New in version 2.4.
Parameter | Choices/Defaults | Comments |
---|---|---|
change_password_on_the_next_logon bool |
| Whether or not the user must change their password in their next logon. Valid values = true/false. |
cyberark_session required | Dictionary set by a CyberArk authentication containing the different values to perform actions on a logged-on CyberArk session, please see cyberark_authentication module for an example of cyberark_session. | |
disabled bool |
| Whether or not the user will be disabled. Valid values = true/false. |
The user email address. | ||
expiry_date | The date and time when the user account will expire and become disabled. | |
first_name | The user first name. | |
group_name | The name of the group the user will be added to. | |
initial_password | The password that the new user will use to log on the first time. This password must meet the password policy requirements. this parameter is required when state is present -- Add User. | |
last_name | The user last name. | |
location | The Vault Location for the user. | |
new_password | The user updated password. Make sure that this password meets the password policy requirements. | |
state |
| Specifies the state needed for the user present for create user, absent for delete user. |
user_type_name | Default: EPVUser | The type of user. |
username required | The name of the user who will be queried (for details), added, updated or deleted. |
- name: Logon to CyberArk Vault using PAS Web Services SDK cyberark_authentication: api_base_url: "https://components.cyberark.local" use_shared_logon_authentication: true - name: Create user & immediately add it to a group cyberark_user: username: "username" initial_password: "password" user_type_name: "EPVUser" change_password_on_the_next_logon: false group_name: "GroupOfUsers" state: present cyberark_session: "{{ cyberark_session }}" - name: Make sure user is present and reset user credential if present cyberark_user: username: "Username" new_password: "password" disabled: false state: present cyberark_session: "{{ cyberark_session }}" - name: Logoff from CyberArk Vault cyberark_authentication: state: absent cyberark_session: "{{ cyberark_session }}"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
changed bool | always | Whether there was a change done. |
cyberark_user dict | always | Dictionary containing result properties. Sample: {'result': {'type': 'dict', 'description': 'user properties when state is present', 'returned': 'success'}} |
status_code int | success | Result HTTP Status code Sample: 200 |
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/cyberark_user_module.html