CyberArk AIM (Deprecated)
CyberArk Central Credential Provider (CCP) Pack.#
This Integration is part of theDeprecated
Use the CyberArk AIM v2 integration instead.
Deprecated. Use the CyberArk AIM v2 integration instead.
Configure CyberArkAIM on Cortex XSOAR
- Navigate to Settings > Integrations > Servers & Services .
- Search for CyberArkAIM.
-
Click
Add instance
to create and configure a new integration instance.
- Name : a textual name for the integration instance.
- Server URL (e.g. https://192.168.0.1 )
- Port
- AppID as configured in AIM
- Trust any certificate (not secure)
- Use system proxy settings
- Folder to search in safe
- Safe to search in
- isFetchCredentials
- API Username
- API Password
- Credential names - comma-seperated list of credentials names in vault
- Click Test to validate the URLs, token, and connection.
Commands
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
- Search for credentials: cyber-ark-aim-query
- Get a list of credentials: list-credentials
- Reset account password: reset-credentials
- Get information for an account: account-details
1. Search for credentials
Search credentials in CyberArk AIM. Only one result is returned.
Base Command
cyber-ark-aim-query
Input
Argument Name | Description | Required |
---|---|---|
username | Username to query | Optional |
address | Address to query | Optional |
safe | Safe to query | Optional |
folder | Folder to query | Optional |
object | Object to query | Optional |
query | Defines a free query using account properties, including Safe, folder, and object. When this method is specified, all other search criteria are ignored | Optional |
queryFormat | Defines the query format, which can optionally use regular expressions | Optional |
reason | The reason for retrieving the password. This reason will be audited in the Credential Provider audit log. | Optional |
database | Defines search criteria according to the database account property | Optional |
Context Output
Path | Type | Description |
---|---|---|
CyberArk.AIM.Folder | unknown | Account folder |
CyberArk.AIM.PasswordChangeInProcess | unknown | Is password change in process |
CyberArk.AIM.Content | unknown | Account content |
CyberArk.AIM.CreationMethod | unknown | Account creation method |
CyberArk.AIM.Name | unknown | Account name |
CyberArk.AIM.PolicyID | unknown | Account policy ID |
CyberArk.AIM.CPMDisabled | unknown | Account CPM disabled |
CyberArk.AIM.Address | unknown | Account address |
CyberArk.AIM.Safe | unknown | Account safe |
CyberArk.AIM.UserName | unknown | Account username |
CyberArk.AIM.DeviceType | unknown | Account device type |
2. Get a list of all credentials
Lists all credentials available.
Base Command
list-credentials
Input
Argument Name | Description | Required |
---|---|---|
identifier | When used, command will return a specific credential | Optional |
Context Output
There is no context output for this command.
3. Reset account password
Resets the password for the specified account with a random password.
Base Command
reset-credentials
Input
Argument Name | Description | Required |
---|---|---|
immediateChangeByCPM | Flag the CPM that the change is effective immediately | Optional |
accountId | Account ID to reset password | Required |
Context Output
There is no context output for this command.
4. Get information for an account
This method returns information about an account. If more than one account meets the search criteria, only the first account will be returned.
Base Command
account-details
Input
Argument Name | Description | Required |
---|---|---|
keywords | Keywords matching the account | Required |
safe | Specify a safe instead of a specific instance | Optional |
Context Output
There is no context output for this command.