carlosmmatos
commented
5 months ago Yes - you are correct. This shouldn't have that when clause because it would force you to re-run the role in order to "remove" the aid. I'll get this fixed.
Closed dhoppe closed 5 months ago
carlosmmatos
commented
5 months ago Yes - you are correct. This shouldn't have that when clause because it would force you to re-run the role in order to "remove" the aid. I'll get this fixed.
dhoppe
commented
5 months ago Yes - you are correct. This shouldn't have that when clause because it would force you to re-run the role in order to "remove" the aid. I'll get this fixed.
@carlosmmatos Thank you very much. 👏
carlosmmatos
commented
5 months ago Well this was not as easy as just removing the when clause lol.. of course not, that would make too much sense 😮💨. I'll update all the things I had to do to make this more robust in the PR.
dhoppe
commented
5 months ago @carlosmmatos I saw your pull request. Not only that you had to wait until the Agent ID has been fetched, but the logic needed some love as well. 😉
I use an Ansible playbook to create a golden image for AWS using the roles
falcon_install,falcon_configureandfalcon_uninstall.When I run the Ansible playbook, the task
configure.ymlis skipped because the variablefalcon_remove_aidis set totrue. https://github.com/CrowdStrike/ansible_collection_falcon/blob/main/roles/falcon_configure/tasks/main.yml#L14-L22 https://github.com/CrowdStrike/ansible_collection_falcon/blob/main/roles/falcon_configure/tasks/main.yml#L34-L42I think it should be possible to set the Customer ID and then remove the Agent ID. A new AWS EC2 instance based on this golden image should just start the service
falcon-sensorand retrieve the Agent ID automatically. Without the Customer ID the service would fail to start.