sva.sentinelone.sentinelone_config_overrides module – Manage SentinelOne Config Overrides

Note

This module is part of the sva.sentinelone collection (version 2.0.5).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install sva.sentinelone. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: sva.sentinelone.sentinelone_config_overrides.

New in sva.sentinelone 1.0.0

Synopsis 

This module allows to create/update/delete config overrides on site or group level in SentinelOne management console
You can only create one config override for the same combination of OS Type, Agent Version and Scope.
These three parameters are the identifiers of the config override
If state=present you can create or update the override object.
If you update an existing override your config_overide settings will be merged into the existing data.
You can also rename the config override or change the description.
If state=absent the data specified via the config_override parameter will be removed from the current override object.
If state=prune the whole override object will be deleted.

Requirements 

The below requirements are needed on the host that executes this module.

deepdiff >= 5.6

Parameters 

Parameter	Comments
agent_version string	Optional: Set config override for a specific agent version. If not set the config override will apply on all agent versions Default: `"ALL"`
config_override dictionary	The config override data Required when state=present or state=absent Will be ignored if state=prune
console_url string / required	Insert your management console URL
description string	Optional: Set a description for the config override Will be ignored if state=absent or state=prune Default: `""`
group string	Enter group name here If this option is set the scope is set to group level. Otherwise scope is set to site level Default: `""`
name string	Name of the config override Will be ignored if state=absent or state=prune Required if state=present
os_type string / required	The os type for which the config is set Choices: `"windows"` `"linux"`
site_name string / required	Name of the site in SentinelOne
state string	`present`: Make sure the config override exists. If no override object for the selected scope exists it will be created. If an override object already exists the new config will get merged into the existing one. `absent`: Absent will only remove the settings from the override object you specify by `config_override` parameter. If the `config_override` parameter conatins all existing settings the whole object will be deleted instead In this mode only the keys of `config_override` will be used. Values will be igonred. Absent will let the other overrides in the same scope untouched. `prune`: The whole config override object will be deleted. Choices: `"present"` ← (default) `"absent"` `"prune"`
token string / required	SentinelOne API auth token to authenticate at the management API

Notes 

Note

Python module deepdiff. Tested with version >=5.6. Lower version may work too
Currently only supported in single-account management consoles
Currently not applicable for account level config overrides

Examples 

---
- name: Create/Update config_override for all agents on site
  sva.sentinelone.sentinelone_config_overrides:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    name: "test_override"
    os_type: "windows"
    config_override: { powershellProtection: true }
- name: Create/Update config_override for all agents on group
  sva.sentinelone.sentinelone_config_overrides:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    group: "testgroup"
    name: "test_override"
    os_type: "windows"
    config_override:
      powershellProtection: true
- name: Create/Update config_override for specific agent version on group
  sva.sentinelone.sentinelone_config_overrides:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    group: "testgroup"
    name: "test_override"
    os_type: "windows"
    agent_version: "21.7.2.1038"
    config_override:
      powershellProtection: true
- name: Delete config_override for all agents on group
  sva.sentinelone.sentinelone_config_overrides:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    state: "absent"
    group: "testgroup"
    os_type: "windows"
- name: Delete config_override for specific agent version on site
  sva.sentinelone.sentinelone_config_overrides:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    state: absent
    os_type: "windows"
    agent_version: "21.7.2.1038"

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
message list / elements=string	Get basic infos about the changes made Returned: on success Sample: `["Creating non existing site config override: test"]`
original_message string	Get detailed infos about the changes made Returned: on success Sample: `"{'changes': 'Creating non existing site level config override: test', 'siteId': '99999999999999'}"`

Authors

Marco Wester (@mwester117)

sva.sentinelone.sentinelone_config_overrides module – Manage SentinelOne Config Overrides

Synopsis

Requirements

Parameters

Notes

Examples

Return Values