def main():
module = AnsibleModule(
argument_spec=dict(
name=dict(),
id=dict(),
cloudType=dict(type='list'),
systemDefault=dict(type='bool'),
details=pc.details_spec(),
search_type=pc.search_type_spec(),
),
supports_check_mode=False,
)
client = pc.PrismaCloudRequest(module)
path = ['compliance', ]
listing = client.get(path)
results = client.get_facts_from(
listing,
'name', ['id', 'cloudType', 'systemDefault'],
['compliance', 'id'], (1, ),
)
module.exit_json(**results)
def main():
module = AnsibleModule(
argument_spec=dict(
name=dict(),
id=dict(),
cloudType=dict(choices=['aws', 'azure', 'gcp', 'alibaba_cloud']),
details=pc.details_spec(),
search_type=pc.search_type_spec(),
),
supports_check_mode=False,
)
client = pc.PrismaCloudRequest(module)
path = ['cloud', 'name']
listing = client.get(path)
results = client.get_facts_from(
listing,
'name',
['cloudType', 'id'],
['cloud', 'cloudType', 'id'],
(1, 2),
)
module.exit_json(**results)
def main():
module = AnsibleModule(
argument_spec=dict(
complianceId=dict(required=True),
name=dict(),
id=dict(),
systemDefault=dict(type='bool'),
details=pc.details_spec(),
search_type=pc.search_type_spec(),
),
supports_check_mode=False,
)
client = pc.PrismaCloudRequest(module)
path = ['compliance', module.params['complianceId'], 'requirement']
listing = client.get(path)
results = client.get_facts_from(
listing,
'name', ['systemDefault', 'id'],
['compliance', 'requirement', 'id'], (2, ),
)
module.exit_json(**results)
def main():
module = AnsibleModule(
argument_spec=dict(
name=dict(),
policyId=dict(),
policyType=dict(choices=['config', 'audit_event', 'network']),
systemDefault=dict(type='bool'),
cloudType=dict(),
severity=dict(choices=['low', 'medium', 'high']),
details=pc.details_spec(),
search_type=pc.search_type_spec(),
),
supports_check_mode=False,
)
client = pc.PrismaCloudRequest(module)
path = [
'policy',
]
listing = client.get(path)
results = client.get_facts_from(
listing,
'name',
['policyId', 'policyType', 'systemDefault', 'cloudType', 'severity'],
['policy', 'policyId'],
(1, ),
)
module.exit_json(**results)
def main():
module = AnsibleModule(
argument_spec=dict(
csr_id=dict(required=True),
section_id=dict(),
system_default=dict(type='bool'),
),
supports_check_mode=False,
)
client = pc.PrismaCloudRequest(module)
csr_id = module.params['csr_id']
section_id = module.params['section_id']
system_default = module.params['system_default']
path = ['compliance', csr_id, 'section']
listing = client.get(path)
ans = []
for x in listing:
if section_id is not None and x['sectionId'] != section_id:
continue
if system_default is not None and x['systemDefault'] != system_default:
continue
ans.append(x)
module.exit_json(changed=False, total=len(listing), listing=ans)
def main():
module = AnsibleModule(
argument_spec=dict(
name=dict(),
details=pc.details_spec(),
),
supports_check_mode=False,
)
client = pc.PrismaCloudRequest(module)
name = module.params['name']
details = module.params['details']
path = ['cloud', 'group']
listing = client.get(path)
ans = []
for x in listing:
if name is not None and x['name'] != name:
continue
val = None
if details:
path = ['cloud', 'group', x['id']]
val = client.get(path)
else:
val = pc.hide_details(x, ['name', 'id'])
ans.append(val)
module.exit_json(changed=False, total=len(listing), listing=ans)
def main():
module = AnsibleModule(
argument_spec=dict(
name=dict(),
cloud_types=dict(type='list'),
system_default=dict(type='bool'),
details=pc.details_spec(),
),
supports_check_mode=False,
)
client = pc.PrismaCloudRequest(module)
name = module.params['name']
cloud_types = module.params['cloud_types']
system_default = module.params['system_default']
details = module.params['details']
path = [
'compliance',
]
listing = client.get(path)
ans = []
for x in listing:
if name is not None and x['name'] != name:
continue
if cloud_types is not None and set(cloud_types).isdisjoint(
set(x['cloudType'])):
continue
if system_default is not None and x['systemDefault'] != system_default:
continue
val = None
if details:
path = ['compliance', x['id']]
val = client.get(path)
else:
val = pc.hide_details(x,
['name', 'id', 'cloudType', 'systemDefault'])
ans.append(val)
module.exit_json(changed=False, total=len(listing), listing=ans)
def main():
module = AnsibleModule(
argument_spec=dict(
cs_id=dict(required=True),
name=dict(),
system_default=dict(type='bool'),
details=pc.details_spec(),
),
supports_check_mode=False,
)
client = pc.PrismaCloudRequest(module)
cs_id = module.params['cs_id']
name = module.params['name']
system_default = module.params['system_default']
details = module.params['details']
path = ['compliance', cs_id, 'requirement']
listing = client.get(path)
ans = []
for x in listing:
if name is not None and x['name'] != name:
continue
if system_default is not None and x['systemDefault'] != system_default:
continue
val = None
if details:
path = ['compliance', 'requirement', x['id']]
val = client.get(path)
else:
val = pc.hide_details(x, ['name', 'id', 'systemDefault'])
ans.append(val)
module.exit_json(changed=False, total=len(listing), listing=ans)
def main():
module = AnsibleModule(
argument_spec=dict(
cloudAccount=dict(
required=True,
type='dict',
required_one_of=[
['accountId', 'name'],
],
options=dict(
accountId=dict(),
enabled=dict(type='bool', default=False),
groupIds=dict(type='list'),
name=dict(),
),
),
compressionEnabled=dict(type='bool'),
dataflowEnabledProject=dict(),
flowLogStorageBucket=dict(),
credentials=dict(
type='dict',
options=dict(
type=dict(),
project_id=dict(),
private_key_id=dict(),
private_key=dict(),
client_email=dict(),
client_id=dict(),
auth_uri=dict(),
token_uri=dict(),
auth_provider_x509_cert_url=dict(),
client_x509_cert_url=dict(),
),
),
state=pc.state_spec(),
),
supports_check_mode=True,
)
client = pc.PrismaCloudRequest(module)
# Variables.
obj = None
results = {'changed': False}
# Retrieve obj details.
if module.params['cloudAccount']['accountId'] is not None:
try:
obj = client.get(
['cloud', 'gcp', module.params['cloudAccount']['accountId']])
except errors.ObjectNotFoundError:
pass
else:
the_id = identify(client, module.params['cloudAccount']['name'])
if the_id is not None:
obj = client.get(['cloud', 'gcp', the_id])
results['before'] = obj
fields = [
'cloudAccount', 'credentials', 'compressionEnabled',
'dataflowEnabledProject', 'flowLogStorageBucket'
]
ca_fields = ['accountId', 'enabled', 'groupIds', 'name']
c_fields = [
'type',
'project_id',
'private_key_id',
'private_key',
'client_email',
'client_id',
'auth_uri',
'token_uri',
'auth_provider_x509_cert_url',
'client_x509_cert_url',
]
if module.params['state'] == 'present':
req_obj = {
'cloudAccount': {
'accountId': '',
'enabled': False,
'groupIds': [],
'name': '',
},
'compressionEnabled': False,
'flowLogStorageBucket': '',
'credentials': {
'type': '',
'project_id': '',
'private_key_id': '',
'private_key': '',
'client_email': '',
'client_id': '',
'auth_uri': '',
'token_uri': '',
'auth_provider_x509_cert_url': '',
'client_x509_cert_url': '',
},
}
for field in fields:
if field == 'cloudAccount':
ca = module.params['cloudAccount']
for ca_field in ca_fields:
if ca[ca_field] is not None:
req_obj[field][ca_field] = ca[ca_field]
elif field == 'credentials':
creds = module.params['credentials']
for c_field in c_fields:
if creds[c_field] is not None:
req_obj[field][c_field] = creds[c_field]
elif module.params[field] is not None:
req_obj[field] = module.params[field]
if obj is None:
results['changed'] = True
if not module.check_mode:
client.post(['cloud', 'gcp'], req_obj)
req_obj['cloudAccount']['accountId'] = identify(
client, module.params['cloudAccount']['name'])
else:
if not req_obj['cloudAccount']['accountId']:
req_obj['cloudAccount']['accountId'] = obj['cloudAccount'][
'accountId']
for field in fields:
if field == 'cloudAccount':
for ca_field in ca_fields:
if obj.get(field, {}).get(ca_field) != req_obj.get(
field, {}).get(ca_field):
results['changed'] = True
break
elif field == 'credentials':
for c_field in c_fields:
if obj.get(field, {}).get(c_field) != req_obj.get(
field, {}).get(c_field):
results['changed'] = True
break
elif obj.get(field) != req_obj.get(field):
results['changed'] = True
if results['changed']:
if not module.check_mode:
client.put([
'cloud', 'gcp',
req_obj['cloudAccount']['accountId']
], req_obj)
break
results['after'] = req_obj
elif module.params['state'] == 'absent':
results['after'] = None
if obj is not None:
results['changed'] = True
if not module.check_mode:
client.delete(
['cloud', 'gcp', obj['cloudAccount']['accountId']])
# Done.
module.exit_json(**results)
def main():
module = AnsibleModule(
argument_spec=dict(
accountId=dict(),
enabled=dict(type='bool', default=False),
externalId=dict(no_log=True),
groupIds=dict(type='list'),
name=dict(),
roleArn=dict(),
state=pc.state_spec(),
),
required_one_of=[
['accountId', 'name'],
],
supports_check_mode=True,
)
client = pc.PrismaCloudRequest(module)
# Variables.
obj = None
results = {'changed': False}
# Retrieve obj details.
if module.params['accountId'] is not None:
try:
obj = client.get(['cloud', 'aws', module.params['accountId']])
except errors.ObjectNotFoundError:
pass
else:
the_id = identify(client, module.params['name'])
if the_id is not None:
obj = client.get(['cloud', 'aws', the_id])
results['before'] = obj
if module.params['state'] == 'present':
fields = ['accoundId', 'enabled', 'externalId', 'groupIds', 'name', 'roleArn']
req_obj = {
'accountId': '',
'enabled': False,
'externalId': '',
'groupIds': [],
'name': '',
'roleArn': '',
}
for field in fields:
if module.params[field] is not None:
req_obj[field] = module.params[field]
if obj is None:
results['changed'] = True
if not module.check_mode:
client.post(['cloud', 'aws'], req_obj)
req_obj['accountId'] = identify(client, req_obj['name'])
else:
if not req_obj['accountId']:
req_obj['accountId'] = obj['accountId']
for field in fields:
if obj.get(field) != req_obj.get(field):
results['changed'] = True
if not module.check_mode:
client.put(['cloud', 'aws', req_obj['accountId']], req_obj)
break
results['after'] = req_obj
elif module.params['state'] == 'absent':
results['after'] = None
if obj is not None:
results['changed'] = True
if not module.check_mode:
client.delete(['cloud', 'aws', obj['accountId']])
# Done.
module.exit_json(**results)
def main():
module = AnsibleModule(
argument_spec=dict(
cloudAccount=dict(
required=True,
type='dict',
required_one_of=[
['accountId', 'name'],
],
options=dict(
accountId=dict(),
enabled=dict(type='bool', default=False),
groupIds=dict(type='list'),
name=dict(),
),
),
clientId=dict(),
key=dict(),
monitorFlowLogs=dict(type='bool'),
tenantId=dict(),
servicePrincipalId=dict(),
state=pc.state_spec(),
),
supports_check_mode=True,
)
client = pc.PrismaCloudRequest(module)
# Variables.
obj = None
results = {'changed': False}
# Retrieve obj details.
if module.params['cloudAccount']['accountId'] is not None:
try:
obj = client.get(
['cloud', 'azure', module.params['cloudAccount']['accountId']])
except errors.ObjectNotFoundError:
pass
else:
the_id = identify(client, module.params['cloudAccount']['name'])
if the_id is not None:
obj = client.get(['cloud', 'azure', the_id])
results['before'] = obj
fields = [
'cloudAccount', 'clientId', 'key', 'monitorFlowLogs', 'tenantId',
'servicePrincipalId'
]
ca_fields = ['accountId', 'enabled', 'groupIds', 'name']
if module.params['state'] == 'present':
req_obj = {
'cloudAccount': {
'accountId': '',
'enabled': False,
'groupIds': [],
'name': '',
},
'clientId': '',
'key': '',
'monitorFlowLogs': False,
'tenantId': '',
'servicePrincipalId': '',
}
for field in fields:
if field == 'cloudAccount':
ca = module.params['cloudAccount']
for ca_field in ca_fields:
if ca[ca_field] is not None:
req_obj[field][ca_field] = ca[ca_field]
elif module.params[field] is not None:
req_obj[field] = module.params[field]
if obj is None:
results['changed'] = True
if not module.check_mode:
client.post(['cloud', 'azure'], req_obj)
req_obj['cloudAccount']['accountId'] = identify(
client, module.params['cloudAccount']['name'])
else:
if not req_obj['cloudAccount']['accountId']:
req_obj['cloudAccount']['accountId'] = obj['cloudAccount'][
'accountId']
for field in fields:
if field == 'cloudAccount':
for ca_field in ca_fields:
if obj.get(field, {}).get(ca_field) != req_obj.get(
field, {}).get(ca_field):
results['changed'] = True
break
elif obj.get(field) != req_obj.get(field):
results['changed'] = True
if results['changed']:
if not module.check_mode:
client.put([
'cloud', 'azure',
req_obj['cloudAccount']['accountId']
], req_obj)
break
results['after'] = req_obj
elif module.params['state'] == 'absent':
results['after'] = None
if obj is not None:
results['changed'] = True
if not module.check_mode:
client.delete(
['cloud', 'azure', obj['cloudAccount']['accountId']])
# Done.
module.exit_json(**results)