arguments or variables:

Image Removed

Parameters:

  • Connection (text box editor type) (type: string): PAM Connection. The Output from Connect To PAM activity should be used as Input for this parameter.
  • Request ID (text box editor type) (type: string): the identifier (GUID) of the PAM request to reject.
    enter the new variable's value. E.g. 'C:\SSHCertificate\CertWithoutPassword' (full path)

The Read Only Output variable is the possible output value that the activity will provide:

  • Output Status (type: boolean):  outputs outputs the operation status. If succeeded , the output value is 'True', otherwise is false'False'.