david/Tanium
1
0
Fork 0
Code Releases Activity

Auto-commit: 2025-10-31 08:59:02

Browse Source
This commit is contained in:
David Wuibaille
2025-10-31 08:59:02 +01:00
parent d3b18d8b45
commit 851c85ec3d
30 changed files with 3734 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
API/RBAC_ExportRole_Redden-TanREST.ps1 Normal file
View File

@@ -0,0 +1,89 @@
#requires -Version 7.0
<#
.SYNOPSIS
Initialize Tanium (Redden-TanREST) from config.json, then
export all roles whose name starts with a given prefix (default: CASH).
.PARAMETER Prefix
Role name prefix to match (prefix match, case-insensitive). Default: CASH.
.PARAMETER OutputFolder
Destination folder for JSON exports. Default: %TEMP%\RBAC
#>
param(
[string]$Prefix = 'CASH',
[string]$OutputFolder = "$env:TEMP\RBAC"
)
$ErrorActionPreference = 'Stop'
try { [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 } catch {}
Import-Module Redden-TanREST -Force
# --- Load config
$ConfigPath = Join-Path $PSScriptRoot 'config.json'
if (-not (Test-Path $ConfigPath)) { throw "Configuration file not found: $ConfigPath" }
$config = Get-Content -Path $ConfigPath -Raw | ConvertFrom-Json
$TaniumUrl = ($config.TaniumUrl -replace '^https?://','').TrimEnd('/')
$TaniumTok = $config.TaniumApiToken
if ([string]::IsNullOrWhiteSpace($TaniumUrl) -or [string]::IsNullOrWhiteSpace($TaniumTok)) {
throw "Both TaniumUrl and TaniumApiToken must be provided in $ConfigPath."
}
# --- Prepare output
if (-not (Test-Path $OutputFolder)) { New-Item -ItemType Directory -Path $OutputFolder -Force | Out-Null }
# --- Temporary CLIXML for Initialize-TaniumSession
$TempXml = Join-Path $env:TEMP ("tanium-session-{0}.apicred" -f ([guid]::NewGuid().ToString('N')))
@{ baseURI = $TaniumUrl; token = ($TaniumTok | ConvertTo-SecureString -AsPlainText -Force) } |
Export-Clixml -Path $TempXml -Force
Write-Host "Initializing Tanium session..."
try {
Initialize-TaniumSession -PathToXML $TempXml | Out-Null
Write-Host "Session OK."
# ---------- GET roles starting with prefix ----------
# Prefer server-side regex; fall back to client-side if module/endpoint refuses inline (?i)
$regex = "(?i)^$([regex]::Escape($Prefix))"
$roles = $null
try { $roles = Get-Role -NameRegex $regex } catch { $roles = $null }
if (-not $roles) {
# fallback: pull all and filter locally
$roles = Get-Role -All | Where-Object { $_.name -match $regex -or $_.Name -match $regex }
}
if (-not $roles) {
Write-Warning "No roles found starting with '$Prefix'."
return
}
# ---------- Export each role ----------
$exported = @()
foreach ($r in @($roles)) {
$id = if ($r.PSObject.Properties.Name -contains 'id') { $r.id } elseif ($r.PSObject.Properties.Name -contains 'ID') { $r.ID } else { $null }
$name = if ($r.PSObject.Properties.Name -contains 'name') { $r.name } elseif ($r.PSObject.Properties.Name -contains 'Name') { $r.Name } else { $null }
if (-not $name) { continue }
try {
Export-RoleToJSON -RoleName $name -OutputFolder $OutputFolder -SkipReInitialize:$true -ErrorAction Stop
Write-Host ("✓ Exported: {0} (ID: {1})" -f $name, $id)
$exported += [pscustomobject]@{ Id=$id; Name=$name }
}
catch {
Write-Warning ("Export failed for role '{0}' (ID: {1}) — {2}" -f $name, $id, $_.Exception.Message)
}
}
if ($exported) {
Write-Host "`nSummary:"
$exported | Sort-Object Name | Format-Table Id,Name -AutoSize
Write-Host "`nJSON files in: $OutputFolder"
}
}
finally {
if (Test-Path $TempXml) {
Remove-Item $TempXml -Force -ErrorAction SilentlyContinue
Write-Host "Temporary CLIXML removed: $TempXml"
}
}