Skip to content

Services

SDK services are defined to execute requests on available ISP services (such as SIA). When a service is initialized, a valid authenticator is required to authorize access to the ISP service. To perform service actions, each service exposes a set of classes and methods.

Here's an example that initializes the ArkSIADBPoliciesService service:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
import pprint

from ark_sdk_python.auth import ArkISPAuth
from ark_sdk_python.models.auth import ArkAuthMethod, ArkAuthProfile, ArkSecret, IdentityArkAuthMethodSettings
from ark_sdk_python.services.sia.policies import ArkSIAPoliciesService

if __name__ == '__main__':
    isp_auth = ArkISPAuth(cache_authentication=False)
    isp_auth.authenticate(
        auth_profile=ArkAuthProfile(
            username='tina@cyberark.cloud.12345',
            auth_method=ArkAuthMethod.Identity,
            auth_method_settings=IdentityArkAuthMethodSettings(),
        ),
        secret=ArkSecret(secret="CoolPassword"),
    )
    policies_service = ArkSIADBPoliciesService(isp_auth=isp_auth)
    policies = policies_service.list_policies()
    for policy in policies:
        pprint.pprint(policy.json(indent=4))

The above example authenticates to the specified ISP tenant, initializes a SIA policies service using the authorized authenticator, and then uses the service to list the policies.

Dynamic Privilege Access service

The Dynamic Privilege Access (SIA) service requires the ArkISPAuth authenticator, and exposes these service classes:

  • ArkSIACertificatesService (certificates) - SIA certificates service
  • ArkSIASSOService (sso) - SIA end-user SSO service
  • ArkSIAK8SService (kubernetes) - SIA end-user Kubernetes service
  • ArkSIADatabasesService (databases) - SIA end-user databases service
  • ArkSIAPoliciesService (policies) - SIA policies management
    • ArkSIADBPoliciesService (db) - SIA DB policies management
      • ArkSIADBPoliciesEditorService (editor) - SIA DB policies interactive
    • ArkSIAVMPoliciesService (vm) - SIA VM policies management
      • ArkSIAVMPoliciesEditorService (editor) - SIA VM policies interactive
  • ArkSIASecretsService (secrets) - SIA secrets management
    • ArkSIADBSecretsService (db) - SIA DB secrets services
    • ArkSIAVMSecretsService (vm) - SIA VM secrets services
  • ArkSIAWorkspacesService (workspaces) - SIA workspaces management
    • ArkSIADBWorkspaceService (db) - SIA DB workspace management
    • ArkSIATargetSetsWorkspaceService (db) - SIA Target Sets workspace management

Session monitoring service

The Session Monitoring (SM) service requires ArkISPAuth authenticator, and exposes these service classes: - ArkSMService (sm) - Session Monitoring Service

Identity service

The Identity (identity) service requires ArkISPAuth authenticator, and exposes those service classes: - ArkIdentityRolesService - Identity roles service - ArkIdentityUsersService - Identity users service - ArkIdentityPoliciesService - Identity policies service - ArkIdentityDirectoriesService - Identity directories service

Privilege Cloud service

The Privilege Cloud (pcloud) service requires ArkISPAuth authenticator, and exposes those service classes: - ArkPCloudAccountsService - Accounts management service - ArkPCloudSafesService - Safes management service - ArkPCloudPlatformsService - Platforms management service