-
-
Notifications
You must be signed in to change notification settings - Fork 91
/
Remove-PASAccountGroupMember.ps1
72 lines (53 loc) · 1.47 KB
/
Remove-PASAccountGroupMember.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
function Remove-PASAccountGroupMember {
<#
.SYNOPSIS
Deletes a member of an account group.
.DESCRIPTION
Removes an account member from an account group.
This account can be either a password account or an SSH Key account.
The following permissions are required on the safe:
- Add Accounts
- Update Account Content
- Update Account Properties
-Create Folders
.PARAMETER AccountID
The unique ID of the account group.
.PARAMETER GroupID
The unique ID of the account group.
.EXAMPLE
Remove-PASAccountGroupMember -AccountID 21_7 -GroupID 21_9
Removes member with ID of 21_& from account group with ID of 21_9
.INPUTS
All parameters can be piped by property name
.OUTPUTS
None
.NOTES
Minimum CyberArk version 9.10
#>
[CmdletBinding(SupportsShouldProcess)]
param(
[parameter(
Mandatory = $true,
ValueFromPipelinebyPropertyName = $true
)]
[string]$AccountID,
[parameter(
Mandatory = $true,
ValueFromPipelinebyPropertyName = $true
)]
[string]$GroupID
)
BEGIN {
$MinimumVersion = [System.Version]"9.10"
}#begin
PROCESS {
Assert-VersionRequirement -ExternalVersion $Script:ExternalVersion -RequiredVersion $MinimumVersion
#Create URL for Request
$URI = "$Script:BaseURI/API/AccountGroups/$GroupID/Members/$AccountID"
if($PSCmdlet.ShouldProcess($AccountID, "Delete Member from Account Group $($GroupID)")) {
#send request to PAS web service
Invoke-PASRestMethod -Uri $URI -Method DELETE -WebSession $Script:WebSession
}
}#process
END {}#end
}