Closed kanabasse closed 11 months ago
Also experiencing this issue. CyberArk Privileged Access Security Version 12.6.7 (12.6.7.83).
When using the PowerShell module to delete the same certificates, I am able to do so by adding the -UseClassicAPI
option as the modern API doesn't seem able to handle SSH key entries. Looking at the Ansible module documentation and the underlying Python code, I don't see any option to use the classic API meaning the Ansible code currently doesn't support deleting this credential type at all, unless I'm mistaken?
Please note this is a documented limitation on the PVWA Rest API itself:
The public doc explicitly says: "Note The Delete account REST API does not support SSH Keys"
The current workaround is by using 1st gen API as you noted.
Also , please review the following enhancement request(ER) on the subject, please vote/promote and follow on the ER so PVWA Product Management will prioritize this properly: https://cyberark.my.site.com/s/article/Delete-account-REST-API-does-not-support-SSH-Keys-cbbf-c9f
Summary
SSH key cannot be delete using
cyberark.pas.cyberark_account
module, task fails.Steps to Reproduce
Use cyberark_account module to delete an ssh key from the Vault:
Expected Results
Actual Results
Reproducible
Version/Tag number
cyberark.pas collection version
1.0.13
Environment setup
v12.2
Additional Information
According to this answer on Cyberark Technical Community, v10 pvwa api isn't able to delete ssh keys.
Deletion works using v9 api and uri module. Here is my workaround: