Forked from cyberark-bizdev/account_changepolicy.yml
Last active
September 21, 2019 23:19
-
-
Save JimmyJamTQBD/cd1ca17e7072ac9fc707c6954d67e751 to your computer and use it in GitHub Desktop.
PlayBooks for AnsibleFest 2019
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- hosts: localhost | |
collections: | |
- cyberark.bizdev | |
vars: | |
cyberark_webservices: | |
username: '{{ cyberark_rest_username }}' | |
password: '{{ cyberark_rest_password }}' | |
baseurl: '{{ cyberark_rest_baseurl }}' | |
tasks: | |
- name: Logon to CyberArk Vault using PAS Web Services SDK | |
cyberark.bizdev.cyberark_authentication: | |
api_base_url: '{{ cyberark_rest_baseurl }}' | |
validate_certs: no | |
username: '{{ cyberark_rest_username }}' | |
password: '{{ cyberark_rest_password }}' | |
tags: [ enable, disable] | |
- name: Enabling a CyberArk User and forcing a password change at next logon | |
cyberark_user: | |
username: "{{ cyberark_user }}" | |
disabled: false | |
state: present | |
cyberark_session: "{{ cyberark_session }}" | |
register: cyberarkaction | |
tags: enable | |
- name: Disabling a CyberArk User | |
cyberark_user: | |
username: "ansibleuser" | |
disabled: true | |
cyberark_session: "{{ cyberark_session }}" | |
register: cyberarkaction | |
tags: disable | |
- name: Debug message | |
debug: | |
var: cyberarkaction | |
tags: [ enable, disable] | |
- name: Logoff from CyberArk Vault | |
cyberark_authentication: | |
state: absent | |
cyberark_session: "{{ cyberark_session }}" | |
tags: [ enable, disable] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- hosts: all | |
collections: | |
- cyberark.bizdev | |
vars: | |
cyberark_webservices: | |
username: '{{ cyberark_rest_username }}' | |
password: '{{ cyberark_rest_password }}' | |
baseurl: '{{ cyberark_rest_baseurl }}' | |
tasks: | |
- name: Logon to CyberArk Vault using PAS Web Services SDK | |
cyberark.bizdev.cyberark_authentication: | |
api_base_url: '{{ cyberark_rest_baseurl }}' | |
validate_certs: no | |
username: '{{ cyberark_rest_username }}' | |
password: '{{ cyberark_rest_password }}' | |
- name: Debug message | |
debug: | |
var: cyberark_session | |
- name: Creating an Account using the PAS WebServices SDK | |
cyberark.bizdev.cyberark_account: | |
logging_level: DEBUG | |
identified_by: "address,username,platform_id" | |
safe: "Linux_Service_Accts" | |
address: "{{ host_address }}" | |
username: "{{ host_username }}" | |
platform_id: UnixSSH | |
secret: "{{ inventory_ssh_pass }}" | |
platform_account_properties: | |
Port: "22" | |
OwnerName: "Edward Nunez" | |
UseSudoOnReconcile: "Yes" | |
secret_management: | |
management_action: reconcile | |
automatic_management_enabled: true | |
perform_secret_management: on_create | |
state: present | |
cyberark_session: "{{ cyberark_session }}" | |
register: cyberarkaction | |
- name: Debug message | |
debug: | |
var: cyberarkaction | |
- name: Logoff from CyberArk Vault | |
cyberark_authentication: | |
state: absent | |
cyberark_session: "{{ cyberark_session }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- hosts: localhost | |
collections: | |
- cyberark.bizdev | |
vars: | |
cyberark_webservices: | |
username: '{{ cyberark_rest_username }}' | |
password: '{{ cyberark_rest_password }}' | |
baseurl: '{{ cyberark_rest_baseurl }}' | |
tasks: | |
- name: Logon to CyberArk Vault using PAS Web Services SDK | |
cyberark.bizdev.cyberark_authentication: | |
api_base_url: '{{ cyberark_rest_baseurl }}' | |
validate_certs: no | |
username: '{{ cyberark_rest_username }}' | |
password: '{{ cyberark_rest_password }}' | |
- name: Enabling a CyberArk User and forcing a password change at next logon | |
cyberark_user: | |
username: "{{ cyberark_user }}" | |
disabled: false | |
new_password: "{{ new_password }}" | |
state: present | |
change_password_on_the_next_logon: true | |
cyberark_session: "{{ cyberark_session }}" | |
register: cyberarkaction | |
- name: Debug message | |
debug: | |
var: cyberarkaction | |
- name: Logoff from CyberArk Vault | |
cyberark_authentication: | |
state: absent | |
cyberark_session: "{{ cyberark_session }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- hosts: all | |
collections: | |
- cyberark.bizdev | |
vars: | |
cyberark_webservices: | |
username: '{{ cyberark_rest_username }}' | |
password: '{{ cyberark_rest_password }}' | |
baseurl: '{{ cyberark_rest_baseurl }}' | |
tasks: | |
- name: Logon to CyberArk Vault using PAS Web Services SDK | |
cyberark.bizdev.cyberark_authentication: | |
api_base_url: '{{ cyberark_rest_baseurl }}' | |
validate_certs: no | |
username: '{{ cyberark_rest_username }}' | |
password: '{{ cyberark_rest_password }}' | |
- name: Debug message | |
debug: | |
var: cyberark_session | |
- name: Logoff from CyberArk Vault | |
cyberark_authentication: | |
state: absent | |
cyberark_session: "{{ cyberark_session }}" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment