90 lines
2.2 KiB
YAML
90 lines
2.2 KiB
YAML
---
|
|
- name: Check for {{ login }}
|
|
okta_users:
|
|
organization: "{{ organization }}"
|
|
api_key: "{{ api_key }}"
|
|
action: list
|
|
login: "{{ login }}"
|
|
register: oktalist
|
|
|
|
# if the account is not found, make it
|
|
- name: Create {{ login }}
|
|
okta_users:
|
|
organization: "{{ organization }}"
|
|
api_key: "{{ api_key }}"
|
|
action: create
|
|
login: "{{ login }}"
|
|
email: "{{ email }}"
|
|
first_name: "{{ first_name }}"
|
|
last_name: "{{ last_name }}"
|
|
when:
|
|
- oktalist['json'] is not defined
|
|
- isActive|bool == True
|
|
|
|
- name: Update {{ login }} first_name
|
|
okta_users:
|
|
organization: "{{ organization }}"
|
|
api_key: "{{ api_key }}"
|
|
action: update
|
|
id: "{{ oktalist.json.0.id }}"
|
|
first_name: "{{ first_name }}"
|
|
when:
|
|
- oktalist.json.0.profile.firstName != first_name
|
|
- isActive|bool == True
|
|
|
|
- name: Update {{ login }} last_name
|
|
okta_users:
|
|
organization: "{{ organization }}"
|
|
api_key: "{{ api_key }}"
|
|
action: update
|
|
id: "{{ oktalist.json.0.id }}"
|
|
last_name: "{{ last_name }}"
|
|
when:
|
|
- oktalist.json.0.profile.lastName != last_name
|
|
- isActive|bool == True
|
|
|
|
- name: Update {{ login }} email
|
|
okta_users:
|
|
organization: "{{ organization }}"
|
|
api_key: "{{ api_key }}"
|
|
action: update
|
|
id: "{{ oktalist.json.0.id }}"
|
|
email: "{{ email }}"
|
|
when:
|
|
- oktalist.json.0.profile.email != email
|
|
- isActive|bool == True
|
|
|
|
- name: Disable {{ login }}
|
|
okta_users:
|
|
organization: "{{ organization }}"
|
|
api_key: "{{ api_key }}"
|
|
action: deactivate
|
|
id: "{{ oktalist.json.0.id }}"
|
|
when:
|
|
- oktalist.json is defined
|
|
- isActive|bool == False
|
|
|
|
- name: debug
|
|
debug:
|
|
msg: "{{ item }}"
|
|
with_items: "{{ add_groups }}"
|
|
|
|
- name: add groups
|
|
okta_groups:
|
|
action: add_user
|
|
organization: "{{ organization }}"
|
|
api_key: "{{ api_key }}"
|
|
user_id: "{{ oktalist.json.0.id }}"
|
|
id: "{{ item }}"
|
|
with_items: "{{ add_groups }}"
|
|
ignore_errors: yes
|
|
|
|
- name: remove groups
|
|
okta_groups:
|
|
action: remove_user
|
|
organization: "{{ organization }}"
|
|
api_key: "{{ api_key }}"
|
|
user_id: "{{ oktalist.json.0.id }}"
|
|
id: "{{ item }}"
|
|
with_items: "{{ remove_groups }}"
|
|
ignore_errors: yes |