Filters

CLEAR ALL

Search Results ()

Filter Icon
X

Filter

CLEAR ALL

Products

Categories

Tags

Apply

Search Results ()

Sort By: Recent Plugins
Sort By: Name (A-Z)
Sort By: Name (Z-A)

    All Plugins (172)

    Filter Icon
    Sort By: Recent Plugins
    Sort By: Name (A-Z)
    Sort By: Name (Z-A)
    Sort By: Recent Plugins
    Sort By: Name (A-Z)
    Sort By: Name (Z-A)

    Quick Info

    Product icon
    Product
    DevOps Deploy (HCL Launch)
    Plugin type icon
    Type
    plugin
    Compatibility icon
    Compatibility
    created by icon
    Created by
    CyberArk
    Website icon
    Website
    CyberArk
    Published Date
    March 11th, 2021
    Last Updated
    April 25th, 2024

    Description

    CyberArk Application Identity Manager, part of the CyberArk Privileged Account Security Solution, enables organizations to protect critical business systems by eliminating hard-coded credentials from application scripts, configuration files, and software code and removing SSH keys from servers where they are used by applications and scripts. Application Identity Manager offers agent and agentless deployment options to best meet the security and availability requirements of various business applications. The product is built on the CyberArk Shared Technology Platform, delivering scalability, high availability, and centralized management and reporting.

    Quick Info

    Product icon
    Product
    DevOps Deploy (HCL Launch)
    Plugin type icon
    Type
    plugin
    Compatibility icon
    Compatibility
    created by icon
    Created by
    CyberArk
    Website icon
    Website
    CyberArk
    Published Date
    March 11th, 2021
    Last Updated
    April 25th, 2024

    launch-cyberark-4.1098501.zip

    Uploaded: 15-Mar-2021 13:29

    Release Notes

    Added step to retrieve password from Central Credential Provider Web API.
    Download Icon DOWNLOAD

    Overview

    CyberArk Application Identity Manager, an integrated part of the CyberArk Privileged Account Security Solution, enables organizations to protect critical business systems by eliminating hard-coded credentials from applications, automation scripts, configuration files and software code, and by removing SSH keys from servers where they are used by applications and scripts. CyberArk Application Identity Manager offers agent and agentless deployment options to best meet the security and availability requirements of various business applications. The product is designed to help customers achieve enterprise level scalability, high availability and offer centralized management and reporting.

    Steps

    The following process steps are available:

    Authenticate Conjur

    Authenticate Conjur using API Key to get a short-lived access token.

    Input properties for the Component step
    Name Type Description Required
    API Key String API Key Yes
    Account String Organization account name Yes
    Api Version Enumeration The version of the API. Valid values are v4 and v5 Yes
    Conjur URL String Url of Conjur, example, https://eval.conjur.org Yes
    Login String The login name of the client. For users, its the user id. For hosts, the login name is host/host-id Yes
    Ouput PropertyAccess Token String Process Request Property for storing the retrieved access token Yes
    Proxy String Proxy, leave it blank if no proxy is needed No

    Get Password from CCP (Web Service)

    Retrieve a password from CyberArk AIM Central Credential Provider via an HTTP request.

    The Central Credential Provider is installed remote to the agent on a central IIS server. This step will set the prefix/username, /address, and /password properties at either the component process request level or the generic process request level.

    Input properties for the Component step
    Name Type Description Required
    Application ID String The unique ID of the application issuing the password request. Yes
    Folder String The name of the folder where the password is stored. No
    Keystore File String The path to the agent machines keystore file. This is required when the CyberArk server authenticates applications using client certificates. No
    Keystore Password Password The password of the agent machines keystore. No
    Keystore Type String The type of keystore on the agent machine. No
    Object Name String The name of the password object to retrieve. No
    Process Property Prefix String The value to be prepended to each process request property that is created by this step. You may address these properties in subsequent steps with the syntax: ${p:/password} for instance. Yes
    SSL/TLS Debug Level String Specify a debug level to set the javax.net.debug system property. A level of all will log everything. You can specify more specific logging levels with values. For instance ssl:handshake will only log information regarding handshakes between the client and server. No
    Safe String The name of the safe where the password is stored. No
    Server URL String The URL of your CyberArk server. This property should be specified in the format <https://host:port/AIMWebService/api/accounts>. Yes
    Trust Invalid Certificates Boolean Check this box to trust all SSL certificates on the agent machine. This will trust any certificate returned from the CyberArk server during connection. No

    Get Password from CP (CLI Utility)

    Retrieve a password from CyberArk AIM Credential Provider via the clipasswordsdk command line utility on the agent machine. This step will set the CyberArk/username,

    CyberArk/address, and CyberArk/password properties at either the component process request level or the generic process request level.

    Input properties for the Component step
    Name Type Description Required
    App ID String AppID configured in CyberArk PVWA Yes
    Folder String The name of the folder Yes
    Object String Object name of the credential Yes
    Ouput PropertyAddress String Process Request Property for storing the retrieved address No
    Ouput PropertyPassword String Process Request Property for storing the retrieved password Yes
    Ouput PropertyUser Name String Process Request Property for storing the retrieved user name No
    Path String Full path to clipasswordsdk.E.g. /opt/CARKaim/sdk/clipasswordsdk Yes
    Safe String Safe name Yes

    Get Variable from Conjur

    Get Variable from Conjur.

    Input properties for the Component step
    Name Type Description Required
    Access Token String Access Token Yes
    Account String Organization account name No
    Api Version Enumeration: *v4 and *v5 API version Yes
    Conjur URL String Url of Conjur, example, https://eval.conjur.org Yes
    Ouput PropertyVariable String Process Request Property for storing the retrieved variable Yes
    Proxy String Proxy, leave it blank if no proxy is needed No
    Variable ID String Variable ID Yes

    Usage

    Process Request Properties

    The CyberArk plugin password retrieval steps generate secure process request properties accessible only by the currently running process. In subsequent steps you may access these properties using the syntax ${p:CyberArk/password}, ${p:CyberArk/username}, and ${p:CyberArk/address}.

    CyberArk Authentication

    The CyberArk server determines how applications will be authenticated to access objects. Applications may be authenticated via Windows username, allowed hostnames, and client certificates. The Get Password from CCP (Web Service) step allows for authentication via client certificate.

    The Keystore File, Keystore Password, and Keystore Type step fields allow you to set an SSL context to request password objects from CyberArk. The certificates in the referenced keystore will be passed with the request. The CyberArk server must trust the client certificate in its truststore and reference the serial number of the certificate to authenticate with.