CyberArk Privileged Access Management (PAM)
App Vendor: CyberArk
App Category: Configuration Management database(CMDB), Authentication
Connector Version: 1.1.0
API Version: 2.0.0
About App
CyberArk Privileged Access Management (PAM) is a comprehensive cybersecurity strategy that comprises of people, processes, and technology to control, monitor, secure, and audit all human and non-human privileged identities and activities across an enterprise IT environment. The CyberArk Privileged Access Management (PAM) app enables security teams to integrate with the CyberArk Privileged Access Management (PAM) enterprise application to centrally secure, manage, and monitor privileged accounts.
The CyberArk Privileged Access Management (PAM) app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Add Member to Group | This action adds a user as a member to an existing vault group. This action is applicable for regular vault users, LDAP mapped groups or LDAP users. |
Create a User in Vault | This action creates a user in the vault. |
Remove a User from Vault | This action deletes a user from the vault. |
Get a list of Groups from Vault | This action retrieves a list of all existing user groups in the vault. |
Get a User Details from Vault | This action retrieves the details of a user in the vault. |
Re|De-active User Account | This action de-activates or re-activates an existing vault user. |
Remove Member from Group | This action removes a user (member) from a user group in the vault. |
Update a User in Vault | This action updates a user in the vault. |
Configuration Parameters
The following configuration parameters are required for the CyberArk Privileged Access Management (PAM) app to communicate with the CyberArk Privileged Access Management (PAM) enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL (Server FQDN) | Enter the base URL or the server FQDN. Example: "http|https://iis_server_fqdn:port" | Text | Required | |
Username | Enter the username. | Text | Required | |
Password | Enter the password. | Password | Required | |
Verify | Optional preference to either execute the SSL verification of the connection or skip verification. Example: True | Boolean | Optional | Allowed values:
Default value: False |
Action: Add Member to Group
This action adds a user as a member to an existing vault group, This action is applicable for regular vault users, LDAP mapped groups or LDAP users.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Group ID | Enter the vault group ID. | Text | Required | |
Member ID | Enter the member (user) ID. | Text | Required | |
Member Type | Enter the member type. | Text | Required | |
Domain Name | Enter the domain name. | Text | Required |
Action: Create a User in Vault
This action creates a user in the vault.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username. | Text | Required | |
Initial Password | Enter the initial password. | Password | Required | |
First Name | Enter the first name of the user. | Text | Required | |
Last Name | Enter the last name of the user. | Text | Required | |
Email ID | Enter the email ID of the user. | Text | Required | |
User Type | Enter the user type. | Text | Optional | Default value: "epvuser" |
Location | Enter the location. | Text | Optional | Default value: "root" |
Action: Remove a User from Vault
This action deletes a user from the vault.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username. | Text | Required |
Action: Get a List of Groups from Vault
This action retrieves a list of all existing user groups in the vault.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Extra Params | Enter the extra params in key-value pairs. | Key Value | Optional | Allowed keys:
|
Action: Get a User Details from Vault
This action retrieves the details of a user in the vault.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username. | Text | Required |
Action: Re|De-active User Account
This action de-activates or re-activates an existing vault user.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username. | Text | Required | |
De-activate | Optional preference to either de-activate or re-activate the user. default: false(re-activate), true(de-activate) | Boolean | Optional | Allowed values:
Default value: false |
Action: Remove Member from Group
This action removes a user (member) from a user group in the vault.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Group ID | Enter the vault group ID. | Text | Required | |
Member Name | Enter the member (user) name. | Text | Required |
Action: Update a User in Vault
This action updates a user in the vault.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Username | Enter the username. | Text | Required | |
Update Fields | Enter the update fields in key-value pairs. | Key Value | Optional | Allowed values:
|