# pyAIM<!-- omit from toc -->
![](assets/pyAIM-sm.png)
![GitHub last commit](https://img.shields.io/github/last-commit/infamousjoeg/pyaim.svg) [![GitHub issues](https://img.shields.io/github/issues/infamousjoeg/pyaim.svg?color=blue)](https://github.com/infamousjoeg/pyaim/issues) ![PyPI - Python Version](https://img.shields.io/pypi/pyversions/pyaim.svg) ![GitHub top language](https://img.shields.io/github/languages/top/infamousjoeg/pyaim.svg?color=yellow) [![PyPI](https://img.shields.io/pypi/v/pyaim.svg)](https://pypi.org/project/pyaim) [![PyPI - Downloads](https://img.shields.io/pypi/dm/pyaim.svg?color=blue)](https://pypi.org/project/pyaim) [![Keybase PGP](https://img.shields.io/keybase/pgp/infamousjoeg.svg)](https://keybase.io/infamousjoeg) [![GitHub](https://img.shields.io/github/license/infamousjoeg/pyaim.svg?color=blue)](LICENSE)
> CyberArk Application Access Manager Client Library for Python 3
This project simplifies the interaction between a Python 3 application or script and CyberArk's Application Access Manager's Credential Provider using the appropriate CLIPasswordSDK executable for the Operating System being used. By simplifying this process, developers are only required to change four (4) lines of code in their Python 3 applications and scripts to securely retrieve privileged secrets from CyberArk's Privileged Access Security (PAS) Core Solution as opposed to thirty or more (30+) without the use of this provided Client Library.
## Table of Contents <!-- omit from toc -->
- [Install](#install)
- [Credential Provider (CLIPasswordSDK) Method](#credential-provider-clipasswordsdk-method)
- [Centralized Credential Provider (CCPPasswordREST) Method](#centralized-credential-provider-ccppasswordrest-method)
- [Windows](#windows)
- [Install Latest Python 3](#install-latest-python-3)
- [Install pyAIM via Pip](#install-pyaim-via-pip)
- [Linux](#linux)
- [Ubuntu/Debian](#ubuntudebian)
- [Install Latest Python 3](#install-latest-python-3-1)
- [Install pyAIM via Pip](#install-pyaim-via-pip-1)
- [RHEL/CentOS](#rhelcentos)
- [Install Latest Python 3](#install-latest-python-3-2)
- [RHEL](#rhel)
- [CentOS](#centos)
- [Install pyAIM via Pip](#install-pyaim-via-pip-2)
- [MacOS](#macos)
- [Z/OS](#zos)
- [Install Latest Python 3](#install-latest-python-3-3)
- [Install pyAIM via Pip](#install-pyaim-via-pip-3)
- [Usage](#usage)
- [Check AIMWebService Availability - check\_service()](#check-aimwebservice-availability---check_service)
- [Centralized Credential Provider (CCPPasswordREST) Method](#centralized-credential-provider-ccppasswordrest-method-1)
- [Retrieve Account - GetPassword()](#retrieve-account---getpassword)
- [Credential Provider (CLIPasswordSDK) Method](#credential-provider-clipasswordsdk-method-1)
- [Supported Parameters](#supported-parameters)
- [Query Parameters](#query-parameters)
- [Example](#example)
- [Centralized Credential Provider (CCPPasswordREST) Method](#centralized-credential-provider-ccppasswordrest-method-2)
- [Supported Parameters](#supported-parameters-1)
- [CCPPasswordREST()](#ccppasswordrest)
- [Query Parameters](#query-parameters-1)
- [Example](#example-1)
- [Example with Client Certificate Authentication](#example-with-client-certificate-authentication)
- [Example with Custom Service Path](#example-with-custom-service-path)
- [Maintainer](#maintainer)
- [Contributing](#contributing)
- [License](#license)
## Install
#### Credential Provider (CLIPasswordSDK) Method
* CyberArk Application Access Manager Credential Provider installed locally.
#### Centralized Credential Provider (CCPPasswordREST) Method
* CyberArk Application Access Manager Centralized Credential Provider and AIMWebService
For information on how to install either of these providers, please refer to CyberArk's Application Access Manager Installation Guide or reach out to your assigned Customer Success Technical Advisor.
### Windows
#### Install Latest Python 3
[Install the Python 3 release for Windows](https://www.python.org/downloads/windows/)
#### Install pyAIM via Pip
`> pip3 install pyaim`
### Linux
#### Ubuntu/Debian
##### Install Latest Python 3
`$ sudo apt install -y python3 python3-pip`
##### Install pyAIM via Pip
`$ pip3 install pyaim`
#### RHEL/CentOS
##### Install Latest Python 3
###### RHEL
Follow the [EPEL Documentation](https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F) to ensure you have the EPEL Release repository available.
`$ sudo yum install -y https://rhel7.iuscommunity.org/ius-release.rpm`
`$ sudo yum update`
`$ sudo yum install -y python36u python36u-libs python36u-devel python36u-pip`
###### CentOS
`$ sudo yum install -y https://centos7.iuscommunity.org/ius-release.rpm`
`$ sudo yum update`
`$ sudo yum install -y python36u python36u-libs python36u-devel python36u-pip`
##### Install pyAIM via Pip
`$ pip3 install pyaim`
### MacOS
No support provided yet.
### Z/OS
pyAIM is untested on Z/OS but should work in theory.
#### Install Latest Python 3
Rocket Software has [ported Python 2 and 3](https://www.rocketsoftware.com/zos-open-source) for Z/OS
#### Install pyAIM via Pip
`$ pip3 install pyaim`
## Usage
### Check AIMWebService Availability - check_service()
#### Centralized Credential Provider (CCPPasswordREST) Method
```python
from pyaim import CCPPasswordREST
aimccp = CCPPasswordREST('https://ccp.cyberarkdemo.example', verify=True) # set verify=False to ignore SSL
service_status = aimccp.check_service()
print(service_status)
```
### Retrieve Account - GetPassword()
#### Credential Provider (CLIPasswordSDK) Method
##### Supported Parameters
###### Query Parameters
* appid _(required)_
* safe _(required)_
* folder _(default: root)_
* object _(this or `username` required)_
* username _(this or `object` required)_
* address
* database
* policyid
* reason
* query_format _(default: 1)_
* connport
* sendhash _(default: False)_
* output _(default: Password)_
* delimiter _(default: ,)_
* dual_accounts _(default: False)_
For compatibility with Dual Accounts where you are referencing a `VirtualUsername` - use the `username` parameter and ensure `dual_accounts=True`.
##### Example
```python
from pyaim import CLIPasswordSDK
aimcp = CLIPasswordSDK('/opt/CARKaim/sdk/clipasswordsdk')
response = aimcp.GetPassword(appid='appID',safe='safeName',object='objectName',output='PassProps.Username,Password',delimiter='|')
print('Full Response: {}'.format(response))
print('Username: {}'.format(response['PassProps.Username']))
print('Password: {}'.format(response['Password']))
```
#### Centralized Credential Provider (CCPPasswordREST) Method
##### Supported Parameters
###### CCPPasswordREST()
* url _(required)_
* verify _(default: True)_
* cert _(default: None)_
* timeout _(default: 30)_
###### Query Parameters
* appid _(required)_
* safe _(required)_
* folder _(default: root)_
* object _(this or `username` required)_
* username _(this or `object` required)_
* address
* database
* policyid
* reason
* query_format _(default: exact)_
* dual_accounts _(default: False)_
For compatibility with Dual Accounts where you are referencing a `VirtualUsername` - use the `username` parameter and ensure `dual_accounts=True`.
##### Example
```python
from pyaim import CCPPasswordREST
# set verify=False to ignore SSL
aimccp = CCPPasswordREST('https://ccp.cyberarkdemo.example', 'AIMWebService', verify=True, timeout=10)
service_status = aimccp.check_service()
if service_status == 'SUCCESS: AIMWebService Found. Status Code: 200':
response = aimccp.GetPassword(appid='appid',safe='safe',object='objectName',reason='Reason message')
print('Full Python Object: {}'.format(response))
print('Username: {}'.format(response['Username']))
print('Password: {}'.format(response['Content']))
else:
raise Exception(service_status)
```
##### Example with Client Certificate Authentication
```python
from pyaim import CCPPasswordREST
# set verify=False to ignore SSL
aimccp = CCPPasswordREST('https://ccp.cyberarkdemo.example', verify=True, cert=('/path/to/cert.pem', '/path/to/key.pem'))
...
```
##### Example with Custom Service Path
```python
from pyaim import CCPPasswordREST
# set verify=False to ignore SSL
aimccp = CCPPasswordREST('https://ccp.cyberarkdemo.example', 'AIMWebServiceDEV', verify=True)
...
```
## Maintainer
[@infamousjoeg](https://github.com/infamousjoeg)
[buymeacoffee]: https://www.buymeacoffee.com/infamousjoeg
[buymeacoffee-shield]: https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png
## Contributing
Contributions are open! Check out [CONTRIBUTING.md]() for more details!
## License
[MIT](LICENSE)
Raw data
{
"_id": null,
"home_page": "https://github.com/infamousjoeg/pyaim",
"name": "pyaim",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "cyberark, security, vault, aim, aam, privileged access, identity, pam, pim, pas, ccp, cp, credential provider, identity security",
"author": "Joe Garcia",
"author_email": "joe.garcia@cyberark.com",
"download_url": "https://files.pythonhosted.org/packages/4e/ed/e959ca933c22883c3aad2df856f2cde48988bc215d695c922da8851082f7/pyaim-1.5.3.tar.gz",
"platform": null,
"description": "# pyAIM<!-- omit from toc -->\n\n![](assets/pyAIM-sm.png)\n\n![GitHub last commit](https://img.shields.io/github/last-commit/infamousjoeg/pyaim.svg) [![GitHub issues](https://img.shields.io/github/issues/infamousjoeg/pyaim.svg?color=blue)](https://github.com/infamousjoeg/pyaim/issues) ![PyPI - Python Version](https://img.shields.io/pypi/pyversions/pyaim.svg) ![GitHub top language](https://img.shields.io/github/languages/top/infamousjoeg/pyaim.svg?color=yellow) [![PyPI](https://img.shields.io/pypi/v/pyaim.svg)](https://pypi.org/project/pyaim) [![PyPI - Downloads](https://img.shields.io/pypi/dm/pyaim.svg?color=blue)](https://pypi.org/project/pyaim) [![Keybase PGP](https://img.shields.io/keybase/pgp/infamousjoeg.svg)](https://keybase.io/infamousjoeg) [![GitHub](https://img.shields.io/github/license/infamousjoeg/pyaim.svg?color=blue)](LICENSE)\n\n> CyberArk Application Access Manager Client Library for Python 3\n\nThis project simplifies the interaction between a Python 3 application or script and CyberArk's Application Access Manager's Credential Provider using the appropriate CLIPasswordSDK executable for the Operating System being used. By simplifying this process, developers are only required to change four (4) lines of code in their Python 3 applications and scripts to securely retrieve privileged secrets from CyberArk's Privileged Access Security (PAS) Core Solution as opposed to thirty or more (30+) without the use of this provided Client Library.\n\n## Table of Contents <!-- omit from toc -->\n\n- [Install](#install)\n - [Credential Provider (CLIPasswordSDK) Method](#credential-provider-clipasswordsdk-method)\n - [Centralized Credential Provider (CCPPasswordREST) Method](#centralized-credential-provider-ccppasswordrest-method)\n - [Windows](#windows)\n - [Install Latest Python 3](#install-latest-python-3)\n - [Install pyAIM via Pip](#install-pyaim-via-pip)\n - [Linux](#linux)\n - [Ubuntu/Debian](#ubuntudebian)\n - [Install Latest Python 3](#install-latest-python-3-1)\n - [Install pyAIM via Pip](#install-pyaim-via-pip-1)\n - [RHEL/CentOS](#rhelcentos)\n - [Install Latest Python 3](#install-latest-python-3-2)\n - [RHEL](#rhel)\n - [CentOS](#centos)\n - [Install pyAIM via Pip](#install-pyaim-via-pip-2)\n - [MacOS](#macos)\n - [Z/OS](#zos)\n - [Install Latest Python 3](#install-latest-python-3-3)\n - [Install pyAIM via Pip](#install-pyaim-via-pip-3)\n- [Usage](#usage)\n - [Check AIMWebService Availability - check\\_service()](#check-aimwebservice-availability---check_service)\n - [Centralized Credential Provider (CCPPasswordREST) Method](#centralized-credential-provider-ccppasswordrest-method-1)\n - [Retrieve Account - GetPassword()](#retrieve-account---getpassword)\n - [Credential Provider (CLIPasswordSDK) Method](#credential-provider-clipasswordsdk-method-1)\n - [Supported Parameters](#supported-parameters)\n - [Query Parameters](#query-parameters)\n - [Example](#example)\n - [Centralized Credential Provider (CCPPasswordREST) Method](#centralized-credential-provider-ccppasswordrest-method-2)\n - [Supported Parameters](#supported-parameters-1)\n - [CCPPasswordREST()](#ccppasswordrest)\n - [Query Parameters](#query-parameters-1)\n - [Example](#example-1)\n - [Example with Client Certificate Authentication](#example-with-client-certificate-authentication)\n - [Example with Custom Service Path](#example-with-custom-service-path)\n- [Maintainer](#maintainer)\n- [Contributing](#contributing)\n- [License](#license)\n\n## Install\n\n#### Credential Provider (CLIPasswordSDK) Method\n\n* CyberArk Application Access Manager Credential Provider installed locally.\n\n#### Centralized Credential Provider (CCPPasswordREST) Method\n\n* CyberArk Application Access Manager Centralized Credential Provider and AIMWebService\n\nFor information on how to install either of these providers, please refer to CyberArk's Application Access Manager Installation Guide or reach out to your assigned Customer Success Technical Advisor.\n\n### Windows\n\n#### Install Latest Python 3\n\n[Install the Python 3 release for Windows](https://www.python.org/downloads/windows/)\n\n#### Install pyAIM via Pip\n\n`> pip3 install pyaim`\n\n### Linux\n\n#### Ubuntu/Debian\n\n##### Install Latest Python 3\n\n`$ sudo apt install -y python3 python3-pip`\n\n##### Install pyAIM via Pip\n\n`$ pip3 install pyaim`\n\n#### RHEL/CentOS\n\n##### Install Latest Python 3\n\n###### RHEL\n\nFollow the [EPEL Documentation](https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F) to ensure you have the EPEL Release repository available.\n\n`$ sudo yum install -y https://rhel7.iuscommunity.org/ius-release.rpm`\n\n`$ sudo yum update`\n\n`$ sudo yum install -y python36u python36u-libs python36u-devel python36u-pip`\n\n###### CentOS\n\n`$ sudo yum install -y https://centos7.iuscommunity.org/ius-release.rpm`\n\n`$ sudo yum update`\n\n`$ sudo yum install -y python36u python36u-libs python36u-devel python36u-pip`\n\n##### Install pyAIM via Pip\n\n`$ pip3 install pyaim`\n\n### MacOS\n\nNo support provided yet.\n\n### Z/OS\n\npyAIM is untested on Z/OS but should work in theory.\n\n#### Install Latest Python 3\n\nRocket Software has [ported Python 2 and 3](https://www.rocketsoftware.com/zos-open-source) for Z/OS\n\n#### Install pyAIM via Pip\n\n`$ pip3 install pyaim`\n\n## Usage\n\n### Check AIMWebService Availability - check_service()\n\n#### Centralized Credential Provider (CCPPasswordREST) Method\n\n```python\nfrom pyaim import CCPPasswordREST\n\naimccp = CCPPasswordREST('https://ccp.cyberarkdemo.example', verify=True) # set verify=False to ignore SSL\nservice_status = aimccp.check_service()\nprint(service_status)\n```\n\n### Retrieve Account - GetPassword()\n\n#### Credential Provider (CLIPasswordSDK) Method\n\n##### Supported Parameters\n\n###### Query Parameters\n\n* appid _(required)_\n* safe _(required)_\n* folder _(default: root)_\n* object _(this or `username` required)_\n* username _(this or `object` required)_\n* address\n* database\n* policyid\n* reason\n* query_format _(default: 1)_\n* connport\n* sendhash _(default: False)_\n* output _(default: Password)_\n* delimiter _(default: ,)_\n* dual_accounts _(default: False)_\n\nFor compatibility with Dual Accounts where you are referencing a `VirtualUsername` - use the `username` parameter and ensure `dual_accounts=True`.\n\n##### Example\n\n```python\nfrom pyaim import CLIPasswordSDK\n\naimcp = CLIPasswordSDK('/opt/CARKaim/sdk/clipasswordsdk')\nresponse = aimcp.GetPassword(appid='appID',safe='safeName',object='objectName',output='PassProps.Username,Password',delimiter='|')\n\nprint('Full Response: {}'.format(response))\nprint('Username: {}'.format(response['PassProps.Username']))\nprint('Password: {}'.format(response['Password']))\n```\n\n#### Centralized Credential Provider (CCPPasswordREST) Method\n\n##### Supported Parameters\n\n###### CCPPasswordREST()\n\n* url _(required)_\n* verify _(default: True)_\n* cert _(default: None)_\n* timeout _(default: 30)_\n\n###### Query Parameters\n\n* appid _(required)_\n* safe _(required)_\n* folder _(default: root)_\n* object _(this or `username` required)_\n* username _(this or `object` required)_\n* address\n* database\n* policyid\n* reason\n* query_format _(default: exact)_\n* dual_accounts _(default: False)_\n\nFor compatibility with Dual Accounts where you are referencing a `VirtualUsername` - use the `username` parameter and ensure `dual_accounts=True`.\n\n##### Example\n\n```python\nfrom pyaim import CCPPasswordREST\n\n# set verify=False to ignore SSL\naimccp = CCPPasswordREST('https://ccp.cyberarkdemo.example', 'AIMWebService', verify=True, timeout=10)\n\nservice_status = aimccp.check_service()\n\nif service_status == 'SUCCESS: AIMWebService Found. Status Code: 200':\n response = aimccp.GetPassword(appid='appid',safe='safe',object='objectName',reason='Reason message')\n print('Full Python Object: {}'.format(response))\n print('Username: {}'.format(response['Username']))\n print('Password: {}'.format(response['Content']))\nelse:\n raise Exception(service_status)\n```\n\n##### Example with Client Certificate Authentication\n\n```python\nfrom pyaim import CCPPasswordREST\n\n# set verify=False to ignore SSL\naimccp = CCPPasswordREST('https://ccp.cyberarkdemo.example', verify=True, cert=('/path/to/cert.pem', '/path/to/key.pem'))\n\n...\n```\n\n##### Example with Custom Service Path\n\n```python\nfrom pyaim import CCPPasswordREST\n\n# set verify=False to ignore SSL\naimccp = CCPPasswordREST('https://ccp.cyberarkdemo.example', 'AIMWebServiceDEV', verify=True)\n\n...\n```\n\n## Maintainer\n\n[@infamousjoeg](https://github.com/infamousjoeg)\n\n[buymeacoffee]: https://www.buymeacoffee.com/infamousjoeg\n[buymeacoffee-shield]: https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png\n\n## Contributing\n\nContributions are open! Check out [CONTRIBUTING.md]() for more details!\n\n## License\n\n[MIT](LICENSE)\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "CyberArk Application Access Manager Client Library for Python 3",
"version": "1.5.3",
"project_urls": {
"Bug Reports": "https://github.com/infamousjoeg/pyaim/issues/new?assignees=&labels=&template=bug_report.md&title=",
"Feature Requests": "https://github.com/infamousjoeg/pyaim/issues/new?assignees=&labels=&template=feature_request.md&title=",
"Homepage": "https://github.com/infamousjoeg/pyaim",
"Source": "https://github.com/infamousjoeg/pyaim"
},
"split_keywords": [
"cyberark",
" security",
" vault",
" aim",
" aam",
" privileged access",
" identity",
" pam",
" pim",
" pas",
" ccp",
" cp",
" credential provider",
" identity security"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "2ac1b5891fb1041ecc23d7cd5951019e941ed3fcd59b0e808d44a46185ffe679",
"md5": "8e50e8880cd26a68b18ae8bd9988c604",
"sha256": "607ca2b1f839f9209ebad4fb7f3277c1bfb5571c3f2dd5099d9d3df6d1f308b0"
},
"downloads": -1,
"filename": "pyaim-1.5.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "8e50e8880cd26a68b18ae8bd9988c604",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 8479,
"upload_time": "2024-06-16T14:39:38",
"upload_time_iso_8601": "2024-06-16T14:39:38.823789Z",
"url": "https://files.pythonhosted.org/packages/2a/c1/b5891fb1041ecc23d7cd5951019e941ed3fcd59b0e808d44a46185ffe679/pyaim-1.5.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "4eede959ca933c22883c3aad2df856f2cde48988bc215d695c922da8851082f7",
"md5": "6224d69173f3b8b00c6cd41d9985c06e",
"sha256": "6cff20979af4d6785641d67fb5325beec08604e5da73240bb08c1f92aa6e7c3d"
},
"downloads": -1,
"filename": "pyaim-1.5.3.tar.gz",
"has_sig": false,
"md5_digest": "6224d69173f3b8b00c6cd41d9985c06e",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 8231,
"upload_time": "2024-06-16T14:39:40",
"upload_time_iso_8601": "2024-06-16T14:39:40.395609Z",
"url": "https://files.pythonhosted.org/packages/4e/ed/e959ca933c22883c3aad2df856f2cde48988bc215d695c922da8851082f7/pyaim-1.5.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-06-16 14:39:40",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "infamousjoeg",
"github_project": "pyaim",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "pyaim"
}