/ansible-security-automation-collection

CyberArk Ansible Security Automation Collection

Primary LanguagePythonMIT LicenseMIT

cyberark logo|

CyberArk Ansible Security Automation Collection


Collection

cyberark.pas

This collection is the CyberArk Ansible Security Automation project and can be found on ansible galaxy. This is aimed to enable the automation of securing privileged access by storing privileged accounts in the Enterprise Password Vault (EPV), controlling user's access to privileged accounts in EPV, and securely retreiving secrets using Application Access Manager (AAM). The following modules will allow CyberArk administrators to automate the following tasks:

Requirements

  • CyberArk Privileged Account Security Web Services SDK
  • CyberArk AAM Central Credential Provider (Only required for cyberark_credential)

Role Variables

None.

Modules

cyberark_authentication

  • Using the CyberArk Web Services SDK, authenticate and obtain an auth token to be passed as a variable in playbooks
  • Logoff of an authenticated REST API session
    Playbooks and Module Info

cyberark_user

  • Add a CyberArk User
  • Delete a CyberArk User
  • Update a CyberArk User's account parameters

cyberark_account

  • Add Privileged Account to the EPV
  • Delete account objects
  • Modify account properties
  • Rotatate privileged credentials
    Playbooks and Module Info

cyberark_credential

  • Using AAM Central Credential Provider (CCP), to securely retreive secrets and account properties from EPV to be registered for use in playbooks
    Playbooks and Module Info

Author Information

  • CyberArk Business Development Technical Team
    • @enunez-cyberark
    • @cyberark-bizdev
    • @jimmyjamcabd