Tutorial - Creating the Playbook

Stage 3 - Automated Actions

Description

On the previous page we defined the steps our task will perform.

It's time to add a list of actions to each of those steps.

Step 1 - Display Welcome Text

Purpose

The first step of our task will:

  1. Show the Task Operator some welcome information
  2. Wait for them to click Start

Plugin Actions

  • ppa.ui.output_markdown
  • ppa.ui.input_accept

Examples

Playbook Snippet
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
- name: Display Welcome Text
  actions:
    - ppa.ui.output_markdown:
        doc: >
          #### Active Directory - Add User to Group(s)


          Use this task to add an Active Directory user to one or more groups.


          You will need to:


          - Search for and select the Active Directory user account

          - Choose one or more groups to add them to


    - ppa.ui.input_accept:
        text: Start
PPA Screenshot

step-1

Step 2 - Get Domain Controller

Our task needs some Domain Controller details so it can connect to Active Directory.

Purpose

This step will:

  1. Get the details from a Hashicorp Vault secret called active_directory

  2. Save the details as the domain_controller variable

See the examples for a screenshot of the Hashicorp configuration

Plugin Actions

  • hashicorp_vault.key_value.read_secret

Examples

Playbook Snippet
1
2
3
4
5
6
7
  - name: Get Secrets
    actions:
      - hashicorp_vault.key_value.read_secret:
          secret: active_directory
          engine: secret
          reason: Getting Active Directory details
        save: domain_controller
PPA Screenshot

step-2-ppa

Hashicorp Vault Secret

step-2-hashicorp

Step 3 - Search for User

Now the task needs an Active Directory user account.

Purpose

This step will:

  1. Allow the Task Operator to search for & select a user account

  2. Save the selection as the user variable

The connection details are supplied by loading the domain_controller variable from step 2.

Plugin Actions

  • active_directory.users.get_interactive

Examples

Playbook Snippet
1
2
3
4
5
6
  - name: Search for User
    actions:
      - active_directory.users.get_interactive:
        load:
          domain_controller: domain_controller
        save: user
PPA Screenshots

step-3-get-interactive

step-3-get-interactive-confirm

Step 4 - Add User to Groups

The final step will add the user account to one or more Active Directory groups.

Purpose

This step will:

  • Allow the Task Operator to search for & select one or more groups

  • Add the user account to the selected groups

The connection details are supplied by loading the domain_controller variable from step 2.

The user is supplied by loading the user variable from step 3.

Plugin Actions

  • active_directory.users.add_to_groups_interactive

Examples

Playbook Snippet
1
2
3
4
5
6
  - name: Add User to Groups
    actions:
      - active_directory.users.add_to_groups_interactive:
        load:
          domain_controller: domain_controller
          distinguishedName: user.distinguishedName
PPA Screenshots

step-4-ppa-3

step-4-ppa-2

step-4-ppa-1

Updated Playbook

The Playbook is complete!