Skip to content

Services

SDK services are defined to execute requests on available ISP services (such as DPA). When a service is initialized, a valid authenticator is required to authorize access to the ISP service. To perform service actions, each service exposes a set of classes and methods.

Here's an example that initializes the ArkDPADBPoliciesService service:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
import pprint

from ark_sdk_python.auth import ArkISPAuth
from ark_sdk_python.models.auth import ArkAuthMethod, ArkAuthProfile, ArkSecret, IdentityArkAuthMethodSettings
from ark_sdk_python.services.dpa.policies import ArkDPAPoliciesService

if __name__ == '__main__':
    isp_auth = ArkISPAuth(cache_authentication=False)
    isp_auth.authenticate(
        auth_profile=ArkAuthProfile(
            username='tina@cyberark.cloud.12345',
            auth_method=ArkAuthMethod.Identity,
            auth_method_settings=IdentityArkAuthMethodSettings(),
        ),
        secret=ArkSecret(secret="CoolPassword"),
    )
    policies_service = ArkDPADBPoliciesService(isp_auth=isp_auth)
    policies = policies_service.list_policies()
    for policy in policies:
        pprint.pprint(policy.json(indent=4))

The above example authenticates to the specified ISP tenant, initializes a DPA policies service using the authorized authenticator, and then uses the service to list the policies.

Dynamic Privilege Access service

The Dynamic Privilege Access (DPA) service requires the ArkISPAuth authenticator, and exposes these service classes:

  • ArkDPACertificatesService (certificates) - DPA certificates service
  • ArkDPASSOService (sso) - DPA end-user SSO service
  • ArkDPAK8SService (kubernetes) - DPA end-user Kubernetes service
  • ArkDPADatabasesService (databases) - DPA end-user databases service
  • ArkDPAPoliciesService (policies) - DPA policies management
    • ArkDPADBPoliciesService (db) - DPA DB policies management
      • ArkDPADBPoliciesEditorService (editor) - DPA DB policies interactive
    • ArkDPAVMPoliciesService (vm) - DPA VM policies management
      • ArkDPAVMPoliciesEditorService (editor) - DPA VM policies interactive
  • ArkDPASecretsService (secrets) - DPA secrets management
    • ArkDPADBSecretsService (db) - DPA DB secrets services
  • ArkDPAWorkspacesService (workspaces) - DPA workspaces management
    • ArkDPADBWorkspaceService (db) - DPA DB workspace management

Session monitoring service

The Session Monitoring (SM) service requires ArkISPAuth authenticator, and exposes these service classes: - ArkSMService (sm) - Session Monitoring Service

Identity service

The Identity (identity) service requires ArkISPAuth authenticator, and exposes those service classes: - ArkIdentityRolesService - Identity roles service - ArkIdentityUsersService - Identity users service - ArkIdentityPoliciesService - Identity policies service - ArkIdentityDirectoriesService - Identity directories service

Privilege Cloud service

The Privilege Cloud (pcloud) service requires ArkISPAuth authenticator, and exposes those service classes: - ArkPCloudAccountsService - Accounts management service - ArkPCloudSafesService - Safes management service - ArkPCloudPlatformsService - Platforms management service