Last active
March 21, 2019 17:54
-
-
Save infamousjoeg/a9344be071ee75a8fa92ed39f26512dd to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- hosts: localhost | |
roles: | |
- role: cyberark.modules | |
tasks: | |
- name: Logon to CyberArk Vault using PAS Web Services SDK | |
cyberark_authentication: | |
api_base_url: 'https://components.cyberarkdemo.example' | |
validate_certs: no | |
username: '{{ item.passprops.username }}' | |
password: '{{ item.password }}' | |
with_cyberarkpassword: | |
appid: 'Ansible' | |
query: 'safe=TEST-RESTAPI;folder=root;object=test-restapi-cybr_ansible' | |
output: 'password,PassProps.Username' | |
no_log: yes | |
- name: Onboard root User to CyberArk Enterprise Password Vault | |
uri: | |
url: https://components.cyberarkdemo.example/PasswordVault/api/Accounts | |
headers: | |
Content-Type: application/json | |
Authorization: '{{ cyberark_session.token }}' | |
method: POST | |
status_code: 201 | |
body: | |
name: 'test-auto-onboard_{{ inventory_hostname }}_root' | |
address: '{{ inventory_hostname }}' | |
userName: 'root' | |
platformId: 'UnixSSH' | |
safeName: 'TEST-AUTO-ONBOARD' | |
secretType: 'password' | |
secret: 'Cyberark1' | |
secretManagement: | |
automaticManagementEnabled: no | |
body_format: json | |
validate_certs: no | |
- name: Logoff from PAS Web Services SDK | |
cyberark_authentication: | |
state: absent | |
cyberark_session: '{{ cyberark_session }}' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Requires the
cyberark.modules
role installed from Ansible Galaxy:$ ansible-galaxy install cyberark.modules