Documentation ¶
Index ¶
- Variables
- func ConvertToValidList(input []string, validMap map[string]string) ([]string, error)
- func FlattenSliceToString(input []string) string
- func FlattenWorkflowApprovers(approvers []WorkflowApprover) string
- func FlattenZoneRoles(zoneroles []ZoneRole) string
- func GenerateSchemaMap(i interface{}) (map[string]interface{}, error)
- func GetAllZoneRoles(c *restapi.RestClient, domainid string) (map[string]ZoneRole, error)
- func GetVarType(myvar interface{}) string
- func RedRockQuery(client *restapi.RestClient, query string, args map[string]interface{}) ([]interface{}, error)
- func ResolvePermissions(c *restapi.RestClient, perms []Permission, validPerms map[string]string) error
- func ResolvePermissions2(c *restapi.RestClient, perms []Permission, validPerms map[string]string) error
- func ResolveWorkflowApprovers(c *restapi.RestClient, approvers []WorkflowApprover) error
- type AccessKey
- type Account
- func (o *Account) AddAccessKey(key AccessKey) error
- func (o *Account) AddToSetsByID(setids []string) error
- func (o *Account) AddToSetsByName(sets []string) error
- func (o *Account) ChangePassword() (*restapi.BoolResponse, error)
- func (o *Account) CheckinPassword(coid string) (*restapi.BoolResponse, error)
- func (o *Account) CheckoutPassword(checkin bool) (string, error)
- func (o *Account) Create() (*restapi.StringResponse, error)
- func (o *Account) Delete() (*restapi.BoolResponse, error)
- func (o *Account) DeleteAccessKey(id string) error
- func (o *Account) DeleteByName() (*restapi.BoolResponse, error)
- func (o *Account) FillStruct(m map[string]interface{}) error
- func (o *Account) GetAccessKeys() ([]AccessKey, error)
- func (o *Account) GetByName() error
- func (o *Account) GetIDByName() (string, error)
- func (o *Account) Query() (map[string]interface{}, error)
- func (o *Account) Read() error
- func (o *Account) ResolveValidPermissions()
- func (o *Account) RetrieveAccessKey(accessKeyID string) (string, error)
- func (o *Account) RetrieveSSHKey(keytype string, passphrase string) (string, error)
- func (o *Account) SafeAddAccessKey(key AccessKey) error
- func (o *Account) SetAdminAccount(enable bool) error
- func (o *Account) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *Account) Update() (*restapi.GenericMapResponse, error)
- func (o *Account) ValidateCredentialType() error
- func (o *Account) VerifyAccessKey(key AccessKey) error
- type AdditionalData
- type AgentAuthWorkflowConfig
- type AuthenticationProfile
- func (o *AuthenticationProfile) AddToSetsByID(setids []string) error
- func (o *AuthenticationProfile) AddToSetsByName(sets []string) error
- func (o *AuthenticationProfile) Create() (*restapi.GenericMapResponse, error)
- func (o *AuthenticationProfile) Delete() (*restapi.GenericMapResponse, error)
- func (o *AuthenticationProfile) DeleteByName() (*restapi.GenericMapResponse, error)
- func (o *AuthenticationProfile) FillStruct(m map[string]interface{}) error
- func (o *AuthenticationProfile) GetByName() error
- func (o *AuthenticationProfile) GetIDByName() (string, error)
- func (o *AuthenticationProfile) Query() (map[string]interface{}, error)
- func (o *AuthenticationProfile) Read() error
- func (o *AuthenticationProfile) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *AuthenticationProfile) Update() (*restapi.GenericMapResponse, error)
- type BackupApprover
- type ChallengeCondition
- type ChallengeRule
- type ChallengeRules
- type CloudProvider
- func (o *CloudProvider) AddToSetsByID(setids []string) error
- func (o *CloudProvider) AddToSetsByName(sets []string) error
- func (o *CloudProvider) Create() (*restapi.StringResponse, error)
- func (o *CloudProvider) Delete() (*restapi.StringResponse, error)
- func (o *CloudProvider) DeleteByName() (*restapi.StringResponse, error)
- func (o *CloudProvider) FillStruct(m map[string]interface{}) error
- func (o *CloudProvider) GetByName() error
- func (o *CloudProvider) GetIDByName() (string, error)
- func (o *CloudProvider) Query() (map[string]interface{}, error)
- func (o *CloudProvider) Read() error
- func (o *CloudProvider) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *CloudProvider) Update() (*restapi.StringResponse, error)
- type Connector
- func (o *Connector) AddToSetsByID(setids []string) error
- func (o *Connector) AddToSetsByName(sets []string) error
- func (o *Connector) Delete() (*restapi.GenericMapResponse, error)
- func (o *Connector) FillStruct(m map[string]interface{}) error
- func (o *Connector) GetByName() error
- func (o *Connector) GetIDByName() (string, error)
- func (o *Connector) Query() (map[string]interface{}, error)
- func (o *Connector) Read() error
- func (o *Connector) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *Connector) Update() (*restapi.GenericMapResponse, error)
- type Database
- func (o *Database) AddToSetsByID(setids []string) error
- func (o *Database) AddToSetsByName(sets []string) error
- func (o *Database) Create() (*restapi.StringResponse, error)
- func (o *Database) Delete() (*restapi.BoolResponse, error)
- func (o *Database) DeleteByName() (*restapi.BoolResponse, error)
- func (o *Database) FillStruct(m map[string]interface{}) error
- func (o *Database) GetByName() error
- func (o *Database) GetIDByName() (string, error)
- func (o *Database) Query() (map[string]interface{}, error)
- func (o *Database) Read() error
- func (o *Database) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *Database) Update() (*restapi.GenericMapResponse, error)
- type DesktopApp
- func (o *DesktopApp) AddToSetsByID(setids []string) error
- func (o *DesktopApp) AddToSetsByName(sets []string) error
- func (o *DesktopApp) Create() (*restapi.SliceResponse, error)
- func (o *DesktopApp) Delete() (*restapi.SliceResponse, error)
- func (o *DesktopApp) DeleteByName() (*restapi.SliceResponse, error)
- func (o *DesktopApp) FillStruct(m map[string]interface{}) error
- func (o *DesktopApp) GetByName() error
- func (o *DesktopApp) GetIDByName() (string, error)
- func (o *DesktopApp) Query() (map[string]interface{}, error)
- func (o *DesktopApp) Read() error
- func (o *DesktopApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *DesktopApp) Update() (*restapi.GenericMapResponse, error)
- type DesktopAppParam
- type DirectoryObject
- type DirectoryObjects
- type DirectoryService
- type DirectoryServices
- type Domain
- func (o *Domain) AddToSetsByID(setids []string) error
- func (o *Domain) AddToSetsByName(sets []string) error
- func (o *Domain) Create() (*restapi.StringResponse, error)
- func (o *Domain) Delete() (*restapi.BoolResponse, error)
- func (o *Domain) DeleteByName() (*restapi.BoolResponse, error)
- func (o *Domain) FillStruct(m map[string]interface{}) error
- func (o *Domain) GetByName() error
- func (o *Domain) GetIDByName() (string, error)
- func (o *Domain) Query() (map[string]interface{}, error)
- func (o *Domain) Read() error
- func (o *Domain) SetAdminAccount() error
- func (o *Domain) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *Domain) Update() (*restapi.GenericMapResponse, error)
- type FederatedGroup
- type GenericWebApp
- func (o *GenericWebApp) AddToSetsByID(setids []string) error
- func (o *GenericWebApp) AddToSetsByName(sets []string) error
- func (o *GenericWebApp) Create() (*restapi.SliceResponse, error)
- func (o *GenericWebApp) CreateComplete() error
- func (o *GenericWebApp) FillStruct(m map[string]interface{}) error
- func (o *GenericWebApp) GetByName() error
- func (o *GenericWebApp) GetIDByName() (string, error)
- func (o *GenericWebApp) Query() (map[string]interface{}, error)
- func (o *GenericWebApp) Read() error
- func (o *GenericWebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *GenericWebApp) Update() (*restapi.GenericMapResponse, error)
- type GlobalWorkflow
- type GlobalWorkflowSetting
- type GroupMapping
- type GroupMappings
- type ManualSet
- func (o *ManualSet) AddToSetsByID(setids []string) error
- func (o *ManualSet) AddToSetsByName(sets []string) error
- func (o *ManualSet) Create() (*restapi.StringResponse, error)
- func (o *ManualSet) Delete() (*restapi.GenericMapResponse, error)
- func (o *ManualSet) DeleteByName() (*restapi.GenericMapResponse, error)
- func (o *ManualSet) FillStruct(m map[string]interface{}) error
- func (o *ManualSet) GetByName() error
- func (o *ManualSet) GetIDByName() (string, error)
- func (o *ManualSet) Query() (map[string]interface{}, error)
- func (o *ManualSet) Read() error
- func (o *ManualSet) ResolveValidMemberPerms() error
- func (o *ManualSet) SetMemberPermissions(isRemove bool) (*restapi.GenericMapResponse, error)
- func (o *ManualSet) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *ManualSet) Update() (*restapi.GenericMapResponse, error)
- func (o *ManualSet) UpdateSetMembers(ids []string, action string) (*restapi.StringResponse, error)
- func (o *ManualSet) ValidateMemberPermissions(perms []string) ([]string, error)
- type MultiplexedAccount
- func (o *MultiplexedAccount) AddToSetsByID(setids []string) error
- func (o *MultiplexedAccount) AddToSetsByName(sets []string) error
- func (o *MultiplexedAccount) Create() (*restapi.StringResponse, error)
- func (o *MultiplexedAccount) Delete() (*restapi.GenericMapResponse, error)
- func (o *MultiplexedAccount) DeleteByName() (*restapi.GenericMapResponse, error)
- func (o *MultiplexedAccount) FillStruct(m map[string]interface{}) error
- func (o *MultiplexedAccount) GetByName() error
- func (o *MultiplexedAccount) GetIDByName() (string, error)
- func (o *MultiplexedAccount) Query() (map[string]interface{}, error)
- func (o *MultiplexedAccount) Read() error
- func (o *MultiplexedAccount) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *MultiplexedAccount) Update() (*restapi.StringResponse, error)
- type OAuthProfile
- type OAuthScope
- type OauthWebApp
- func (o *OauthWebApp) AddToSetsByID(setids []string) error
- func (o *OauthWebApp) AddToSetsByName(sets []string) error
- func (o *OauthWebApp) FillStruct(m map[string]interface{}) error
- func (o *OauthWebApp) GetByName() error
- func (o *OauthWebApp) GetIDByName() (string, error)
- func (o *OauthWebApp) Query() (map[string]interface{}, error)
- func (o *OauthWebApp) Read() error
- func (o *OauthWebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *OauthWebApp) Update() (*restapi.GenericMapResponse, error)
- type OidcProfile
- type OidcWebApp
- func (o *OidcWebApp) AddToSetsByID(setids []string) error
- func (o *OidcWebApp) AddToSetsByName(sets []string) error
- func (o *OidcWebApp) Create() (*restapi.SliceResponse, error)
- func (o *OidcWebApp) CreateComplete() error
- func (o *OidcWebApp) FillStruct(m map[string]interface{}) error
- func (o *OidcWebApp) GetByName() error
- func (o *OidcWebApp) GetIDByName() (string, error)
- func (o *OidcWebApp) Query() (map[string]interface{}, error)
- func (o *OidcWebApp) Read() error
- func (o *OidcWebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *OidcWebApp) Update() (*restapi.GenericMapResponse, error)
- type PasswordProfile
- func (o *PasswordProfile) AddToSetsByID(setids []string) error
- func (o *PasswordProfile) AddToSetsByName(sets []string) error
- func (o *PasswordProfile) Create() (*restapi.StringResponse, error)
- func (o *PasswordProfile) Delete() (*restapi.BoolResponse, error)
- func (o *PasswordProfile) DeleteByName() (*restapi.BoolResponse, error)
- func (o *PasswordProfile) FillStruct(m map[string]interface{}) error
- func (o *PasswordProfile) GetByName() error
- func (o *PasswordProfile) GetIDByName() (string, error)
- func (o *PasswordProfile) Query() (map[string]interface{}, error)
- func (o *PasswordProfile) Read() error
- func (o *PasswordProfile) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *PasswordProfile) Update() (*restapi.GenericMapResponse, error)
- type Permission
- type Policy
- func (o *Policy) AddToSetsByID(setids []string) error
- func (o *Policy) AddToSetsByName(sets []string) error
- func (o *Policy) Create() (*restapi.GenericMapResponse, error)
- func (o *Policy) Delete() (*restapi.GenericMapResponse, error)
- func (o *Policy) FillStruct(m map[string]interface{}) error
- func (o *Policy) GetByName() error
- func (o *Policy) GetIDByName() (string, error)
- func (o *Policy) Query(key string) (map[string]interface{}, error)
- func (o *Policy) Read() error
- func (o *Policy) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *Policy) Update() (*restapi.GenericMapResponse, error)
- func (o *Policy) ValidateSettings() error
- type PolicyADAdminPass
- type PolicyAccountSet
- type PolicyCentrifyCSSElevation
- type PolicyCentrifyCSSServer
- type PolicyCentrifyCSSWorkstation
- type PolicyCentrifyClient
- type PolicyCentrifyServices
- type PolicyCloudProvidersSet
- type PolicyDatabaseSet
- type PolicyDomainSet
- type PolicyLink
- type PolicyLinks
- type PolicyMobileDevice
- type PolicyOathOTP
- type PolicyPasswordSettings
- type PolicyRadius
- type PolicySecretSet
- type PolicySelfService
- type PolicySettings
- type PolicySshKeySet
- type PolicySystemSet
- type PolicyUserAccount
- type PrivilegeElevationWorkflowConfig
- type ProxyWorkflowApprover
- type ProxyZoneRole
- type Role
- func (o *Role) AddToSetsByID(setids []string) error
- func (o *Role) AddToSetsByName(sets []string) error
- func (o *Role) AssignAdminRights() (*restapi.GenericMapResponse, error)
- func (o *Role) Create() (*restapi.GenericMapResponse, error)
- func (o *Role) Delete() (*restapi.GenericMapResponse, error)
- func (o *Role) DeleteByName() (*restapi.GenericMapResponse, error)
- func (o *Role) FillStruct(m map[string]interface{}) error
- func (o *Role) GetAdminRights() (map[string]interface{}, error)
- func (o *Role) GetByName() error
- func (o *Role) GetIDByName() (string, error)
- func (o *Role) Query() (map[string]interface{}, error)
- func (o *Role) Read() error
- func (o *Role) RemoveAdminRights(rights map[string]interface{}) (*restapi.GenericMapResponse, error)
- func (o *Role) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *Role) Update() (*restapi.GenericMapResponse, error)
- func (o *Role) UpdateMembers(ids []string, action string, membertype string) (*restapi.StringResponse, error)
- func (o *Role) UpdateRoleMembers(members []RoleMember, action string) (*restapi.StringResponse, error)
- type RoleMember
- type RoleMembership
- func (o *RoleMembership) AddToSetsByID(setids []string) error
- func (o *RoleMembership) AddToSetsByName(sets []string) error
- func (o *RoleMembership) FillStruct(m map[string]interface{}) error
- func (o *RoleMembership) Read() error
- func (o *RoleMembership) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *RoleMembership) UpdateRoleMembers(members []RoleMember, action string) (*restapi.StringResponse, error)
- type SSHKey
- func (o *SSHKey) AddToSetsByID(setids []string) error
- func (o *SSHKey) AddToSetsByName(sets []string) error
- func (o *SSHKey) Create() (*restapi.StringResponse, error)
- func (o *SSHKey) Delete() (*restapi.StringResponse, error)
- func (o *SSHKey) DeleteByName() (*restapi.StringResponse, error)
- func (o *SSHKey) FillStruct(m map[string]interface{}) error
- func (o *SSHKey) GetByName() error
- func (o *SSHKey) GetIDByName() (string, error)
- func (o *SSHKey) Query() (map[string]interface{}, error)
- func (o *SSHKey) Read() error
- func (o *SSHKey) RetriveSSHKey() (string, error)
- func (o *SSHKey) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *SSHKey) Update() (*restapi.GenericMapResponse, error)
- type SamlAttribute
- type SamlWebApp
- func (o *SamlWebApp) AddToSetsByID(setids []string) error
- func (o *SamlWebApp) AddToSetsByName(sets []string) error
- func (o *SamlWebApp) FillStruct(m map[string]interface{}) error
- func (o *SamlWebApp) GetByName() error
- func (o *SamlWebApp) GetIDByName() (string, error)
- func (o *SamlWebApp) Query() (map[string]interface{}, error)
- func (o *SamlWebApp) Read() error
- func (o *SamlWebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *SamlWebApp) Update() (*restapi.GenericMapResponse, error)
- type Secret
- func (o *Secret) AddToSetsByID(setids []string) error
- func (o *Secret) AddToSetsByName(sets []string) error
- func (o *Secret) CheckoutSecret() (string, error)
- func (o *Secret) CheckoutSecretAndFile(saveToHome bool) (string, error)
- func (o *Secret) Create() (*restapi.StringResponse, error)
- func (o *Secret) Delete() (*restapi.BoolResponse, error)
- func (o *Secret) DeleteByName() (*restapi.BoolResponse, error)
- func (o *Secret) DownloadSecretFile(saveToHome bool) (string, error)
- func (o *Secret) FillStruct(m map[string]interface{}) error
- func (o *Secret) GetByName() error
- func (o *Secret) GetIDByName() (string, error)
- func (o *Secret) MoveSecret() (*restapi.BoolResponse, error)
- func (o *Secret) Query() (map[string]interface{}, error)
- func (o *Secret) Read() error
- func (o *Secret) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *Secret) Update() (*restapi.GenericMapResponse, error)
- type SecretFolder
- func (o *SecretFolder) AddToSetsByID(setids []string) error
- func (o *SecretFolder) AddToSetsByName(sets []string) error
- func (o *SecretFolder) Create() (*restapi.StringResponse, error)
- func (o *SecretFolder) Delete() (*restapi.BoolResponse, error)
- func (o *SecretFolder) DeleteByName() (*restapi.BoolResponse, error)
- func (o *SecretFolder) FillStruct(m map[string]interface{}) error
- func (o *SecretFolder) GetByName() error
- func (o *SecretFolder) GetIDByName() (string, error)
- func (o *SecretFolder) MoveFolder() (*restapi.BoolResponse, error)
- func (o *SecretFolder) Query() (map[string]interface{}, error)
- func (o *SecretFolder) Read() error
- func (o *SecretFolder) SetMemberPermissions(isRemove bool) (*restapi.GenericMapResponse, error)
- func (o *SecretFolder) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *SecretFolder) Update() (*restapi.GenericMapResponse, error)
- type Service
- func (o *Service) AddToSetsByID(setids []string) error
- func (o *Service) AddToSetsByName(sets []string) error
- func (o *Service) Create() (*restapi.StringResponse, error)
- func (o *Service) Delete() (*restapi.GenericMapResponse, error)
- func (o *Service) DeleteByName() (*restapi.GenericMapResponse, error)
- func (o *Service) FillStruct(m map[string]interface{}) error
- func (o *Service) GetByName() error
- func (o *Service) GetIDByName() (string, error)
- func (o *Service) Query() (map[string]interface{}, error)
- func (o *Service) Read() error
- func (o *Service) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *Service) Update() (*restapi.StringResponse, error)
- type System
- func (o *System) AddToSetsByID(setids []string) error
- func (o *System) AddToSetsByName(sets []string) error
- func (o *System) Create() (*restapi.StringResponse, error)
- func (o *System) Delete() (*restapi.BoolResponse, error)
- func (o *System) DeleteByName() (*restapi.BoolResponse, error)
- func (o *System) FillStruct(m map[string]interface{}) error
- func (o *System) GetByName() error
- func (o *System) GetIDByName() (string, error)
- func (o *System) Query() (map[string]interface{}, error)
- func (o *System) Read() error
- func (o *System) ResolveValidPermissions()
- func (o *System) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *System) Update() (*restapi.GenericMapResponse, error)
- func (o *System) ValidateZoneWorkflow() error
- type User
- func (o *User) AddToRoles(roles []string) error
- func (o *User) AddToSetsByID(setids []string) error
- func (o *User) AddToSetsByName(sets []string) error
- func (o *User) ChangePassword() (*restapi.BoolResponse, error)
- func (o *User) ChangeUserPassword(pw string) error
- func (o *User) Create() (*restapi.StringResponse, error)
- func (o *User) Delete() (*restapi.GenericMapResponse, error)
- func (o *User) DeleteByName() (*restapi.GenericMapResponse, error)
- func (o *User) FillStruct(m map[string]interface{}) error
- func (o *User) GetByName() error
- func (o *User) GetIDByName() (string, error)
- func (o *User) Query() (map[string]interface{}, error)
- func (o *User) Read() error
- func (o *User) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- func (o *User) Update() (*restapi.GenericMapResponse, error)
- type WebApp
- func (o *WebApp) AddToSetsByID(setids []string) error
- func (o *WebApp) AddToSetsByName(sets []string) error
- func (o *WebApp) Create() (*restapi.SliceResponse, error)
- func (o *WebApp) Delete() (*restapi.SliceResponse, error)
- func (o *WebApp) DeleteByName() (*restapi.SliceResponse, error)
- func (o *WebApp) FillStruct(m map[string]interface{}) error
- func (o *WebApp) GetIDByName() (string, error)
- func (o *WebApp) Query() (map[string]interface{}, error)
- func (o *WebApp) ResetAppScript() error
- func (o *WebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
- type WorkflowApprover
- type WorkflowDefaultOptions
- type ZoneRole
Constants ¶
This section is empty.
Variables ¶
var ( // Right reppresents a struct of valid rights Right = struct { Grant, View, Edit, Delete, Add, Run, Login, Checkout, Retrieve, ManageSession, AgentAuth, OfflineRescue, AddAccount, UnlockAccount, RequestZoneRole, FileTransfer, UpdatePassword, WorkspaceLogin, RotatePassword, RetrieveSecret, ManagementAssignment string }{ Grant: "Grant", View: "View", Edit: "Edit", Delete: "Delete", Add: "Add", Run: "Run", Login: "Login", Checkout: "Checkout", Retrieve: "Retrieve", ManageSession: "ManageSession", AgentAuth: "AgentAuth", OfflineRescue: "OfflineRescue", AddAccount: "AddAccount", UnlockAccount: "UnlockAccount", RequestZoneRole: "RequestZoneRole", FileTransfer: "FileTransfer", UpdatePassword: "UpdatePassword", WorkspaceLogin: "WorkspaceLogin", RotatePassword: "RotatePassword", RetrieveSecret: "RetrieveSecret", ManagementAssignment: "ManagementAssignment", } // ValidPermissionMap represents a struct of valid permissions ValidPermissionMap = struct { Generic, Set, WinNix, System, Database, Domain, Account, DBAccount, DomainAccount, CloudAccount, MultiplexAccount, Secret, SSHKey, Service, Application, Folder map[string]string }{ Generic: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.Edit: Right.Edit, Right.Delete: Right.Delete}, Set: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.Edit: Right.Edit, Right.Delete: Right.Delete}, WinNix: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.ManageSession: Right.ManageSession, Right.Edit: Right.Edit, Right.Delete: Right.Delete, Right.AgentAuth: Right.AgentAuth, Right.OfflineRescue: Right.OfflineRescue, Right.AddAccount: Right.AddAccount, Right.UnlockAccount: Right.UnlockAccount, Right.ManagementAssignment: "ManagePrivilegeElevationAssignment", Right.RequestZoneRole: Right.RequestZoneRole}, System: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.ManageSession: Right.ManageSession, Right.Edit: Right.Edit, Right.Delete: Right.Delete, Right.AgentAuth: Right.AgentAuth, Right.OfflineRescue: Right.OfflineRescue, Right.AddAccount: Right.AddAccount, Right.UnlockAccount: Right.UnlockAccount}, Database: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.Edit: Right.Edit, Right.Delete: Right.Delete}, Domain: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.Edit: Right.Edit, Right.Delete: Right.Delete, Right.UnlockAccount: Right.UnlockAccount, Right.AddAccount: Right.AddAccount}, Account: map[string]string{Right.Grant: "Owner", Right.View: Right.View, Right.Checkout: "Naked", Right.Login: Right.Login, Right.FileTransfer: Right.FileTransfer, Right.Edit: "Manage", Right.Delete: Right.Delete, Right.UpdatePassword: Right.UpdatePassword, Right.WorkspaceLogin: "UserPortalLogin", Right.RotatePassword: Right.RotatePassword}, DBAccount: map[string]string{Right.Grant: "Owner", Right.View: Right.View, Right.Checkout: "Naked", Right.Edit: "Manage", Right.Delete: Right.Delete, Right.UpdatePassword: Right.UpdatePassword, Right.RotatePassword: Right.RotatePassword}, DomainAccount: map[string]string{Right.Grant: "Owner", Right.View: Right.View, Right.Checkout: "Naked", Right.Login: Right.Login, Right.FileTransfer: Right.FileTransfer, Right.Edit: "Manage", Right.Delete: Right.Delete, Right.UpdatePassword: Right.UpdatePassword, Right.RotatePassword: Right.RotatePassword}, CloudAccount: map[string]string{Right.Grant: "Owner", Right.View: Right.View, Right.Checkout: "Naked", Right.Login: Right.Login, Right.Edit: "Manage", Right.Delete: Right.Delete, Right.UpdatePassword: Right.UpdatePassword, Right.RotatePassword: Right.RotatePassword}, MultiplexAccount: map[string]string{Right.Grant: Right.Grant, Right.Edit: Right.Edit, Right.Delete: Right.Delete}, Secret: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.Edit: Right.Edit, Right.Delete: Right.Delete, Right.RetrieveSecret: "Retrieve"}, SSHKey: map[string]string{Right.Grant: "Owner", Right.View: Right.View, Right.Retrieve: "Checkout", Right.Edit: "Manage", Right.Delete: Right.Delete}, Service: map[string]string{Right.Grant: Right.Grant, Right.Edit: Right.Edit, Right.Delete: Right.Delete}, Application: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.Run: "Execute"}, Folder: map[string]string{Right.Grant: Right.Grant, Right.View: Right.View, Right.Edit: Right.Edit, Right.Delete: Right.Delete, Right.Add: Right.Add}, } )
Functions ¶
func ConvertToValidList ¶
ConvertToValidList converts provide list of rights to actual values that can be used for API call Converts []string{"a1", "b1"} to []string{"a2", "b2"} from map[string]string{"a1": "a2", "b1": "b2"}
func FlattenSliceToString ¶
FlattenSliceToString converts ["value1", "value2"] to "value1,value2"
func FlattenWorkflowApprovers ¶ added in v0.1.3
func FlattenWorkflowApprovers(approvers []WorkflowApprover) string
func FlattenZoneRoles ¶ added in v0.1.3
func GenerateSchemaMap ¶
GenerateSchemaMap converts object into map according to object's json schema definition
func GetAllZoneRoles ¶ added in v0.1.3
func GetVarType ¶
func GetVarType(myvar interface{}) string
GetVarType returns variable type name as string
func RedRockQuery ¶
func RedRockQuery(client *restapi.RestClient, query string, args map[string]interface{}) ([]interface{}, error)
RedRockQuery issues RedRock API query
func ResolvePermissions ¶
func ResolvePermissions(c *restapi.RestClient, perms []Permission, validPerms map[string]string) error
ResolvePermissions given a list of Permissions, resolve PrincipalID and convert the given rights to actual rights
func ResolvePermissions2 ¶ added in v0.1.3
func ResolvePermissions2(c *restapi.RestClient, perms []Permission, validPerms map[string]string) error
ResolvePermissions2 detects if PrincipalID is set, if not then resolve it
func ResolveWorkflowApprovers ¶ added in v0.1.3
func ResolveWorkflowApprovers(c *restapi.RestClient, approvers []WorkflowApprover) error
Types ¶
type AccessKey ¶
type AccessKey struct { ID string `json:"ID,omitempty" schema:"id,omitempty"` AccessKeyID string `json:"AccessKeyId,omitempty" schema:"access_key_id,omitempty"` SecretAccessKey string `json:"SecretAccessKey,omitempty" schema:"secret_access_key,omitempty"` }
AccessKey represents AWS access key
type Account ¶
type Account struct { // For password checkout and direct SDK call purpose ResourceType string `json:"-"` ResourceName string `json:"-"` // Settings menu User string `json:"User,omitempty" schema:"name,omitempty"` // User Name Password string `json:"Password,omitempty" schema:"password,omitempty"` Host string `json:"Host,omitempty" schema:"host_id,omitempty"` SSHKeyID string `json:"SshKeyId,omitempty" schema:"sshkey_id,omitempty"` DomainID string `json:"DomainID,omitempty" schema:"domain_id,omitempty"` DatabaseID string `json:"DatabaseID,omitempty" schema:"database_id,omitempty"` CredentialType string `json:"CredentialType,omitempty" schema:"credential_type,omitempty"` // Password or SshKey CredentialName string `json:"CredentialName,omitempty" schema:"credential_name,omitempty"` CredentialID string `json:"CredentialId,omitempty" schema:"credential_id,omitempty"` CloudProviderID string `json:"CloudProviderId,omitempty" schema:"cloudprovider_id,omitempty"` IsRootAccount bool `json:"IsRootAccount,omitempty" schema:"is_root_account,omitempty"` // Policy menu UseWheel bool `json:"UseWheel,omitempty" schema:"use_proxy_account,omitempty"` // Use proxy account IsManaged bool `json:"IsManaged,omitempty" schema:"managed,omitempty"` // manage this credential Description string `json:"Description,omitempty" schema:"description,omitempty"` Status string `json:"Status,omitempty" schema:"status,omitempty"` DefaultCheckoutTime int `json:"DefaultCheckoutTime,omitempty" schema:"checkout_lifetime,omitempty"` // Checkout lifetime (minutes) PasswordCheckoutDefaultProfile string `json:"PasswordCheckoutDefaultProfile" schema:"default_profile_id"` // Default Password Checkout Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"PasswordCheckoutRules,omitempty" schema:"challenge_rule,omitempty"` // Workflow menu WorkflowEnabled bool `json:"WorkflowEnabled,omitempty" schema:"workflow_enabled,omitempty"` WorkflowDefaultOptions string `json:"WorkflowDefaultOptions,omitempty" schema:"workflow_default_options,omitempty"` //WorkflowSent bool `json:"WorkflowSent,omitempty" schema:"workflow_sent,omitempty"` WorkflowApprovers string `json:"WorkflowApprovers,omitempty" schema:"workflow_approvers,omitempty"` // This is the actual attribute in string format WorkflowApproverList []WorkflowApprover `json:"-" schema:"workflow_approver,omitempty"` // This is used in tf file only IsAdminAccount bool `json:"IsAdminAccount,omitempty" schema:"is_admin_account,omitempty"` AccessKeys []AccessKey `json:"AccessKeys,omitempty" schema:"access_key,omitempty"` AccessSecretCheckoutDefaultProfile string `json:"AccessSecretCheckoutDefaultProfile,omitempty" schema:"access_secret_checkout_default_profile_id,omitempty"` AccessSecretCheckoutRules *ChallengeRules `json:"AccessSecretCheckoutRules,omitempty" schema:"access_secret_checkout_rule,omitempty"` // contains filtered or unexported fields }
Account - Encapsulates a single generic Account
func (*Account) AddAccessKey ¶
AddAccessKey adds access key into this account
func (*Account) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*Account) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*Account) ChangePassword ¶
func (o *Account) ChangePassword() (*restapi.BoolResponse, error)
ChangePassword function updates an existing Account password and returns a map that contains update result
func (*Account) CheckinPassword ¶
func (o *Account) CheckinPassword(coid string) (*restapi.BoolResponse, error)
CheckinPassword checks in an checked out account password
func (*Account) CheckoutPassword ¶
CheckoutPassword checks out account password from vault Returns actual password, coid or error
func (*Account) Create ¶
func (o *Account) Create() (*restapi.StringResponse, error)
Create function creates a new Account and returns a map that contains creation result
func (*Account) Delete ¶
func (o *Account) Delete() (*restapi.BoolResponse, error)
Delete function deletes a Account and returns a map that contains deletion result
func (*Account) DeleteAccessKey ¶
DeleteAccessKey deletes an IAM access key
func (*Account) DeleteByName ¶
func (o *Account) DeleteByName() (*restapi.BoolResponse, error)
DeleteByName deletes a DesktopApp by name
func (*Account) FillStruct ¶
FillStruct function fills a struct with map
func (*Account) GetAccessKeys ¶
GetAccessKeys get all access key entries
func (*Account) GetIDByName ¶
GetIDByName returns vault object ID by name
func (*Account) Read ¶
Read function fetches a Account from source, including attribute values. Returns error if any
func (*Account) ResolveValidPermissions ¶
func (o *Account) ResolveValidPermissions()
ResolveValidPermissions resolves valid permission according to account type
func (*Account) RetrieveAccessKey ¶
RetrieveAccessKey retrieves secret access key
func (*Account) RetrieveSSHKey ¶
RetrieveSSHKey retrieves SSH key from an account
func (*Account) SafeAddAccessKey ¶
SafeAddAccessKey verifies then adds access key
func (*Account) SetAdminAccount ¶
SetAdminAccount set this account as admin account
func (*Account) SetPermissions ¶
func (o *Account) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*Account) Update ¶
func (o *Account) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing Account and returns a map that contains update result
func (*Account) ValidateCredentialType ¶
ValidateCredentialType checks credential type matches password or sshkey setting
func (*Account) VerifyAccessKey ¶
VerifyAccessKey verifies that access key is valid against AWS
type AdditionalData ¶
type AdditionalData struct {
NumberOfQuestions int `json:"NumberOfQuestions" schema:"number_of_questions"` // Number of questions user must answer
}
AdditionalData for AuthenticationProfile
type AgentAuthWorkflowConfig ¶ added in v0.1.3
type AgentAuthWorkflowConfig struct { AgentAuthWorkflowEnabled bool AgentAuthWorkflowApprovers []WorkflowApprover }
type AuthenticationProfile ¶
type AuthenticationProfile struct { UUID string `json:"Uuid,omitempty" schema:"uuid,omitempty"` DurationInMinutes int `json:"DurationInMinutes" schema:"pass_through_duration"` // Challenge Pass-Through Duration. Can't omitempty because 0 mean no pass-through Challenges []string `json:"Challenges,omitempty" schema:"challenges,omitempty"` AdditionalData *AdditionalData `json:"AdditionalData,omitempty" schema:"additional_data,omitempty"` NumberOfQuestions int `json:"-"` Challenge1 []string `json:"-"` Challenge2 []string `json:"-"` // contains filtered or unexported fields }
AuthenticationProfile - Encapsulates a single Authentication Profile
func NewAuthenticationProfile ¶
func NewAuthenticationProfile(c *restapi.RestClient) *AuthenticationProfile
NewAuthenticationProfile is a AuthenticationProfile constructor
func (*AuthenticationProfile) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*AuthenticationProfile) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*AuthenticationProfile) Create ¶
func (o *AuthenticationProfile) Create() (*restapi.GenericMapResponse, error)
Create function creates an authentication profile and returns a map that contains update result
func (*AuthenticationProfile) Delete ¶
func (o *AuthenticationProfile) Delete() (*restapi.GenericMapResponse, error)
Delete function deletes an authentication profile and returns a map that contains deletion result
func (*AuthenticationProfile) DeleteByName ¶
func (o *AuthenticationProfile) DeleteByName() (*restapi.GenericMapResponse, error)
DeleteByName deletes a authentication profile by name
func (*AuthenticationProfile) FillStruct ¶
FillStruct function fills a struct with map
func (*AuthenticationProfile) GetByName ¶
func (o *AuthenticationProfile) GetByName() error
GetByName retrieves authentication profile from tenant by name
func (*AuthenticationProfile) GetIDByName ¶
func (o *AuthenticationProfile) GetIDByName() (string, error)
GetIDByName returns authentication profile ID by name
func (*AuthenticationProfile) Query ¶
func (o *AuthenticationProfile) Query() (map[string]interface{}, error)
Query function returns a single authentication profile object
func (*AuthenticationProfile) Read ¶
func (o *AuthenticationProfile) Read() error
Read function fetches an authentication profile from source, including attribute values. Returns error if any
func (*AuthenticationProfile) SetPermissions ¶
func (o *AuthenticationProfile) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*AuthenticationProfile) Update ¶
func (o *AuthenticationProfile) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing authentication profile and returns a map that contains update result
type BackupApprover ¶ added in v0.1.3
type BackupApprover struct { Guid string `json:"Guid,omitempty" schema:"guid,omitempty"` Name string `json:"Name,omitempty" schema:"name,omitempty"` Type string `json:"Type,omitempty" schema:"type,omitempty"` // Either "User" or "Role" DirectoryService string `json:"-"` DirectoryName string `json:"-"` }
type ChallengeCondition ¶
type ChallengeCondition struct { Filter string `json:"Prop,omitempty" schema:"filter,omitempty"` Condition string `json:"Op,omitempty" schema:"condition,omitempty"` Value string `json:"Val,omitempty" schema:"value,omitempty"` }
ChallengeCondition represents a single challenge rule
type ChallengeRule ¶
type ChallengeRule struct { ChallengeCondition []ChallengeCondition `json:"Conditions,omitempty" schema:"rule,omitempty"` AuthProfileID string `json:"ProfileId,omitempty" schema:"authentication_profile_id,omitempty"` // "-1" means Not Allowed }
ChallengeRule represents a set of login rule
type ChallengeRules ¶
type ChallengeRules struct { Enabled bool `json:"Enabled,omitempty" schema:"enabled,omitempty"` UniqueKey string `json:"_UniqueKey,omitempty" schema:"unique_key,omitempty"` Type string `json:"_Type,omitempty" schema:"type,omitempty"` Rules []ChallengeRule `json:"_Value,omitempty" schema:"rule,omitempty"` }
ChallengeRules represents list of login rule set
type CloudProvider ¶
type CloudProvider struct { CloudAccountID string `json:"CloudAccountId,omitempty" schema:"cloud_account_id,omitempty"` Type string `json:"Type,omitempty" schema:"type,omitempty"` EnableUnmanagedPasswordRotation bool `json:"EnableUnmanagedPasswordRotation,omitempty" schema:"enable_interactive_password_rotation,omitempty"` EnableUnmanagedPasswordRotationPrompt bool `json:"EnableUnmanagedPasswordRotationPrompt,omitempty" schema:"prompt_change_root_password,omitempty"` EnableUnmanagedPasswordRotationReminder bool `json:"EnableUnmanagedPasswordRotationReminder,omitempty" schema:"enable_password_rotation_reminders,omitempty"` UnmanagedPasswordRotationReminderDuration int `json:"UnmanagedPasswordRotationReminderDuration,omitempty" schema:"password_rotation_reminder_duration,omitempty"` ChallengeRules *ChallengeRules `json:"LoginRules,omitempty" schema:"challenge_rule,omitempty"` // CloudProvider Login Challenge Rules LoginDefaultProfile string `json:"LoginDefaultProfile,omitempty" schema:"default_profile_id,omitempty"` // Default CloudProvider Login Profile (used if no conditions matched) // contains filtered or unexported fields }
CloudProvider - Encapsulates a cloud provider
func NewCloudProvider ¶
func NewCloudProvider(c *restapi.RestClient) *CloudProvider
NewCloudProvider is a CloudProvider constructor
func (*CloudProvider) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*CloudProvider) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*CloudProvider) Create ¶
func (o *CloudProvider) Create() (*restapi.StringResponse, error)
Create function creates a new CloudProvider and returns a map that contains creation result
func (*CloudProvider) Delete ¶
func (o *CloudProvider) Delete() (*restapi.StringResponse, error)
Delete function deletes a CloudProvider and returns a string result that contains deletion result
func (*CloudProvider) DeleteByName ¶
func (o *CloudProvider) DeleteByName() (*restapi.StringResponse, error)
DeleteByName deletes a CloudProvider by name
func (*CloudProvider) FillStruct ¶
FillStruct function fills a struct with map
func (*CloudProvider) GetByName ¶
func (o *CloudProvider) GetByName() error
GetByName retrieves CloudProvider from tenant by name
func (*CloudProvider) GetIDByName ¶
func (o *CloudProvider) GetIDByName() (string, error)
GetIDByName returns CloudProvider ID by name
func (*CloudProvider) Query ¶
func (o *CloudProvider) Query() (map[string]interface{}, error)
Query function returns a single CloudProvider object in map format
func (*CloudProvider) Read ¶
func (o *CloudProvider) Read() error
Read function fetches a CloudProvider from source, including attribute values. Returns error if any
func (*CloudProvider) SetPermissions ¶
func (o *CloudProvider) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*CloudProvider) Update ¶
func (o *CloudProvider) Update() (*restapi.StringResponse, error)
Update function updates a existing CloudProvider and returns a map that contains update result
type Connector ¶
type Connector struct { MachineName string `json:"MachineName,omitempty" schema:"machine_name,omitempty"` DnsHostName string `json:"DnsHostName,omitempty" schema:"dns_host_name,omitempty"` Forest string `json:"Forest,omitempty" schema:"forest,omitempty"` SSHService string `json:"SSHService,omitempty" schema:"ssh_service,omitempty"` RDPService string `json:"RDPService,omitempty" schema:"rdp_service,omitempty"` ADProxy string `json:"ADProxy,omitempty" schema:"ad_proxy,omitempty"` AppGateway string `json:"AppGateway,omitempty" schema:"app_gateway,omitempty"` HttpAPIService string `json:"HttpAPIService,omitempty" schema:"http_api_service,omitempty"` LDAPProxy string `json:"LDAPProxy,omitempty" schema:"ldap_proxy,omitempty"` RadiusService string `json:"RadiusService,omitempty" schema:"radius_service,omitempty"` RadiusExternalService string `json:"RadiusExternalService,omitempty" schema:"radius_external_service,omitempty"` Online bool `json:"Online,omitempty" schema:"online,omitempty"` Version string `json:"Version,omitempty" schema:"version,omitempty"` VpcIdentifier string `json:"VpcIdentifier,omitempty" schema:"vpc_identifier,omitempty"` VmIdentifier string `json:"VmIdentifier,omitempty" schema:"vm_identifier,omitempty"` Status string `json:"-"` // Used to represent Online status // contains filtered or unexported fields }
Connector - Encapsulates a single Connector
func NewConnector ¶
func NewConnector(c *restapi.RestClient) *Connector
NewConnector is a Connector constructor
func (*Connector) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*Connector) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*Connector) Delete ¶
func (o *Connector) Delete() (*restapi.GenericMapResponse, error)
Delete function deletes a Connector and returns a map that contains deletion result
func (*Connector) FillStruct ¶
FillStruct function fills a struct with map
func (*Connector) GetIDByName ¶ added in v0.1.4
GetIDByName returns vault object ID by name
func (*Connector) Read ¶
Read function fetches a Connector from source, including attribute values. Returns error if any
func (*Connector) SetPermissions ¶
func (o *Connector) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
type Database ¶
type Database struct { FQDN string `json:"FQDN,omitempty" schema:"hostname,omitempty"` DatabaseClass string `json:"DatabaseClass,omitempty" schema:"database_class,omitempty"` // Valid values are: SQLServer, Oracle, SAPAse Port int `json:"Port,omitempty" schema:"port,omitempty"` InstanceName string `json:"InstanceName,omitempty" schema:"instance_name,omitempty"` // MS SQL instance name ServiceName string `json:"ServiceName,omitempty" schema:"service_name,omitempty"` // Oracle database service name SkipReachabilityTest bool `json:"SkipReachabilityTest,omitempty" schema:"skip_reachability_test,omitempty"` // Database -> Policy menu related settings DefaultCheckoutTime int `json:"DefaultCheckoutTime,omitempty" schema:"checkout_lifetime,omitempty"` // Checkout lifetime (minutes) // Database -> Advanced menu related settings AllowMultipleCheckouts bool `json:"AllowMultipleCheckouts,omitempty" schema:"allow_multiple_checkouts,omitempty"` // Allow multiple password checkouts for related accounts AllowPasswordRotation bool `json:"AllowPasswordRotation,omitempty" schema:"enable_password_rotation,omitempty"` // Enable periodic password rotation PasswordRotateDuration int `json:"PasswordRotateDuration,omitempty" schema:"password_rotate_interval,omitempty"` // Password rotation interval (days) AllowPasswordRotationAfterCheckin bool `json:"AllowPasswordRotationAfterCheckin,omitempty" schema:"enable_password_rotation_after_checkin,omitempty"` // Enable password rotation after checkin MinimumPasswordAge int `json:"MinimumPasswordAge,omitempty" schema:"minimum_password_age,omitempty"` // Minimum Password Age (days) PasswordProfileID string `json:"PasswordProfileID,omitempty" schema:"password_profile_id,omitempty"` // Password Complexity Profile AllowPasswordHistoryCleanUp bool `json:"AllowPasswordHistoryCleanUp,omitempty" schema:"enable_password_history_cleanup,omitempty"` // Enable periodic password history cleanup PasswordHistoryCleanUpDuration int `json:"PasswordHistoryCleanUpDuration,omitempty" schema:"password_historycleanup_duration,omitempty"` // Password history cleanup (days) // Database -> Connectors menu related settings ProxyCollectionList string `json:"ProxyCollectionList,omitempty" schema:"connector_list,omitempty"` // List of Connectors used // contains filtered or unexported fields }
Database - Encapsulates a single Database
func NewDatabase ¶
func NewDatabase(c *restapi.RestClient) *Database
NewDatabase is a Database constructor
func (*Database) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*Database) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*Database) Create ¶
func (o *Database) Create() (*restapi.StringResponse, error)
Create function creates a new Database and returns a map that contains creation result
func (*Database) Delete ¶
func (o *Database) Delete() (*restapi.BoolResponse, error)
Delete function deletes a Database and returns a map that contains deletion result
func (*Database) DeleteByName ¶
func (o *Database) DeleteByName() (*restapi.BoolResponse, error)
DeleteByName deletes a database by name
func (*Database) FillStruct ¶
FillStruct function fills a struct with map
func (*Database) GetIDByName ¶
GetIDByName returns database ID by name
func (*Database) Read ¶
Read function fetches a Database from source, including attribute values. Returns error if any
func (*Database) SetPermissions ¶
func (o *Database) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
type DesktopApp ¶
type DesktopApp struct { TemplateName string `json:"TemplateName,omitempty" schema:"template_name,omitempty"` DesktopAppRunHostID string `json:"DesktopAppRunHostId,omitempty" schema:"application_host_id,omitempty"` // Application host DesktopAppRunHostName string `json:"-"` // Used for directly SDK call DesktopAppRunAccountType string `json:"DesktopAppRunAccountType,omitempty" schema:"login_credential_type,omitempty"` // Host login credential type: ADCredential, SetByUser, AlternativeAccount, SharedAccount DesktopAppRunAccountID string `json:"DesktopAppRunAccountUuid,omitempty" schema:"application_account_id,omitempty"` // Host login credential account DesktopAppRunAccountName string `json:"-"` // Used for directly SDK call DesktopAppProgramName string `json:"DesktopAppProgramName,omitempty" schema:"application_alias,omitempty"` // Application alias DesktopAppCmdline string `json:"DesktopAppCmdlineTemplate,omitempty" schema:"command_line,omitempty"` // Command line DesktopAppParams []DesktopAppParam `json:"DesktopAppParams,omitempty" schema:"command_parameter,omitempty"` DefaultAuthProfile string `json:"DefaultAuthProfile" schema:"default_profile_id"` ChallengeRules *ChallengeRules `json:"AuthRules,omitempty" schema:"challenge_rule,omitempty"` PolicyScript string `json:"PolicyScript,omitempty" schema:"policy_script,omitempty"` // Use script to specify authentication rules (configured rules are ignored) WorkflowEnabled bool `json:"WorkflowEnabled,omitempty" schema:"workflow_enabled,omitempty"` WorkflowSettings string `json:"WorkflowSettings,omitempty" schema:"workflow_settings,omitempty"` // This is the actual workflow attribute in string format WorkflowApproverList []WorkflowApprover `json:"-" schema:"workflow_approver,omitempty"` // This is used in tf file only // contains filtered or unexported fields }
DesktopApp - Encapsulates a single Generic DesktopApp
func NewDesktopApp ¶
func NewDesktopApp(c *restapi.RestClient) *DesktopApp
NewDesktopApp is a esktopApp constructor
func (*DesktopApp) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*DesktopApp) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*DesktopApp) Create ¶
func (o *DesktopApp) Create() (*restapi.SliceResponse, error)
Create function creates a new DesktopApp and returns a map that contains creation result
func (*DesktopApp) Delete ¶
func (o *DesktopApp) Delete() (*restapi.SliceResponse, error)
Delete function deletes a DesktopApp and returns a map that contains deletion result
func (*DesktopApp) DeleteByName ¶
func (o *DesktopApp) DeleteByName() (*restapi.SliceResponse, error)
DeleteByName deletes a DesktopApp by name
func (*DesktopApp) FillStruct ¶
FillStruct function fills a struct with map
func (*DesktopApp) GetByName ¶
func (o *DesktopApp) GetByName() error
GetByName retrieves vault object from tenant by name
func (*DesktopApp) GetIDByName ¶
func (o *DesktopApp) GetIDByName() (string, error)
GetIDByName returns vault object ID by name
func (*DesktopApp) Query ¶
func (o *DesktopApp) Query() (map[string]interface{}, error)
Query function returns a single DesktopApp object in map format
func (*DesktopApp) Read ¶
func (o *DesktopApp) Read() error
Read function fetches a DesktopApp from source, including attribute values. Returns error if any
func (*DesktopApp) SetPermissions ¶
func (o *DesktopApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*DesktopApp) Update ¶
func (o *DesktopApp) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing DesktopApp and returns a map that contains update result
type DesktopAppParam ¶
type DesktopAppParam struct { ParamName string `json:"ParamName,omitempty" schema:"name,omitempty"` ParamType string `json:"ParamType,omitempty" schema:"type,omitempty"` // int, date, string, User, Role, Device, Server, VaultAccount, VaultDomain, VaultDatabase, Subscriptions, DataVault, SshKeys ParamValue string `json:"ParamValue,omitempty" schema:"value,omitempty"` TargetObjectID string `json:"TargetObjectId,omitempty" schema:"target_object_id,omitempty"` TargetObjectName string `json:"-"` TargetResourceName string `json:"-"` TargetResourceType string `json:"-"` }
DesktopAppParam - desktop app command line parameters
type DirectoryObject ¶
type DirectoryObject struct { ID string `json:"InternalName,omitempty" schema:"id,omitempty"` RoleID string `json:"_ID,omitempty" schema:"roleid,omitempty"` // this is only for Centrify Directory role Name string `json:"Name,omitempty" schema:"name,omitempty"` SystemName string `json:"SystemName,omitempty" schema:"system_name,omitempty"` DisplayName string `json:"DisplayName,omitempty" schema:"display_name,omitempty"` DistinguishedName string `json:"DistinguishedName,omitempty" schema:"distinguished_name,omitempty"` ObjectType string `json:"ObjectType,omitempty" schema:"object_type,omitempty"` Forest string `json:"Forest,omitempty" schema:"forest,omitempty"` }
DirectoryObject -
type DirectoryObjects ¶
type DirectoryObjects struct { ObjectType string // Either user or group QueryName string DirectoryServices []string `json:"DirectoryServices,omitempty" schema:"directory_services,omitempty"` DirectoryObjects []DirectoryObject `json:"DirectoryObjects,omitempty" schema:"directory_object,omitempty"` // contains filtered or unexported fields }
DirectoryObjects -
func NewDirectoryObjects ¶
func NewDirectoryObjects(c *restapi.RestClient) *DirectoryObjects
NewDirectoryObjects is a DirectoryObjects constructor
func (*DirectoryObjects) GetByName ¶ added in v0.1.3
func (o *DirectoryObjects) GetByName(objType string, name string, dir DirectoryService) (*DirectoryObject, error)
func (*DirectoryObjects) Read ¶
func (o *DirectoryObjects) Read() error
Read function fetches directory objects from source
type DirectoryService ¶
type DirectoryService struct { ID string `json:"directoryServiceUuid,omitempty" schema:"id,omitempty"` Name string `json:"Name,omitempty" schema:"name,omitempty"` Description string `json:"Description,omitempty" schema:"description,omitempty"` DisplayName string `json:"DisplayName,omitempty" schema:"displayName,omitempty"` DisplayNameShort string `json:"DisplayNameShort,omitempty" schema:"short_name,omitempty"` Service string `json:"Service,omitempty" schema:"service,omitempty"` Status string `json:"Status,omitempty" schema:"status,omitempty"` Config string `json:"Config,omitempty" schema:"config,omitempty"` Forest string `json:"Forest,omitempty" schema:"forest,omitempty"` }
DirectoryService represents directory service
type DirectoryServices ¶
type DirectoryServices struct { DirServices []DirectoryService `json:"DirServices,omitempty" schema:"directory_service,omitempty"` // contains filtered or unexported fields }
DirectoryServices - Encapsulates Directory Services
func NewDirectoryServices ¶
func NewDirectoryServices(c *restapi.RestClient) *DirectoryServices
NewDirectoryServices is a DirectoryServices constructor
func (*DirectoryServices) GetByName ¶ added in v0.1.3
func (o *DirectoryServices) GetByName(service string, name string) (*DirectoryService, error)
func (*DirectoryServices) GetDirectorServices ¶
func (o *DirectoryServices) GetDirectorServices() ([]map[string]interface{}, error)
GetDirectorServices etches a DirectorServices from source and returns list of map
func (*DirectoryServices) Read ¶
func (o *DirectoryServices) Read() error
Read function fetches a DirectorServices from source
type Domain ¶
type Domain struct { VerifyDomain bool `json:"VerifyDomain,omitempty" schema:"verify,omitempty"` ParentID string `json:"ParentID,omitempty" schema:"parent_id,omitempty"` ForestID string `json:"ForestID,omitempty" schema:"forest_id,omitempty"` // Policy menu related settings DefaultCheckoutTime int `json:"DefaultCheckoutTime,omitempty" schema:"checkout_lifetime,omitempty"` // Checkout lifetime (minutes) // Advanced menu -> Administrative Account Settings AdminAccountID string `json:"Administrator,omitempty" schema:"administrative_account_id,omitempty"` AdministratorDisplayName string `json:"AdministratorDisplayName,omitempty" schema:"administrator_display_name,omitempty"` //AdminAccountDomain string `json:"AdminAccountDomain,omitempty" schema:"administrative_account_domain,omitempty"` AdminAccountPassword string `json:"AdminAccountPassword,omitempty" schema:"administrative_account_password,omitempty"` AdminAccountName string `json:"AdminAccountName,omitempty" schema:"administrative_account_name,omitempty"` AutoDomainAccountMaintenance bool `json:"AllowAutomaticAccountMaintenance" schema:"auto_domain_account_maintenance"` // Enable Automatic Domain Account Maintenance AutoLocalAccountMaintenance bool `json:"AllowAutomaticLocalAccountMaintenance" schema:"auto_local_account_maintenance"` // Enable Automatic Local Account Maintenance ManualDomainAccountUnlock bool `json:"AllowManualAccountUnlock" schema:"manual_domain_account_unlock"` // Enable Manual Domain Account Unlock ManualLocalAccountUnlock bool `json:"AllowManualLocalAccountUnlock" schema:"manual_local_account_unlock"` // Enable Manual Local Account Unlock ProvisioningAdminID string `json:"ProvisioningAdminID,omitempty" schema:"provisioning_admin_id,omitempty"` // An administrative account to provision the reconciliation account on Unix systems. (must be managed) ReconciliationAccountName string `json:"ReconciliationAccountName,omitempty" schema:"reconciliation_account_name,omitempty"` // Advanced -> Security Settings AllowMultipleCheckouts bool `json:"AllowMultipleCheckouts,omitempty" schema:"allow_multiple_checkouts,omitempty"` // Allow multiple password checkouts per AD account added for this domain AllowPasswordRotation bool `json:"AllowPasswordRotation,omitempty" schema:"enable_password_rotation,omitempty"` // Enable periodic password rotation PasswordRotateDuration int `json:"PasswordRotateDuration,omitempty" schema:"password_rotate_interval,omitempty"` // Password rotation interval (days) AllowPasswordRotationAfterCheckin bool `json:"AllowPasswordRotationAfterCheckin,omitempty" schema:"enable_password_rotation_after_checkin,omitempty"` // Enable password rotation after checkin MinimumPasswordAge int `json:"MinimumPasswordAge,omitempty" schema:"minimum_password_age,omitempty"` // Minimum Password Age (days) PasswordProfileID string `json:"PasswordProfileID,omitempty" schema:"password_profile_id,omitempty"` // Password Complexity Profile // Advanced -> Maintenance Settings AllowPasswordHistoryCleanUp bool `json:"AllowPasswordHistoryCleanUp,omitempty" schema:"enable_password_history_cleanup,omitempty"` // Enable periodic password history cleanup PasswordHistoryCleanUpDuration int `json:"PasswordHistoryCleanUpDuration,omitempty" schema:"password_historycleanup_duration,omitempty"` // Password history cleanup (days) // Advanced -> Domain/Zone Tasks AllowRefreshZoneJoined bool `json:"AllowRefreshZoneJoined,omitempty" schema:"enable_zone_joined_check,omitempty"` // Enable periodic domain/zone joined check RefreshZoneJoinedIntervalMinutes int `json:"RefreshZoneJoinedIntervalMinutes,omitempty" schema:"zone_joined_check_interval,omitempty"` // Domain/zone joined check interval (minutes) AllowZoneRoleCleanup bool `json:"AllowZoneRoleCleanup,omitempty" schema:"enable_zonerole_cleanup,omitempty"` // Enable periodic removal of expired zone role assignments ZoneRoleCleanupIntervalHours int `json:"ZoneRoleCleanupIntervalHours,omitempty" schema:"zonerole_cleanup_interval,omitempty"` // Expired zone role assignment removal interval (hours) // Zone Role Workflow ZoneRoleWorkflowEnabled bool `json:"ZoneRoleWorkflowEnabled" schema:"zonerole_workflow_enabled"` // Enable zone role requests for systems in this domain ZoneRoleWorkflowRoles string `json:"ZoneRoleWorkflowRoles,omitempty" schema:"assigned_zoneroles,omitempty"` // Assignable zone roles ZoneRoleWorkflowRoleList []ZoneRole `json:"-" schema:"assigned_zonerole,omitempty"` // This is used in tf file only ZoneRoleWorkflowApprovers string `json:"ZoneRoleWorkflowApprovers,omitempty" schema:"assigned_zonerole_approvers,omitempty"` // This is the actual attribute in string format ZoneRoleWorkflowApproverList []WorkflowApprover `json:"-,omitempty" schema:"assigned_zonerole_approver,omitempty"` // This is used in tf file only // System -> Connectors menu related settings ProxyCollectionList string `json:"ProxyCollectionList,omitempty" schema:"connector_list,omitempty"` // List of Connectors used // contains filtered or unexported fields }
Domain - Encapsulates a single Domain
func (*Domain) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*Domain) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*Domain) Create ¶
func (o *Domain) Create() (*restapi.StringResponse, error)
Create function creates a new Domain and returns a map that contains creation result
func (*Domain) Delete ¶
func (o *Domain) Delete() (*restapi.BoolResponse, error)
Delete function deletes a Domain and returns a map that contains deletion result
func (*Domain) DeleteByName ¶
func (o *Domain) DeleteByName() (*restapi.BoolResponse, error)
DeleteByName deletes a domain by name
func (*Domain) FillStruct ¶
FillStruct function fills a struct with map
func (*Domain) GetIDByName ¶
GetIDByName returns domain ID by name
func (*Domain) Read ¶
Read function fetches a Domain from source, including attribute values. Returns error if any
func (*Domain) SetAdminAccount ¶
SetAdminAccount sets domain administrative account
func (*Domain) SetPermissions ¶
func (o *Domain) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
type FederatedGroup ¶ added in v0.1.10
type FederatedGroup struct { // Standard attributes ID string `json:"InternalName,omitempty" schema:"id,omitempty"` Name string `json:"SystemName,omitempty" schema:"name,omitempty"` // contains filtered or unexported fields }
FederatedGroup - Encapsulates a single Federated Group
func NewFederatedGroup ¶ added in v0.1.10
func NewFederatedGroup(c *restapi.RestClient) *FederatedGroup
NewFederatedGroup is a FederatedGroup constructor
func (*FederatedGroup) Create ¶ added in v0.1.10
func (o *FederatedGroup) Create() (string, error)
Create function creates a new FederatedGroup and returns a map that contains creation result
func (*FederatedGroup) GetByName ¶ added in v0.1.10
func (o *FederatedGroup) GetByName() error
func (*FederatedGroup) GetIDByName ¶ added in v0.1.10
func (o *FederatedGroup) GetIDByName() (string, error)
func (*FederatedGroup) Read ¶ added in v0.1.10
func (o *FederatedGroup) Read() error
Read function fetches a FederatedGroup from source, including attribute values. Returns error if any
type GenericWebApp ¶ added in v0.1.3
type GenericWebApp struct { WebApp Url string `json:"Url" schema:"url"` // The URL to bookmark // Advanced menu HostNameSuffix string `json:"HostNameSuffix" schema:"hostname_suffix"` // The host name suffix for the url of the login form, for example, acme.com. UsernameField string `json:"UsernameField,omitempty" schema:"username_field,omitempty"` // The CSS Selector for the user name field in the login form, for example, input#login-username. PasswordField string `json:"PasswordField,omitempty" schema:"password_field,omitempty"` // The CSS Selector for the password field in the login form, for example, input#login-password. SubmitField string `json:"SubmitField,omitempty" schema:"submit_field,omitempty"` // The CSS Selector for the Submit button in the login form, for example, input#login-button. This entry is optional. It is required only if you cannot submit the form by pressing the enter key. FormField string `json:"FormField,omitempty" schema:"form_field,omitempty"` // The CSS Selector for the form field of the login form, for example, form#loginForm. CorpIdField string `json:"CorpIdField,omitempty" schema:"additional_login_field,omitempty"` // The CSS Selector for any Additional Login Field required to login besides username and password, such as Company name or Agency ID. For example, the selector could be input#login-company-id. This entry is required only if there is an additional login field besides username and password. CorpIdentifier string `json:"CorpIdentifier,omitempty" schema:"additional_login_field_value,omitempty"` // The value for the Additional Login Field. For example, if there is an additional login field for the company name, enter the company name here. This entry is required if Additional Login Field is set. SelectorTimeout int `json:"SelectorTimeout,omitempty" schema:"selector_timeout,omitempty"` // Use this field to indicate the number of milliseconds to wait for the expected input selectors to load before timing out on failure. A zero or negative number means no timeout. Order string `json:"Order,omitempty" schema:"order,omitempty"` // Use this field to specify the order of login if it is not username, password and submit. // For Browser Extension (advanced) app only Script string `json:"Script,omitempty" schema:"script,omitempty"` // Script to log the user in to this application // "UserPassScript": "@GenericUserPass" for User-Password app UseLoginPwAdAttr bool `json:"UseLoginPwAdAttr" schema:"use_ad_login_pw"` // Use the login password supplied by the user (Active Directory users only) Password string `json:"Password,omitempty" schema:"password,omitempty"` UseLoginPwUseScript bool `json:"UseLoginPwUseScript" schema:"use_ad_login_pw_by_script"` }
func NewGenericWebApp ¶ added in v0.1.3
func NewGenericWebApp(c *restapi.RestClient) *GenericWebApp
func (*GenericWebApp) AddToSetsByID ¶ added in v0.1.3
AddToSetsByID add database into Sets
func (*GenericWebApp) AddToSetsByName ¶ added in v0.1.3
AddToSetsByName add database into Sets
func (*GenericWebApp) Create ¶ added in v0.1.3
func (o *GenericWebApp) Create() (*restapi.SliceResponse, error)
Create function creates a new WebApp and returns a map that contains creation result
func (*GenericWebApp) CreateComplete ¶ added in v0.1.3
func (o *GenericWebApp) CreateComplete() error
Create function creates a new WebApp and returns a map that contains creation result
func (*GenericWebApp) FillStruct ¶ added in v0.1.3
FillStruct function fills a struct with map
func (*GenericWebApp) GetByName ¶ added in v0.1.3
func (o *GenericWebApp) GetByName() error
GetByName retrieves vault object from tenant by name
func (*GenericWebApp) GetIDByName ¶ added in v0.1.3
func (o *GenericWebApp) GetIDByName() (string, error)
GetIDByName returns vault object ID by name
func (*GenericWebApp) Query ¶ added in v0.1.3
func (o *GenericWebApp) Query() (map[string]interface{}, error)
Query function returns a single WebApp object in map format
func (*GenericWebApp) Read ¶ added in v0.1.3
func (o *GenericWebApp) Read() error
func (*GenericWebApp) SetPermissions ¶ added in v0.1.3
func (o *GenericWebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*GenericWebApp) Update ¶ added in v0.1.3
func (o *GenericWebApp) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing WebApp and returns a map that contains update result
type GlobalWorkflow ¶ added in v0.1.3
type GlobalWorkflow struct { ID string `json:"ID,omitempty" schema:"id,omitempty"` Type string `json:"key,omitempty" schema:"type,omitempty"` // wf, agentAuthWorkflow, secretsWorkflow, privilegeElevationWorkflow Settings *GlobalWorkflowSetting `json:"settings,omitempty" schema:"settings,omitempty"` // contains filtered or unexported fields }
func NewGlobalWorkflow ¶ added in v0.1.3
func NewGlobalWorkflow(c *restapi.RestClient, wfType string) (*GlobalWorkflow, error)
func (*GlobalWorkflow) Delete ¶ added in v0.1.3
func (o *GlobalWorkflow) Delete() error
func (*GlobalWorkflow) Read ¶ added in v0.1.3
func (o *GlobalWorkflow) Read() error
Read function fetches global workflow settings
func (*GlobalWorkflow) Update ¶ added in v0.1.3
func (o *GlobalWorkflow) Update() (*restapi.GenericMapResponse, error)
type GlobalWorkflowSetting ¶ added in v0.1.3
type GlobalWorkflowSetting struct { Enabled bool `json:"Enabled,omitempty" schema:"enabled,omitempty"` DefaultOptions string `json:"DefaultOptions,omitempty" schema:"default_options,omitempty"` Approvers string `json:"Approvers,omitempty" schema:"approvers,omitempty"` ApproverList []WorkflowApprover `json:"-" schema:"approver,omitempty"` }
type GroupMapping ¶
type GroupMapping struct { AttributeValue string `json:"AttributeValue,omitempty" schema:"attribute_value,omitempty"` GroupName string `json:"GroupName,omitempty" schema:"group_name,omitempty"` }
GroupMapping represents individual group mapping
type GroupMappings ¶
type GroupMappings struct { BulkUpdate bool `json:"-"` Mappings []GroupMapping `json:"Mappings,omitempty" schema:"mappings,omitempty"` // contains filtered or unexported fields }
GroupMappings - Encapsulates Glboal Group Mappings
func NewGroupMappings ¶
func NewGroupMappings(c *restapi.RestClient) *GroupMappings
NewGroupMappings is a GroupMappings constructor
func (*GroupMappings) Create ¶
func (o *GroupMappings) Create() error
Create adds list of group mappings
func (*GroupMappings) Delete ¶
func (o *GroupMappings) Delete() error
Delete deletes list of group mappings
func (*GroupMappings) Read ¶
func (o *GroupMappings) Read() error
Read function fetches Global Group mappings from tenant
func (*GroupMappings) Update ¶ added in v0.1.6
func (o *GroupMappings) Update() error
type ManualSet ¶
type ManualSet struct { ValidMemberPermissions map[string]string ObjectType string `json:"ObjectType,omitempty" schema:"type,omitempty"` SubObjectType string `json:"SubObjectType,omitempty" schema:"subtype,omitempty"` CollectionType string `json:"CollectionType,omitempty" schema:"collection_type,omitempty"` MemberPermissions []Permission // contains filtered or unexported fields }
ManualSet - Encapsulates a single Generic ManualSet
func NewManualSet ¶
func NewManualSet(c *restapi.RestClient) *ManualSet
NewManualSet is a ManualSet constructor
func NewManualSetWithType ¶
func NewManualSetWithType(c *restapi.RestClient, setType string) (*ManualSet, error)
NewManualSetWithType is another ManualSet constructor that initialise memberpermissions api endpiont
func (*ManualSet) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*ManualSet) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*ManualSet) Create ¶
func (o *ManualSet) Create() (*restapi.StringResponse, error)
Create function creates a new Manual Set and returns a map that contains creation result
func (*ManualSet) Delete ¶
func (o *ManualSet) Delete() (*restapi.GenericMapResponse, error)
Delete function deletes a Manual Set and returns a map that contains deletion result
func (*ManualSet) DeleteByName ¶
func (o *ManualSet) DeleteByName() (*restapi.GenericMapResponse, error)
DeleteByName deletes a Set by name
func (*ManualSet) FillStruct ¶
FillStruct function fills a struct with map
func (*ManualSet) GetIDByName ¶
GetIDByName returns set ID by name
func (*ManualSet) Read ¶
Read function fetches a ManualSet from source, including attribute values. Returns error if any
func (*ManualSet) ResolveValidMemberPerms ¶
ResolveValidMemberPerms returns member permission list and set member permission API endpoint according to type of resource
func (*ManualSet) SetMemberPermissions ¶
func (o *ManualSet) SetMemberPermissions(isRemove bool) (*restapi.GenericMapResponse, error)
SetMemberPermissions sets member permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*ManualSet) SetPermissions ¶
func (o *ManualSet) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*ManualSet) Update ¶
func (o *ManualSet) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing Manual Set and returns a map that contains update result
func (*ManualSet) UpdateSetMembers ¶
UpdateSetMembers adds or removes members from the ManualSet
type MultiplexedAccount ¶
type MultiplexedAccount struct { RealAccount1ID string `json:"RealAccount1ID,omitempty" schema:"account1_id,omitempty"` RealAccount2ID string `json:"RealAccount2ID,omitempty" schema:"account2_id,omitempty"` RealAccount1 string `json:"RealAccount1,omitempty" schema:"account1,omitempty"` RealAccount2 string `json:"RealAccount2,omitempty" schema:"account2,omitempty"` ActiveAccount string `json:"ActiveAccount,omitempty" schema:"active_account,omitempty"` RealAccounts []string `json:"RealAccounts,omitempty" schema:"accounts,omitempty"` RealAccount1UPN string `json:"-"` RealAccount2UPN string `json:"-"` // contains filtered or unexported fields }
MultiplexedAccount - Encapsulates a single MultiplexedAccount
func NewMultiplexedAccount ¶
func NewMultiplexedAccount(c *restapi.RestClient) *MultiplexedAccount
NewMultiplexedAccount is a MultiplexedAccount constructor
func (*MultiplexedAccount) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*MultiplexedAccount) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*MultiplexedAccount) Create ¶
func (o *MultiplexedAccount) Create() (*restapi.StringResponse, error)
Create function creates a new MultiplexedAccount
func (*MultiplexedAccount) Delete ¶
func (o *MultiplexedAccount) Delete() (*restapi.GenericMapResponse, error)
Delete function deletes a MultiplexedAccount
func (*MultiplexedAccount) DeleteByName ¶
func (o *MultiplexedAccount) DeleteByName() (*restapi.GenericMapResponse, error)
DeleteByName deletes a MultiplexedAccount by name
func (*MultiplexedAccount) FillStruct ¶
FillStruct function fills a struct with map
func (*MultiplexedAccount) GetByName ¶
func (o *MultiplexedAccount) GetByName() error
GetByName retrieves MultiplexedAccount from tenant by name
func (*MultiplexedAccount) GetIDByName ¶
func (o *MultiplexedAccount) GetIDByName() (string, error)
GetIDByName returns MultiplexedAccount ID by name
func (*MultiplexedAccount) Query ¶
func (o *MultiplexedAccount) Query() (map[string]interface{}, error)
Query function returns a single MultiplexedAccount object in map format
func (*MultiplexedAccount) Read ¶
func (o *MultiplexedAccount) Read() error
Read function fetches a MultiplexedAccount from source, including attribute values. Returns error if any
func (*MultiplexedAccount) SetPermissions ¶
func (o *MultiplexedAccount) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*MultiplexedAccount) Update ¶
func (o *MultiplexedAccount) Update() (*restapi.StringResponse, error)
Update function updates an existing MultiplexedAccount
type OAuthProfile ¶ added in v0.1.3
type OAuthProfile struct { // General Usage menu TargetIsUs bool `json:"TargetIsUs,omitempty" schema:"target_is_us,omitempty"` // Set to true for OAuth Client. Set to false for OAuth Server //ClientIDType string `json:"ClientIDType,omitempty" schema:"clientid_type,omitempty"` // anything, list, confidential ClientIDType int `json:"ClientIDType,omitempty" schema:"clientid_type,omitempty"` Issuer string `json:"Issuer,omitempty" schema:"issuer,omitempty"` Audience string `json:"Audience,omitempty" schema:"audience,omitempty"` AllowedClients []string `json:"AllowedClients,omitempty" schema:"allowed_clients,omitempty"` // Applicable if ClientIDType is list AllowPublic bool `json:"AllowPublic,omitempty" schema:"allow_public,omitempty"` // Set to true if ClientIDType is list MustBeOauthClient bool `json:"MustBeOauthClient,omitempty" schema:"must_oauth_client,omitempty"` // Applicable if ClientIDType is confidential Redirects []string `json:"Redirects,omitempty" schema:"redirects,omitempty"` // Tokens menu TokenType string `json:"TokenType,omitempty" schema:"token_type,omitempty"` // JwtRS256, Opaque AllowedAuth string `json:"AllowedAuth,omitempty" schema:"allowed_auth,omitempty"` // AuthorizationCode,Implicit,ClientCreds,ResourceCreds TokenLifetime string `json:"TokenLifetimeString,omitempty" schema:"token_lifetime,omitempty"` // 5 hours "5:00:00" AllowRefresh bool `json:"AllowRefresh,omitempty" schema:"allow_refresh,omitempty"` // Issue refresh tokens RefreshLifetime string `json:"RefreshLifetimeString,omitempty" schema:"refresh_lifetime,omitempty"` // 365 days "365.00:00:00" // Scope menu ConfirmAuthorization bool `json:"Confirm,omitempty" schema:"confirm_authorization,omitempty"` // User must confirm authorization request AllowScopeSelect bool `json:"AllowScopeSelect,omitempty" schema:"allow_scope_select,omitempty"` // Allow scope selection KnownScopes []OAuthScope `json:"KnownScopes,omitempty" schema:"scope,omitempty"` }
type OAuthScope ¶ added in v0.1.3
type OauthWebApp ¶ added in v0.1.3
type OauthWebApp struct { WebApp // Setting menu ApplicationID string `json:"ServiceName,omitempty" schema:"application_id,omitempty"` OAuthProfile *OAuthProfile `json:"OAuthProfile,omitempty" schema:"oauth_profile,omitempty"` Script string `json:"Script,omitempty" schema:"script,omitempty"` // Script to customize JWT token creation for this application OpenIDConnectScript string `json:"OpenIDConnectScript,omitempty" schema:"oidc_script,omitempty"` // Read only attribute }
func NewOauthWebApp ¶ added in v0.1.3
func NewOauthWebApp(c *restapi.RestClient) *OauthWebApp
func (*OauthWebApp) AddToSetsByID ¶ added in v0.1.3
AddToSetsByID add database into Sets
func (*OauthWebApp) AddToSetsByName ¶ added in v0.1.3
AddToSetsByName add database into Sets
func (*OauthWebApp) FillStruct ¶ added in v0.1.3
FillStruct function fills a struct with map
func (*OauthWebApp) GetByName ¶ added in v0.1.3
func (o *OauthWebApp) GetByName() error
GetByName retrieves vault object from tenant by name
func (*OauthWebApp) GetIDByName ¶ added in v0.1.3
func (o *OauthWebApp) GetIDByName() (string, error)
GetIDByName returns vault object ID by name
func (*OauthWebApp) Query ¶ added in v0.1.3
func (o *OauthWebApp) Query() (map[string]interface{}, error)
Query function returns a single WebApp object in map format
func (*OauthWebApp) Read ¶ added in v0.1.3
func (o *OauthWebApp) Read() error
func (*OauthWebApp) SetPermissions ¶ added in v0.1.3
func (o *OauthWebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*OauthWebApp) Update ¶ added in v0.1.3
func (o *OauthWebApp) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing WebApp and returns a map that contains update result
type OidcProfile ¶ added in v0.1.3
type OidcProfile struct { // Trust menu ClientSecret string `json:"ClientSecret,omitempty" schema:"client_secret,omitempty"` // The OpenID Client Secret for this Identity Provider Url string `json:"Url,omitempty" schema:"application_url,omitempty"` // The OpenID Connect Service Provider URL Redirects []string `json:"Redirects,omitempty" schema:"redirects,omitempty"` // Redirect URI that the Service Provider will specify in the OpenID Connect request to Centrify // Read only attributes ClientID string `json:"ClientID,omitempty" schema:"client_id,omitempty"` // The OpenID Client ID for this Identity Provider Issuer string `json:"Issuer,omitempty" schema:"issuer,omitempty"` // The OpenID Connect Issuer URL for this application // Tokens menu TokenLifetime string `json:"TokenLifetimeString,omitempty" schema:"token_lifetime,omitempty"` // 5 hours "5:00:00" AllowRefresh bool `json:"AllowRefresh,omitempty" schema:"allow_refresh,omitempty"` // Issue refresh tokens RefreshLifetime string `json:"RefreshLifetimeString,omitempty" schema:"refresh_lifetime,omitempty"` // 365 days "365.00:00:00" }
type OidcWebApp ¶ added in v0.1.3
type OidcWebApp struct { WebApp // Setting menu ApplicationID string `json:"ServiceName,omitempty" schema:"application_id,omitempty"` OAuthProfile *OidcProfile `json:"OAuthProfile,omitempty" schema:"oauth_profile,omitempty"` Script string `json:"Script,omitempty" schema:"script,omitempty"` // Script to generate OpenID Connect Authorization and UserInfo responses for this application OpenIDConnectScript string `json:"OpenIDConnectScript,omitempty" schema:"oidc_script,omitempty"` // Read only attribute }
func NewOidcWebApp ¶ added in v0.1.3
func NewOidcWebApp(c *restapi.RestClient) *OidcWebApp
func (*OidcWebApp) AddToSetsByID ¶ added in v0.1.3
AddToSetsByID add database into Sets
func (*OidcWebApp) AddToSetsByName ¶ added in v0.1.3
AddToSetsByName add database into Sets
func (*OidcWebApp) Create ¶ added in v0.1.3
func (o *OidcWebApp) Create() (*restapi.SliceResponse, error)
Create function creates a new WebApp and returns a map that contains creation result
func (*OidcWebApp) CreateComplete ¶ added in v0.1.3
func (o *OidcWebApp) CreateComplete() error
Create function creates a new WebApp and returns a map that contains creation result
func (*OidcWebApp) FillStruct ¶ added in v0.1.3
FillStruct function fills a struct with map
func (*OidcWebApp) GetByName ¶ added in v0.1.3
func (o *OidcWebApp) GetByName() error
GetByName retrieves vault object from tenant by name
func (*OidcWebApp) GetIDByName ¶ added in v0.1.3
func (o *OidcWebApp) GetIDByName() (string, error)
GetIDByName returns vault object ID by name
func (*OidcWebApp) Query ¶ added in v0.1.3
func (o *OidcWebApp) Query() (map[string]interface{}, error)
Query function returns a single WebApp object in map format
func (*OidcWebApp) Read ¶ added in v0.1.3
func (o *OidcWebApp) Read() error
func (*OidcWebApp) SetPermissions ¶ added in v0.1.3
func (o *OidcWebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*OidcWebApp) Update ¶ added in v0.1.3
func (o *OidcWebApp) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing WebApp and returns a map that contains update result
type PasswordProfile ¶
type PasswordProfile struct { ProfileFeature string `json:"ProfileFeature,omitempty" schema:"profile_feature,omitempty"` ProfileType string `json:"ProfileType,omitempty" schema:"profile_type,omitempty"` // UserDefined, CheckPointGaia // password requirements MinimumPasswordLength int `json:"MinimumPasswordLength" schema:"minimum_password_length"` MaximumPasswordLength int `json:"MaximumPasswordLength" schema:"maximum_password_length"` AtLeastOneLowercase bool `json:"AtLeastOneLowercase" schema:"at_least_one_lowercase"` // At least one lower-case alpha character AtLeastOneUppercase bool `json:"AtLeastOneUppercase" schema:"at_least_one_uppercase"` // At least one upper-case alpha character AtLeastOneDigit bool `json:"AtLeastOneDigit" schema:"at_least_one_digit"` // At least one digit ConsecutiveCharRepeatAllowed bool `json:"ConsecutiveCharRepeatAllowed,omitempty" schema:"no_consecutive_repeated_char,omitempty"` // No consecutive repeated characters AtLeastOneSpecial bool `json:"AtLeastOneSpecial" schema:"at_least_one_special_char"` // At least one special character MaximumCharOccurrenceCount int `json:"MaximumCharOccurrenceCount,omitempty" schema:"maximum_char_occurrence_count,omitempty"` // Restrict number of character occurrences SpecialCharSet string `json:"SpecialCharSet,omitempty" schema:"special_charset,omitempty"` // Special Characters FirstCharacterType string `json:"FirstCharacterType,omitempty" schema:"first_character_type,omitempty"` // AlphaOnly or AlphaNumericOnly LastCharacterType string `json:"LastCharacterType,omitempty" schema:"last_character_type,omitempty"` // AlphaOnly or AlphaNumericOnly MinimumAlphabeticCharacterCount int `json:"MinimumAlphabeticCharacterCount,omitempty" schema:"minimum_alphabetic_character_count,omitempty"` // Min number of alpha characters MinimumNonAlphabeticCharacterCount int `json:"MinimumNonAlphabeticCharacterCount,omitempty" schema:"minimum_non_alphabetic_character_count,omitempty"` // Min number of non-alpha characters // contains filtered or unexported fields }
PasswordProfile - Encapsulates a single Password Profile
func NewPasswordProfile ¶
func NewPasswordProfile(c *restapi.RestClient) *PasswordProfile
NewPasswordProfile is a PasswordProfile constructor
func (*PasswordProfile) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*PasswordProfile) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*PasswordProfile) Create ¶
func (o *PasswordProfile) Create() (*restapi.StringResponse, error)
Create function creates an password profile and returns a map that contains update result
func (*PasswordProfile) Delete ¶
func (o *PasswordProfile) Delete() (*restapi.BoolResponse, error)
Delete function deletes an password profile and returns a map that contains deletion result
func (*PasswordProfile) DeleteByName ¶
func (o *PasswordProfile) DeleteByName() (*restapi.BoolResponse, error)
DeleteByName deletes a password profile by name
func (*PasswordProfile) FillStruct ¶
FillStruct function fills a struct with map
func (*PasswordProfile) GetByName ¶
func (o *PasswordProfile) GetByName() error
GetByName retrieves password profile from tenant by name
func (*PasswordProfile) GetIDByName ¶
func (o *PasswordProfile) GetIDByName() (string, error)
GetIDByName returns password profile ID by name
func (*PasswordProfile) Query ¶
func (o *PasswordProfile) Query() (map[string]interface{}, error)
Query function returns a single password profile object
func (*PasswordProfile) Read ¶
func (o *PasswordProfile) Read() error
Read function fetches an password profile from source, including attribute values. Returns error if any
func (*PasswordProfile) SetPermissions ¶
func (o *PasswordProfile) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*PasswordProfile) Update ¶
func (o *PasswordProfile) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing password profile and returns a map that contains update result
type Permission ¶
type Permission struct { PrincipalID string `json:"PrincipalId,omitempty" schema:"principal_id,omitempty"` // Uuid of the principal PrincipalName string `json:"Principal,omitempty" schema:"principal_name,omitempty"` // User name or role name PrincipalType string `json:"PType,omitempty" schema:"principal_type,omitempty"` // Principal type: User, Role etc.. Rights string `json:"Rights,omitempty" schema:"rights,omitempty"` // Permissions: Grant,View,Edit,Delete or None to remove this item RightList []string `json:"-"` }
Permission represents object permission
type Policy ¶
type Policy struct { Plink *PolicyLink `json:"Plink,omitempty" schema:"plink,omitempty"` Path string `json:"Path,omitempty" schema:"path,omitempty"` Position int `json:"-,omitempty" schema:"position,omitempty"` Settings *PolicySettings `json:"Settings,omitempty" schema:"settings,omitempty"` // contains filtered or unexported fields }
Policy - Encapsulates a single policy
func (*Policy) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*Policy) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*Policy) Create ¶
func (o *Policy) Create() (*restapi.GenericMapResponse, error)
Create function creates a Policy and returns a map that contains update result
func (*Policy) Delete ¶
func (o *Policy) Delete() (*restapi.GenericMapResponse, error)
Delete function deletes a Policy and returns a map that contains deletion result
func (*Policy) FillStruct ¶
FillStruct function fills a struct with map
func (*Policy) GetIDByName ¶ added in v0.1.4
GetIDByName returns password profile ID by name
func (*Policy) Read ¶
Read function fetches a Policy from source, including attribute values. Returns error if any
func (*Policy) SetPermissions ¶
func (o *Policy) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*Policy) Update ¶
func (o *Policy) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing Policy and returns a map that contains update result
func (*Policy) ValidateSettings ¶
type PolicyADAdminPass ¶
type PolicyAccountSet ¶
type PolicyAccountSet struct { // Account Security DefaultCheckoutTime int `json:"/PAS/VaultAccount/DefaultCheckoutTime,omitempty" schema:"checkout_lifetime,omitempty"` // Checkout lifetime (minutes) PasswordCheckoutDefaultProfile string `json:"/PAS/VaultAccount/PasswordCheckoutDefaultProfile" schema:"default_profile_id,omitempty"` // Default Password Checkout Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"/PAS/VaultAccount/PasswordCheckoutRules,omitempty" schema:"challenge_rule,omitempty"` AccessSecretCheckoutDefaultProfile string `json:"/PAS/VaultAccount/AccessSecretCheckoutDefaultProfile" schema:"access_secret_checkout_dfault_profile_id,omitempty"` AccessSecretCheckoutRules *ChallengeRules `json:"/PAS/VaultAccount/AccessSecretCheckoutRules" schema:"access_secret_checkout_rule,omitempty"` }
type PolicyCentrifyCSSElevation ¶
type PolicyCentrifyCSSElevation struct { AuthenticationEnabled bool `json:"/Core/Css/PrivilegeElevationEnabled,omitempty" schema:"authentication_enabled,omitempty"` // Enable authentication policy controls DefaultProfileID string `json:"/Core/Css/Dzdo/AuthenticationRulesDefaultProfileId,omitempty" schema:"default_profile_id,omitempty"` // Default Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"/Core/Css/Dzdo/AuthenticationRules,omitempty" schema:"challenge_rule,omitempty"` }
type PolicyCentrifyCSSServer ¶
type PolicyCentrifyCSSServer struct { AuthenticationEnabled bool `json:"/Core/Css/AuthenticationEnabled,omitempty" schema:"authentication_enabled,omitempty"` // Enable authentication policy controls DefaultProfileID string `json:"/Core/Css/MfaLogin/AuthenticationRulesDefaultProfileId,omitempty" schema:"default_profile_id,omitempty"` // Default Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"/Core/Css/MfaLogin/AuthenticationRules,omitempty" schema:"challenge_rule,omitempty"` PassThroughMode int `json:"/Core/Css/MfaLogin/CssPinningMode,omitempty" schema:"pass_through_mode,omitempty"` // Apply pass-through duration }
type PolicyCentrifyCSSWorkstation ¶
type PolicyCentrifyCSSWorkstation struct { AuthenticationEnabled bool `json:"/Core/Css/WindowsEndpointAuthenticationEnabled,omitempty" schema:"authentication_enabled,omitempty"` // Enable authentication policy controls DefaultProfileID string `json:"/Core/Css/WinClient/AuthenticationRulesDefaultProfileId,omitempty" schema:"default_profile_id,omitempty"` // Default Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"/Core/Css/WinClient/AuthenticationRules,omitempty" schema:"challenge_rule,omitempty"` }
type PolicyCentrifyClient ¶
type PolicyCentrifyClient struct { AuthenticationEnabled bool `json:"/Core/__centrify_cagent/AuthenticationEnabled,omitempty" schema:"authentication_enabled,omitempty"` // Enable authentication policy controls DefaultProfileID string `` // Default Profile (used if no conditions matched) /* 129-byte string literal not displayed */ ChallengeRules *ChallengeRules `json:"/Core/__centrify_cagent/Authentication/AuthenticationRules,omitempty" schema:"challenge_rule,omitempty"` NoMfaMechLogin bool `json:"/Core/__centrify_cagent/Authentication/NoMfaMechLogin,omitempty" schema:"allow_no_mfa_mech,omitempty"` // Allow users without a valid authentication factor to log in }
type PolicyCentrifyServices ¶
type PolicyCentrifyServices struct { // Session Parameters AuthenticationEnabled bool `json:"AuthenticationEnabled,omitempty" schema:"authentication_enabled,omitempty"` // Enable authentication policy controls DefaultProfileID string `json:"/Core/Authentication/AuthenticationRulesDefaultProfileId,omitempty" schema:"default_profile_id,omitempty"` // Default Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"/Core/Authentication/AuthenticationRules,omitempty" schema:"challenge_rule,omitempty"` SessionLifespan int `json:"/Core/Authentication/CookieSessionLifespanHours,omitempty" schema:"session_lifespan,omitempty"` // Hours until session expires (default 12) AllowSessionPersist bool `json:"/Core/Authentication/CookieAllowPersist" schema:"allow_session_persist"` // Allow 'Keep me signed in' checkbox option at login (session spans browser sessions) DefaultSessionPersist bool `json:"/Core/Authentication/CookiePersistDefault,omitempty" schema:"default_session_persist,omitempty"` // Default 'Keep me signed in' checkbox option to enabled PersistSessionLifespan int `json:"/Core/Authentication/CookiePersistLifespanHours,omitempty" schema:"persist_session_lifespan,omitempty"` // Hours until session expires when 'Keep me signed in' option enabled (default 2 weeks) // Other Settings AllowIwa bool `json:"/Core/Authentication/AllowIwa" schema:"allow_iwa"` // Allow IWA connections (bypasses authentication rules and default profile) IwaSetKnownEndpoint bool `json:"/Core/Authentication/IwaSetKnownEndpoint,omitempty" schema:"iwa_set_cookie,omitempty"` // Set identity cookie for IWA connections IwaSatisfiesAll bool `json:"/Core/Authentication/IwaSatisfiesAllMechs,omitempty" schema:"iwa_satisfies_all,omitempty"` // IWA connections satisfy all MFA mechanisms UseCertAuth bool `json:"/Core/Authentication/AllowZso" schema:"use_certauth"` // Use certificates for authentication CertAuthSkipChallenge bool `json:"/Core/Authentication/ZsoSkipChallenge,omitempty" schema:"certauth_skip_challenge,omitempty"` // Certificate authentication bypasses authentication rules and default profile CertAuthSetKnownEndpoint bool `json:"/Core/Authentication/ZsoSetKnownEndpoint,omitempty" schema:"certauth_set_cookie,omitempty"` // Set identity cookie for connections using certificate authentication CertAuthSatisfiesAll bool `json:"/Core/Authentication/ZsoSatisfiesAllMechs,omitempty" schema:"certauth_satisfies_all,omitempty"` // Connections using certificate authentication satisfy all MFA mechanisms NoMfaMechLogin bool `json:"/Core/Authentication/NoMfaMechLogin" schema:"allow_no_mfa_mech"` // Allow users without a valid authentication factor to log in FederatedLoginAllowsMfa bool `json:"/Core/Authentication/FederatedLoginAllowsMfa" schema:"auth_rule_federated"` // Apply additional authentication rules to federated users FederatedLoginSatisfiesAll bool `json:"/Core/Authentication/FederatedLoginSatisfiesAllMechs" schema:"federated_satisfies_all"` // Connections via Federation satisfy all MFA mechanisms BlockMechsOnMobileLogin bool `json:"/Core/MfaRestrictions/BlockMobileMechsOnMobileLogin,omitempty" schema:"block_auth_from_same_device,omitempty"` // Allow additional authentication from same device ContinueFailedSessions bool `json:"/Core/Authentication/ContinueFailedSessions" schema:"continue_failed_sessions"` // Continue with additional challenges after failed challenge SkipMechsInFalseAdvance bool `json:"/Core/Authentication/SkipMechsInFalseAdvance,omitempty" schema:"stop_auth_on_prev_failed,omitempty"` // Do not send challenge request when previous challenge response failed RememberLastAuthFactor bool `json:"/Core/Authentication/AllowLoginMfaCache" schema:"remember_last_factor"` // Remember and suggest last used authentication factor }
Authentication -> Centrify Services menu Authentication Policy for Centrify Services
type PolicyCloudProvidersSet ¶
type PolicyCloudProvidersSet struct { ChallengeRules *ChallengeRules `json:"/PAS/CloudProviders/LoginRules,omitempty" schema:"challenge_rule,omitempty"` LoginDefaultProfile string `json:"/PAS/CloudProviders/LoginDefaultProfile,omitempty" schema:"default_profile_id,omitempty"` EnableUnmanagedPasswordRotation bool `` /* 145-byte string literal not displayed */ EnableUnmanagedPasswordRotationPrompt bool `` /* 142-byte string literal not displayed */ EnableUnmanagedPasswordRotationReminder bool `` /* 151-byte string literal not displayed */ UnmanagedPasswordRotationReminderDuration int `` /* 154-byte string literal not displayed */ }
type PolicyDatabaseSet ¶
type PolicyDatabaseSet struct { // Account Policy DefaultCheckoutTime int `json:"/PAS/VaultDatabase/DefaultCheckoutTime,omitempty" schema:"checkout_lifetime,omitempty"` // Checkout lifetime (minutes) // Security Settings AllowMultipleCheckouts bool `json:"/PAS/ConfigurationSetting/VaultDatabase/AllowMultipleCheckouts,omitempty" schema:"allow_multiple_checkouts,omitempty"` // Allow multiple password checkouts for related accounts AllowPasswordRotation bool `json:"/PAS/ConfigurationSetting/VaultDatabase/AllowPasswordRotation,omitempty" schema:"enable_password_rotation,omitempty"` // Enable periodic password rotation PasswordRotateDuration int `json:"/PAS/ConfigurationSetting/VaultDatabase/PasswordRotateDuration,omitempty" schema:"password_rotate_interval,omitempty"` // Password rotation interval (days) AllowPasswordRotationAfterCheckin bool `` // Enable password rotation after checkin /* 148-byte string literal not displayed */ MinimumPasswordAge int `json:"/PAS/ConfigurationSetting/VaultDatabase/MinimumPasswordAge,omitempty" schema:"minimum_password_age,omitempty"` // Minimum Password Age (days) // Maintenance Settings AllowPasswordHistoryCleanUp bool `` // Enable periodic password history cleanup /* 135-byte string literal not displayed */ PasswordHistoryCleanUpDuration int `` // Password history cleanup (days) /* 139-byte string literal not displayed */ }
type PolicyDomainSet ¶
type PolicyDomainSet struct { // Account Policy DefaultCheckoutTime int `json:"/PAS/VaultDomain/DefaultCheckoutTime,omitempty" schema:"checkout_lifetime,omitempty"` // Checkout lifetime (minutes) // Security Settings AllowMultipleCheckouts bool `json:"/PAS/ConfigurationSetting/VaultDomain/AllowMultipleCheckouts,omitempty" schema:"allow_multiple_checkouts,omitempty"` // Allow multiple password checkouts per AD account added for this domain AllowPasswordRotation bool `json:"/PAS/ConfigurationSetting/VaultDomain/AllowPasswordRotation,omitempty" schema:"enable_password_rotation,omitempty"` // Enable periodic password rotation PasswordRotateDuration int `json:"/PAS/ConfigurationSetting/VaultDomain/PasswordRotateDuration,omitempty" schema:"password_rotate_interval,omitempty"` // Password rotation interval (days) AllowPasswordRotationAfterCheckin bool `` // Enable password rotation after checkin /* 146-byte string literal not displayed */ MinimumPasswordAge int `json:"/PAS/ConfigurationSetting/VaultDomain/MinimumPasswordAge,omitempty" schema:"minimum_password_age,omitempty"` // Minimum Password Age (days) // Maintenance Settings AllowPasswordHistoryCleanUp bool `` // Enable periodic password history cleanup /* 133-byte string literal not displayed */ PasswordHistoryCleanUpDuration int `` // Password history cleanup (days) /* 137-byte string literal not displayed */ }
type PolicyLink ¶
type PolicyLink struct { ID string `json:"ID,omitempty" schema:"id,omitempty"` Description string `json:"Description,omitempty" schema:"description,omitempty"` EnableCompliant bool `json:"EnableCompliant,omitempty" schema:"enable_compliant,omitempty"` LinkType string `json:"LinkType,omitempty" schema:"link_type,omitempty"` // Global, Role, Collection, Inactive PolicySet string `json:"PolicySet,omitempty" schema:"policy_set,omitempty"` Params []string `json:"Params,omitempty" schema:"policy_assignment,omitempty"` // Policy assignment to role or set }
PolicyLink - encapsulates policy
type PolicyLinks ¶
type PolicyLinks struct { Plinks []PolicyLink `json:"Plinks,omitempty" schema:"policy_order,omitempty"` // contains filtered or unexported fields }
PolicyLinks - Encapsulates policy links
func NewPolicyLinks ¶
func NewPolicyLinks(c *restapi.RestClient) *PolicyLinks
NewPolicyLinks is a policy link constructor
func (*PolicyLinks) GetPlinks ¶
func (o *PolicyLinks) GetPlinks() ([]map[string]interface{}, string, error)
GetPlinks fetches PolicyLinks from Centrify tenant and return in map format
func (*PolicyLinks) Read ¶
func (o *PolicyLinks) Read() error
Read function fetches a PolicyLinks from source
func (*PolicyLinks) Update ¶
func (o *PolicyLinks) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing PolicyLinks and returns a map that contains update result
type PolicyMobileDevice ¶
type PolicyMobileDevice struct { AllowEnrollment bool `json:"/Mobile/EnrollRules/Common/AllowEnrollment,omitempty" schema:"allow_enrollment,omitempty"` // Permit device registration AllowJailBrokenDevices bool `json:"/Mobile/EnrollRules/Common/AllowJailBrokenDevices,omitempty" schema:"permit_non_compliant_device,omitempty"` // Permit non-compliant devices to register EnableInviteEnrollment bool `json:"/Mobile/DeviceManagement/EnableInviteBasedEnrollment,omitempty" schema:"enable_invite_enrollment,omitempty"` // Enable invite based registration AllowNotifnMutipleDevices bool `` // Allow user notifications on multiple devices /* 138-byte string literal not displayed */ AllowDebugLogging bool `json:"/Mobile/Software/Policies/Centrify/iOSSettings/AllowDebugLogging,omitempty" schema:"enable_debug,omitempty"` // Enable debug logging LocationTracking bool `` // Report mobile device location /* 130-byte string literal not displayed */ ForceFingerprint bool `` // Enforce fingerprint scan for Mobile Authenticator /* 168-byte string literal not displayed */ AllowFallbackAppPin bool `` // Allow App PIN /* 188-byte string literal not displayed */ RequestPasscode bool `json:"/Mobile/Software/Policies/Centrify/Application/Passcode/ForceAppPin,omitempty" schema:"require_passcode,omitempty"` // Require client application passcode on device AutoLockTimeout int `` // Auto-Lock (minutes) /* 130-byte string literal not displayed */ AppLockOnExit bool `json:"/Mobile/Software/Policies/Centrify/Application/Passcode/AppLockOnExit,omitempty" schema:"lock_app_on_exit,omitempty"` // Lock on exit }
type PolicyOathOTP ¶
type PolicyOathOTP struct {
AllowOTP bool `json:"/Core/Security/CDS/ExternalMFA/ShowQRCode,omitempty" schema:"allow_otp,omitempty"` // Allow OATH OTP integration
}
type PolicyPasswordSettings ¶
type PolicyPasswordSettings struct { // Password Requirements MinLength int `json:"/Core/Security/CDS/PasswordPolicy/MinLength,omitempty" schema:"min_length,omitempty"` // Minimum password length (default 8) MaxLength int `json:"/Core/Security/CDS/PasswordPolicy/MaxLength,omitempty" schema:"max_length,omitempty"` // Maximum password length (default 64) RequireDigit bool `json:"/Core/Security/CDS/PasswordPolicy/RequireDigit,omitempty" schema:"require_digit,omitempty"` // Require at least one digit (default yes) RequireMixCase bool `json:"/Core/Security/CDS/PasswordPolicy/RequireMixCase,omitempty" schema:"require_mix_case,omitempty"` // Require at least one upper case and one lower case letter (default yes) RequireSymbol bool `json:"/Core/Security/CDS/PasswordPolicy/RequireSymbol,omitempty" schema:"require_symbol,omitempty"` // Require at least one symbol (default no) // Display Requirements ShowPasswordComplexity bool `json:"/Core/Security/CDS/PasswordPolicy/ShowPasswordComplexity,omitempty" schema:"show_password_complexity,omitempty"` // Show password complexity requirements when entering a new password (default no) NonCdsComplexityHint string `json:"/Core/Security/CDS/PasswordPolicy/NonCdsComplexityHint,omitempty" schema:"complexity_hint,omitempty"` // Password complexity requirements for directory services other than Centrify Directory // Additional Requirements AllowRepeatedChar int `json:"/Core/Security/CDS/PasswordPolicy/AllowRepeatedChar,omitempty" schema:"no_of_repeated_char_allowed,omitempty"` // Limit the number of consecutive repeated characters CheckWeakPassword bool `json:"/Core/Security/CDS/PasswordPolicy/CheckWeakPassword,omitempty" schema:"check_weak_password,omitempty"` // Check against weak password AllowIncludeUsername bool `json:"/Core/Security/CDS/PasswordPolicy/AllowIncludeUsername,omitempty" schema:"allow_include_username,omitempty"` // Allow username as part of password AllowIncludeDisplayname bool `json:"/Core/Security/CDS/PasswordPolicy/AllowIncludeDisplayname,omitempty" schema:"allow_include_displayname,omitempty"` // Allow display name as part of password RequireUnicode bool `json:"/Core/Security/CDS/PasswordPolicy/RequireUnicode,omitempty" schema:"require_unicode,omitempty"` // Require at least one Unicode characters // Password Age MinAgeInDays int `json:"/Core/Security/CDS/PasswordPolicy/MinAgeInDays,omitempty" schema:"min_age_in_days,omitempty"` // Minimum password age before change is allowed (default 0 days) MaxAgeInDays int `json:"/Core/Security/CDS/PasswordPolicy/AgeInDays,omitempty" schema:"max_age_in_days,omitempty"` // Maximum password age (default 365 days) History int `json:"/Core/Security/CDS/PasswordPolicy/History,omitempty" schema:"password_history,omitempty"` // Password history (default 3) NotifySoft int `json:"/Core/PasswordReset/NotifySoft,omitempty" schema:"expire_soft_notification,omitempty"` // Password Expiration Notification (default 14 days) NotifyHard int `json:"/Core/PasswordReset/NotifyHard,omitempty" schema:"expire_hard_notification,omitempty"` // Escalated Password Expiration Notification (default 48 hours) NotifyOnMobile bool `json:"/Core/PasswordChange/NotifyOnMobile,omitempty" schema:"expire_notification_mobile,omitempty"` // Enable password expiration notifications on enrolled mobile devices // Capture Settings BadAttemptThreshold int `json:"/Core/Security/CDS/LockoutPolicy/Threshold,omitempty" schema:"bad_attempt_threshold,omitempty"` // Maximum consecutive bad password attempts allowed within window (default Off) CaptureWindow int `json:"/Core/Security/CDS/LockoutPolicy/Window,omitempty" schema:"capture_window,omitempty"` // Capture window for consecutive bad password attempts (default 30 minutes) LockoutDuration int `json:"/Core/Security/CDS/LockoutPolicy/Duration,omitempty" schema:"lockout_duration,omitempty"` // Lockout duration before password re-attempt allowed (default 30 minutes) }
type PolicyRadius ¶
type PolicyRadius struct { AllowRadius bool `json:"/Core/Authentication/AllowRadius,omitempty" schema:"allow_radius,omitempty"` // Allow RADIUS client connections RadiusUseChallenges bool `json:"/Core/Authentication/RadiusUseChallenges,omitempty" schema:"require_challenges,omitempty"` // Require authentication challenge DefaultProfileID string `json:"/Core/Authentication/RadiusChallengeProfile,omitempty" schema:"default_profile_id,omitempty"` // Default authentication profile SendVendorAttributes bool `json:"/Core/Authentication/SendRadiusVendorSpecificAttributes,omitempty" schema:"send_vendor_attributes,omitempty"` // Send vendor specific attributes AllowExternalRadius bool `json:"/Core/Authentication/AllowExternalRadius,omitempty" schema:"allow_external_radius,omitempty"` // Allow 3rd Party RADIUS Authentication }
type PolicySecretSet ¶
type PolicySecretSet struct { DataVaultDefaultProfile string `json:"/PAS/DataVault/DataVaultDefaultProfile,omitempty" schema:"default_profile_id,omitempty"` // Default Secret Challenge Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"/PAS/DataVault/DataVaultRules,omitempty" schema:"challenge_rule,omitempty"` }
type PolicySelfService ¶
type PolicySelfService struct { AccountSelfServiceEnabled bool `json:"PasswordResetEnabled,omitempty" schema:"account_selfservice_enabled,omitempty"` // Enable account self service controls // Password Reset PasswordResetEnabled bool `json:"/Core/PasswordReset/PasswordResetEnabled,omitempty" schema:"password_reset_enabled,omitempty"` PasswordResetADEnabled bool `json:"/Core/PasswordReset/PasswordResetADEnabled,omitempty" schema:"pwreset_allow_for_aduser,omitempty"` // Allow for Active Directory users PasswordResetCookieOnly bool `json:"/Core/PasswordReset/PasswordResetIdentityCookieOnly,omitempty" schema:"pwreset_with_cookie_only,omitempty"` // Only allow from browsers with identity cookie PasswordResetRequiresRelogin bool `json:"/Core/PasswordReset/PasswordResetRequiresMfaRestart,omitempty" schema:"login_after_reset,omitempty"` // User must log in after successful password reset PasswordResetAuthProfile string `json:"/Core/PasswordReset/PasswordResetAuthProfile,omitempty" schema:"pwreset_auth_profile_id,omitempty"` // Password reset authentication profile PasswordResetMaxAttempts int `json:"/Core/PasswordReset/PasswordResetMaxAttemptsPerSession,omitempty" schema:"max_reset_attempts,omitempty"` // Maximum consecutive password reset attempts per session // Account Unlock AccountUnlockEnabled bool `json:"/Core/PasswordReset/AccountUnlockEnabled,omitempty" schema:"account_unlock_enabled,omitempty"` AccountUnlockADEnabled bool `json:"/Core/PasswordReset/AccountUnlockADEnabled,omitempty" schema:"unlock_allow_for_aduser,omitempty"` // Allow for Active Directory users AccountUnlockCookieOnly bool `json:"/Core/PasswordReset/AccountUnlockIdentityCookieOnly,omitempty" schema:"unlock_with_cookie_only,omitempty"` // Only allow from browsers with identity cookie ShowAccountLocked bool `json:"/Mobile/EndpointAgent/showAccountLocked" schema:"show_locked_message,omitempty"` // Show a message to end users in desktop login that account is locked (default no) AccountUnlockAuthProfile string `json:"/Core/PasswordReset/AccountUnlockAuthProfile,omitempty" schema:"unlock_auth_profile_id,omitempty"` // Account unlock authentication profile // Active Directory Self Service Settings UseADAdmin bool `json:"/Core/PasswordReset/UseADAdmin,omitempty" schema:"use_ad_admin,omitempty"` // Use AD admin for AD self-service ADAdminUser string `json:"/Core/PasswordReset/ADAdminUser,omitempty" schema:"ad_admin_user,omitempty"` ADAdminPass *PolicyADAdminPass `json:"/Core/PasswordReset/ADAdminPass,omitempty" schema:"admin_user_password,omitempty"` // Additional Policy Parameters MaxResetAllowed int `json:"/Core/PasswordReset/Max,omitempty" schema:"max_reset_allowed,omitempty"` // Maximum forgotten password resets allowed within window (default 10) MaxTimeAllowed int `json:"/Core/PasswordReset/MaxTime,omitempty" schema:"max_time_allowed,omitempty"` // Capture window for forgotten password resets (default 60 minutes) }
type PolicySettings ¶
type PolicySettings struct { CentrifyServices *PolicyCentrifyServices `json:"CentrifyServices,omitempty" schema:"centrify_services,omitempty"` // Authentication -> Centrify Services CentrifyClient *PolicyCentrifyClient `json:"CentrifyClient,omitempty" schema:"centrify_client,omitempty"` // Authentication -> Centrify Clients -> Login CentrifyCSSServer *PolicyCentrifyCSSServer `json:"CentrifyCSSServer,omitempty" schema:"centrify_css_server,omitempty"` // Authentication -> Centrify Server Suite Agents -> Linux, UNIX and Windows Servers CentrifyCSSWorkstation *PolicyCentrifyCSSWorkstation `json:"CentrifyCSSWorkstation,omitempty" schema:"centrify_css_workstation,omitempty"` // Authentication -> Centrify Server Suite Agents -> Windows Workstations CentrifyCSSElevation *PolicyCentrifyCSSElevation `json:"CentrifyCSSElevation,omitempty" schema:"centrify_css_elevation,omitempty"` // Authentication -> Centrify Server Suite Agents -> Privilege Elevation SelfService *PolicySelfService `json:"SelfService,omitempty" schema:"self_service,omitempty"` // User Security -> Self Service PasswordSettings *PolicyPasswordSettings `json:"PasswordSettings,omitempty" schema:"password_settings,omitempty"` // User Security -> Password Settings OATHOTP *PolicyOathOTP `json:"OATHOTP,omitempty" schema:"oath_otp,omitempty"` // User Security -> OATH OTP Radius *PolicyRadius `json:"Radius,omitempty" schema:"radius,omitempty"` // User Security -> RADIUS UserAccount *PolicyUserAccount `json:"UserAccount,omitempty" schema:"user_account,omitempty"` // User Security -> User Account SystemSet *PolicySystemSet `json:"SystemSet,omitempty" schema:"system_set,omitempty"` // Resouces -> Systems DatabaseSet *PolicyDatabaseSet `json:"DatabaseSet,omitempty" schema:"database_set,omitempty"` // Resouces -> Databases DomainSet *PolicyDomainSet `json:"DomainSet,omitempty" schema:"domain_set,omitempty"` // Resouces -> Domains AccountSet *PolicyAccountSet `json:"AccountSet,omitempty" schema:"account_set,omitempty"` // Resouces -> Accounts SecretSet *PolicySecretSet `json:"SecretSet,omitempty" schema:"secret_set,omitempty"` // Resouces -> Secrets SSHKeySet *PolicySshKeySet `json:"SSHKeySet,omitempty" schema:"sshkey_set,omitempty"` // Resouces -> SSH Keys CloudProvidersSet *PolicyCloudProvidersSet `json:"CloudProvidersSet,omitempty" schema:"cloudproviders_set,omitempty"` // Resouces -> Cloud Providers MobileDevice *PolicyMobileDevice `json:"MobileDevice,omitempty" schema:"mobile_device,omitempty"` // Devices }
type PolicySshKeySet ¶
type PolicySshKeySet struct { SSHKeysDefaultProfile string `json:"/PAS/SshKeys/SshKeysDefaultProfile,omitempty" schema:"default_profile_id,omitempty"` // Default SSH Key Challenge Profile ChallengeRules *ChallengeRules `json:"/PAS/SshKeys/SshKeysRules,omitempty" schema:"challenge_rule,omitempty"` }
type PolicySystemSet ¶
type PolicySystemSet struct { // Account Policy DefaultCheckoutTime int `json:"/PAS/Server/DefaultCheckoutTime,omitempty" schema:"checkout_lifetime,omitempty"` // Checkout lifetime (minutes) // System Policy AllowRemote bool `json:"/PAS/Server/AllowRemote,omitempty" schema:"allow_remote_access,omitempty"` // Allow access from a public network (web client only) AllowRdpClipboard bool `json:"/PAS/Server/AllowRdpClipboard,omitempty" schema:"allow_rdp_clipboard,omitempty"` // Allow RDP client to sync local clipboard with remote session AllowAutomaticLocalAccountMaintenance bool `` // Enable local account automatic maintenance /* 142-byte string literal not displayed */ AllowManualLocalAccountUnlock bool `` // Enable local account manual unlock /* 126-byte string literal not displayed */ LoginDefaultProfile string `json:"/PAS/Server/LoginDefaultProfile,omitempty" schema:"default_profile_id,omitempty"` // Default System Login Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"/PAS/Server/LoginRules,omitempty" schema:"challenge_rule,omitempty"` PrivilegeElevationDefaultProfile string `json:"/PAS/Server/PrivilegeElevationDefaultProfile,omitempty" schema:"privilege_elevation_default_profile_id,omitempty"` PrivilegeElevationRules *ChallengeRules `json:"/PAS/Server/PrivilegeElevationRules,omitempty" schema:"privilege_elevation_rule,omitempty"` // Security Settings RemoveUserOnSessionEnd bool `json:"/PAS/ConfigurationSetting/Server/RemoveUserOnSessionEnd,omitempty" schema:"remove_user_on_session_end,omitempty"` // Remove local accounts upon session termination (Windows only) AllowMultipleCheckouts bool `json:"/PAS/ConfigurationSetting/Server/AllowMultipleCheckouts,omitempty" schema:"allow_multiple_checkouts,omitempty"` // Allow multiple password checkouts for this system AllowPasswordRotation bool `json:"/PAS/ConfigurationSetting/Server/AllowPasswordRotation,omitempty" schema:"enable_password_rotation,omitempty"` // Enable periodic password rotation PasswordRotateDuration int `json:"/PAS/ConfigurationSetting/Server/PasswordRotateDuration,omitempty" schema:"password_rotate_interval,omitempty"` // Password rotation interval (days) AllowPasswordRotationAfterCheckin bool `` // Enable password rotation after checkin /* 141-byte string literal not displayed */ MinimumPasswordAge int `json:"/PAS/ConfigurationSetting/Server/MinimumPasswordAge,omitempty" schema:"minimum_password_age,omitempty"` // Minimum Password Age (days) MinimumSSHKeysAge int `json:"/PAS/ConfigurationSetting/Server/MinimumSshKeysAge,omitempty" schema:"minimum_sshkey_age,omitempty"` // Minimum SSH Key Age (days) AllowSSHKeysRotation bool `json:"/PAS/ConfigurationSetting/Server/AllowSshKeysRotation,omitempty" schema:"enable_sshkey_rotation,omitempty"` // Enable periodic SSH key rotation SSHKeysRotateDuration int `json:"/PAS/ConfigurationSetting/Server/SshKeysRotateDuration,omitempty" schema:"sshkey_rotate_interval,omitempty"` // SSH key rotation interval (days) SSHKeysGenerationAlgorithm string `json:"/PAS/ConfigurationSetting/Server/SshKeysGenerationAlgorithm,omitempty" schema:"sshkey_algorithm,omitempty"` // SSH Key Generation Algorithm // Maintenance Settings AllowPasswordHistoryCleanUp bool `` // Enable periodic password history cleanup /* 128-byte string literal not displayed */ PasswordHistoryCleanUpDuration int `` // Password history cleanup (days) /* 132-byte string literal not displayed */ AllowSSHKeysCleanUp bool `json:"/PAS/ConfigurationSetting/Server/AllowSshKeysCleanUp,omitempty" schema:"enable_sshkey_history_cleanup,omitempty"` // Enable periodic SSH key cleanup SSHKeysCleanUpDuration int `json:"/PAS/ConfigurationSetting/Server/SshKeysCleanUpDuration,omitempty" schema:"sshkey_historycleanup_duration,omitempty"` // SSH key cleanup (days) }
type PolicyUserAccount ¶
type PolicyUserAccount struct { UserChangePasswordAllow bool `json:"/Core/PasswordChange/UserChangeAllow,omitempty" schema:"allow_user_change_password,omitempty"` // Enable users to change their passwords PasswordChangeAuthProfileID string `json:"/Core/Authentication/UserUpdateProfile/Password,omitempty" schema:"password_change_auth_profile_id,omitempty"` // Authentication Profile required to change password ShowU2f bool `json:"/Core/Security/CDS/ExternalMFA/ShowU2f,omitempty" schema:"show_fido2,omitempty"` // Enable users to enroll FIDO2 Authenticators U2fPrompt string `json:"/Core/Security/CDS/ExternalMFA/U2fUiPrompt,omitempty" schema:"fido2_prompt,omitempty"` // FIDO2 Security Key Display Name U2fAuthProfileID string `json:"/Core/Authentication/UserUpdateProfile/U2F,omitempty" schema:"fido2_auth_profile_id,omitempty"` // Authentication Profile required to configure FIDO2 Authenticators ShowQRCode bool `json:"/Core/Security/CDS/ExternalMFA/ShowQRCodeForSelfService,omitempty" schema:"show_otp,omitempty"` // Enable users to configure an OATH OTP client (requires enabling OATH OTP policy) OTPPrompt string `json:"/Core/Security/CDS/ExternalMFA/UiPrompt,omitempty" schema:"otp_prompt,omitempty"` // OATH OTP Display Name OTPAuthProfileID string `json:"/Core/Authentication/UserUpdateProfile/OathProfile,omitempty" schema:"otp_auth_profile_id,omitempty"` // Authentication Profile required to configure OATH OTP client ConfigureSecurityQuestions bool `json:"/Core/Authentication/ConfigureSecurityQuestions,omitempty" schema:"configure_security_questions,omitempty"` // Enable users to configure Security Questions AllowDupAnswers bool `json:"/Core/Authentication/SecurityQuestionPreventDupAnswers,omitempty" schema:"prevent_dup_answers,omitempty"` // Allow duplicate security question answers UserDefinedQuestions int `json:"/Core/Authentication/UserSecurityQuestionsPerUser,omitempty" schema:"user_defined_questions,omitempty"` // Required number of user-defined questions AdminDefinedQuestions int `json:"/Core/Authentication/AdminSecurityQuestionsPerUser,omitempty" schema:"admin_defined_questions,omitempty"` // Required number of admin-defined questions MinCharInAnswer int `json:"/Core/Authentication/SecurityQuestionAnswerMinLength,omitempty" schema:"min_char_in_answer,omitempty"` // Minimum number of characters required in answers QuestionAuthProfileID string `json:"/Core/Authentication/UserUpdateProfile/SecurityQuestion,omitempty" schema:"question_auth_profile_id,omitempty"` // Authentication Profile required to set Security Questions PhonePinChangeAllow bool `json:"/Core/PhoneAuth/UserChangeAllow,omitempty" schema:"allow_phone_pin_change,omitempty"` // Enable users to configure a Phone PIN for MFA MinPhonePinLength int `json:"/Core/Authentication/MinPhonePinLength,omitempty" schema:"min_phone_pin_length,omitempty"` // Minimum Phone PIN length PhonePinAuthProfileID string `json:"/Core/Authentication/UserUpdateProfile/PhonePin,omitempty" schema:"phone_pin_auth_profile_id,omitempty"` // Authentication Profile required to configure a Phone PIN AllowUserChangeMFARedirect bool `json:"/Core/Security/CDS/AllowUserChangeMFARedirect,omitempty" schema:"allow_mfa_redirect_change,omitempty"` // Enable users to redirect multi factor authentication to a different user account UserProfileAuthProfileID string `json:"/Core/Authentication/UserUpdateProfile/Profile,omitempty" schema:"user_profile_auth_profile_id,omitempty"` // Authentication Profile required to modify Personal Profile DefaultLanguage string `json:"/Core/Policy/Culture,omitempty" schema:"default_language,omitempty"` // Default Language }
type PrivilegeElevationWorkflowConfig ¶ added in v0.1.3
type PrivilegeElevationWorkflowConfig struct { PrivilegeElevationWorkflowEnabled bool PrivilegeElevationWorkflowApprovers []WorkflowApprover }
type ProxyWorkflowApprover ¶ added in v0.1.3
type ProxyWorkflowApprover struct {
WorkflowApprover []WorkflowApprover `json:"WorkflowApprover,omitempty" schema:"proxy_approver,omitempty"`
}
type ProxyZoneRole ¶ added in v0.1.3
type ProxyZoneRole struct {
ZoneRoleWorkflowRole []ZoneRole `json:"ZoneRoleWorkflowRole,omitempty" schema:"proxy_zonerole,omitempty"`
}
type Role ¶
type Role struct { // Users //Users []string `json:"Users,omitempty" schema:"users,omitempty"` Members []RoleMember `json:"Members,omitempty" schema:"member,omitempty"` AdminRights []string `json:"AdminRights,omitempty" schema:"adminrights,omitempty"` // contains filtered or unexported fields }
Role - Encapsulates a single Generic Role
func (*Role) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*Role) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*Role) AssignAdminRights ¶
func (o *Role) AssignAdminRights() (*restapi.GenericMapResponse, error)
AssignAdminRights function adds admin rights to a role. The rights parameter is a slice of admin right name It returns a map that contains call result
func (*Role) Create ¶
func (o *Role) Create() (*restapi.GenericMapResponse, error)
Create function creates a new role and returns a map that contains creation result
func (*Role) Delete ¶
func (o *Role) Delete() (*restapi.GenericMapResponse, error)
Delete function deletes a role and returns a map that contains deletion result
func (*Role) DeleteByName ¶
func (o *Role) DeleteByName() (*restapi.GenericMapResponse, error)
DeleteByName deletes a role by name
func (*Role) FillStruct ¶
FillStruct function fills a struct with map
func (*Role) GetAdminRights ¶
GetAdminRights function fetches admin rights that are assigned to a role and returns a map. The map key is admin right name and map value is path of the json file
func (*Role) GetIDByName ¶
GetIDByName returns role ID by name
func (*Role) Read ¶
Read function fetches a Role from source, including attribute values. Returns error if any
func (*Role) RemoveAdminRights ¶
func (o *Role) RemoveAdminRights(rights map[string]interface{}) (*restapi.GenericMapResponse, error)
RemoveAdminRights function removes existing admin rights from a role. The rights parameter is a map. The map key is admin right name and map value is path of the json file
func (*Role) SetPermissions ¶
func (o *Role) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*Role) Update ¶
func (o *Role) Update() (*restapi.GenericMapResponse, error)
Update function updates a existing role and returns a map that contains update result
func (*Role) UpdateMembers ¶
func (o *Role) UpdateMembers(ids []string, action string, membertype string) (*restapi.StringResponse, error)
UpdateMembers adds or removes members into or from a role. Actions are 'Add' or 'Delete'. Types are 'Users', 'Roles', 'Groups'
func (*Role) UpdateRoleMembers ¶
func (o *Role) UpdateRoleMembers(members []RoleMember, action string) (*restapi.StringResponse, error)
UpdateRoleMembers adds or removes members into or from a role. Actions are 'Add' or 'Delete'. Types are 'Users', 'Roles', 'Groups'
type RoleMember ¶
type RoleMember struct { MemberName string `json:"Name,omitempty" schema:"name,omitempty"` MemberID string `json:"Guid,omitempty" schema:"id,omitempty"` MemberType string `json:"Type,omitempty" schema:"type,omitempty"` }
RoleMember - Encapsulates a single role member
type RoleMembership ¶ added in v0.1.10
type RoleMembership struct { RoleID string `json:"Role,omitempty" schema:"role,omitempty"` Members []RoleMember `json:"Members,omitempty" schema:"member,omitempty"` // contains filtered or unexported fields }
RoleMembership - Encapsulates a single Generic RoleMembership
func NewRoleMembership ¶ added in v0.1.10
func NewRoleMembership(c *restapi.RestClient) *RoleMembership
NewRoleMembership is a role membership constructor
func (*RoleMembership) AddToSetsByID ¶ added in v0.1.10
AddToSetsByID add database into Sets
func (*RoleMembership) AddToSetsByName ¶ added in v0.1.10
AddToSetsByName add database into Sets
func (*RoleMembership) FillStruct ¶ added in v0.1.10
FillStruct function fills a struct with map
func (*RoleMembership) Read ¶ added in v0.1.10
func (o *RoleMembership) Read() error
Read function fetches a Role from source, including attribute values. Returns error if any
func (*RoleMembership) SetPermissions ¶ added in v0.1.10
func (o *RoleMembership) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*RoleMembership) UpdateRoleMembers ¶ added in v0.1.10
func (o *RoleMembership) UpdateRoleMembers(members []RoleMember, action string) (*restapi.StringResponse, error)
UpdateRoleMembers adds or removes members into or from a role. Actions are 'Add' or 'Delete'. Types are 'Users', 'Roles', 'Groups'
type SSHKey ¶
type SSHKey struct { SSHKeysDefaultProfileID string `json:"SshKeysDefaultProfile,omitempty" schema:"default_profile_id,omitempty"` // Default SSH Key Challenge Profile ChallengeRules *ChallengeRules `json:"SshKeysRules,omitempty" schema:"challenge_rule,omitempty"` KeyFormat string `json:"KeyFormat,omitempty" schema:"key_format,omitempty"` KeyLength int `json:"KeyLength,omitempty" schema:"key_length,omitempty"` KeyType string `json:"KeyType,omitempty" schema:"key_type,omitempty"` IsManaged bool `json:"IsManaged,omitempty" schema:"is_managed,omitempty"` Description string `json:"Comment,omitempty" schema:"description,omitempty"` PrivateKey string `json:"PrivateKey,omitempty" schema:"private_key,omitempty"` Passphrase string `json:"Passphrase,omitempty" schema:"passphrase,omitempty"` KeyPairType string `json:"KeyPairType,omitempty" schema:"key_pair_type,omitempty"` // Which key to retrieve from the pair, must be either PublicKey, PrivateKey, or PPK // contains filtered or unexported fields }
SSHKey - Encapsulates a single generic SSHKey
func (*SSHKey) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*SSHKey) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*SSHKey) Create ¶
func (o *SSHKey) Create() (*restapi.StringResponse, error)
Create function creates a new SSHKey and returns a map that contains creation result
func (*SSHKey) Delete ¶
func (o *SSHKey) Delete() (*restapi.StringResponse, error)
Delete function deletes a SSHKey and returns a map that contains deletion result
func (*SSHKey) DeleteByName ¶
func (o *SSHKey) DeleteByName() (*restapi.StringResponse, error)
DeleteByName deletes a sshkey by name
func (*SSHKey) FillStruct ¶
FillStruct function fills a struct with map
func (*SSHKey) GetIDByName ¶
GetIDByName returns SSHKey ID by name
func (*SSHKey) RetriveSSHKey ¶
RetriveSSHKey retrieves SSH Key from vault
func (*SSHKey) SetPermissions ¶
func (o *SSHKey) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
type SamlAttribute ¶ added in v0.1.3
type SamlWebApp ¶ added in v0.1.3
type SamlWebApp struct { WebApp //TemplateName string `json:"TemplateName,omitempty" schema:"template_name,omitempty"` // "Generic SAML", "AWSConsoleSAML", "ClouderaSAML", "CloudLock SAML", "ConfluenceServerSAML", "Dome9Saml", "GitHubEnterpriseSAML", "JIRACloudSAML", "JIRAServerSAML", "PaloAltoNetworksSAML", "SplunkOnPremSAML", "SumoLogicSAML" CorpIdentifier string `json:"CorpIdentifier,omitempty" schema:"corp_identifier,omitempty"` // Used for AWS (AWS Account ID), JIRACloudSAML (Jira Cloud Subdomain) AdditionalField1 string `json:"AdditionalField1,omitempty" schema:"app_entity_id,omitempty"` // Used for ClouderaSAML (Cloudera Entity ID), JIRACloudSAML (SP Entity ID) ServiceName string `json:"ServiceName,omitempty" schema:"application_id,omitempty"` IdpMetadataUrl string `json:"IdpMetadataUrl,omitempty" schema:"idp_metadata_url,omitempty"` // Trust menu SpMetadataUrl string `json:"SpMetadataUrl,omitempty" schema:"sp_metadata_url,omitempty"` SpConfigMethod int `json:"SpConfigMethod" schema:"sp_config_method"` SpMetadataXml string `json:"SpMetadataXml,omitempty" schema:"sp_metadata_xml,omitempty"` Audience string `json:"Audience,omitempty" schema:"sp_entity_id,omitempty"` // SP Entity ID / Issuer / Audience ACS_Url string `json:"Url,omitempty" schema:"acs_url,omitempty"` // Assertion Consumer Service (ACS) URL RecipientSameAsAcsUrl bool `json:"RecipientSameAsAcsUrl" schema:"recipient_sameas_acs_url"` // Recipient same as ACS URL Recipient string `json:"Recipient,omitempty" schema:"recipient,omitempty"` // Recipient WantAssertionsSigned bool `json:"WantAssertionsSigned" schema:"sign_assertion"` // Sign Assertion NameIDFormat string `json:"NameIDFormat,omitempty" schema:"name_id_format,omitempty"` // NameID Format SpSingleLogoutUrl string `json:"SpSingleLogoutUrl,omitempty" schema:"sp_single_logout_url,omitempty"` // Single Logout URL EncryptAssertion bool `json:"EncryptAssertion,omitempty" schema:"encrypt_assertion,omitempty"` // Encrypt SAML Response Assertion //EncryptionThumbprint string RelayState string `json:"RelayState,omitempty" schema:"relay_state,omitempty"` // Relay State AuthnContextClass string `json:"AuthnContextClass,omitempty" schema:"authn_context_class,omitempty"` // Authentication Context Class // SAML Response menu SamlAttributes []SamlAttribute `json:"SamlAttributes,omitempty" schema:"saml_attribute,omitempty"` // SAML Response attributes SamlResponseScript string `json:"Script,omitempty" schema:"saml_response_script,omitempty"` // SAML Response Custom Logic SamlScript string `json:"SamlScript,omitempty" schema:"saml_script,omitempty"` // contains filtered or unexported fields }
func NewSamlWebApp ¶ added in v0.1.3
func NewSamlWebApp(c *restapi.RestClient) *SamlWebApp
func (*SamlWebApp) AddToSetsByID ¶ added in v0.1.3
AddToSetsByID add database into Sets
func (*SamlWebApp) AddToSetsByName ¶ added in v0.1.3
AddToSetsByName add database into Sets
func (*SamlWebApp) FillStruct ¶ added in v0.1.3
FillStruct function fills a struct with map
func (*SamlWebApp) GetByName ¶ added in v0.1.3
func (o *SamlWebApp) GetByName() error
GetByName retrieves vault object from tenant by name
func (*SamlWebApp) GetIDByName ¶ added in v0.1.3
func (o *SamlWebApp) GetIDByName() (string, error)
GetIDByName returns vault object ID by name
func (*SamlWebApp) Query ¶ added in v0.1.3
func (o *SamlWebApp) Query() (map[string]interface{}, error)
Query function returns a single WebApp object in map format
func (*SamlWebApp) Read ¶ added in v0.1.3
func (o *SamlWebApp) Read() error
func (*SamlWebApp) SetPermissions ¶ added in v0.1.3
func (o *SamlWebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*SamlWebApp) Update ¶ added in v0.1.3
func (o *SamlWebApp) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing WebApp and returns a map that contains update result
type Secret ¶
type Secret struct { SecretName string `json:"SecretName,omitempty" schema:"secret_name,omitempty"` // User Name SecretText string `json:"SecretText,omitempty" schema:"secret_text,omitempty"` Type string `json:"Type,omitempty" schema:"type,omitempty"` FolderID string `json:"FolderId,omitempty" schema:"folder_id,omitempty"` ParentPath string `json:"ParentPath,omitempty" schema:"parent_path,omitempty"` DataVaultDefaultProfile string `json:"DataVaultDefaultProfile" schema:"default_profile_id"` // Default Secret Challenge Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"DataVaultRules,omitempty" schema:"challenge_rule,omitempty"` Sets []string `json:"Sets,omitempty" schema:"sets,omitempty"` NewParentPath string `json:"-"` SecretFileName string `json:"SecretFileName,omitempty" schema:"secret_filename,omitempty"` WorkflowEnabled bool `json:"WorkflowEnabled,omitempty" schema:"workflow_enabled,omitempty"` //WorkflowSent bool `json:"WorkflowSent,omitempty" schema:"workflow_sent,omitempty"` WorkflowApprovers []WorkflowApprover `json:"WorkflowApprovers,omitempty" schema:"workflow_approver,omitempty"` WorkflowDefaultOptions *WorkflowDefaultOptions `json:"WorkflowDefaultOptions,omitempty" schema:"workflow_default_options,omitempty"` // contains filtered or unexported fields }
Secret - Encapsulates a single generic secret
func (*Secret) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*Secret) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*Secret) CheckoutSecret ¶
CheckoutSecret checks out secret from vault
func (*Secret) CheckoutSecretAndFile ¶ added in v0.1.3
CheckoutSecretAndFile checks out secret from vault and supports file type secret
func (*Secret) Create ¶
func (o *Secret) Create() (*restapi.StringResponse, error)
Create function creates a new Secret and returns a map that contains creation result
func (*Secret) Delete ¶
func (o *Secret) Delete() (*restapi.BoolResponse, error)
Delete function deletes a Secret and returns a map that contains deletion result
func (*Secret) DeleteByName ¶
func (o *Secret) DeleteByName() (*restapi.BoolResponse, error)
DeleteByName deletes a Secret by name
func (*Secret) DownloadSecretFile ¶ added in v0.1.3
func (*Secret) FillStruct ¶
FillStruct function fills a struct with map
func (*Secret) GetIDByName ¶
GetIDByName returns Secret ID by name
func (*Secret) MoveSecret ¶
func (o *Secret) MoveSecret() (*restapi.BoolResponse, error)
MoveSecret function moves an existing Secret to another folder
func (*Secret) Read ¶
Read function fetches a Secret from source, including attribute values. Returns error if any
func (*Secret) SetPermissions ¶
func (o *Secret) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
type SecretFolder ¶
type SecretFolder struct { ValidMemberPermissions map[string]string Type string `json:"Type,omitempty" schema:"type,omitempty"` // Can only be Folder ParentID string `json:"Parent,omitempty" schema:"parent_id,omitempty"` // ID of parent folder ParentPath string `json:"ParentPath,omitempty" schema:"parent_path,omitempty"` CollectionMembersDefaultProfile string `json:"CollectionMembersDefaultProfile" schema:"default_profile_id"` // Default Secret Challenge Profile (used if no conditions matched) ChallengeRules *ChallengeRules `json:"CollectionMembersRules,omitempty" schema:"challenge_rule,omitempty"` MemberPermissions []Permission NewParentPath string `json:"-"` // contains filtered or unexported fields }
SecretFolder - Encapsulates a single generic secret folder
func NewSecretFolder ¶
func NewSecretFolder(c *restapi.RestClient) *SecretFolder
NewSecretFolder is a SecretFolder constructor
func (*SecretFolder) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*SecretFolder) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*SecretFolder) Create ¶
func (o *SecretFolder) Create() (*restapi.StringResponse, error)
Create function creates a new SecretFolder and returns a map that contains creation result
func (*SecretFolder) Delete ¶
func (o *SecretFolder) Delete() (*restapi.BoolResponse, error)
Delete function deletes a SecretFolder and returns a map that contains deletion result
func (*SecretFolder) DeleteByName ¶
func (o *SecretFolder) DeleteByName() (*restapi.BoolResponse, error)
DeleteByName deletes a Secret folder by name
func (*SecretFolder) FillStruct ¶
FillStruct function fills a struct with map
func (*SecretFolder) GetByName ¶
func (o *SecretFolder) GetByName() error
GetByName retrieves Secret folder from tenant by name
func (*SecretFolder) GetIDByName ¶
func (o *SecretFolder) GetIDByName() (string, error)
GetIDByName returns Secret folder ID by name
func (*SecretFolder) MoveFolder ¶
func (o *SecretFolder) MoveFolder() (*restapi.BoolResponse, error)
MoveFolder function moves an existing SecretFolder to another folder
func (*SecretFolder) Query ¶
func (o *SecretFolder) Query() (map[string]interface{}, error)
Query function returns a single SecretFolder object in map format
func (*SecretFolder) Read ¶
func (o *SecretFolder) Read() error
Read function fetches a SecretFolder from source, including attribute values. Returns error if any
func (*SecretFolder) SetMemberPermissions ¶
func (o *SecretFolder) SetMemberPermissions(isRemove bool) (*restapi.GenericMapResponse, error)
SetMemberPermissions sets member permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*SecretFolder) SetPermissions ¶
func (o *SecretFolder) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*SecretFolder) Update ¶
func (o *SecretFolder) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing SecretFolder and returns a map that contains update result
type Service ¶
type Service struct { SystemID string `json:"ComputerID,omitempty" schema:"system_id,omitempty"` SystemName string `json:"-"` // Use by SDK call ServiceType string `json:"Type,omitempty" schema:"service_type,omitempty"` Name string `json:"WindowsServiceName,omitempty" schema:"service_name,omitempty"` EnableManagement bool `json:"IsActive" schema:"enable_management"` AdminAccountID string `json:"PushCreds,omitempty" schema:"admin_account_id,omitempty"` AdminAccountUPN string `json:"-"` // Use by SDK call MultiplexedAccountID string `json:"AccountID,omitempty" schema:"multiplexed_account_id,omitempty"` MultiplexedAccountName string `json:"-"` // Use by SDK call RestartService bool `json:"RestartService" schema:"restart_service"` RestartTimeRestriction bool `json:"RestartTimeRestriction" schema:"restart_time_restriction"` DaysOfWeek string `json:"DaysOfWeek,omitempty" schema:"days_of_week,omitempty"` RestartStartTime string `json:"RestartStartTime,omitempty" schema:"restart_start_time,omitempty"` RestartEndTime string `json:"RestartEndTime,omitempty" schema:"restart_end_time,omitempty"` UseUTCTime bool `json:"RestartTimeInUtc" schema:"use_utc_time"` // contains filtered or unexported fields }
Service - Encapsulates a single Service
func NewService ¶
func NewService(c *restapi.RestClient) *Service
NewService is a Service constructor
func (*Service) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*Service) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*Service) Create ¶
func (o *Service) Create() (*restapi.StringResponse, error)
Create function creates a new Service
func (*Service) Delete ¶
func (o *Service) Delete() (*restapi.GenericMapResponse, error)
Delete function deletes a Service
func (*Service) DeleteByName ¶
func (o *Service) DeleteByName() (*restapi.GenericMapResponse, error)
DeleteByName deletes a service by name
func (*Service) FillStruct ¶
FillStruct function fills a struct with map
func (*Service) GetIDByName ¶
GetIDByName returns service ID by name
func (*Service) Read ¶
Read function fetches a Service from source, including attribute values. Returns error if any
func (*Service) SetPermissions ¶
func (o *Service) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
type System ¶
type System struct { FQDN string `json:"FQDN,omitempty" schema:"fqdn,omitempty"` ComputerClass string `json:"ComputerClass,omitempty" schema:"computer_class,omitempty"` // Valid values are: Windows, Unix, CiscoIOS, CiscoNXOS, JuniperJunos, HpNonStopOS, IBMi, CheckPointGaia // PaloAltoNetworksPANOS, F5NetworksBIGIP, CiscoAsyncOS, VMwareVMkernel, GenericSsh, Customssh //SystemProfileId string `json:"SystemProfileId,omitempty" schema:"system_rofile_id,omitempty"` // For Customssh SessionType string `json:"SessionType,omitempty" schema:"session_type,omitempty"` // Valid values are: Rdp, Ssh ManagementMode string `json:"ManagementMode,omitempty" schema:"management_mode,omitempty"` // Valid values are: RpcOverTcp, Smb, WinRMOverHttp, WinRMOverHttps, Disabled ManagementPort int `json:"ManagementPort,omitempty" schema:"management_port,omitempty"` // For Windows, F5, PAN-OS and VMKernel only Port int `json:"Port,omitempty" schema:"port,omitempty"` TimeZoneID string `json:"TimeZoneID,omitempty" schema:"system_timezone,omitempty"` // System Time Zone UseMyAccount bool `json:"CertAuthEnable,omitempty" schema:"use_my_account,omitempty"` Status string `json:"Status,omitempty" schema:"status,omitempty"` ProxyUser string `json:"ProxyUser" schema:"proxyuser"` // To disable ProxyUser, it needs to be set to "" instead of omitting ProxyUserPassword string `json:"ProxyUserPassword,omitempty" schema:"proxyuser_password,omitempty"` ProxyUserIsManaged bool `json:"ProxyUserIsManaged" schema:"proxyuser_managed"` // ProxyUserIsManaged needs to be set instead of omitting otherwise update fails // System -> Policy menu related settings DefaultCheckoutTime int `json:"DefaultCheckoutTime,omitempty" schema:"checkout_lifetime,omitempty"` // Checkout lifetime (minutes) AllowRemote bool `json:"AllowRemote,omitempty" schema:"allow_remote_access,omitempty"` // Allow access from a public network (web client only) AllowRdpClipboard bool `json:"AllowRdpClipboard,omitempty" schema:"allow_rdp_clipboard,omitempty"` // Allow RDP client to sync local clipboard with remote session ChallengeRules *ChallengeRules `json:"LoginRules,omitempty" schema:"challenge_rule,omitempty"` // System Login Challenge Rules LoginDefaultProfile string `json:"LoginDefaultProfile,omitempty" schema:"default_profile_id,omitempty"` // Default System Login Profile (used if no conditions matched) PrivilegeElevationDefaultProfile string `json:"PrivilegeElevationDefaultProfile,omitempty" schema:"privilege_elevation_default_profile_id,omitempty"` // Default Privilege Elevation Profile (used if no conditions matched) PrivilegeElevationRules *ChallengeRules `json:"PrivilegeElevationRules,omitempty" schema:"privilege_elevation_rule,omitempty"` // Privilege Elevation Challenge Rules // System -> Advanced menu related settings AllowAutomaticLocalAccountMaintenance bool `json:"AllowAutomaticLocalAccountMaintenance,omitempty" schema:"local_account_automatic_maintenance,omitempty"` // Local Account Automatic Maintenance AllowManualLocalAccountUnlock bool `json:"AllowManualLocalAccountUnlock,omitempty" schema:"local_account_manual_unlock,omitempty"` // Local Account Manual Unlock DomainID string `json:"DomainId,omitempty" schema:"domain_id,omitempty"` // Domain RemoveUserOnSessionEnd bool `json:"RemoveUserOnSessionEnd,omitempty" schema:"remove_user_on_session_end,omitempty"` AllowMultipleCheckouts bool `json:"AllowMultipleCheckouts,omitempty" schema:"allow_multiple_checkouts,omitempty"` // Allow multiple password checkouts for this system AllowPasswordRotation bool `json:"AllowPasswordRotation,omitempty" schema:"enable_password_rotation,omitempty"` // Enable periodic password rotation PasswordRotateDuration int `json:"PasswordRotateDuration,omitempty" schema:"password_rotate_interval,omitempty"` // Password rotation interval (days) AllowPasswordRotationAfterCheckin bool `json:"AllowPasswordRotationAfterCheckin,omitempty" schema:"enable_password_rotation_after_checkin,omitempty"` // Enable password rotation after checkin MinimumPasswordAge int `json:"MinimumPasswordAge,omitempty" schema:"minimum_password_age,omitempty"` // Minimum Password Age (days) PasswordProfileID string `json:"PasswordProfileID,omitempty" schema:"password_profile_id,omitempty"` // Password Complexity Profile AllowPasswordHistoryCleanUp bool `json:"AllowPasswordHistoryCleanUp,omitempty" schema:"enable_password_history_cleanup,omitempty"` // Enable periodic password history cleanup PasswordHistoryCleanUpDuration int `json:"PasswordHistoryCleanUpDuration,omitempty" schema:"password_historycleanup_duration,omitempty"` // Password history cleanup (days) AllowSSHKeysRotation bool `json:"AllowSshKeysRotation,omitempty" schema:"enable_sshkey_rotation,omitempty"` // Enable periodic SSH key rotation SSHKeysRotateDuration int `json:"SshKeysRotateDuration,omitempty" schema:"sshkey_rotate_interval,omitempty"` // SSH key rotation interval (days) MinimumSSHKeysAge int `json:"MinimumSshKeysAge,omitempty" schema:"minimum_sshkey_age,omitempty"` // Minimum SSH Key Age (days) SSHKeysGenerationAlgorithm string `json:"SshKeysGenerationAlgorithm,omitempty" schema:"sshkey_algorithm,omitempty"` // SSH Key Generation Algorithm AllowSSHKeysCleanUp bool `json:"AllowSshKeysCleanUp,omitempty" schema:"enable_sshkey_history_cleanup,omitempty"` // Enable periodic SSH key cleanup SSHKeysCleanUpDuration int `json:"SshKeysCleanUpDuration,omitempty" schema:"sshkey_historycleanup_duration,omitempty"` // SSH key cleanup (days) // Workflow AgentAuthWorkflowEnabled bool `json:"AgentAuthWorkflowEnabled,omitempty" schema:"agent_auth_workflow_enabled,omitempty"` // Enable Agent Auth Workflow AgentAuthWorkflowApprovers []WorkflowApprover `json:"AgentAuthWorkflowApprovers,omitempty" schema:"agent_auth_workflow_approver,omitempty"` PrivilegeElevationWorkflowEnabled bool `json:"PrivilegeElevationWorkflowEnabled,omitempty" schema:"privilege_elevation_workflow_enabled,omitempty"` // Enable Privilege Elevation Request Workflow PrivilegeElevationWorkflowApprovers []WorkflowApprover `json:"PrivilegeElevationWorkflowApprovers,omitempty" schema:"privilege_elevation_workflow_approver,omitempty"` // System -> Zone Role Workflow menu related settings DomainOperationsEnabled bool `json:"DomainOperationsEnabled,omitempty" schema:"use_domainadmin_for_zonerole_workflow,omitempty"` // Use Domain Administrator Account for Zone Role Workflow operations ZoneRoleWorkflowEnabled bool `json:"ZoneRoleWorkflowEnabled,omitempty" schema:"enable_zonerole_workflow,omitempty"` // Enable zone role requests for this system UseDomainWorkflowRoles bool `json:"UseDomainWorkflowRoles" schema:"use_domain_assignment_for_zoneroles"` // Assignable Zone Roles - Use domain assignments ZoneRoleWorkflowRoles string `json:"ZoneRoleWorkflowRoles,omitempty" schema:"assigned_zoneroles,omitempty"` // This is the actual attribute in string format ZoneRoleWorkflowRoleList []ZoneRole `json:"-" schema:"assigned_zonerole,omitempty"` // This is used in API call and tf file only UseDomainWorkflowApprovers bool `json:"UseDomainWorkflowApprovers" schema:"use_domain_assignment_for_zonerole_approvers"` // Approver list - Use domain assignments ZoneRoleWorkflowApprovers string `json:"ZoneRoleWorkflowApprovers,omitempty" schema:"assigned_zonerole_approvers,omitempty"` // This is the actual attribute in string format ZoneRoleWorkflowApproverList []WorkflowApprover `json:"-" schema:"assigned_zonerole_approver,omitempty"` // This is used in tf file only // System -> Connectors menu related settings ProxyCollectionList string `json:"ProxyCollectionList,omitempty" schema:"connector_list,omitempty"` // List of Connectors used // contains filtered or unexported fields }
System - Encapsulates a single Generic System
func (*System) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*System) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*System) Create ¶
func (o *System) Create() (*restapi.StringResponse, error)
Create function creates a new system
func (*System) Delete ¶
func (o *System) Delete() (*restapi.BoolResponse, error)
Delete function deletes a system and returns a map that contains deletion result
func (*System) DeleteByName ¶
func (o *System) DeleteByName() (*restapi.BoolResponse, error)
DeleteByName deletes a system by name
func (*System) FillStruct ¶
FillStruct function fills a struct with map
func (*System) GetIDByName ¶
GetIDByName returns system ID by name
func (*System) Read ¶
Read function fetches a system from source, including attribute values. Returns error if any
func (*System) ResolveValidPermissions ¶
func (o *System) ResolveValidPermissions()
ResolveValidPermissions assign valid permissions according to computer class
func (*System) SetPermissions ¶
func (o *System) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
func (*System) Update ¶
func (o *System) Update() (*restapi.GenericMapResponse, error)
Update function updates an existing system and returns a map that contains update result
func (*System) ValidateZoneWorkflow ¶
ValidateZoneWorkflow checks if domain_id is set if use_domainadmin_for_zonerole_workflow is true
type User ¶
type User struct { Name string `json:"Name,omitempty" schema:"username,omitempty"` Mail string `json:"Mail,omitempty" schema:"email,omitempty"` // Email address DisplayName string `json:"DisplayName,omitempty" schema:"displayname,omitempty"` Password string `json:"Password,omitempty" schema:"password,omitempty"` ConfirmPassword string `json:"confirmPassword,omitempty" schema:"confirm_password,omitempty"` PasswordNeverExpire bool `json:"PasswordNeverExpire,omitempty" schema:"password_never_expire,omitempty"` // Password never expires ForcePasswordChangeNext bool `json:"ForcePasswordChangeNext,omitempty" schema:"force_password_change_next,omitempty"` // Require password change at next login OauthClient bool `json:"OauthClient" schema:"oauth_client"` // Is OAuth confidential client SendEmailInvite bool `json:"SendEmailInvite" schema:"send_email_invite"` // Send email invite for user profile setup OfficeNumber string `json:"OfficeNumber,omitempty" schema:"office_number,omitempty"` HomeNumber string `json:"HomeNumber,omitempty" schema:"home_number,omitempty"` MobileNumber string `json:"MobileNumber,omitempty" schema:"mobile_number,omitempty"` //RedirectMFA bool `json:"jsutil-checkbox-2598-inputEl" schema:"redirect_mfa"` // Redirect multi factor authentication to a different user account RedirectMFAUserID string `json:"CmaRedirectedUserUuid,omitempty" schema:"redirect_mfa_user_id,omitempty"` // Redirect multi factor authentication to a different user account ReportsTo string `json:"ReportsTo" schema:"manager_username"` // Manager InEverybodyRole bool `json:"InEverybodyRole"` // Roles Roles []string `json:"Roles,omitempty" schema:"roles,omitempty"` // contains filtered or unexported fields }
User - Encapsulates a single user
func (*User) AddToRoles ¶
AddToRoles adds user to list of role
func (*User) AddToSetsByID ¶
AddToSetsByID add database into Sets
func (*User) AddToSetsByName ¶
AddToSetsByName add database into Sets
func (*User) ChangePassword ¶
func (o *User) ChangePassword() (*restapi.BoolResponse, error)
ChangePassword function changes user's password
func (*User) ChangeUserPassword ¶
ChangeUserPassword sets new password for a user
func (*User) Create ¶
func (o *User) Create() (*restapi.StringResponse, error)
Create function creates a new user and returns a map that contains creation result
func (*User) Delete ¶
func (o *User) Delete() (*restapi.GenericMapResponse, error)
Delete function deletes a user and returns a map that contains deletion result
func (*User) DeleteByName ¶
func (o *User) DeleteByName() (*restapi.GenericMapResponse, error)
DeleteByName deletes a Centrify Directory user by username
func (*User) FillStruct ¶
FillStruct function fills a struct with map
func (*User) GetIDByName ¶
GetIDByName returns user ID by name
func (*User) Read ¶
Read function fetches a user from source, including attribute values. Returns error if any
func (*User) SetPermissions ¶
func (o *User) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
type WebApp ¶ added in v0.1.3
type WebApp struct { TemplateName string `json:"TemplateName,omitempty" schema:"template_name,omitempty"` // Policy menu DefaultAuthProfile string `json:"DefaultAuthProfile,omitempty" schema:"default_profile_id,omitempty"` ChallengeRules *ChallengeRules `json:"AuthRules,omitempty" schema:"challenge_rule,omitempty"` PolicyScript string `json:"PolicyScript" schema:"policy_script"` // Use script to specify authentication rules (configured rules are ignored) // Account Mapping menu UserNameStrategy string `json:"UserNameStrategy,omitempty" schema:"username_strategy,omitempty"` // ADAttribute, Fixed or UseScript //ADAttribute string `json:"ADAttribute,omitempty" schema:"ad_attribute,omitempty"` // Directory service field name. Used when UserNameStrategy=ADAttribute Username string `json:"UserNameArg,omitempty" schema:"username,omitempty"` // Used when UserNameStrategy is ADAttribute or Fixed UserMapScript string `json:"UserMapScript" schema:"user_map_script"` // Used when UserNameStrategy=UseScript // Workflow menu WorkflowEnabled bool `json:"WorkflowEnabled" schema:"workflow_enabled"` WorkflowSettings string `json:"WorkflowSettings,omitempty" schema:"workflow_settings"` // This is the actual workflow attribute in string format WorkflowApproverList []WorkflowApprover `json:"-" schema:"workflow_approver,omitempty"` // This is used in tf file only // contains filtered or unexported fields }
func (*WebApp) AddToSetsByID ¶ added in v0.1.3
AddToSetsByID add database into Sets
func (*WebApp) AddToSetsByName ¶ added in v0.1.3
AddToSetsByName add database into Sets
func (*WebApp) Create ¶ added in v0.1.3
func (o *WebApp) Create() (*restapi.SliceResponse, error)
// Read function fetches a WebApp from source, including attribute values. Returns error if any
func (o *WebApp) Read() error { if o.ID == "" { errormsg := fmt.Sprintf("Missing ID for %s", GetVarType(0)) logger.Errorf(errormsg) return fmt.Errorf(errormsg) } var queryArg = make(map[string]interface{}) queryArg["_RowKey"] = o.ID // Attempt to read from an upstream API resp, err := o.client.CallGenericMapAPI(o.apiRead, queryArg) if err != nil { logger.Errorf(err.Error()) return err } if !resp.Success { errmsg := fmt.Sprintf("%s %s", resp.Message, resp.Exception) logger.Errorf(errmsg) return fmt.Errorf(errmsg) } mapToStruct(o, resp.Result) return nil }
Create function creates a new WebApp and returns a map that contains creation result
func (*WebApp) Delete ¶ added in v0.1.3
func (o *WebApp) Delete() (*restapi.SliceResponse, error)
// Update function updates an existing WebApp and returns a map that contains update result
func (o *WebApp) Update() (*restapi.GenericMapResponse, error) { if o.ID == "" { errormsg := fmt.Sprintf("Missing ID for %s", GetVarType(0)) logger.Errorf(errormsg) return nil, fmt.Errorf(errormsg) } err := o.processSpMetaData() if err != nil { logger.Errorf(err.Error()) return nil, err } err := o.processWorkflow() if err != nil { logger.Errorf(err.Error()) return nil, err } var queryArg = make(map[string]interface{}) queryArg, err = generateRequestMap(o) if err != nil { logger.Errorf(err.Error()) return nil, err } queryArg["_RowKey"] = o.ID logger.Debugf("Generated Map for Update(): %+v", queryArg) resp, err := o.client.CallGenericMapAPI(o.apiUpdate, queryArg) if err != nil { logger.Errorf(err.Error()) return nil, err } if !resp.Success { errmsg := fmt.Sprintf("%s %s", resp.Message, resp.Exception) logger.Errorf(errmsg) return nil, fmt.Errorf(errmsg) } return resp, nil }
Delete function deletes a WebApp and returns a map that contains deletion result
func (*WebApp) DeleteByName ¶ added in v0.1.3
func (o *WebApp) DeleteByName() (*restapi.SliceResponse, error)
// GetByName retrieves vault object from tenant by name
func (o *WebApp) GetByName() error { if o.ID == "" { _, err := o.GetIDByName() if err != nil { logger.Errorf(err.Error()) return fmt.Errorf("failed to find ID of %s %s. %v", GetVarType(o), o.Name, err) } } err := o.Read() if err != nil { return err } return nil }
DeleteByName deletes a DesktopApp by name
func (*WebApp) FillStruct ¶ added in v0.1.3
FillStruct function fills a struct with map
func (*WebApp) GetIDByName ¶ added in v0.1.3
GetIDByName returns vault object ID by name
func (*WebApp) Query ¶ added in v0.1.3
func (o *WebApp) processWorkflow() error { // Resolve guid of each approver if o.WorkflowEnabled && o.WorkflowApproverList != nil { err := ResolveWorkflowApprovers(o.client, o.WorkflowApproverList) if err != nil { return err } // Due to historical reason, WorkflowSettings attribute is not in json format rather it is in string so need to perform conversion // Convert approvers from struct to string so that it can be assigned to the actual attribute used for privision. wfApprovers := FlattenWorkflowApprovers(o.WorkflowApproverList) o.WorkflowSettings = "{\"WorkflowApprover\":" + wfApprovers + "}" } return nil }
Query function returns a single WebApp object in map format
func (*WebApp) ResetAppScript ¶ added in v0.1.3
func (*WebApp) SetPermissions ¶ added in v0.1.3
func (o *WebApp) SetPermissions(isRemove bool) (*restapi.BaseAPIResponse, error)
SetPermissions sets permissions. isRemove indicates whether to remove all permissions instead of setting permissions
type WorkflowApprover ¶ added in v0.1.3
type WorkflowApprover struct { Guid string `json:"Guid,omitempty" schema:"guid,omitempty"` Name string `json:"Name,omitempty" schema:"name,omitempty"` Type string `json:"Type,omitempty" schema:"type,omitempty"` // Either "User", "Role" or "Manager" NoManagerAction string `json:"NoManagerAction,omitempty" schema:"no_manager_action,omitempty"` // Can be "approve", "deny" or "useBackup" BackupApprover *BackupApprover `json:"BackupApprover,omitempty" schema:"backup_approver,omitempty"` OptionsSelector bool `json:"OptionsSelector,omitempty" schema:"options_selector,omitempty"` // When there more than 2 approval levels, add this attribute to only one DirectoryService string `json:"-"` DirectoryName string `json:"-"` }
type WorkflowDefaultOptions ¶ added in v0.1.3
type WorkflowDefaultOptions struct {
GrantMin int `json:"GrantMin,omitempty" schema:"grant_minute,omitempty"`
}
type ZoneRole ¶ added in v0.1.3
type ZoneRole struct { Name string `json:"Name,omitempty" schema:"name,omitempty"` ZoneDescription string `json:"ZoneDescription,omitempty" schema:"zone_description,omitempty"` ZoneDn string `json:"ZoneDn,omitempty" schema:"zone_dn,omitempty"` Description string `json:"Description,omitempty" schema:"description,omitempty"` ZoneCanonicalName string `json:"ZoneCanonicalName,omitempty" schema:"zone_canonical_name,omitempty"` ParentZoneDn string `json:"ParentZoneDn,omitempty" schema:"parent_zone_dn,omitempty"` Unix bool `json:"Unix,omitempty" schema:"unix,omitempty"` Windows bool `json:"Windows,omitempty" schema:"windows,omitempty"` }
Source Files ¶
- centrify_authenticationprofile.go
- centrify_cloudproivder.go
- centrify_connector.go
- centrify_desktopapp.go
- centrify_directoryobject.go
- centrify_directoryservice.go
- centrify_federatedgroup.go
- centrify_genericobject.go
- centrify_globalgroupmappings.go
- centrify_globalworkflow.go
- centrify_manualset.go
- centrify_multiplexedaccount.go
- centrify_passwordprofile.go
- centrify_policy.go
- centrify_policylinks.go
- centrify_role.go
- centrify_role_membership.go
- centrify_service.go
- centrify_sshkey.go
- centrify_user.go
- centrify_vaultaccount.go
- centrify_vaultdatabase.go
- centrify_vaultdomain.go
- centrify_vaultsecret.go
- centrify_vaultsecretfolder.go
- centrify_vaultsystem.go
- centrify_webapp.go
- centrify_webapp_generic.go
- centrify_webapp_oauth.go
- centrify_webapp_oidc.go
- centrify_webapp_saml.go
- helper.go