This is a collection of python functions to create CyberArk safes, accounts and Secrets Hub infrastructure. The functions are driven by a common provisioning request (see ./requests/*.json) that is passed as a single argument to each. The provisioning request is augmented with necessary information (session token, URL, safe name, platform id, etc.) as the workflow progresses.
The de#tention is support the wide variety of workflow requirements encountered at customer sites. Therefore, it does not prescribe a rigid format for provisioning requests. It also does not require the request to contain a safe name or platform ID. Those are derived from information in the request and are easily adapted to customer naming conventions.
Admin credentials are currently passed as environment variables (see ./src/getAuthCreds.py) and only supports CyberArk Identity oauth2 service users:
- CYBR_SUBDOMAIN - subdomain of your CyberArk tenant
- CYBR_USERNAME - name of oauth2 service user
- CYBR_PASSWORD - password of oauth2 service user
