cf6f6d09db
* new windows module win_audit_policy_system * removed the backup/restore functionality adjusted to use run-command rather than running the command directly adjusted testing appropriately for the above changes * fixed issue with variable naming in testing removed .psm1 from requires fixed copyright * Updated audit_type to list and added appropriate error handling Updated testing accordingly Fixed up documentation
108 lines
2.8 KiB
YAML
108 lines
2.8 KiB
YAML
########################
|
|
### check mode apply ###
|
|
########################
|
|
- name: check mode enable category
|
|
win_audit_policy_system:
|
|
category: "{{ category_name }}"
|
|
audit_type: success
|
|
check_mode: yes
|
|
register: category
|
|
|
|
- name: check mode enable subcategory
|
|
win_audit_policy_system:
|
|
subcategory: "{{ subcategory_name }}"
|
|
audit_type: success, failure
|
|
check_mode: yes
|
|
register: subcategory
|
|
|
|
- name: check mode assert that changed is true
|
|
assert:
|
|
that:
|
|
- category | changed
|
|
- subcategory | changed
|
|
|
|
- name: check mode assert that audit_type is "no auditing"
|
|
assert:
|
|
that:
|
|
- item == "no auditing"
|
|
with_items:
|
|
- "{{ subcategory.current_audit_policy.values() | list }}"
|
|
- "{{ category.current_audit_policy.values() | list | unique }}"
|
|
|
|
#alternative check for category...pretty noise and requires more lines
|
|
# - name: assert that audit_type is no auditing
|
|
# assert:
|
|
# that: item.value == "no auditing"
|
|
# with_dict: "{{ category.current_audit_policy }}"
|
|
|
|
####################
|
|
### apply change ###
|
|
####################
|
|
|
|
- name: enable category
|
|
win_audit_policy_system:
|
|
category: "{{ category_name }}"
|
|
audit_type: success
|
|
register: category
|
|
|
|
- name: enable subcategory
|
|
win_audit_policy_system:
|
|
subcategory: "{{ subcategory_name }}"
|
|
audit_type: success, failure
|
|
register: subcategory
|
|
|
|
- name: enable assert that changed is true
|
|
assert:
|
|
that:
|
|
- category | changed
|
|
- subcategory | changed
|
|
|
|
- name: enable assert that audit_type is "success" for category
|
|
assert:
|
|
that:
|
|
- item == "success"
|
|
with_items:
|
|
- "{{ category.current_audit_policy.values() | list | unique }}"
|
|
|
|
- name: enable assert that audit_type is "success and failure" for subcategory
|
|
assert:
|
|
that:
|
|
- item == "success and failure"
|
|
with_items:
|
|
- "{{ subcategory.current_audit_policy.values() | list }}"
|
|
|
|
###############################
|
|
### idempotent apply change ###
|
|
###############################
|
|
|
|
- name: idem enable category
|
|
win_audit_policy_system:
|
|
category: "{{ category_name }}"
|
|
audit_type: success
|
|
register: category
|
|
|
|
- name: idem enable subcategory
|
|
win_audit_policy_system:
|
|
subcategory: "{{ subcategory_name }}"
|
|
audit_type: success, failure
|
|
register: subcategory
|
|
|
|
- name: idem assert that changed is false
|
|
assert:
|
|
that:
|
|
- not category | changed
|
|
- not subcategory | changed
|
|
|
|
- name: idem assert that audit_type is "success" for category
|
|
assert:
|
|
that:
|
|
- item == "success"
|
|
with_items:
|
|
- "{{ category.current_audit_policy.values() | list | unique }}"
|
|
|
|
- name: idem assert that audit_type is "success and failure" for subcategory
|
|
assert:
|
|
that:
|
|
- item == "success and failure"
|
|
with_items:
|
|
- "{{ subcategory.current_audit_policy.values() | list }}"
|