CyberArk helps you to manage all the privileged account within your organization with automatic password management, access control, dual control, video recordings and numerous features.
This document provides information about the CyberArk connector, which facilitates automated interactions with CyberArk using FortiSOAR™ playbooks. Add the CyberArk connector as a step in FortiSOAR™ playbooks and perform automated operations, such as getting all the account groups in a specific safe from CyberArk, or adding new user to a Vault in CyberArk
Connector Version: 1.0.0
Authored By: Fortinet
Certified: No
All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:
yum install cyops-connector-cyberark
For the detailed procedure to install a connector, click here
For the procedure to configure a connector, click here
In FortiSOAR™, on the connectors page, select the CyberArk connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the CyberArk server to which you will connect and perform automated operations. |
Username | Username used to access the CyberArk server to which you will connect and perform the automated operations. |
Password | Password used to access the CyberArk server to which you will connect and perform the automated operations. |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True. |
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 and onwards:
Function | Description | Annotation and Category |
---|---|---|
Add Account Group | Adds new account group to the Vault. | add_account_group Miscellaneous |
Get Account Group by Safe | Gets all the account groups in a specific safe. | get_account_group_info Investigation |
Get Account Group Members | Gets all the members of an existing account group. | get_account_group_info Investigation |
Delete Member from Account Group | Removes an account member from an account group. | delete_account_group_members Investigation |
Add User | Adds new user to the Vault. | add_user Miscellaneous |
Add User to Group | Adds a specific user to an existing user group in the Vault. | update_group Miscellaneous |
Logged on User Details | Gets the user information of the user who is logged on. | user_details Investigation |
Get User Details | Gets the user information about a specific user in the Vault. | user_details Investigation |
Update User | Updates an existing Vault user. | update_user Miscellaneous |
Activate User | Activates an existing Vault user. | activate_user Investigation |
Delete User | Deletes a specific user in the Vault. | delete_user Miscellaneous |
Add Safe | Adds new safe to the Vault. | add_safe Miscellaneous |
List Safes | Gets information about all of the user’s safes in the Vault. | list_safes Investigation |
Get Safe Details | Gets information about a specific safe in the Vault. | safe_details Investigation |
Search Safe | Gets information about the safes in the Vault that meet the criteria specified in the search query. | safe_details Investigation |
Get Safe Account Groups | Gets all the existing account groups in a specific Safe. | get_safe_account_groups Investigation |
Update Safe | Updates the specified safe in the Vault. | update_safe Miscellaneous |
Delete Safe | Deletes the specified safe from the Vault. | delete_safe Miscellaneous |
Add Safe Member | Adds an existing user as a safe member. | add_safe_member Miscellaneous |
List Safe Members | List of the members of the Safe. | list_safe_members Investigation |
Update Safe Member | Updates an existing safe member. | update_safe_member Investigation |
Delete Safe Member | Removes a specific member from a safe. | delete_safe_member Investigation |
Add Policy/ACL | Adds a new privileged command rule to the policy. | add_policy Miscellaneous |
List Policy/ACL | Gets a list of the privileged commands (OPM rules) associated with this policy. | list_policy Investigation |
Delete Policy/ACL | Deletes all privileged commands rules associated with the policy. | delete_policy Miscellaneous |
Parameter | Description |
---|---|
Group Name | Group name of the group that you want to add in the Vault. |
Group Platform | Group platform of the group that you want to add in the Vault. |
Safe Name | Safe name that you want to add in the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe | Safe name for which you want to retrieve all account groups. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Group Name | Group name for which you want to retrieve all members from specified group name. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Group Name | Group name from which you want to delete a member. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username that you want to add to the Vault. |
First Name | First name of the user that you want to add to the Vault. |
Last Name | Last name of the user that you want to add to the Vault. |
Initial Password | Initial password of the user that you want to add to the Vault. |
Email address of the user for that you want to add to the Vault. | |
User Type Name | User type name that you want to add to the Vault. For example: EPVUser |
Expiry Date | Expiry date of the user account that you want to add to the Vault. |
Disabled | Disable newly created user. By default, this is set as true. |
Change Password On The Next Logon | Change password on the next logon for newly created user. By default, this is set as false. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username that you want to add to the existing group. |
Group Name | Group name to which you want to add the user. |
The output contains a non-dictionary value.
None.
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username for which you want to retrieve the details. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username of the user that you want to update in the Vault. |
First Name | First name of the user that you want to update in the Vault. |
Last Name | Last name of the user that you want to update in the Vault. |
New Password | New password of the user that you want to update in the Vault. |
Email address of the user that you want to update in the Vault. | |
User Type Name | User type name that you want to update in the Vault. For example: EPVUser |
Expiry Date | Expiry date of the user account for which you want to update in the Vault. |
Disabled | Disable newly created user. By default, this is set as true. |
Change Password On The Next Logon | Change password on the next logon for newly created user. By default, this is set as false. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username of the user that you want to activate in the Vault. |
Suspended | Activates the suspended user if you select this option. By default this is set as false, i.e., a user is Suspended. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username that you want to delete from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name that you want to add to the Vault |
Description | Description of the safe that you want to add to the Vault. |
Managing CPM | Managing CPM of the safe that you want to add to Vault. For example: PasswordManager |
Number of Versions Retention | Provide the number of versions of the safe to be retained in the vault. |
Number of Days Retention | Provide the number of days the safe should be retained in the vault. |
The output contains a non-dictionary value.
None.
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name for which you want to retrieve the details from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Search Query | Query that retrieves the details about the safe from the vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name for which you want to retrieve all account groups from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name that you want to update in the Vault |
Description | Description of the safe that you want to update in Vault |
Managing CPM | Managing CPM of the safe that you want to update in the Vault. For example: PasswordManager |
Number of Versions Retention | Update the number of versions of the safe to be retained in the vault. |
Number of Days Retention | Update the number of days the safe should be retained in the vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name that you want to delete from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name in which to add member as a safe member. |
Member Name | Member name that you want to add as a safe member in the Vault. |
Search In | Search a member in the specified value. For example: If you specify Active Directory (AD) as the value, the specified member name will be searched in AD. |
Membership Expiration Date | Provide the expiration date of membership. |
Permissions | Selected permissions set as true for the safe member. You can select more than one permissions. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name for which you want to retrieve the list of all safe members from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name in which to update the safe member. |
Membership Expiration Date | Provide the expiration date of membership. |
Permissions | Selected permissions set as true for the safe member. You can select more than one permissions. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name from which you want to delete a safe member. |
Member Name | Name of the member that you want to delete from the safe. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Command | Command that you want to add as a rule to the policy. |
Permission Type | Allow/deny the specified command. |
Restrictions | Provide the restrictions to the specified command. |
Username | Provide the username for whom to apply this policy. |
The output contains a non-dictionary value.
None.
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Policy ID | ID of the policy for which you want to delete the specified rules that are associated with the policy. |
The output contains a non-dictionary value.
The Sample - CyberArk - 1.0.0
playbook collection comes bundled with the CyberArk connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the CyberArk connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
CyberArk helps you to manage all the privileged account within your organization with automatic password management, access control, dual control, video recordings and numerous features.
This document provides information about the CyberArk connector, which facilitates automated interactions with CyberArk using FortiSOAR™ playbooks. Add the CyberArk connector as a step in FortiSOAR™ playbooks and perform automated operations, such as getting all the account groups in a specific safe from CyberArk, or adding new user to a Vault in CyberArk
Connector Version: 1.0.0
Authored By: Fortinet
Certified: No
All connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and use the yum command to install connectors:
yum install cyops-connector-cyberark
For the detailed procedure to install a connector, click here
For the procedure to configure a connector, click here
In FortiSOAR™, on the connectors page, select the CyberArk connector and click Configure to configure the following parameters:
Parameter | Description |
---|---|
Server URL | URL of the CyberArk server to which you will connect and perform automated operations. |
Username | Username used to access the CyberArk server to which you will connect and perform the automated operations. |
Password | Password used to access the CyberArk server to which you will connect and perform the automated operations. |
Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. By default, this option is set as True. |
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 and onwards:
Function | Description | Annotation and Category |
---|---|---|
Add Account Group | Adds new account group to the Vault. | add_account_group Miscellaneous |
Get Account Group by Safe | Gets all the account groups in a specific safe. | get_account_group_info Investigation |
Get Account Group Members | Gets all the members of an existing account group. | get_account_group_info Investigation |
Delete Member from Account Group | Removes an account member from an account group. | delete_account_group_members Investigation |
Add User | Adds new user to the Vault. | add_user Miscellaneous |
Add User to Group | Adds a specific user to an existing user group in the Vault. | update_group Miscellaneous |
Logged on User Details | Gets the user information of the user who is logged on. | user_details Investigation |
Get User Details | Gets the user information about a specific user in the Vault. | user_details Investigation |
Update User | Updates an existing Vault user. | update_user Miscellaneous |
Activate User | Activates an existing Vault user. | activate_user Investigation |
Delete User | Deletes a specific user in the Vault. | delete_user Miscellaneous |
Add Safe | Adds new safe to the Vault. | add_safe Miscellaneous |
List Safes | Gets information about all of the user’s safes in the Vault. | list_safes Investigation |
Get Safe Details | Gets information about a specific safe in the Vault. | safe_details Investigation |
Search Safe | Gets information about the safes in the Vault that meet the criteria specified in the search query. | safe_details Investigation |
Get Safe Account Groups | Gets all the existing account groups in a specific Safe. | get_safe_account_groups Investigation |
Update Safe | Updates the specified safe in the Vault. | update_safe Miscellaneous |
Delete Safe | Deletes the specified safe from the Vault. | delete_safe Miscellaneous |
Add Safe Member | Adds an existing user as a safe member. | add_safe_member Miscellaneous |
List Safe Members | List of the members of the Safe. | list_safe_members Investigation |
Update Safe Member | Updates an existing safe member. | update_safe_member Investigation |
Delete Safe Member | Removes a specific member from a safe. | delete_safe_member Investigation |
Add Policy/ACL | Adds a new privileged command rule to the policy. | add_policy Miscellaneous |
List Policy/ACL | Gets a list of the privileged commands (OPM rules) associated with this policy. | list_policy Investigation |
Delete Policy/ACL | Deletes all privileged commands rules associated with the policy. | delete_policy Miscellaneous |
Parameter | Description |
---|---|
Group Name | Group name of the group that you want to add in the Vault. |
Group Platform | Group platform of the group that you want to add in the Vault. |
Safe Name | Safe name that you want to add in the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe | Safe name for which you want to retrieve all account groups. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Group Name | Group name for which you want to retrieve all members from specified group name. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Group Name | Group name from which you want to delete a member. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username that you want to add to the Vault. |
First Name | First name of the user that you want to add to the Vault. |
Last Name | Last name of the user that you want to add to the Vault. |
Initial Password | Initial password of the user that you want to add to the Vault. |
Email address of the user for that you want to add to the Vault. | |
User Type Name | User type name that you want to add to the Vault. For example: EPVUser |
Expiry Date | Expiry date of the user account that you want to add to the Vault. |
Disabled | Disable newly created user. By default, this is set as true. |
Change Password On The Next Logon | Change password on the next logon for newly created user. By default, this is set as false. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username that you want to add to the existing group. |
Group Name | Group name to which you want to add the user. |
The output contains a non-dictionary value.
None.
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username for which you want to retrieve the details. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username of the user that you want to update in the Vault. |
First Name | First name of the user that you want to update in the Vault. |
Last Name | Last name of the user that you want to update in the Vault. |
New Password | New password of the user that you want to update in the Vault. |
Email address of the user that you want to update in the Vault. | |
User Type Name | User type name that you want to update in the Vault. For example: EPVUser |
Expiry Date | Expiry date of the user account for which you want to update in the Vault. |
Disabled | Disable newly created user. By default, this is set as true. |
Change Password On The Next Logon | Change password on the next logon for newly created user. By default, this is set as false. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username of the user that you want to activate in the Vault. |
Suspended | Activates the suspended user if you select this option. By default this is set as false, i.e., a user is Suspended. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Username | Username that you want to delete from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name that you want to add to the Vault |
Description | Description of the safe that you want to add to the Vault. |
Managing CPM | Managing CPM of the safe that you want to add to Vault. For example: PasswordManager |
Number of Versions Retention | Provide the number of versions of the safe to be retained in the vault. |
Number of Days Retention | Provide the number of days the safe should be retained in the vault. |
The output contains a non-dictionary value.
None.
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name for which you want to retrieve the details from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Search Query | Query that retrieves the details about the safe from the vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name for which you want to retrieve all account groups from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name that you want to update in the Vault |
Description | Description of the safe that you want to update in Vault |
Managing CPM | Managing CPM of the safe that you want to update in the Vault. For example: PasswordManager |
Number of Versions Retention | Update the number of versions of the safe to be retained in the vault. |
Number of Days Retention | Update the number of days the safe should be retained in the vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name that you want to delete from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name in which to add member as a safe member. |
Member Name | Member name that you want to add as a safe member in the Vault. |
Search In | Search a member in the specified value. For example: If you specify Active Directory (AD) as the value, the specified member name will be searched in AD. |
Membership Expiration Date | Provide the expiration date of membership. |
Permissions | Selected permissions set as true for the safe member. You can select more than one permissions. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name for which you want to retrieve the list of all safe members from the Vault. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name in which to update the safe member. |
Membership Expiration Date | Provide the expiration date of membership. |
Permissions | Selected permissions set as true for the safe member. You can select more than one permissions. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Safe Name | Safe name from which you want to delete a safe member. |
Member Name | Name of the member that you want to delete from the safe. |
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Command | Command that you want to add as a rule to the policy. |
Permission Type | Allow/deny the specified command. |
Restrictions | Provide the restrictions to the specified command. |
Username | Provide the username for whom to apply this policy. |
The output contains a non-dictionary value.
None.
The output contains a non-dictionary value.
Parameter | Description |
---|---|
Policy ID | ID of the policy for which you want to delete the specified rules that are associated with the policy. |
The output contains a non-dictionary value.
The Sample - CyberArk - 1.0.0
playbook collection comes bundled with the CyberArk connector. These playbooks contain steps using which you can perform all supported actions. You can see bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the CyberArk connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.