CyberArk AIM

Use the CyberArk AIM integration to eliminate hard-coded and visible credentials. This integration fetches credentials. For more information, see Managing Credentials .

Configure CyberArkAIM on Demisto

  1. Navigate to Settings > Integrations > Servers & Services .
  2. Search for CyberArkAIM.
  3. Click Add instance to create and configure a new integration instance.
    • Name : a textual name for the integration instance.
    • Server URL (e.g. https://192.168.0.1 )
    • Port
    • AppID as configured in AIM
    • Trust any certificate (not secure)
    • Use system proxy settings
    • Folder to search in safe
    • Safe to search in
    • isFetchCredentials
    • API Username
    • API Password
    • Credential names - comma-seperated list of credentials names in vault
  4. Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

  1. Search for credentials: cyber-ark-aim-query
  2. Get a list of credentials: list-credentials
  3. Reset account password: reset-credentials
  4. Get information for an account: account-details

1. Search for credentials


Search credentials in CyberArk AIM. Only one result is returned.

Base Command

cyber-ark-aim-query

Input
Argument Name Description Required
username Username to query Optional
address Address to query Optional
safe Safe to query Optional
folder Folder to query Optional
object Object to query Optional
query Defines a free query using account properties, including Safe, folder, and object. When this method is specified, all other search criteria are ignored Optional
queryFormat Defines the query format, which can optionally use regular expressions Optional
reason The reason for retrieving the password. This reason will be audited in the Credential Provider audit log. Optional
database Defines search criteria according to the database account property Optional

Context Output
Path Type Description
CyberArk.AIM.Folder unknown Account folder
CyberArk.AIM.PasswordChangeInProcess unknown Is password change in process
CyberArk.AIM.Content unknown Account content
CyberArk.AIM.CreationMethod unknown Account creation method
CyberArk.AIM.Name unknown Account name
CyberArk.AIM.PolicyID unknown Account policy ID
CyberArk.AIM.CPMDisabled unknown Account CPM disabled
CyberArk.AIM.Address unknown Account address
CyberArk.AIM.Safe unknown Account safe
CyberArk.AIM.UserName unknown Account username
CyberArk.AIM.DeviceType unknown Account device type

2. Get a list of all credentials


Lists all credentials available.

Base Command

list-credentials

Input
Argument Name Description Required
identifier When used, command will return a specific credential Optional

Context Output

There is no context output for this command.

3. Reset account password


Resets the password for the specified account with a random password.

Base Command

reset-credentials

Input
Argument Name Description Required
immediateChangeByCPM Flag the CPM that the change is effective immediately Optional
accountId Account ID to reset password Required

Context Output

There is no context output for this command.

4. Get information for an account


This method returns information about an account. If more than one account meets the search criteria, only the first account will be returned.

Base Command

account-details

Input
Argument Name Description Required
keywords Keywords matching the account Required
safe Specify a safe instead of a specific instance Optional

Context Output

There is no context output for this command.