Update manifest and docs to 4.6.0

CHANGELOG.md

@@ -1,3 +1,18 @@
+## 4.6.0
+- Add `Import-VaasCertificate`.  Export from TPP right into VaaS (and vice versa).
+- `Import-TppCertificate` updates
+   - Add pipelining with either `-CertificatePath` or `CertificateData`.  You can provide FileInfo objects or just an array of paths.
+   - If using PS v6+, import will now use parallel processing.  Control the number of certificates imported at once with the new parameter `-ThrottleLimit`.  This is definitely the recommended approach for bulk importing.
+   - Add prepending '\ved\policy' to `-PolicyPath` if not provided
+ - `Get-TppAttribute` updates
+   - `-Attribute` can now accept custom field labels/names to retrieve the value, [#74](https://github.com/Venafi/VenafiPS/issues/74)
+   - Return Locked and Overridden values where applicable
+   - Notify user when attribute name provided to `-Attribute` is not valid
+ - Fix SecretManagement module existence check not always being triggered in `New-VenafiSession`, [#123](https://github.com/Venafi/VenafiPS/issues/123)
+ - Add 'certificate' field to `Write-VerboseWithSecret` to hide certificate data being passed to VaaS
+ - Allow any attribute names for `Get-TppIdentityAttribute -Attribute`, [#125](https://github.com/Venafi/VenafiPS/issues/125)
+
+
 ## 4.5.0
 - Add docker image with each new build and [publish to dockerhub](https://hub.docker.com/repository/docker/venafi/venafips-module).  Add the below environment variables recognition for use with docker image, but could be used outside of it as well.  This is great for ci/cd scenarios and more.
   - TPP_SERVER - TPP server url
@@ -388,3 +403,4 @@
 
 
 
+

VenafiPS/VenafiPS.psd1

@@ -3,7 +3,7 @@
 #
 # Generated by: Venafi
 #
-# Generated on: 06/17/2022
+# Generated on: 06/29/2022
 #
 
 @{
@@ -12,7 +12,7 @@
 RootModule = 'VenafiPS.psm1'
 
 # Version number of this module.
-ModuleVersion = '4.6'
+ModuleVersion = '4.6.0'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()
@@ -101,7 +101,8 @@ FunctionsToExport = 'Add-TppCertificateAssociation', 'Convert-TppObject',
                'Test-TppObject', 'Test-TppToken', 'Write-TppLog', 'Get-VenafiTeam',
                'Remove-VenafiTeam', 'Add-VenafiTeamMember', 'Add-VenafiTeamOwner',
                'Remove-VenafiTeamMember', 'Remove-VenafiTeamOwner', 'New-VenafiTeam',
-               'Search-TppHistory', 'Get-VaasIssuingTemplate', 'New-VaasApplication','Import-VaasCertificate'
+               'Search-TppHistory', 'Get-VaasIssuingTemplate', 'New-VaasApplication',
+               'Import-VaasCertificate'
 
 # Cmdlets to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no cmdlets to export.
 CmdletsToExport = @()
@@ -112,7 +113,8 @@ VariablesToExport = 'VenafiSession'
 # Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export.
 AliasesToExport = 'fto', 'itcr', 'Find-TppCertificate', 'Get-TppIdentity', 'Read-TppLog',
                'Invoke-TppRestMethod', 'Get-TppCertificate',
-               'Get-TppCertificateDetail', 'Find-VaasCertificate', 'Export-TppCertificate', 'Export-VaasCertificate'
+               'Get-TppCertificateDetail', 'Find-VaasCertificate',
+               'Export-TppCertificate', 'Export-VaasCertificate'
 
 # DSC resources to export from this module
 # DscResourcesToExport = @()

docs/changelog.md

@@ -1,3 +1,18 @@
+## 4.6.0
+- Add `Import-VaasCertificate`.  Export from TPP right into VaaS (and vice versa).
+- `Import-TppCertificate` updates
+   - Add pipelining with either `-CertificatePath` or `CertificateData`.  You can provide FileInfo objects or just an array of paths.
+   - If using PS v6+, import will now use parallel processing.  Control the number of certificates imported at once with the new parameter `-ThrottleLimit`.  This is definitely the recommended approach for bulk importing.
+   - Add prepending '\ved\policy' to `-PolicyPath` if not provided
+ - `Get-TppAttribute` updates
+   - `-Attribute` can now accept custom field labels/names to retrieve the value, [#74](https://github.com/Venafi/VenafiPS/issues/74)
+   - Return Locked and Overridden values where applicable
+   - Notify user when attribute name provided to `-Attribute` is not valid
+ - Fix SecretManagement module existence check not always being triggered in `New-VenafiSession`, [#123](https://github.com/Venafi/VenafiPS/issues/123)
+ - Add 'certificate' field to `Write-VerboseWithSecret` to hide certificate data being passed to VaaS
+ - Allow any attribute names for `Get-TppIdentityAttribute -Attribute`, [#125](https://github.com/Venafi/VenafiPS/issues/125)
+
+
 ## 4.5.0
 - Add docker image with each new build and [publish to dockerhub](https://hub.docker.com/repository/docker/venafi/venafips-module).  Add the below environment variables recognition for use with docker image, but could be used outside of it as well.  This is great for ci/cd scenarios and more.
   - TPP_SERVER - TPP server url
@@ -388,3 +403,4 @@
 
 
 
+

docs/functions/Export-VenafiCertificate.md

@@ -80,8 +80,8 @@ Accept wildcard characters: False
 ```
 
 ### -Format
-Certificate format. 
-For Venafi as a Service, you can provide either PEM or DER. 
+Certificate format.
+For Venafi as a Service, you can provide either PEM, DER, or JKS.
 For TPP, Base64, Base64 (PKCS#8), DER, JKS, PKCS #7, or PKCS #12.
 
 ```yaml
@@ -246,7 +246,7 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 ## INPUTS
 
-### CertificateId/Path from TppObject
+### CertificateId / Path from TppObject
 ## OUTPUTS
 
 ### Vaas, System.String.  TPP, PSCustomObject.

docs/functions/Get-TppAttribute.md

@@ -11,34 +11,38 @@ Get-TppAttribute -Path <String> [-Attribute <String[]>] [-AsValue] [-New] [-Vena
  [<CommonParameters>]
 ```
 
-### AllPolicyPath
+### AllPolicy
 ```
 Get-TppAttribute -Path <String> [-All] [-Policy] -PolicyClass <String> [-New] [-VenafiSession <PSObject>]
  [<CommonParameters>]
 ```
 
-### PolicyPath
+### Policy
 ```
 Get-TppAttribute -Path <String> -Attribute <String[]> [-Policy] -PolicyClass <String> [-AsValue] [-New]
  [-VenafiSession <PSObject>] [<CommonParameters>]
 ```
 
-### AllEffectivePath
+### AllEffective
 ```
-Get-TppAttribute -Path <String> [-All] [-New] [-VenafiSession <PSObject>] [<CommonParameters>]
+Get-TppAttribute -Path <String> [-Effective] [-All] [-New] [-VenafiSession <PSObject>] [<CommonParameters>]
 ```
 
-### EffectiveByPath
+### Effective
 ```
 Get-TppAttribute -Path <String> -Attribute <String[]> [-Effective] [-AsValue] [-New]
  [-VenafiSession <PSObject>] [<CommonParameters>]
 ```
 
+### AllByPath
+```
+Get-TppAttribute -Path <String> [-All] [-New] [-VenafiSession <PSObject>] [<CommonParameters>]
+```
+
 ## DESCRIPTION
 Retrieves object attributes as well as policies (aka policy attributes).
 You can either retrieve all attributes or individual ones.
-By default, the attributes returned are not the effective policy, but that can be requested with the
-Effective switch.
+By default, the attributes returned are not the effective policy, but that can be requested with the -Effective switch.
 Policy folders can have attributes as well as policies which apply to the resultant objects.
 For more info on policies and how they are different than attributes, see https://docs.venafi.com/Docs/current/TopNav/Content/Policies/c_policies_tpp.php.
 
@@ -49,45 +53,88 @@ For more info on policies and how they are different than attributes, see https:
 Get-TppAttribute -Path '\VED\Policy\certificates\test.gdb.com' -New
 ```
 
-Name                                   : test.gdb.com
-Path                                   : \ved\policy\certificates\test.gdb.com
-TypeName                               : X509 Server Certificate
-Guid                                   : b7a7221b-e038-41d9-9d49-d7f45c1ca128
-Certificate Vault Id                   : @{Value=442493; CustomFieldName=; PolicyPath=}
-Consumers                              : @{Value=System.Object\[\]; CustomFieldName=; PolicyPath=}
-Created By                             : @{Value=WebAdmin; CustomFieldName=; PolicyPath=}
+Name                          : test.gdb.com
+Path                          : \VED\Policy\Certificates\test.gdb.com
+TypeName                      : X509 Server Certificate
+Guid                          : b7a7221b-e038-41d9-9d49-d7f45c1ca128
+ServiceNow Assignment Group   : @{Value=Venafi Management; CustomFieldGuid={7f214dec-9878-495f-a96c-57291f0d42da}}
+ServiceNow CI                 : @{Value=9cc047ed1bad81100774ebd1b24bcbd0;
+                                CustomFieldGuid={a26df613-595b-46ef-b5df-79f6eace72d9}}
+Certificate Vault Id          : @{Value=442493; CustomFieldGuid=}
+Consumers                     : @{Value=System.Object\[\]; CustomFieldGuid=}
+Created By                    : @{Value=WebAdmin; CustomFieldGuid=}
+CSR Vault Id                  : @{Value=442492; CustomFieldGuid=}
 
-Retrieve all values for an object, excluding values assigned by policy
+Retrieve values directly set on an object, excluding values assigned by policy
 
 ### EXAMPLE 2
 ```
 Get-TppAttribute -Path '\VED\Policy\certificates\test.gdb.com' -Attribute 'Driver Name' -New
 ```
 
 Name        : test.gdb.com
-Path        : \ved\policy\certificates\test.gdb.com
+Path        : \VED\Policy\Certificates\test.gdb.com
 TypeName    : X509 Server Certificate
 Guid        : b7a7221b-e038-41d9-9d49-d7f45c1ca128
-Driver Name : @{Value=appx509certificate; CustomFieldName=; PolicyPath=}
+Driver Name : @{Value=appx509certificate; CustomFieldGuid=}
 
 Retrieve the value for a specific attribute
 
 ### EXAMPLE 3
 ```
-Get-TppAttribute -Path '\VED\Policy\certificates\test.gdb.com' -AttributeName 'State' -Effective -New
+Get-TppAttribute -Path '\VED\Policy\certificates\test.gdb.com' -Attribute 'ServiceNow Assignment Group' -New
 ```
 
-Name     : test.gdb.com
-Path     : \ved\policy\certificates\test.gdb.com
-TypeName : X509 Server Certificate
-Guid     : b7a7221b-e038-41d9-9d49-d7f45c1ca128
-State    : @{Value=UT; CustomFieldName=; PolicyPath=\VED\Policy\Certificates}
+Name                        : test.gdb.com
+Path                        : \VED\Policy\Certificates\test.gdb.com
+TypeName                    : X509 Server Certificate
+Guid                        : b7a7221b-e038-41d9-9d49-d7f45c1ca199
+ServiceNow Assignment Group : @{Value=Venafi Management; CustomFieldGuid={7f214dec-9878-495f-a96c-57291f0d42da}}
 
-Retrieve the effective (policy applied) value for a specific attribute.
-This not only returns the value, but also the path where the policy is applied.
+Retrieve the value for a custom field.
+You can specify either the guid or custom field label name.
 
 ### EXAMPLE 4
 ```
+Get-TppAttribute -Path '\VED\Policy\certificates\test.gdb.com' -Attribute 'Organization','State' -Effective -New
+```
+
+Name         : test.gdb.com
+Path         : \VED\Policy\Certificates\test.gdb.com
+TypeName     : X509 Server Certificate
+Guid         : b7a7221b-e038-41d9-9d49-d7f45c1ca128
+Organization : @{Value=Venafi, Inc.; CustomFieldGuid=; Overridden=False; Locked=True;
+            PolicyPath=\VED\Policy\Certificates}
+State        : @{Value=UT; CustomFieldGuid=; Overridden=False; Locked=False; PolicyPath=\VED\Policy\Certificates}
+
+Retrieve the effective (policy applied) value for a specific attribute(s).
+This not only returns the value, but also the path where the policy is applied and if locked or overridden.
+
+### EXAMPLE 5
+```
+Get-TppAttribute -Path '\VED\Policy\certificates\test.gdb.com' -Effective -All -New
+```
+
+Name                                               : test.gdb.com
+Path                                               : \VED\Policy\certificates\test.gdb.com
+TypeName                                           : X509 Server Certificate
+ServiceNow Assignment Group                        : @{Value=Venafi Management;
+                                                    CustomFieldGuid={7f214dec-9878-495f-a96c-57291f0d42da};
+                                                    Overridden=False; Locked=False; PolicyPath=}
+ServiceNow CI                                      : @{Value=9cc047ed1bad81100774ebd1b24bcbd0;
+                                                    CustomFieldGuid={a26df613-595b-46ef-b5df-79f6eace72d9};
+                                                    Overridden=False; Locked=False; PolicyPath=}
+ACME Account DN                                    :
+Adaptable CA:Binary Data Vault ID                  :
+Adaptable CA:Early Password Vault ID               :
+Adaptable CA:Early Pkcs7 Vault ID                  :
+Adaptable CA:Early Private Key Vault ID            :
+
+Retrieve the effective (policy applied) value for all attributes.
+This not only returns the value, but also the path where the policy is applied and if locked or overridden.
+
+### EXAMPLE 6
+```
 Get-TppAttribute -Path '\VED\Policy\certificates\test.gdb.com' -All -New
 ```
 
@@ -101,37 +148,37 @@ Consumers            : @{Value=System.Object\[\]; CustomFieldName=; PolicyPath=}
 Created By           : @{Value=WebAdmin; CustomFieldName=; PolicyPath=}
 State                : @{Value=UT; CustomFieldName=; PolicyPath=\VED\Policy\Certificates}
 
-Retrieve all effective values for an object
+Retrieve values for all attributes applicable to this object
 
-### EXAMPLE 5
+### EXAMPLE 7
 ```
-Get-TppAttribute -Path '\VED\Policy\certificates' -PolicyClass 'X509 Certificate' -AttributeName 'State' -New
+Get-TppAttribute -Path '\VED\Policy\certificates' -PolicyClass 'X509 Certificate' -Attribute 'State' -New
 ```
 
 Name            : certificates
-Path            : \ved\policy\certificates
+Path            : \VED\Policy\certificates
 TypeName        : Policy
 Guid            : a91fc152-a9fb-4b49-a7ca-7014b14d73eb
-PolicyClassName : x509 certificate
-State           : UT
+PolicyClassName : X509 Certificate
+State           : @{Value=UT; Locked=False}
 
 Retrieve specific policy attribute values for the specified policy folder and class
 
-### EXAMPLE 6
+### EXAMPLE 8
 ```
 Get-TppAttribute -Path '\VED\Policy\certificates' -PolicyClass 'X509 Certificate' -All -New
 ```
 
-Name            : certificates
-Path            : \ved\policy\certificates
-TypeName        : Policy
-Guid            : a91fc152-a9fb-4b49-a7ca-7014b14d73eb
-PolicyClassName : x509 certificate
-City            : Salt Lake City
-Country         : US
-Management Type : Enrollment
-Organization    : Venafi, Inc.
-State           : UT
+Name                                               : certificates
+Path                                               : \VED\Policy\certificates
+TypeName                                           : Policy
+PolicyClassName                                    : X509 Certificate
+ServiceNow Assignment Group                        :
+Certificate Authority                              :
+Certificate Download: PBES2 Algorithm              :
+Certificate Process Validator                      :
+Certificate Vault Id                               :
+City                                               : @{Value=Salt Lake City; Locked=False}
 
 Retrieve all policy attribute values for the specified policy folder and class
 
@@ -170,7 +217,7 @@ Accept wildcard characters: False
 
 ```yaml
 Type: String[]
-Parameter Sets: PolicyPath, EffectiveByPath
+Parameter Sets: Policy, Effective
 Aliases:
 
 Required: True
@@ -183,10 +230,11 @@ Accept wildcard characters: False
 ### -Effective
 Get the objects attribute value, once policies have been applied.
 This is not applicable to policies, only objects.
+The output will contain the path where the policy was applied from.
 
 ```yaml
 Type: SwitchParameter
-Parameter Sets: EffectiveByPath
+Parameter Sets: AllEffective, Effective
 Aliases: EffectivePolicy
 
 Required: True
@@ -197,14 +245,13 @@ Accept wildcard characters: False
 ```
 
 ### -All
-Get all effective object attribute values.
-This will perform 3 steps, get the object type, enumerate the attributes for the object type, and get all the effective values.
-The output will contain the path where the policy was applied from.
+Get all object attribute values.
+This will perform 3 steps, get the object type, enumerate the attributes for the object type, and get all the values.
 Note, expect this to take longer than usual given the number of api calls.
 
 ```yaml
 Type: SwitchParameter
-Parameter Sets: AllPolicyPath, AllEffectivePath
+Parameter Sets: AllPolicy, AllEffective, AllByPath
 Aliases:
 
 Required: True
@@ -220,7 +267,7 @@ To retrieve policy attributes, just provide -PolicyClass.
 
 ```yaml
 Type: SwitchParameter
-Parameter Sets: AllPolicyPath, PolicyPath
+Parameter Sets: AllPolicy, Policy
 Aliases:
 
 Required: False
@@ -237,7 +284,7 @@ If unsure of the class name, add the value through the TPP UI and go to Support-
 
 ```yaml
 Type: String
-Parameter Sets: AllPolicyPath, PolicyPath
+Parameter Sets: AllPolicy, Policy
 Aliases: ClassName
 
 Required: True
@@ -253,7 +300,7 @@ No longer required with -New format.
 
 ```yaml
 Type: SwitchParameter
-Parameter Sets: ByPath, PolicyPath, EffectiveByPath
+Parameter Sets: ByPath, Policy, Effective
 Aliases:
 
 Required: False

docs/functions/Get-TppIdentityAttribute.md

@@ -49,6 +49,7 @@ Accept wildcard characters: False
 
 ### -Attribute
 Retrieve identity attribute values for the users and groups.
+Common user attributes include Group Membership, Name, Internet Email Address, Given Name, and Surname.
 
 ```yaml
 Type: String[]