Skip to content

Exec

Use the exec command to run commands on available services (the available services depend on the authorized user's account).

Shorthand

The exec subcommand may be omitted. Service commands can be invoked directly by specifying the service name after idsec. Both forms are equivalent:

Full form Shorthand
idsec exec sia sso short-lived-password idsec sia sso short-lived-password
idsec exec pcloud safes create --safe-name=safe idsec pcloud safes create --safe-name=safe

SIA services

The following SIA commands are supported:

  • idsec exec sia: Root command for the SIA service (aliases: dpa)
    • sso - SSO end-user operations
    • k8s - Kubernetes service
    • db - DB service
    • workspaces - Workspaces service
    • target-sets - Target sets operations
    • db - Database operations
    • secrets - Secrets service
    • vm - VM operations
    • db - Database operations
    • access - Access service
    • ssh-ca - SSH CA key service
    • shortened-connection-string - Shortened connection string service
    • settings - Settings service
    • certificates - Certificates service
  • idsec exec cmgr: Root command for the CMGR service (aliases: connectormanager,cm)
  • idsec exec pcloud: Root command for PCloud service (aliases: privilegecloud,pc)
    • accounts - Accounts management
    • safes - Safes management
    • platforms - Platforms management
    • applications - Applications management
  • idsec exec identity: Root command for the Identity service (aliases: idaptive,id)
    • directories - Directories management
    • users - Users management
    • roles - Roles management
    • auth-profiles - Auth profiles management
    • policies - Policies management
  • idsec exec sechub: Root command for the Secrets Hub Service (aliases: secretshub,sh)
    • configuration - Configuration management
    • service-info - Service Info management
    • secrets - Secrets management
    • scans - Scans management
    • secret-stores - Secret Stores management
    • sync-policies - Sync Policies management
  • idsec exec sm: Root command for the SM service (aliases: sessionmonitoring)
  • idsec exec policy: Root command for the Policy service (aliases: accesspolicies, acp)
    • cloud-access - Cloud Console management
    • db - SIA DB management
    • vm - SIA VM management

All commands have their own subcommands and respective arguments and aliases.

Running

idsec exec

Paging long list output

Use --page-size when a command returns a long list and you want to browse the result in the terminal.

idsec policy cloud-access list-policies --profile-name myprofile --page-size 10

When --page-size is set and the command is running in an interactive terminal, the CLI prints exactly that number of items and waits for a keypress:

  • Press space or Enter to show the next page.
  • Press q, Esc, Ctrl+C, or Ctrl+D to stop paging.

The pager controls only page boundaries and continue/quit behavior. Item rendering stays with command output formatting (currently pretty JSON for these list results). Between pages, output is appended so you can scroll up to previous pages.

Paging is client-side only. The CLI still receives the SDK result and only controls interactive paging flow. When output is piped or redirected, the interactive pager is disabled and the CLI writes a JSON array so commands remain scriptable:

idsec policy cloud-access list-policies --profile-name myprofile --page-size 10 | jq '.'

Search is not built into the interactive pager. For searching or filtering, pipe the command output to tools such as less, grep, or jq:

idsec policy cloud-access list-policies --profile-name myprofile | less

Usage

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Exec an action

Usage:
  idsec exec [command]

Available Commands:
  cmgr        (aliases: connectormanager, cm)
  identity    (aliases: idaptive, id)
  pcloud      (aliases: privilegecloud, pc)
  sechub      (aliases: secretshub, sh)
  sia         (aliases: dpa)
  sm          (aliases: sessionmonitoring)
  policy      (aliases: accesspolicies, acp)

Flags:
      --allow-output                Allow stdout / stderr even when silent and not interactive
      --disable-cert-verification   Disables certificate verification on HTTPS calls, unsafe!
      --disable-telemetry           Disables telemetry data collection
  -h, --help                        help for exec
      --log-level string            Log level to use while verbose (default "INFO")
      --logger-style string         Which verbose logger style to use (default "default")
      --output-path string          Output file to write data to
      --page-size int               Show N items per page in interactive output, pausing between pages (0 = disabled)
      --profile-name string         Profile name to load (default "idsec")
      --raw                         Whether to raw output
      --refresh-auth                If a cache exists, will also try to refresh it
      --request-file string         Request file containing the parameters for the exec action
      --retry-count int             Retry count for execution (default 1)
      --silent                      Silent execution, no interactiveness
      --trusted-cert string         Certificate to use for HTTPS calls
      --verbose                     Whether to verbose log

Use "idsec exec [command] --help" for more information about a command.