Skip to content

Instantly share code, notes, and snippets.

@JimmyJamTQBD
Forked from cyberark-bizdev/account_changepolicy.yml
Last active September 21, 2019 23:19
Show Gist options
  • Save JimmyJamTQBD/cd1ca17e7072ac9fc707c6954d67e751 to your computer and use it in GitHub Desktop.
Save JimmyJamTQBD/cd1ca17e7072ac9fc707c6954d67e751 to your computer and use it in GitHub Desktop.
PlayBooks for AnsibleFest 2019
---
- hosts: localhost
collections:
- cyberark.bizdev
vars:
cyberark_webservices:
username: '{{ cyberark_rest_username }}'
password: '{{ cyberark_rest_password }}'
baseurl: '{{ cyberark_rest_baseurl }}'
tasks:
- name: Logon to CyberArk Vault using PAS Web Services SDK
cyberark.bizdev.cyberark_authentication:
api_base_url: '{{ cyberark_rest_baseurl }}'
validate_certs: no
username: '{{ cyberark_rest_username }}'
password: '{{ cyberark_rest_password }}'
tags: [ enable, disable]
- name: Enabling a CyberArk User and forcing a password change at next logon
cyberark_user:
username: "{{ cyberark_user }}"
disabled: false
state: present
cyberark_session: "{{ cyberark_session }}"
register: cyberarkaction
tags: enable
- name: Disabling a CyberArk User
cyberark_user:
username: "ansibleuser"
disabled: true
cyberark_session: "{{ cyberark_session }}"
register: cyberarkaction
tags: disable
- name: Debug message
debug:
var: cyberarkaction
tags: [ enable, disable]
- name: Logoff from CyberArk Vault
cyberark_authentication:
state: absent
cyberark_session: "{{ cyberark_session }}"
tags: [ enable, disable]
- hosts: all
collections:
- cyberark.bizdev
vars:
cyberark_webservices:
username: '{{ cyberark_rest_username }}'
password: '{{ cyberark_rest_password }}'
baseurl: '{{ cyberark_rest_baseurl }}'
tasks:
- name: Logon to CyberArk Vault using PAS Web Services SDK
cyberark.bizdev.cyberark_authentication:
api_base_url: '{{ cyberark_rest_baseurl }}'
validate_certs: no
username: '{{ cyberark_rest_username }}'
password: '{{ cyberark_rest_password }}'
- name: Debug message
debug:
var: cyberark_session
- name: Creating an Account using the PAS WebServices SDK
cyberark.bizdev.cyberark_account:
logging_level: DEBUG
identified_by: "address,username,platform_id"
safe: "Linux_Service_Accts"
address: "{{ host_address }}"
username: "{{ host_username }}"
platform_id: UnixSSH
secret: "{{ inventory_ssh_pass }}"
platform_account_properties:
Port: "22"
OwnerName: "Edward Nunez"
UseSudoOnReconcile: "Yes"
secret_management:
management_action: reconcile
automatic_management_enabled: true
perform_secret_management: on_create
state: present
cyberark_session: "{{ cyberark_session }}"
register: cyberarkaction
- name: Debug message
debug:
var: cyberarkaction
- name: Logoff from CyberArk Vault
cyberark_authentication:
state: absent
cyberark_session: "{{ cyberark_session }}"
---
- hosts: localhost
collections:
- cyberark.bizdev
vars:
cyberark_webservices:
username: '{{ cyberark_rest_username }}'
password: '{{ cyberark_rest_password }}'
baseurl: '{{ cyberark_rest_baseurl }}'
tasks:
- name: Logon to CyberArk Vault using PAS Web Services SDK
cyberark.bizdev.cyberark_authentication:
api_base_url: '{{ cyberark_rest_baseurl }}'
validate_certs: no
username: '{{ cyberark_rest_username }}'
password: '{{ cyberark_rest_password }}'
- name: Enabling a CyberArk User and forcing a password change at next logon
cyberark_user:
username: "{{ cyberark_user }}"
disabled: false
new_password: "{{ new_password }}"
state: present
change_password_on_the_next_logon: true
cyberark_session: "{{ cyberark_session }}"
register: cyberarkaction
- name: Debug message
debug:
var: cyberarkaction
- name: Logoff from CyberArk Vault
cyberark_authentication:
state: absent
cyberark_session: "{{ cyberark_session }}"
- hosts: all
collections:
- cyberark.bizdev
vars:
cyberark_webservices:
username: '{{ cyberark_rest_username }}'
password: '{{ cyberark_rest_password }}'
baseurl: '{{ cyberark_rest_baseurl }}'
tasks:
- name: Logon to CyberArk Vault using PAS Web Services SDK
cyberark.bizdev.cyberark_authentication:
api_base_url: '{{ cyberark_rest_baseurl }}'
validate_certs: no
username: '{{ cyberark_rest_username }}'
password: '{{ cyberark_rest_password }}'
- name: Debug message
debug:
var: cyberark_session
- name: Logoff from CyberArk Vault
cyberark_authentication:
state: absent
cyberark_session: "{{ cyberark_session }}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment