Executors
The templates will be executed only when the target artifact (eg. credential to be changed) is configured with an executor and with a template to be used. Every template belongs to one and only one executor. Executors of senhasegura represent which protocols and systems connectivity and the ability to interact natively.
This chapter aims to present the plugins provided by senhasegura and how to use them to execute automated tasks and how to create templates for it.
Executor default triggers
A trigger is an action performed into the client module. It can be executed by Executor plugin supported by the client module' technology. This architecture enable our developers to create new plugins and triggers to every target system that support some kind of automated interaction.
By default senhasegura comes with the following triggers to start an execution operation.
PAM triggers;
Credential enable: Enable an locked credential into a target device. Can also be used to perform a JIT credential creation;
Credential disabiling: Disable a target credential after senhasegura Proxy usage. Can also be used to perform a JIT credential destruction;
Password change: Change some credential ou SSH Key secret;
Cloud and DSM;
AWS OpsWorks : Used into senhasegura DSM to provide credentials and secrets management in AWS OpsWorks ;
Secret Management Automation: senhasegura Cloudsecret management tasks;
User provisioning;
New group: Group creation at target system;
New user: User creation at target system;
Group delete: Group deletion at target system;
User delete: User deletion at target system;
User delete in group: Removing a user from a group at target system;
Certificate management;
Certificate disabiling: Revoke a target SSL certificate into target device;
Certificate publishing: Publish a target SSL certificate into target device;
Task Manager;
- Task Manager: Automated tasks into target devices that can be scheduled or executed by user request;
Executors plugins
Every executor can interact over some system. senhasegura abstraction layer enables our development team to create new executors aim to reach protocols, cloud providers APIs, website interfaces, OS commands, etc.
Web environments
cURL Executor for requests to simple web pages. Pages without JavaScript environment or HTML events. You can use this executor for legacy systems based on pure HTML4 architecture;
HTTP Executor for requests to complex web pages where more interactivity using JavaScript elements and event triggers are required;
Executor Selenium Selenium is a web application automation solution created with the objective of supporting teams during automated tests, simulating a user.
Miscellaneous protocols
LDAP: Interactivity with navigations and operations on LDAP servers;
SSH: Execution of commands through an SSH connection;
SSH Legacy: Command execution via SSH connection from legacy devices and old SSH versions;
Telnet: Execution of commands through a Telnet connection;
Windows environments
Windows RM: Interactivity with Windows devices through Windows RM;
Windows RPC: Interactivity with Windows devices through Windows RPC. It is even possible to execute commands via PowerShell;
Databases
senhasegura can interact with a great number of databases. Its implementation can be requested to our Sales or Support team if needed. By default, senhasegura is installed with only this four major database vendors.
MySQL: Executing commands in a MySQL database
Oracle: Execution of commands in an Oracle database
PostgreSQL: Execution of commands in PostgreSQL database
SQL Server: Execution of commands in SQL Server database
Specific products and binaries
Tk Expect: Binary interactivity on the remote device via SSH or Telnet connections. Perfect to interact on command line applications where the interface need to be interpreted;
VMWare ESXi: Changing passwords using the VMWare ESXi client;
x3270 IBM Terminal Emulator: Connector for mainframes IBM 3270. You can interact over mainframe application interfaces interpreting its design;