- Windows Server 2016+ or Windows 10+
- PowerShell 5.1+ (included with Windows)
- Administrator privileges
- CyberArk Identity and Secrets Hub credentials
infamousjoeg
/ 01_ns_sa.sh
Created
September 24, 2025 18:57
Kubernetes Manifests for Secrets Provider for K8s in Sidecar Mode PoC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| kubectl create ns cyberark-poc | |
| kubectl create sa -n cyberark-poc cyberark-poc-app-sa |
infamousjoeg
/ SecretsHubDiscoveryONLY.json
Created
August 28, 2025 12:49
Secrets Hub ListSecrets Only CloudFormation Template
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion": "2010-09-09", | |
| "Parameters": { | |
| "PolicyName": { | |
| "Type": "String", | |
| "Description": "Meaningful policy name" | |
| }, | |
| "CyberArkSecretsHubRoleARN": { | |
| "Type": "String", | |
| "Description": "The Secrets Hub tenant role ARN which will be trusted by this role" |
infamousjoeg
/ README.get-secrets.md
Created
August 21, 2025 19:48
CyberArk get-secrets Tool: Windows Setup and PowerShell Usage Guide
infamousjoeg
/ authenticate_arksdk.py
Created
August 11, 2025 16:32
How to authenticate as an Identity Service User using Ark SDK for Python
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import getpass | |
| from ark_sdk_python import ArkClient | |
| from ark_sdk_python.auth import ArkISPAuth | |
| def interactive_platform_auth(): | |
| """Interactive platform token authentication setup""" | |
| # Gather credentials interactively | |
| tenant_url = input("Enter your CyberArk tenant URL: ") | |
| client_id = input("Enter your Service User client ID: ") |
infamousjoeg
/ AzureKeyVaultsWithSecrets.ps1
Created
August 6, 2025 17:31
Get all Azure Key Vaults in an Azure Management Group that contain Secret objects
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Requires: Az PowerShell Module | |
| # Install with: Install-Module -Name Az -Scope CurrentUser | |
| # ------------------------ | |
| # VARIABLES - EDIT THESE | |
| # ------------------------ | |
| $ManagementGroupId = "<YourManagementGroupID>" # e.g. "mg-root" | |
| # ------------------------ | |
| # CONNECT TO AZURE |
infamousjoeg
/ V5SynchronizerInstallation.proxy.ps1
Created
June 16, 2025 14:38
Proxy-supported Vault-Conjur Synchronizer PowerShell Script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Version = 13.6.0.4-release/13.6 | |
| #----------------------------------------- | |
| # This script installs the Vault-Conjur Synchronizer | |
| #------------------------------------------ | |
| #Requires -Version 4.0 | |
| param([switch] $silent, [switch] $forceNoPVWAApiUse, [switch] $trustPVWAAndConjurCert, [switch] $automationTests) | |
| #region [Variables] |
infamousjoeg
/ cyberarkSAMLPingFederate.md
Created
March 27, 2025 19:06
CyberArk PAM (Self-Hosted) REST API Authentication via PingFederate SAML
This guide demonstrates how to authenticate to CyberArk's Self-Hosted Privileged Access Management (PAM) REST API using PingFederate SAML authentication with PowerShell.
The script implements a complete SAML authentication flow that:
- Initiates SAML authentication with CyberArk
- Redirects to PingFederate for authentication
infamousjoeg
/ PS-SAML-Interactive-NG.psm1
Last active
March 7, 2025 21:53
getSAMLResponse-Interactive using Selenium
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function New-SAMLInteractive { | |
| [CmdletBinding()] | |
| param( | |
| [Parameter(Mandatory = $true)] | |
| [string] $LoginIDP | |
| ) | |
| Begin { | |
| # Regular expression to extract SAML Response | |
| $RegEx = '(?i)name="SAMLResponse"(?: type="hidden")? value=\"(.*?)\"(?:.*)?\/>' |
infamousjoeg
/ GitHubOIDC-CyberArkConjur.md
Created
August 15, 2024 13:07
Utilizing GitHub OIDC as an Authentication Method through CyberArk Conjur’s authn-jwt
Overview:
This documentation demonstrates how to use GitHub's OpenID Connect (OIDC) as an authentication method in Conjur Cloud & Self-Hosted Enterprise using the authn-jwt authenticator. The process involves configuring the JWT authenticator, mapping claims from the GitHub OIDC token to annotations in Conjur Cloud, and finally authenticating a workload.
- Plan the Configuration:
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Import the AWS module | |
| Import-Module AWSPowerShell.NetCore | |
| # Define the region | |
| $region = "YOUR_AWS_REGION" | |
| # Function to get temporary security credentials from EC2 instance's IAM role | |
| function Get-TemporaryCredentials { | |
| param ( | |
| [string]$region |
NewerOlder