sva.sentinelone.sentinelone_policies module – Manage SentinelOne Policies

Note

This module is part of the sva.sentinelone collection (version 2.0.5).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install sva.sentinelone. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: sva.sentinelone.sentinelone_policies.

New in sva.sentinelone 1.0.0

Synopsis

• This module is able to update policies in SentinelOne

Requirements

The below requirements are needed on the host that executes this module.

• deepdiff >= 5.6

Parameters

Parameter	Comments
console_url string / required	Insert your management console URL
groups list / elements=string	Set this option to set the scope to group level A list with groupnames where the policy should be changed Default: []
inherit boolean	Inherit policy from upper scope If set to yes policy will be ignored and the policy will be inherited from upper scope Choices: false ← (default) true
policy dictionary	Define the settings which should be set in policy. Available options can be referred in API documentation e.g. agentUiOn or snapshotsOn Required if inherit=no Will be ignored if inherit=yes
site_name string / required	Name of the site in SentinelOne
token string / required	SentinelOne API auth token to authenticate at the management API

Notes

Note

• Python module deepdiff. Tested with version >=5.6. Lower version may work too

• Currently only supported in single-account management consoles

• Currently not applicable for account level policies

Examples

---
- name: Set custom policy on multiple groups
  sva.sentinelone.sentinelone_policies:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    groups:
      - group1
      - group2
    policy:
      agentUiOn: false
      agentUi:
        agentUiOn: false
- name: Set custom policy on site
  sva.sentinelone.sentinelone_policies:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    policy:
      agentUiOn: false
      agentUi:
        agentUiOn: false
- name: Revert to group default policy inherited from site
  sva.sentinelone.sentinelone_policies:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    inherit: "yes"
    groups:
      - group1
      - group2
- name: Revert to site default policy inherited from account
  sva.sentinelone.sentinelone_policies:
    console_url: "https://XXXXX.sentinelone.net"
    token: "XXXXXXXXXXXXXXXXXXXXXXXXXXX"
    site_name: "test"
    inherit: "yes"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
message list / elements=string	Get basic infos about the changes made Returned: on success Sample: ["Updating policy in group with id 99999999999999", "Updating policy in group with id 99999999999999"]
original_message string	Get detailed infos about the changes made Returned: on success Sample: "[{'changes': {'values_changed': {\"root['agentUi']['agentUiOn']\": {'new_value': False, 'old_value': True}, \"root['agentUiOn']\": {'new_value': False, 'old_value': True}}}, 'groupId': '99999999999999'}, {'changes': {'values_changed': {\"root['agentUi']['agentUiOn']\": {'new_value': False, 'old_value': True}, \"root['agentUiOn']\": {'new_value': False, 'old_value': True}}}, 'groupId': '99999999999999'}]"

Authors

• Marco Wester (@mwester117)

Collection links

• Issue Tracker
• Repository (Sources)