### Conjur CLI Installation and Usage Source: https://docs.cyberark.com/conjur-enterprise/latest/en/content/developer/cli/cli-lp This snippet covers the general setup and operational commands for the Conjur CLI v8.x. It is compatible with Conjur Enterprise 12.9 or later. FIPS-enabled machines require Conjur CLI v7.x or later. ```bash # Example commands for Conjur CLI v8.x # Installation and configuration steps would typically go here. # For example: # conjur init -h -p # conjur authn login -u ``` -------------------------------- ### Migrate Credential Provider Windows 32-bit to 64-bit Source: https://docs.cyberark.com/credential-providers/latest/en/content/landingpages/cp-doc-changes A guide outlining the process for migrating the Credential Provider from a 32-bit Windows environment to a 64-bit Windows environment. It details the necessary steps for a smooth transition. ```text Migrate the 32-bit Credential Provider to the 64-bit Credential Provider ``` -------------------------------- ### Vault Synchronizer UI Wizard Installation Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/conjurcloud/whatsnew The Vault Synchronizer v13.5 release includes a new UI wizard for installation, simplifying the setup process. Users can also select specific account properties to sync from PAM - Self-Hosted to Conjur Cloud. ```Shell Use the new UI wizard to install Vault Synchronizer ``` -------------------------------- ### Fix: Substring function start index 0 Source: https://docs.cyberark.com/identity-flows/latest/en/content/getstarted/whatsnew Corrected an issue where the `subString` function's start index argument did not accept the value `0`. ```N/A Fixed an issue where the `subString` function's start index argument did not accept `0` . ``` -------------------------------- ### Fix: Substring function start index Source: https://docs.cyberark.com/identity-flows/latest/en/content/getstarted/whatsnew Resolves an issue where the `subString` function's start index argument did not accept `0`. ```N/A Fixed an issue where the `subString` function's start index argument did not accept `0` . ``` -------------------------------- ### CIS Benchmark Compatibility for Central Credential Provider Source: https://docs.cyberark.com/credential-providers/latest/en/content/landingpages/cp-doc-changes Information regarding the environment setup and tests performed to ensure CIS benchmark compatibility with the Central Credential Provider. This guide helps in securing the CP according to industry standards. ```text CIS benchmark compatibility for Central Credential Provider ``` -------------------------------- ### Fix: Incorrect Xpath and URI formula examples Source: https://docs.cyberark.com/identity-flows/latest/en/content/getstarted/whatsnew Corrects inaccuracies in the UI display of Xpath and URI formula examples within the Functions area. ```N/A Fixed an issue where the UI displayed incorrect Xpath and URI formula examples. ``` -------------------------------- ### Identity Connector Requirements Source: https://docs.cyberark.com/identity-administration/latest/en/content/ispss/ispss-add-system-users-and-roles This snippet outlines the prerequisites for user provisioning when using on-premise authentication services. It specifically mentions the need to install the Identity Connector and directs users to a resource detailing its requirements. ```Documentation For user provisioning using on-prem authentication services, you will need to install the Identity Connector. See Identity Connector requirements. ``` -------------------------------- ### Automate Processes with SIA API Source: https://docs.cyberark.com/ispss-access/latest/en/content/resources/_topnav/cc_home Explore how to use the SIA API to automate various processes. This guide is for developers looking to integrate SIA functionalities into their workflows. ```English Use the SIA API to automate processes ``` -------------------------------- ### Connect to Self-Hosted Microsoft Active Directory API Source: https://docs.cyberark.com/identity-flows/latest/en/content/api/api_land_page This snippet demonstrates how to use connector APIs to establish a connection with self-hosted solutions, specifically referencing Microsoft Active Directory as an example. It's part of the broader documentation for integrating with self-hosted platforms. ```text This is a reference section for connector APIs to self-hosted platforms and solutions, such as a self-hosted Microsoft Active Directory. For information on how to provide Flows with access to other self-hosted services, see the API gateway documentation. ``` -------------------------------- ### Connect via SIA to Infrastructure Source: https://docs.cyberark.com/ispss-access/latest/en/content/resources/_topnav/cc_home This guide explains how to connect via SIA to various infrastructure components, including Windows, Linux, databases, and Kubernetes. It details the process for establishing secure connections. ```English Learn how to connect via SIA to infrastructure such as Windows, Linux, databases, and Kubernetes ``` -------------------------------- ### Connect via SIA to Infrastructure Source: https://docs.cyberark.com/dpa/latest/en/content/resources/_topnav/cc_home This guide explains how to connect via SIA to various infrastructure components, including Windows, Linux, databases, and Kubernetes. It details the process for establishing secure connections. ```English Learn how to connect via SIA to infrastructure such as Windows, Linux, databases, and Kubernetes ``` -------------------------------- ### Automate Processes with SIA API Source: https://docs.cyberark.com/dpa/latest/en/content/resources/_topnav/cc_home Explore how to use the SIA API to automate various processes. This guide is for developers looking to integrate SIA functionalities into their workflows. ```English Use the SIA API to automate processes ``` -------------------------------- ### Trigger Cloud Visibility Scan On Demand via API Source: https://docs.cyberark.com/cloud-visibility/latest/en/content/hometileslps/lp-tile3 This snippet describes how to trigger a Cloud Visibility scan on demand using an API. It is a conceptual reference to an API action rather than a direct code example. ```text For more information about scan on demand, see On-demand scan. ``` -------------------------------- ### Generate Certificates using Conjur Cloud PKI Integration Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/conjurcloud/whatsnew This example illustrates how to enable workloads to create certificates directly from Conjur Cloud using Certificate Signing Requests (CSRs) or by having Conjur generate keys and CSRs. It highlights integration with CyberArk Certificate Manager. ```python import requests import json CONJUR_URL = "https://conjur.example.com" CONJUR_API_KEY = "your_api_key" CONJUR_ACCOUNT = "your_account" def generate_certificate(common_name, csr=None): """Generates a certificate using Conjur Cloud PKI. Args: common_name (str): The common name for the certificate. csr (str, optional): The Certificate Signing Request. If None, Conjur generates keys and CSR. Returns: dict: The API response containing certificate details. """ endpoint = f"{CONJUR_URL}/api/v1/certificates/issue" headers = { "Content-Type": "application/json", "Authorization": f"Token token=\"{CONJUR_API_KEY}\"" } payload = { "account": CONJUR_ACCOUNT, "common_name": common_name, "csr": csr } response = requests.post(endpoint, headers=headers, data=json.dumps(payload)) return response.json() # Example usage: # Generate keys and CSR within Conjur # cert_data = generate_certificate("my-workload.example.com") # Provide your own CSR # with open("my_csr.pem", "r") as f: # my_csr = f.read() # cert_data = generate_certificate("my-workload.example.com", csr=my_csr) # print(json.dumps(cert_data, indent=2)) ``` -------------------------------- ### Integrate Bitbucket Pipes with Conjur for Secrets Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/conjurcloud/whatsnew This example outlines how to use Bitbucket pipes to fetch secrets from Conjur, enabling secure secret management within CI/CD pipelines. It requires configuring Bitbucket pipes and Conjur authentication. ```yaml pipelines: default: - step: name: Fetch secrets from Conjur script: - pipe: cyberark/conjur-secrets:0.1.0 variables: CONJUR_URL: "$$CONJUR_URL" CONJUR_AUTHN_LOGIN: "$$CONJUR_AUTHN_LOGIN" CONJUR_AUTHN_API_KEY: "$$CONJUR_AUTHN_API_KEY" SECRETS: '["variable:my_app/db_password", "variable:my_app/api_key"]' - echo "Successfully fetched secrets." ``` -------------------------------- ### Conjur CLI Overview Source: https://docs.cyberark.com/conjur-enterprise/latest/en/content/resources/_topnav/cc_home This section likely details the Conjur Command Line Interface (CLI) tool, which is used to interact with Conjur Secrets Manager. It would cover installation, basic commands, and common use cases for managing secrets and policies. ```bash conjur --help conjur login conjur variable values add myapp/config api_key=secret123 conjur policy load -f policy.yml ``` -------------------------------- ### Conjur Cloud Account Name for Silent Installations Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/conjurcloud/whatsnew During silent installations of the Vault Synchronizer, the default account name for Conjur Cloud is set to 'conjur'. This simplifies the setup process for automated deployments. ```Shell conjur ``` -------------------------------- ### Build CP Environment using REST APIs Source: https://docs.cyberark.com/credential-providers/latest/en/content/landingpages/cp-doc-changes Instructions for setting up the Credential Providers (CP) environment utilizing REST APIs. This section provides guidance on the necessary steps and potential configurations required for a successful API-driven deployment. ```text Build the Credential Providers (CPs) environment using REST APIs ``` -------------------------------- ### Log in to Conjur Cloud using CLI Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/conjurcloud/ccl-getstarted-lp This snippet demonstrates how to log in to Conjur Cloud using the Conjur Cloud CLI. It requires the Conjur Cloud URL and authentication credentials. ```Bash conjur authn login -u -p ``` -------------------------------- ### Deploy Conjur Follower in OpenShift/Kubernetes Source: https://docs.cyberark.com/conjur-enterprise/latest/en/content/enterprise/releasenotes/conjur-documentation-changes This documentation covers the updated process for deploying the Conjur Follower, specifically for appliance-based deployments within OpenShift/Kubernetes clusters. It aims to guide users through the setup process for these integrations. ```Documentation We have reintroduced and updated the documentation for deploying the Conjur Follower (appliance-based) inside OpenShift/Kubernetes clusters. For more information, see Set up Follower. ``` -------------------------------- ### Set up AWS Dynamic Secrets Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/conjurcloud/ccl_videos This video provides instructions on setting up AWS dynamic secrets with CyberArk. It covers the configuration steps required to enable secure and automated access to AWS resources. ```N/A sbyjnppqkn ``` -------------------------------- ### Provision Okta users to CyberArk Cloud Directory with SCIM Source: https://docs.cyberark.com/identity-administration/latest/en/content/releasenotes/documentation-changelog This describes the integration for provisioning Okta users to the CyberArk Cloud Directory using the SCIM protocol, enabling automated user lifecycle management. ```text Added Provision Okta users to the CyberArk Cloud Directory with SCIM. ``` -------------------------------- ### Create an authentication profile Source: https://docs.cyberark.com/identity-administration/latest/en/content/releasenotes/documentation-changelog This documentation update focuses on the steps required to create an authentication profile within the CyberArk system. ```text Create an authentication profile ``` -------------------------------- ### Conjur Cloud Developer Reference (CLI, REST API, Client Libraries) Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/resources/_topnav/cc_home Access the developer reference for Conjur Cloud, including its Command Line Interface (CLI), REST API, and client libraries. These tools enable programmatic interaction with Conjur Cloud for automation and integration. ```General Conjur Cloud CLI, REST API, and Client libraries ``` -------------------------------- ### Conjur Cloud Line-of-Business Name for Silent Installations Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/conjurcloud/whatsnew For silent installations of the Vault Synchronizer, the default line-of-business (LOB) name is set to 'ConjurSync'. This standardizes the naming convention for business units. ```Shell ConjurSync ``` -------------------------------- ### Get Sessions API for CyberArk Audit Source: https://docs.cyberark.com/audit/latest/en/content/audit/audit_whats_new The Get sessions API allows retrieval of session details from Session Monitoring. It supports filtering sessions using a search parameter for targeted data retrieval. ```shell GET /sessions?search= ``` -------------------------------- ### CyberArk Flow Replay: Start Node Display Source: https://docs.cyberark.com/identity-flows/latest/en/content/getstarted/whatsnew Modifies the flow replay feature in CyberArk by no longer displaying the start node when replaying a flow from the beginning. This streamlines the replay visualization. ```CyberArk Flow Replay The start node is no longer displayed when replaying a flow from the beginning. ``` -------------------------------- ### Federate with Okta using SAML Source: https://docs.cyberark.com/identity-administration/latest/en/content/releasenotes/documentation-changelog This section details the process of federating with Okta using SAML, likely involving configuration steps within both CyberArk and Okta platforms. ```text Added Federate with Okta using SAML. ``` -------------------------------- ### Upgrade Central Credential Providers Behind Load Balancer Source: https://docs.cyberark.com/credential-providers/latest/en/content/landingpages/cp-doc-changes Instructions for upgrading multiple Central Credential Providers (CCPs) that are situated behind the same load balancer. This guide addresses the complexities of updating clustered CCP instances. ```text Upgrade the Central Credential Provider (CCP) ``` -------------------------------- ### CyberArk Identity Trust Page Reference Source: https://docs.cyberark.com/identity/latest/en/content/getstarted/welcome This snippet provides a reference to the CyberArk Identity trust page, which contains information about pod status, incidents, and hotfixes. This is used to check the operational status of the CyberArk Identity service. ```URL https://www.cyberark.com/customer-support/ ``` -------------------------------- ### Integrate Bitbucket with Conjur Cloud Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/operations/authn/authn-lp This explains how to get secrets from Conjur Cloud in your Bitbucket pipes, enabling secure secret management in Bitbucket workflows. ```N/A Get secrets from Conjur in your Bitbucket pipes ``` -------------------------------- ### Fetch Secrets using Conjur Cloud CLI Source: https://docs.cyberark.com/conjur-cloud/latest/en/content/conjurcloud/ccl_fetch-secrets Fetch secrets using the Conjur Cloud Command Line Interface (CLI) with the `variable get` command. ```CLI conjur variable get ``` -------------------------------- ### CyberArk Identity Connector AD Proxy Events Report Source: https://docs.cyberark.com/identity-administration/latest/en/content/releasenotes/releasenotes-latest Provides the CyberArk Identity Connector Active Directory (AD) Proxy Events report, offering insights into synchronization processes. It helps identify issues like initialization events, sync completion, domain controller inaccessibility, cache rebuilds, and exception messages to maintain a stable authentication environment. ```Documentation The CyberArk Identity Connector Active Directory (AD) Proxy Events report provides timely and relevant syncing information to identify potential issues, including: Initialization events, AD synchronization process and completion, Inaccessibility of a domain controller, Cache rebuilds, Exception messages. See Manage the Identity Connector for more information. ``` -------------------------------- ### Feature: Import flow with webhook body schema Source: https://docs.cyberark.com/identity-flows/latest/en/content/getstarted/whatsnew When importing a flow that includes a webhook body example schema, the schema is now correctly defined within the imported flow. ```N/A When you import a flow with a webhook body example schema, the schema is now defined in the imported flow. ``` -------------------------------- ### Create a policy Source: https://docs.cyberark.com/identity-administration/latest/en/content/releasenotes/documentation-changelog This update provides guidance on creating policies within the CyberArk platform, likely for access control or security configurations. ```text Create a policy ``` -------------------------------- ### Manage Policies with Identity Administration APIs Source: https://docs.cyberark.com/identity-administration/latest/en/content/developer/developer-home Employ Identity Administration APIs to manage policies that define user MFA profiles, security settings, and endpoint authentication. ```Guides ``` -------------------------------- ### Connect via PSM to Infrastructure Source: https://docs.cyberark.com/dpa/latest/en/content/resources/_topnav/cc_home This documentation covers how to connect via PSM to different infrastructure types like Windows, Linux, and databases. It outlines the steps for secure session management. ```English Learn how to connect via PSM to infrastructure such as Windows, Linux, databases, and more ``` -------------------------------- ### Get Sessions API for Audit Space Source: https://docs.cyberark.com/audit/latest/en/content/audit/audit_whats_new This API allows retrieval of session data from the Audit space, enabling programmatic access to audit information. It is useful for integrating audit data with other systems or for custom reporting. ```shell GET /api/v1/sessions ``` -------------------------------- ### Connect via PSM to Infrastructure Source: https://docs.cyberark.com/ispss-access/latest/en/content/resources/_topnav/cc_home This documentation covers how to connect via PSM to different infrastructure types like Windows, Linux, and databases. It outlines the steps for secure session management. ```English Learn how to connect via PSM to infrastructure such as Windows, Linux, databases, and more ``` -------------------------------- ### CyberArk Loop Conditions: Data Conversion to Array Source: https://docs.cyberark.com/identity-flows/latest/en/content/getstarted/whatsnew Improves CyberArk loop conditions by automatically converting non-array data selected for loop iterations into an array. For example, a string will iterate over its characters. ```CyberArk Loop Conditions When the data selected for loop iterations is not an array, Flows now converts the selected data into an array. For example, if a string is selected for loop iterations, Flows iterates over the characters in the string. ```