CyberArk REST API and PowerShell Automation Course

32 Hours

Day 1: Introduction to CyberArk REST API Architecture
1. Overview of CyberArk REST API framework
2. Understanding authentication mechanisms
3. Hands-on Exercise: Test the Log On / Log Off API through Postman
4. Practice Assignment: Read CyberArk API documentation to deepen understanding
Day 2: Postman Features & Exploring CyberArk API Endpoints
1. Introduction to Postman’s capabilities for API testing
2. Hands-on Exercise: Test Safe Create, Update, and Delete APIs
3. Practice Assignment: Test Account Onboarding API through Postman
Day 3: Advanced API Testing & Postman Execution
1. Best practices for API validation
2. Hands-on Exercise: Test Get Accounts & Get Account Details APIs
3. Practice Assignment: Update existing account properties via Postman

PowerShell Scripting Introduction & Automation

Day 4: Basics of PowerShell Scripting
1. Introduction to PowerShell scripting syntax
2. Hands-on Exercise: Write a script that takes user input and prints a greeting
3. Hands-on Exercise: Create a script that responds based on user age
4. Practice Assignment: Modify the script to incorporate both name and age,
generating a personalized message
Day 5: PowerShell Scripting – Loops & Arrays
1. Working with loops and arrays in PowerShell
2. Hands-on Exercise: Store a list of numbers and filter even numbers
3. Hands-on Exercise: Allow users to input numbers dynamically

4. Practice Assignment: Extend functionality to filter even or odd numbers based on
user selection

Day 6: PowerShell – Logs & File Input/Output
1. Generating logs and handling files in PowerShell
2. Hands-on Exercise: Create a script that logs timestamps and login attempts
3. Hands-on Exercise: Read a CSV file and extract user details
4. Practice Assignment: Filter records based on user roles, outputting data into a new
file

Advanced PowerShell Scripting & CyberArk Automation

Day 7: Functions & Error Handling in PowerShell
1. Understanding functions and modular scripts
2. Hands-on Exercise: Write a function that greets the user dynamically
3. Hands-on Exercise: Implement a function to sum two numbers
4. Hands-on Exercise: Check file existence and provide an appropriate response
5. Practice Assignment:
o Develop an Automated User Report Generator
o Read and filter data from a CSV file
o Implement error handling for missing files
o Allow dynamic user-defined filtering criteria

Real-World CyberArk Implementations

Day 8: Automating CyberArk Safes & Accounts
1. Hands-on Exercise: Create multiple safes in CyberArk via PowerShell
2. Practice Assignment: Onboard multiple accounts into CyberArk safes

Day 9: Multi-User Access Control in CyberArk
1. Hands-on Exercise: Add multiple users to multiple safes with custom permissions

2. Practice Assignment: Assign users predefined group permissions (ReadOnly,
Admin, Auditor)

Day 10: Real-World Scenario 1 – Infrastructure Enhancement: Transitioning to Group-
Based Safe Access
1. Understanding the problem statement
2. Overview of current & targeted infrastructure
3. Solution Approach (divided into three phases)
4. Hands-on Exercise: Phase 1 – Generate Current State Report

Day 11: Implementing Infrastructure Updates in CyberArk
1. Hands-on Exercise: Phase 2 – Infrastructure Update
o 4 sub-tasks:
1. Creating groups
2. Assigning users
3. Managing safe permissions
4. Removing redundant access

Day 12: Validating CyberArk Infrastructure Changes
1. Hands-on Exercise: Phase 3 – Validation of Changes
2. Ensure access control updates align with the new security structure

Day 13: Doubt Clearing & Hands-on Support
1. Open Q&A for hands-on exercise & practice assignment challenges
2. Troubleshooting automation workflows

Day 14: Real-World Scenario 2 – CyberArk Privileged Account Reorganization & Compliance Validation
1. Identify accounts requiring updates
2. Assign accounts to new safes
3. Delete empty safes

Day 15: Developing the Remaining Phases of Real-World Scenario 2
1. Implement final infrastructure updates and compliance checks
2. Generate a final validation report

To maximize the learning experience, please keep the following points in mind:
 Patience and Flexibility: If you are already familiar with a concept covered in any
session, you may choose to skip that particular session.
 Hands-on Learning: This course emphasizes practical implementation. It is highly
recommended to follow each use case, both minor and major, for a thorough
understanding.
 Session Recordings: Daily session recordings will be made available at the end of
the day (EOD). Please download and upload them to your personal drive, as Secure
Vance Drive accessibility may expire within a few days.
 Doubt Resolution: Any queries from previous sessions will be addressed either at the
end of a session or in dedicated doubt-clearing sessions.

To ensure a seamless learning experience, participants should have the following setup before
starting the course:
 CyberArk components (Vault, PVWA, PSM, CPM, Domain Controller) installed on
either a local machine or AWS Cloud.
 Postman installed on PVWA or PSM server for API testing.
 Basic knowledge of scripting is advantageous but not mandatory.