search

Venafi / VenafiPS

Powershell module to fully automate your Venafi TLS Protect Datacenter and Cloud platforms!
https://venafips.readthedocs.io/
Apache License 2.0
18 stars 7 forks source link

Unable to connect to Vaas with token #209

Closed dcherry88 closed 1 year ago

dcherry88 commented 1 year ago

Environment

Operating System: Windows 11
VenafiPS version: 5.5.0
PowerShell version: 7.4

Steps to reproduce

Attempting to use New-VenafiSession to connect with VaaS but no data is returned by the command.

Expected behavior

Returned VenafiSession is expected.

Actual behavior

No session is established.

Screenshots

When running -passthru there is no indication of token or expiration date/time in the data. image

gdbarron commented 1 year ago

Token based auth and expiration pertains to TPP, not VaaS. What you got back was of type VenafiSession. You can use -PassThru, as you showed in the screenshot, and set the output to a variable to use with subsequent function calls. Easier though is to not use -PassThru and have the function set the session variable $VenafiSession which will be used by default and needed to be provided directly each time.

dcherry88 commented 1 year ago

I understand the functionality of -passthru, I used it to display what returned data I get from it. If I attempt to store new-venafisession within a variable to reference in subsequent commands, no data is returned when you call it and if you attempt to use any command with the venafi session variable referenced you get told you need to run New-VenafiSession to provide the VaaS key or token. Picture attached to show you the result of those commands. I'm storing the API key I recieved from my account preferences in VaaS as a pscredential type using get-credential. I put random data in the username field, like my username within Venafi, and the api key as the password.

image

If there is something I'm missing in the documentation for this, please let me know.

gdbarron commented 1 year ago

If you want to use -PassThru, you need to specify it and a variable to store the session. Otherwise, the function will store the session as $VenafiSession. image The use of -PassThru and providing -VenafiSession is not required as functions will use $VenafiSession by default.

For your code, it should be as easy as

New-VenafiSession -VaasKey $api
Get-VaasConnector -All

or with -PassThru

$sess = New-VenafiSession -VaasKey $api -PassThru
Get-VaasConnector -All -VenafiSession $sess
dcherry88 commented 1 year ago

I see the distinction now and confirmed it's working appropriately. Thank you for the assistance.