search

homotechsual / HaloAPI

PowerShell module for the Halo Service Solutions series of software products.
MIT License
48 stars 38 forks source link

Add Keyvault Support #27

Closed cscaminaci closed 1 year ago

cscaminaci commented 1 year ago

The Connect-HaloAPI function in this PowerShell module is used to establish a connection to a Halo instance. This function can use either client credentials (ClientId and ClientSecret) or Managed Identity or Service Principal (when using Azure Key Vault) for authentication. The function can also save the credentials to Azure Key Vault for future use. Parameters

URL: The URL of the Halo instance to connect to.
ClientID: The Client ID for the application configured in Halo.
ClientSecret: The Client Secret for the application configured in Halo.
Scopes: The API scopes to request. If this isn't passed, the scope is assumed to be "all". Pass a string or array of strings. Limited by the scopes granted to the application in Halo.
Tenant: The tenant name required for hosted Halo instances.
AdditionalHeaders: Hashtable containing additional parameters to be sent with each request.
UseKeyVault: If $true, retrieve parameters from Azure Key Vault. If $false, use parameters passed to function.
SecretName: The name of the secret in the Azure Key Vault.
VaultName: The name of the Azure Key Vault.
SaveToKeyVault: If $true, save parameters to Azure Key Vault. If $false or not specified, do not save parameters.
Identity: The object ID of the Managed Identity or Service Principal.

Usage

To establish a connection to a Halo instance, call the Connect-HaloAPI function with the required parameters. For example:

Connect-HaloAPI -URL "https://example.halopsa.com" -ClientId "c9534241-dde9-4d04-9d45-32b1fbff22ed" -ClientSecret "14c0c9af-2db1-48ab-b29c-51975df4afa2-739e4ef2-9aad-4fe9-b486-794feca48ea8" -Scopes "all" -Tenant "demo" -VaultName "MyVault" -SaveToKeyVault $true

To use the Azure Key Vault for storing and retrieving secrets, you should use the UseKeyVault and SaveToKeyVault parameters. Additionally, you can use a Managed Identity or Service Principal for authentication with the Identity parameter. For example:

Connect-HaloAPI -URL "https://example.halopsa.com" -VaultName "MyVault" -UseKeyVault $true -Identity "your_managed_identity_or_service_principal_id"

Note: Replace "your_managed_identity_or_service_principal_id" with your actual Managed Identity or Service Principal ID.

In this case, the function will connect to the Azure Key Vault with the provided Managed Identity or Service Principal and retrieve the ClientId, ClientSecret, and URL. If SaveToKeyVault is $true, the function will also save these parameters to the Azure Key Vault for future use.

cscaminaci commented 1 year ago

added support for ticket outcomes