Closed dhoppe closed 5 months ago
Yes - you are correct. This shouldn't have that when clause because it would force you to re-run the role in order to "remove" the aid. I'll get this fixed.
Yes - you are correct. This shouldn't have that when clause because it would force you to re-run the role in order to "remove" the aid. I'll get this fixed.
@carlosmmatos Thank you very much. 👏
Well this was not as easy as just removing the when clause lol.. of course not, that would make too much sense 😮💨. I'll update all the things I had to do to make this more robust in the PR.
@carlosmmatos I saw your pull request. Not only that you had to wait until the Agent ID has been fetched, but the logic needed some love as well. 😉
I use an Ansible playbook to create a golden image for AWS using the roles
falcon_install
,falcon_configure
andfalcon_uninstall
.When I run the Ansible playbook, the task
configure.yml
is skipped because the variablefalcon_remove_aid
is set totrue
. https://github.com/CrowdStrike/ansible_collection_falcon/blob/main/roles/falcon_configure/tasks/main.yml#L14-L22 https://github.com/CrowdStrike/ansible_collection_falcon/blob/main/roles/falcon_configure/tasks/main.yml#L34-L42I think it should be possible to set the Customer ID and then remove the Agent ID. A new AWS EC2 instance based on this golden image should just start the service
falcon-sensor
and retrieve the Agent ID automatically. Without the Customer ID the service would fail to start.