Skip to content

Dr 1280 fix pam rotation edit for saas#2161

Closed
jwalstra-keeper wants to merge 11 commits into
masterfrom
DR-1280_fix_pam_rotation_edit_for_saas
Closed

Dr 1280 fix pam rotation edit for saas#2161
jwalstra-keeper wants to merge 11 commits into
masterfrom
DR-1280_fix_pam_rotation_edit_for_saas

Conversation

@jwalstra-keeper

Copy link
Copy Markdown
Contributor

No description provided.

lthievenaz-keeper and others added 11 commits June 12, 2026 20:36
* Add support for port mapping

If connection has empty port, it will default to the ports defined in this file (can be customized for custom default ports)
Also added new parameter allow-file-uploads for RBI

* Support empty user/ports and other improvements

If a KCM connection has no user, the export will log the record for future process.
If a KCM connection has no port, it will default to the port mapping defined in KCM_mappings.json
Fixed a duplication issue of SFTP parameters caused by a reference error.
Set the autodocker docker-file location as default
Reworked how logged records are displayed on output file.
* Add secret-ids argument for thycotic import

Add secret-ids arg to import command, to use for debugging Thycotic secret IDs

* Pass secret-ids arg from import command to thycotic import

Pass secret-ids arg from import command to thycotic import so it can be handled in the Thycotic import

* Add handling for secret-ids arg in Thycotic import

If user sets secret-ids, the import will:
- Check if any of those IDs have come up in the lookup and would have been imported.
- Import only the secret-ids set

This is useful for debugging, because the lookup API may not return all Thycotic secrets - eg if there a security policy on them, but they may still be fetched.

Usage:
String (comma separated IDs)
`import --format thycotic server_name --secret-ids "123, 124,125"`
Python List (strings or integers)
`secret_ids=[123, 124, 125]`

* Correct secret_ids check

Fix conditional logic so import continues if no secret ids are specified

---------

Co-authored-by: lthievenaz-keeper <lthievenaz@keepersecurity.com>
…, rename Supershell Drive folder labels, and standardize list record_category

Fixed nsf-share-folder and nsf-share-record expiration updates, enforced a
one-minute minimum on NSF and classic share commands, standardized list/search
record_category to lowercase classic/nested, and renamed Supershell Drive
folder labels to Nested Shared Folder (Shared) and (NonShared).
* Fix SQL injection in MSSQL password rotation and reject unsafe --password input

* allow / and . in login regex
KeeperApp and krouter require configurationUid on set_record_rotation; include PAM config UID, matching revision for existing rotation rows, and an explicit empty resourceUid so IAM semantics are not overridden by stale cache data.

Co-authored-by: Cursor <cursoragent@cursor.com>
* Add --online filter to pam gateway list with gateway totals.

Co-authored-by: Cursor <cursoragent@cursor.com>

* Add -o short option for pam gateway list --online.

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Cursor <cursoragent@cursor.com>
* Add secret-ids argument for thycotic import

Add secret-ids arg to import command, to use for debugging Thycotic secret IDs

* Pass secret-ids arg from import command to thycotic import

Pass secret-ids arg from import command to thycotic import so it can be handled in the Thycotic import

* Add handling for secret-ids arg in Thycotic import

If user sets secret-ids, the import will:
- Check if any of those IDs have come up in the lookup and would have been imported.
- Import only the secret-ids set

This is useful for debugging, because the lookup API may not return all Thycotic secrets - eg if there a security policy on them, but they may still be fetched.

Usage:
String (comma separated IDs)
`import --format thycotic server_name --secret-ids "123, 124,125"`
Python List (strings or integers)
`secret_ids=[123, 124, 125]`
…#2160)

* Add pam connection ai command for KeeperAI settings on PAM resources.

Implements show, set/unset, and remove with sparse DAG merges, configure_resource meta bootstrap, GSE_DELETION removal, and CLI warnings for duplicate or mirrored options.

Co-authored-by: Cursor <cursoragent@cursor.com>

* Extend pam connection ai to pamRemoteBrowser records.

Co-authored-by: Cursor <cursoragent@cursor.com>

---------

Co-authored-by: Cursor <cursoragent@cursor.com>
@jwalstra-keeper jwalstra-keeper marked this pull request as draft June 18, 2026 20:21
Comment thread keepercommander/commands/discoveryrotation.py Dismissed
Comment thread keepercommander/commands/pam_import/keeper_ai_settings.py Dismissed
Comment thread keepercommander/commands/pam_import/keeper_ai_settings.py Dismissed
Comment thread keepercommander/commands/pam_import/keeper_ai_settings.py Dismissed
Comment thread keepercommander/commands/pam_import/keeper_ai_settings.py Dismissed
Comment thread keepercommander/commands/tunnel_and_connections.py Dismissed
Comment thread keepercommander/importer/thycotic/thycotic.py Dismissed
Comment thread keepercommander/importer/thycotic/thycotic.py Dismissed
Comment thread keepercommander/plugins/commands.py Dismissed
Comment thread keepercommander/plugins/commands.py Dismissed
@jwalstra-keeper jwalstra-keeper deleted the DR-1280_fix_pam_rotation_edit_for_saas branch June 18, 2026 20:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

7 participants