gsadmin/PSInfisicalAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

feat: add Organization/Sub-Organization CRUD cmdlets and Get-InfisicalSANList

Browse Source 
Adds 8 cmdlets for Organization and Sub-Organization CRUD (Get/New/Update/Remove for each), targeting /api/v2/organizations and /api/v1/sub-organizations. Get cmdlets default to List parameter set and switch to Single when -OrganizationId or -SubOrganizationId is supplied. New/Update/Remove honor -WhatIf/-Confirm; Remove defaults to High ConfirmImpact and supports -PassThru. No project context required.

Adds Get-InfisicalSANList: emits a deduplicated SAN candidate set containing the local device name, the device name suffixed with each non-empty DNS suffix found across operational adapters and the system primary domain, every IPv4 unicast address falling within RFC 1918 or CGNAT, and the IPv4/IPv6 loopback addresses. Supports optional case-insensitive -InclusionExpression and -ExclusionExpression regex filters applied in fetch -> include -> exclude -> output order. Output is a single strongly-typed System.String[] array emitted non-enumerated so List<string>.AddRange consumes it directly.

Registers 10 new endpoints, adds InfisicalOrganization/InfisicalSubOrganization models with DTOs, mappers, and clients, full MAML help for all 9 new cmdlets, mapper unit tests, EndpointRegistry inline-data coverage, and docs/DesignSpec.md sections 16.7 and 16.8. build.ps1 CmdletsToExport and Test-ModuleImports expected list now contain 51 cmdlets. README updated with Organization/Sub-Organization tables, the new Get-InfisicalSANList entry, and an end-to-end certificate request example using splatted OrderedDictionary blocks.
This commit is contained in:
GraceSolutions
2026-06-06 20:17:49 -04:00
parent 15fadd01a4
commit 77cb03ec98
27 changed files with 1771 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/DesignSpec.md
+80
View File
@@ -39,6 +39,14 @@ Get-InfisicalTag
New-InfisicalTag
Update-InfisicalTag
Remove-InfisicalTag
Get-InfisicalOrganization
New-InfisicalOrganization
Update-InfisicalOrganization
Remove-InfisicalOrganization
Get-InfisicalSubOrganization
New-InfisicalSubOrganization
Update-InfisicalSubOrganization
Remove-InfisicalSubOrganization
```
Infisicals public API is REST-based and provides programmatic access for managing secrets and related resources. Current Infisical documentation shows the list-secrets endpoint under `/api/v4/secrets`, the single-secret retrieval endpoint under `/api/v4/secrets/{secretName}`, and Universal Auth login under `/api/v1/auth/universal-auth/login`. The implementation must centralize API endpoint definitions because Infisical uses different API versions across resource families. ([Infisical Blog][1])
@@ -1533,6 +1541,78 @@ Output: `InfisicalProcessResult` with `ExitCode`, `ExitCodeAsHex`, `ExitCodeAsIn
---
# 16.7 Organization Cmdlets
Organizations are the top-level tenancy boundary in Infisical. They are not scoped under a project; the active connection's `OrganizationId` is used as the default identifier when an explicit one is not supplied.
Cmdlet signatures:
```powershell
Get-InfisicalOrganization [[-OrganizationId] <string>] # default = List
New-InfisicalOrganization [-Name] <string> [-Slug <string>] [-WhatIf] [-Confirm]
Update-InfisicalOrganization [-OrganizationId] <string> [-Name <string>] [-Slug <string>] [-WhatIf] [-Confirm]
Remove-InfisicalOrganization [-OrganizationId] <string> [-PassThru] [-WhatIf] [-Confirm]
```
Parameter sets:
| Cmdlet | Default set | Single set | Notes |
|---|---|---|---|
| `Get-InfisicalOrganization` | `List` (no `-Id`) | `Single` (`-OrganizationId`/`-Id`) | No `-ProjectId`. |
| `New-InfisicalOrganization` | n/a | `-Name` mandatory, `-Slug` optional | ShouldProcess. |
| `Update-InfisicalOrganization` | n/a | `-OrganizationId` mandatory | ShouldProcess; only bound parameters are sent. |
| `Remove-InfisicalOrganization` | n/a | `-OrganizationId` mandatory | `ConfirmImpact.High`; `-PassThru` emits removed id. |
Endpoints:
| Operation | Method | Template | Version |
|---|---|---|---|
| List | `GET` | `/api/v2/organizations` | v2 |
| Retrieve | `GET` | `/api/v1/organization/{organizationId}` | v1 |
| Create | `POST` | `/api/v2/organizations` | v2 |
| Update | `PATCH` | `/api/v1/organization/{organizationId}` | v1 |
| Delete | `DELETE` | `/api/v1/organization/{organizationId}` | v1 |
Output: `InfisicalOrganization` with `Id`, `Name`, `Slug`, `CustomerId`, `AuthEnforced`, `ScimEnabled`, `CreatedAtUtc`, `UpdatedAtUtc`.
---
# 16.8 Sub-Organization Cmdlets
Sub-organizations partition an organization into isolated child tenants. They are not scoped under a project; the active connection is used for the parent organization context.
Cmdlet signatures:
```powershell
Get-InfisicalSubOrganization [[-SubOrganizationId] <string>] [-Limit <int>] [-Offset <int>] [-Search <string>] [-OrderBy <string>] [-OrderDirection <string>] [-IsAccessible]
New-InfisicalSubOrganization [-Name] <string> [-Slug] <string> [-WhatIf] [-Confirm]
Update-InfisicalSubOrganization [-SubOrganizationId] <string> [-Name <string>] [-Slug <string>] [-WhatIf] [-Confirm]
Remove-InfisicalSubOrganization [-SubOrganizationId] <string> [-PassThru] [-WhatIf] [-Confirm]
```
Parameter sets:
| Cmdlet | Default set | Single set | Notes |
|---|---|---|---|
| `Get-InfisicalSubOrganization` | `List` (no `-Id`) | `Single` (`-SubOrganizationId`/`-Id`) | List supports server-side `-Limit`, `-Offset`, `-Search`, `-OrderBy`, `-OrderDirection`, `-IsAccessible`. |
| `New-InfisicalSubOrganization` | n/a | `-Name` + `-Slug` mandatory | ShouldProcess. |
| `Update-InfisicalSubOrganization` | n/a | `-SubOrganizationId` mandatory | ShouldProcess; only bound parameters are sent. |
| `Remove-InfisicalSubOrganization` | n/a | `-SubOrganizationId` mandatory | `ConfirmImpact.High`; `-PassThru` emits removed id. |
Endpoints (beta):
| Operation | Method | Template | Version |
|---|---|---|---|
| List | `GET` | `/api/v1/sub-organizations` | v1 |
| Retrieve | `GET` | `/api/v1/sub-organizations/{subOrgId}` | v1 |
| Create | `POST` | `/api/v1/sub-organizations` | v1 |
| Update | `PATCH` | `/api/v1/sub-organizations/{subOrgId}` | v1 |
| Delete | `DELETE` | `/api/v1/sub-organizations/{subOrgId}` | v1 |
Output: `InfisicalSubOrganization` with `Id`, `Name`, `Slug`, `OrganizationId`, `IsAccessible`, `CreatedAtUtc`, `UpdatedAtUtc`.
---
# 17. SecureString Utility
Required utility: