functions/secrets/Set-SecretExpiration.ps1

function Set-SecretExpiration {
    <#
    .SYNOPSIS
    Set Secret expiration
 
    .DESCRIPTION
    Set Secret expiration
 
    .EXAMPLE
    $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
    Set-TssSecretExpiration -TssSession $session -Id 46 -DateExpiration (Get-Date).AddDays(21)
 
    Set Secret expiration on Secret 46 to specific date 21 days from the current date
 
    .EXAMPLE
    $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
    Set-TssSecretExpiration -TssSession $session -Id 23 -Template
 
    Set Secret expiration on Secret 23 to template, expiration being controlled with the Secret Template
 
    .EXAMPLE
    $session = New-TssSession -SecretServer https://alpha -Credential $ssCred
    Set-TssSecretExpiration -TssSession $session -Id 42 -Interval 21
 
    Set Secret expiration on Secret 23 to interval of 21 days
 
    .LINK
    https://thycotic-ps.github.io/thycotic.secretserver/commands/Set-TssSecretExpiration
 
    .LINK
    https://github.com/thycotic-ps/thycotic.secretserver/blob/main/src/functions/secrets/Set-SecretExpiration.ps1
 
    .NOTES
    Requires TssSession object returned by New-TssSession
    #>

    [cmdletbinding(SupportsShouldProcess, DefaultParameterSetName = 'all')]
    param(
        # TssSession object created by New-TssSession for auth
        [Parameter(Mandatory,ValueFromPipeline,Position = 0)]
        [TssSession]
        $TssSession,

        # Folder Id to modify
        [Parameter(Mandatory,ValueFromPipelineByPropertyName)]
        [Alias("SecretId")]
        [int[]]
        $Id,

        # Set expiration to specific date and time
        [Parameter(ParameterSetName = 'SpecificDate')]
        [datetime]
        $DateExpiration,

        # Set expiration to an interval (days)
        [Parameter(ParameterSetName = 'DayInterval')]
        [int]
        $Interval,

        # Set expiration to Template
        [Parameter(ParameterSetName = 'Template')]
        [switch]
        $Template
    )
    begin {
        $setParams = $PSBoundParameters
        $invokeParams = . $GetInvokeTssParams $TssSession
    }
    process {
        Write-Verbose "Provided command parameters: $(. $GetInvocation $PSCmdlet.MyInvocation)"
        if ($setParams.ContainsKey('TssSession') -and $TssSession.IsValidSession()) {
            . $CheckVersion $TssSession '10.9.000000' $PSCmdlet.MyInvocation
            foreach ($secret in $Id) {
                $restResponse = $null
                $uri = $TssSession.ApiUrl, 'secrets', $secret, 'expiration' -join '/'
                $invokeParams.Uri = $uri
                $invokeParams.Method = 'PUT'

                $setExpirationBody = @{ data = @{ } }

                if ($setParams.ContainsKey('Template')) {
                    $type = @{
                        dirty = $true
                        value = 'Template'
                    }
                    $setExpirationBody.data.Add('expirationType',$type)
                }
                if ($setParams.ContainsKey('Interval')) {
                    $type = @{
                        dirty = $true
                        value = 'DayInterval'
                    }
                    $dayInterval = @{
                        dirty = $true
                        value = $Interval
                    }
                    $setExpirationBody.data.Add('expirationType',$type)
                    $setExpirationBody.data.Add('expirationDayInterval',$dayInterval)
                }
                if ($setParams.ContainsKey('DateExpiration')) {
                    $type = @{
                        dirty = $true
                        value = 'SpecificDate'
                    }
                    $expDate = @{
                        dirty = $true
                        value = $DateExpiration.ToShortDateString()
                    }
                    $setExpirationBody.data.Add('expirationType',$type)
                    $setExpirationBody.data.Add('expirationDate',$expDate)
                }

                $invokeParams.Body = $setExpirationBody | ConvertTo-Json

                if ($PSCmdlet.ShouldProcess("Secret ID: $secret", "$($invokeParams.Method) $uri with:`n$($invokeParams.Body)`n")) {
                    Write-Verbose "Performing the operation $($invokeParams.Method) $uri with:`n$($invokeParams.Body)`n"
                    try {
                        $restResponse = . $InvokeApi @invokeParams
                    } catch {
                        Write-Warning "Issue setting expiration on [$secret]"
                        $err = $_
                        . $ErrorHandling $err
                    }
                }
                if ($restResponse) {
                    if ($setParams.ContainsKey('DateOfExpiration') -and $restResponse.expirationDate -eq $DateOfExpiration) {
                        Write-Verbose "Secret [$secret] expiration date set to $DateOfExpiration"
                    }
                    if ($setParams.ContainsKey('Interval') -and $restResponse.expirationDayInterval -eq $Interval) {
                        Write-Verbose "Secret [$secret] expiration set to $Interval Days"
                    }
                    if ($setParams.ContainsKey('Template') -and $restResponse.expirationType -eq $Template) {
                        Write-Verbose "Secret [$secret] expiration type set to Template"
                    }
                }
            }
        } else {
            Write-Warning "No valid session found"
        }
    }
}