Skip to content

Set-TppPermission

SYNOPSIS

Set permissions for TPP objects

SYNTAX

ByGuid (Default)

Set-TppPermission -Guid <Guid[]> -IdentityId <String[]> -Permission <TppPermission> [-Force]
 [-VenafiSession <PSObject>] [-WhatIf] [-Confirm] [<CommonParameters>]

ByPath

Set-TppPermission -Path <String[]> -IdentityId <String[]> -Permission <TppPermission> [-Force]
 [-VenafiSession <PSObject>] [-WhatIf] [-Confirm] [<CommonParameters>]

DESCRIPTION

Adds or modifies permissions on TPP objects

EXAMPLES

EXAMPLE 1

Set-TppPermission -Guid '1234abcd-g6g6-h7h7-faaf-f50cd6610cba' -IdentityId 'AD+mydomain.com:azsxdcfvgbhnjmlk09877654321' -Permission $TppPermObject

Permission a user/group on an object specified by guid

EXAMPLE 2

Set-TppPermission -Path '\ved\policy\my folder' -IdentityId 'AD+mydomain.com:azsxdcfvgbhnjmlk09877654321' -Permission $TppPermObject

Permission a user/group on an object specified by path

EXAMPLE 3

$id = Find-TppIdentity -Name 'brownstein' | Select-Object -ExpandProperty Id
Find-TppObject -Path '\VED' -Recursive | Get-TppPermission -IdentityId $id | Set-TppPermission -Permission $TppPermObject -Force

Reset permissions for a specific user/group for all objects. Note the use of -Force to overwrite existing permissions.

PARAMETERS

-Path

Path to an object. Can pipe output from many other functions.

Type: String[]
Parameter Sets: ByPath
Aliases: DN

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-Guid

Guid representing a unique object

Type: Guid[]
Parameter Sets: ByGuid
Aliases: ObjectGuid

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-IdentityId

The id that represents the user or group. You can use Find-TppIdentity or Get-TppPermission to get the id.

Type: String[]
Parameter Sets: (All)
Aliases: PrefixedUniversalId, ID

Required: True
Position: Named
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

-Permission

TppPermission object. You can create a new object or get existing object from Get-TppPermission.

Type: TppPermission
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Force

Overwrite an existing permission if one exists

Type: SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

-VenafiSession

Authentication for the function. The value defaults to the script session object $VenafiSession created by New-VenafiSession. A TPP token or VaaS key can also provided. If providing a TPP token, an environment variable named TPP_SERVER must also be set.

Type: PSObject
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: $script:VenafiSession
Accept pipeline input: False
Accept wildcard characters: False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

INPUTS

Path, Guid, IdentityId

OUTPUTS

None

NOTES

Confirmation impact is set to Medium, set ConfirmPreference accordingly.

http://VenafiPS.readthedocs.io/en/latest/functions/Set-TppPermission/

https://github.com/Venafi/VenafiPS/blob/main/VenafiPS/Public/Set-TppPermission.ps1

https://docs.venafi.com/Docs/current/TopNav/Content/SDK/WebSDK/r-SDK-POST-Permissions-object-guid-principal.php

https://docs.venafi.com/Docs/current/TopNav/Content/SDK/WebSDK/r-SDK-PUT-Permissions-object-guid-principal.php