-
Notifications
You must be signed in to change notification settings - Fork 39
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Updated PTA documentation, and updated rulebooks.
- Loading branch information
1 parent
b7e2d1a
commit f70a0df
Showing
6 changed files
with
109 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
--- | ||
- hosts: all | ||
connection: local | ||
|
||
collections: | ||
- cyberark.pas | ||
|
||
tasks: | ||
|
||
- name: Logon to CyberArk Vault using PAS Web Services SDK | ||
cyberark_authentication: | ||
api_base_url: "https://BASE_URL" | ||
validate_certs: false | ||
username: "USERNAME" | ||
password: "PASSWORD" | ||
|
||
- name: Disabling a CyberArk User | ||
cyberark_user: | ||
username: "{{ username }}" #this is password from the running yml when condition is met | ||
disabled: true | ||
cyberark_session: "{{ cyberark_session }}" | ||
register: cyberarkaction | ||
|
||
- name: Debug message | ||
debug: | ||
var: cyberarkaction | ||
|
||
- name: Logoff from CyberArk Vault | ||
cyberark_authentication: | ||
state: absent | ||
cyberark_session: "{{ cyberark_session }}" | ||
|
||
- name: Sending an e-mail using Gmail SMTP servers | ||
community.general.mail: | ||
host: SMTPSERVER | ||
port: PORT | ||
username: username@mail.com | ||
password: password | ||
to: First Last <first.last@mail.com> | ||
subject: Ansible-Rulebook Report | ||
body: Ansible Rulebook disabled Cyberark user '{{ username }}' due to too many login attempts. | ||
delegate_to: localhost |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
--- | ||
- hosts: all | ||
connection: local | ||
|
||
collections: | ||
- cyberark.pas | ||
|
||
tasks: | ||
|
||
- name: Logon to CyberArk Vault using PAS Web Services SDK | ||
cyberark_authentication: | ||
api_base_url: "https://BASE_URL" | ||
validate_certs: false | ||
username: "USERNAME" | ||
password: "PASSWORD" | ||
|
||
- name: Disabling a CyberArk User | ||
cyberark_user: | ||
username: "{{ username | regex_search('.+?(?=\\()') }}" #more optimal handle user case like suser=testuserFirst.testuserLast@acme.com(Vault user) match up to ( char | ||
disabled: true | ||
cyberark_session: "{{ cyberark_session }}" | ||
register: cyberarkaction | ||
|
||
- name: Debug message | ||
debug: | ||
var: cyberarkaction | ||
|
||
- name: Logoff from CyberArk Vault | ||
cyberark_authentication: | ||
state: absent | ||
cyberark_session: "{{ cyberark_session }}" | ||
|
||
- name: Sending an e-mail using Gmail SMTP servers | ||
community.general.mail: | ||
host: SMTPSERVER | ||
port: PORT | ||
username: username@mail.com | ||
password: password | ||
to: First Last <first.last@mail.com> | ||
subject: Ansible-Rulebook Report | ||
body: Ansible Rulebook notify of PTA Event {{ username }} - {{ eventname }} - from host {{ station }} - For more info please visit - {{ eventurl }} - user disabled! | ||
delegate_to: localhost |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
--- | ||
- hosts: all | ||
connection: local | ||
|
||
collections: | ||
- cyberark.pas | ||
|
||
tasks: | ||
|
||
- name: Sending an e-mail using Gmail SMTP servers | ||
community.general.mail: | ||
host: SMTPSERVER | ||
port: PORT | ||
username: username@mail.com | ||
password: password | ||
to: First Last <first.last@mail.com> | ||
subject: Ansible-Rulebook Report | ||
body: Ansible Rulebook notify of PTA Event '{{ username | ansible.builtin.regex_search('^[a-zA-Z0-9_]+') }}' '{{ eventname }}' from host '{{ station }}' For more info please visit - '{{ eventurl }}' | ||
delegate_to: localhost |