LET US EXPLAIN – PowerShell collection of classes for using Thycotic Secret Server REST API.

Hi there. Sharing makes us feel happy that is why we’ve decided to share our brand new collection of PowerShell scripts that makes use of the Thycotic REST API to manage Authentication, Users and Groups, Folders and Permissions, Configurations, Secrets and so on. The collection is made of PowerShell classes, each of them allows to manage one specific automation context of your Thycotic Secret Server. The collection is available on our GitHub repository and we are already planning to add more features.

You can download Thycotic PowerShell API from: https://github.com/Triveti/thycotic-powershell-api.

Making use of our library to interact with Thycotic Secret Server is really easy, the following snippet shows how to create a new folder named ‘Applications’ and how to assign groups and permissions to this folder. The authentication against Thycotic Secret Server is done during the initialization of the class.

. ./FolderManager.ps1
. ./ConfigurationManager.ps1
. ./SecretManager.ps1

# parameters
$url = "https://<PUT-YOUR-SS-SERVER-NAME>/SecretServer";
$username = "<YOUR-USERNAME>";
$password = "<YOUR-PASSWORD>";

# Initialize the classes
$foldermanager = [FolderManager]::new($url,$username,$password)
$configurationmanager = [ConfigurationManager]::new($url,$username,$password)
$secretmanager = [SecretManager]::new($url,$username,$password)

# Add single folder 'Dummy1' and its subfolder 'Dummy2'
try {
  $dummy1 = $foldermanager.AddFolder("Dummy1")
catch {
   Write-Host "Exception:"
   Write-Host $_ 
try {
    $dummy2 = $foldermanager.AddChildFolder("Dummy2", $dummy1)
catch {
   Write-Host "Exception:"
   Write-Host $_ 
# Set permissions to folder 'Dummy1'
$folderName = "Dummy1"
$groupName = "Everyone"
$folderAccessRoleName = "View"
$secretAccessRoleName = "View"

$result01 = $foldermanager.SetFolderPermissions($folderName, $groupName, $folderAccessRoleName, $secretAccessRoleName)

# Perform a complete backup of SS
$result = $configurationmanager.RunBackup()
Write-Host $result

The following classes are available:

  • FolderManager: Folder creation, Adding child folders, settings folder and secret permissions
  • ConfigurationManager: Backups
  • SecretManager: List all secrets

We aim to provide support for other features exposed by Thycotic REST API such as:

  • Groups
  • Users
  • Roles
  • Reports
  • And so on

Thycotic PowerShell API: https://github.com/Triveti/thycotic-powershell-api.

Do you need support for your Digital Identity solution? Get in touch with us!