KeeperPAMコマンド
検出、パスワードローテーション、接続、トンネル接続などのKeeperPAM機能の管理
最終更新
KeeperPAMでは、検出、パスワードローテーション、PAM設定、Keeper Gateway設定が可能であり、コマンダーからpamコマンドとサブコマンドを使用して制御および管理できます。これらのコマンドは、Keeperシークレットマネージャーの機能をサポートしています。
コマンド: pam
詳細: KeeperPAMの制御を行います。
My Vault> pam --help
pam command [--options]
Command Description
--------- -----------------------------
gateway Manage Gateways
config Manage PAM Configurations
rotation Manage Rotations
action Execute action on the Gateway
tunnel Manage TunnelsMy Vault> pam gateway help
pam command [--options]
Command Description
--------- ------------------
list List Gateways
new Create new Gateway
remove Remove GatewayMy Vault> pam config help
pam command [--options]
Command Description
--------- -------------------------------------------------------------
new Create new PAM Configuration
edit Edit PAM Configuration
list List available PAM Configurations associated with the Gateway
remove Remove a PAM ConfigurationMy Vault> pam rotation help
pam command [--options]
Command Description
--------- -----------------------------------
set Set Record Rotation Configuration
list List Record Rotation Configurations
info Get Rotation Info
script Add, delete, or edit script fieldMy Vault> pam rotation set --help
usage: pam rotation set [-h] (--record RECORD_NAME | --folder FOLDER_NAME) [--config CONFIG_UID] [--resource RESOURCE_UID] [--schedulejson SCHEDULE_JSON_DATA | --schedulecron SCHEDULE_CRON_DATA | --on-demand] [--complexity PWD_COMPLEXITY]
[--enable | --disable]
options:
-h, --help show this help message and exit
--record RECORD_NAME Record UID or Name that will be rotated manually or via schedule
--folder FOLDER_NAME Folder UID or name that holds records to be rotated manually or via schedule
--config CONFIG_UID, -c CONFIG_UID
UID of the PAM Configuration.
--resource RESOURCE_UID, -rs RESOURCE_UID
UID of the resource recourd.
--schedulejson SCHEDULE_JSON_DATA, -sj SCHEDULE_JSON_DATA
Json of the scheduler. Example: -sj '{"type": "WEEKLY", "utcTime": "15:44", "weekday": "SUNDAY", "intervalCount": 1}'
--schedulecron SCHEDULE_CRON_DATA, -sc SCHEDULE_CRON_DATA
Cron tab string of the scheduler. Example: to run job daily at 5:56PM UTC enter following cron -sc "56 17 * * *"
--on-demand, -sm Schedule On Demand
--complexity PWD_COMPLEXITY, -x PWD_COMPLEXITY
Password complexity: length, upper, lower, digits, symbols. Ex. 32,5,5,5,5
--enable Enable rotation
--disable Disable rotationMy Vault> pam rotation list --help
usage: pam rotation list [-h] [--verbose]
optional arguments:
-h、--help show this help message and exit
--verbose、-v Verbose outputMy Vault> pam rotation info --help
usage: dr-router-get-rotation-info-parser [-h] --record-uid RECORD_UID
optional arguments:
-h、--help show this help message and exit
--record-uid RECORD_UID, -r RECORD_UID
Record UID to rotateMy Vault> pam rotation script --help
pam command [--options]
Command Description
--------- ---------------------------------
list List script fields
add List Record Rotation Schedulers
edit Add, delete, or edit script field
delete Delete script field詳細: Keeperゲートウェイを介して特権アカウントを検出
My Vault> pam action help
pam command [--options]
Command Description
------------------- ----------------
gateway-info Info command
unreleased-discover Discover command
rotate Rotate command
job-info View Job details
job-cancel View Job detailsMy Vault> pam action gateway-info --help
usage: dr-info-command [-h] [--gateway GATEWAY_UID] [--verbose]
optional arguments:
-h、--help show this help message and exit
--gateway GATEWAY_UID, -g GATEWAY_UID
Gateway UID
--verbose、-v Verbose OutputMy Vault> pam action discover --help
pam command [--options]
Command Description
--------- ----------------------------------
start Start a discovery process
status Status of discovery jobs
remove Cancel or remove of discovery jobs
process Process discovered items
get Get and save discovery results
rule Manage discovery rules
record Discovery record informationMy Vault> pam action rotate --help
usage: dr-rotate-command [-h] --record-uid RECORD_UID
optional arguments:
-h、--help show this help message and exit
--record-uid RECORD_UID, -r RECORD_UID
Record UID to rotateMy Vault> pam action job-info --help
usage: pam-action-job-command [-h] [--gateway GATEWAY_UID] job_id
positional arguments:
job_id
optional arguments:
-h、--help show this help message and exit
--gateway GATEWAY_UID, -g GATEWAY_UID
Gateway UID.Needed only if there are more than one gateway runningMy Vault> pam action job-cancel --help
usage: pam-action-job-command [-h] [--gateway GATEWAY_UID] job_id
positional arguments:
job_id
optional arguments:
-h、--help show this help message and exit
--gateway GATEWAY_UID, -g GATEWAY_UID
Gateway UID.Needed only if there are more than one gateway running
詳細: Keeperゲートウェイサービスを表示、作成、削除します。Keeperゲートウェイの詳細については、ご参照ください。
詳細: Keeper PAMの設定を表示、作成、編集、削除します。PAM設定とKeeperのローテーション機能の詳細については、のページをご参照ください。
詳細: レコードのKeeperローテーションの設定を表示および作成します。PAM設定とKeeperのローテーション機能の詳細は、のページをご参照ください。コマンドの詳細については、-helpオプションをご利用ください。