sva.sentinelone.sentinelone_groups module – Manage SentinelOne Groups

Note

This module is part of the sva.sentinelone collection (version 2.0.5).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install sva.sentinelone. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: sva.sentinelone.sentinelone_groups.

New in sva.sentinelone 1.0.0

Synopsis

• This module is able to create, update and delete static and dynamic groups in SentinelOne

Requirements

The below requirements are needed on the host that executes this module.

• deepdiff >= 5.6

Parameters

Parameter	Comments
console_url string / required	Insert your management console URL
filter_name string	If set this module creates a dynamic group based on the passed filter_name. If not set a static group is created Can only be used if you create a single group. Default: ""
name list / elements=string / required	Name of the group or groups to create. You can pass multiple groups as a list
site_name string / required	Name of the site in SentinelOne
state string	Select the state of the group Choices: "present" ← (default) "absent"
token string / required	SentinelOne API auth token to authenticate at the management API

Notes

Note

• Python module deepdiff. Tested with version >=5.6. Lower version may work too

• Currently only supported in single-account management consoles

• Can not convert from static to dynamic group or vice versa

• Always inherits policy from site level. To change the policy please use the sentinelone_policy module.

Examples

---
- name: Create single static group
  sva.sentinelone.sentinelone_groups:
    state: "present"
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    name: "MyGroup"

- name: Create single dynamic group
  sva.sentinelone.sentinelone_groups:
    state: "present"
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    name: "MyGroup"
    filter_name: "MyFilter"

- name: Create multiple static groups
  sva.sentinelone.sentinelone_groups:
    state: "present"
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    name:
      - "MyGroup1"
      - "MyGroup2"
      - "MyGroup3"

- name: Delete single static/dynamic group
  sva.sentinelone.sentinelone_groups:
    state: "absent"
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    name: "MyGroup"

- name: Delete multiple static/dynamic groups
  sva.sentinelone.sentinelone_groups:
    state: "absent"
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    name:
      - "MyGroup1"
      - "MyGroup2"
      - "MyGroup3"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
message list / elements=string	Get basic infos about the changes made Returned: on success Sample: ["Group test123 created."]
original_message string	Get detailed infos about the changes made Returned: on success Sample: "[{'changes': {'values_changed': {\"root['filterId']\": {'new_value': '999999999999999999', 'old_value': '888888888888888888'}}}, 'groupName': 'test123'}]"

Authors

• Marco Wester (@mwester117)

Collection links

• Issue Tracker
• Repository (Sources)