Skip to content

Inputs & Outputs

Account

  • Contains PAM account attributes

All Account Keys

  • created_at: Date string. The date the account was either created or initially audited.
  • credentials_last_changed_at: Date string or null. The date the credentials were last changed by PAM.
  • has_password: Boolean. Indicates whether the account has a password known by PAM.
  • has_sshkey: Boolean. Indicates whether the account has an SSH key known by PAM.
  • id: Integer. The unique ID for the account.
  • name: String. The name of the account.
  • parent_id: Integer. The ID of the Active Directory, device, or static vault the account is attached to.
  • parent_type: String. One of "devices", "active-directories", or "static-vaults".
  • state: String. The account state. One of "Unapproved", "Approved", "Known", "Managed", "Fully Managed".

ActiveDirectory

  • Contains PAM Active Directory attributes

All UserGroup Keys

  • container: String. The Organizational Unit used by PAM in Active Directory.
  • control_account_id: Integer. The ID of the Account managing the Active Directory.
  • created_at: Date string. The date the Active Directory was created.
  • device_count: Integer. The number of devices attached to the Active Directory.
  • domain: String. The Active Directory fqdn.
  • enabled: Integer. Indicates whether the Active Directory is enabled.
  • groups: List of strings. The Security Groups accounts are audited from. If empty, all accounts are audited.
  • hostname: String. The IP address or hostname of the domain controller(s) used by PAM.
  • id: Integer. The unique ID for the Active Directory.
  • name: String. The Active Directory name.
  • notes: String or null. The notes field for the Active Directory.
  • user_authentication_service: Boolean. Indicates whether this domain is used to authentication users into PAM.

Device

  • Contains PAM device attributes

All Device Keys

  • account_source: String. Either "Local accounts" or the name of an Active Directory the device is attached to.
  • authentication_service_id: Integer or null. The ID of the Active Directory the device is attached to.
  • authentication_service_name: String or null. The name of the Active Directory the device is attached to.
  • control_account_id: Integer. The ID of the Account managing the device.
  • created_at: Date string. The date the Active Directory was created.
  • device_template_id: Integer. The ID of the device template.
  • device_template_name: String. The name of the device template.
  • device_vendor_name: String. The vendor name for the device type.
  • enabled: Boolean. Indicates whether the device is enabled.
  • hostname: String. The device hostname.
  • id: Integer. The unique ID for the device.
  • ip_address: String. The device IP address or hostname.
  • last_activity: Date string or null. The date the device was last used in PAM.
  • maximum_connections: Integer or null. The maximum connection limit for the device.
  • name: String. The device name.
  • notes: String or null. The notes field for the device.
  • profiles_count: Integer. The number of profiles the device is in.

Profile

  • Contains PAM profile attributes

All Profile Keys

  • device_count: Integer. The number of devices in the profile.
  • groups: List of UserGroup dictionaries in the profile.
  • id: Integer. The unique ID for the profile.
  • name: String. The profile name.
  • schedule_count: Integer. The number of schedules assigned to tasks in the profile.
  • task_count: Integer. The number of tasks in the profile.
  • tool_count: Integer. The number of tools in the profile.
  • user_count: Integer. The number of users directly in the profile.
  • user_group_count: Integer. The number of user groups in the profile.

Query

  • Contains a search query & value.

  • Used as an input to the search actions in this plugin.

Searching with like & a wildcard

1
2
3
4
5
6
- pam.devices.search:
    pam_address: internal.pam.net
    queries:
      - attribute: hostname
        query: like
        value: "%-uat"

Searching with not & null

1
2
3
4
5
6
- pam.devices.search:
    pam_address: internal.pam.net
    queries:
      - attribute: authentication_service_id
        query: not
        value: null

Required Keys

  • attribute: The name of the attribute to query against.
  • query: The query type (see valid query types below).
  • value: The value to use in the query. Use % as a wildcard.

Valid Query Types

  • equal (string or integer)
  • not_equal (string or integer)
  • like (string)
  • greater_than (integer)
  • less_than (integer)
  • is (null)
  • not (null)

SSHKey

  • Contains an SSH key & passphrase linked to an account.

  • Used in secret dictionaries if an account has an SSH key.

All Secret Keys

  • private: The SSH private key.
  • passphrase: The SSH private key passphrase.

Secret

  • Contains an account's secrets.

  • Used as an output from the reveal actions in this plugin.

All Secret Keys

  • account_id: The ID of the account.
  • account_usename: The account username.
  • password: The account password (if applicable).
  • ssh_key: The account SSH key (if applicable).

StaticVault

  • Contains PAM static vault attributes

All UserGroup Keys

  • created_at: Date string. The date the static vault was created.
  • device_count: Integer. The number of devices attached to the static vault.
  • id: Integer. The unique ID for the static vault.
  • name: String. The static vault name.

User

  • Contains PAM user attributes

All User Keys

  • auth_type: String. One of Local, Local & Radius, Radius, Active Directory, Active Directory & Radius.
  • authentication_service_id: Integer or null. The ID of the Active Directory used for that user.
  • authentication_service_name: String or null. The name of the Active Directory used for that user.
  • email_address: String or null. The user's email address.
  • enabled: Boolean. Indicates whether the user is enabled.
  • expires_at: Date string or null. The user's expiry date.
  • id: Integer. The unique ID for the user.
  • last_activity: Date string or null. The date of the user's last PAM activity.
  • name: String. The user's name.
  • notes: String or null. The notes field for the user.
  • profiles_count: Integer. Number of profiles the user is in.
  • state: String. The state of the user account.
  • user_groups_count: Integer. The number of user groups the user is in.
  • username: String. The user's login username.

UserGroup

  • Contains PAM user group attributes

All UserGroup Keys

  • authentication_service_id: Integer or null. The ID of the Active Directory the group syncs with.
  • authentication_service_name: String or null. The name of the Active Directory the group syncs with.
  • enabled: Boolean. Indicates whether the user group is enabled.
  • id: Integer. The unique ID for the user group.
  • is_synced_group: Boolean. Indicates whether the user group is synced with Active Directory.
  • name: String. The user group's name.
  • notes: String or null. The notes field for the user group.
  • profile_count: Integer. Number of profiles the user group is in.
  • profiles: List of Profile dictionaries the user group is in.
  • synced_at: Date string or null. The time the user group was last synced with Active Directory.
  • user_count: Integer. The number of users in the user group.