Set-IpsCredentials.ps1
<# .Synopsis Update credential in customer's credential wallet. .Description Update credential in customer's credential wallet. This function supports updating different types of credential in customer's credential wallet. #> Function Set-IpsCredentials { [CmdletBinding()] Param( # Citrix Cloud customer id. [Parameter(Mandatory = $true)] [string]$CustomerId, # Credential type of target platform. [Parameter(Mandatory = $true)] [ValidateSet("Azure", "Gcp", "UsernamePassword", "Aws")] [string]$CredentialType, [Parameter(Mandatory = $false)] [string]$SecureClientId = "", [Parameter(Mandatory = $false)] [string]$SecureSecret = "", [Parameter(Mandatory = $true)] [string]$CredentialId, # Aws credentials to create an Aws Credential Wallet entry from. [Parameter(Mandatory = $true, ParameterSetName = 'Aws')] [string]$AwsKey, [Parameter(Mandatory = $true, ParameterSetName = 'Aws')] [string]$AwsKeyId, [Parameter(Mandatory = $false, ParameterSetName = 'Aws')] [string]$AwsSessionToken, # Azure credentials to create an Azure Credential Wallet entry from. [Parameter(Mandatory = $true, ParameterSetName = 'Azure')] [string]$AzureTenantId, [Parameter(Mandatory = $true, ParameterSetName = 'Azure')] [string]$AzureClientId, [Parameter(Mandatory = $true, ParameterSetName = 'Azure')] [string]$AzureSecret, # GCP JSON credentials file to create an GCP Credential Wallet entry from. [Parameter(Mandatory = $true, ParameterSetName = 'Gcp')] [string]$GcpServiceAccountKeyFile, # SMB or vSphere Credentials. [Parameter(Mandatory = $true, ParameterSetName = 'UsernamePassword')] [string]$UserDomain, [Parameter(Mandatory = $true, ParameterSetName = 'UsernamePassword')] [string]$UserName, [Parameter(Mandatory = $true, ParameterSetName = 'UsernamePassword')] [string]$UserPassword, [Parameter(Mandatory = $false)] [string]$LogFileDir = "", [Parameter(Mandatory = $false)] [string]$LogFileName = 'Credentials.log', [Parameter(Mandatory = $false)] [string]$Deployment, [Parameter(Mandatory = $false)] [switch]$OverwriteLog ) Begin { Add-PSSnapin Citrix.* } Process { # Initialize Logger # Set parameter 'Verbose' by internal parameter 'VerbosePreference', since the option -Verbose is occupied by powershell cmdlet if ($VerbosePreference -eq 'Continue') { $Verbose = $True } else { $Verbose = $False } LogInit $LogFileDir $LogFileName $OverwriteLog $Verbose # Check Credential Type if ($PSCmdlet.ParameterSetName -ne $CredentialType) { LogFatal "CredentialType $CredentialType does not match the type of selected parameter set $PSCmdlet.ParameterSetName" } try { # Authenticate to Citrix Cloud $parameters = AuthToCitrixCloud $CustomerId $SecureClientId $SecureSecret if ([string]::IsNullOrWhiteSpace($SecureClientId) -Or [string]::IsNullOrWhiteSpace($SecureSecret)) { $SecureClientId = $parameters.ApiKey $SecureSecret = $parameters.SecretKey } } catch { LogFatal "Failed to authenticate to Citrix Cloud" } # Update Credential Data switch ($CredentialType) { 'Aws' { $credentialData = @{ key = $AwsKey keyId = $AwsKeyId sessionToken = $AwsSessionToken } } 'Azure' { $credentialData = @{ tenantId = $AzureTenantId clientId = $AzureClientId clientSecret = $AzureSecret } } 'Gcp' { $gcpJson = Get-Content -Raw -Path $GcpServiceAccountKeyFile | ConvertFrom-Json $credentialData = @{ serviceAccountKey = $gcpJson } } 'Usernamepassword' { $credentialData = @{ domain = $UserDomain username = $UserName password = $UserPassword } } } # Convert the object to JSON to use in the PUT body (Note: Default depth is 2 when serializing) $json = $credentialData | ConvertTo-Json -Depth 10 # Send the PUT try { LogIt "Updating $CredentialType credential $CredentialId" $response = Invoke-CCRestMethod 'Put' $Deployment "credentials/$CredentialId" $CustomerId $SecureClientId $SecureSecret @{} $json LogIt "Updated credential id $CredentialId" } catch { LogFatal "Failed to update credentials: $_" } } } |