New in version 2.4.
cyberark_session
parameter.Parameter | Choices/Defaults | Comments |
---|---|---|
api_base_url - | A string containing the base URL of the server hosting CyberArk's Privileged Account Security Web Services SDK. | |
cyberark_session - | Dictionary set by a CyberArk authentication containing the different values to perform actions on a logged-on CyberArk session. | |
new_password - | The new password of the user. This parameter is optional, and enables you to change a password. | |
password - | The password of the user. | |
state - |
| Specifies if an authentication logon/logoff and a cyberark_session should be added/removed. |
use_radius_authentication boolean |
| Whether or not users will be authenticated via a RADIUS server. Valid values are true/false. |
use_shared_logon_authentication boolean |
| Whether or not Shared Logon Authentication will be used. |
username - | The name of the user who will logon to the Vault. | |
validate_certs boolean |
| If false , SSL certificates will not be validated. This should only set to false used on personally controlled sites using self-signed certificates. |
- name: Logon to CyberArk Vault using PAS Web Services SDK - use_shared_logon_authentication cyberark_authentication: api_base_url: "{{ web_services_base_url }}" use_shared_logon_authentication: yes - name: Logon to CyberArk Vault using PAS Web Services SDK - Not use_shared_logon_authentication cyberark_authentication: api_base_url: "{{ web_services_base_url }}" username: "{{ password_object.password }}" password: "{{ password_object.passprops.username }}" use_shared_logon_authentication: no - name: Logoff from CyberArk Vault cyberark_authentication: state: absent cyberark_session: "{{ cyberark_session }}"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
cyberark_session dictionary | success | Authentication facts. Sample: {'api_base_url': {'description': 'Base URL for API calls. Returned in the cyberark_session, so it can be used in subsequent calls.', 'type': 'str', 'returned': 'always'}, 'token': {'description': 'The token that identifies the session, encoded in BASE 64.', 'type': 'str', 'returned': 'always'}, 'use_shared_logon_authentication': {'description': 'Whether or not Shared Logon Authentication was used to establish the session.', 'type': 'bool', 'returned': 'always'}, 'validate_certs': {'description': 'Whether or not SSL certificates should be validated.', 'type': 'bool', 'returned': 'always'}} |
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/cyberark_authentication_module.html