cyberark.pas.account : Allow deleting accounts using their unique name or id

[pint2oo]

Is your feature request related to a problem? Please describe.

I'm facing an issue deleting accounts that have very similar parameters (same username, address, safe and platform), and that can't be distinguished except by some parameters in "platform_account_properties", and by their "name".

I have been unable to make "name" work as a value of "identified_by" (API returns a 200 as if the account was already absent), and there is currently no option to give the account's id to the module (despite it being handled by the API).

Describe the solution you would like

I would like to be able to delete accounts using either their unique "name" or "id".

Describe alternatives you have considered

I'm reverting back to using the Ansible uri module to send DELETE requests to the API. as described here : https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/WebServices/Delete%20Account.htm

Additional context

/

[mdgreenjr]

This post is from 2021 and I seem to maybe be running into the same issue. Is this not fixed yet?

[szh]

@cyberark-bizdev and @infamousjoeg can you please take a look?

[mdgreenjr]

Doing some testing it almost seems like "name" search doesn't work at all - even in GUI. For example the ID (example: 35_32) has to be unique and cyberark assigns. The "name" which if you don't define it is also auto generated.

Imagine this use case - name is username-fqdn-critera-critera something like that. It makes it a single field that can be looked up and will be unique across the vault.

So if you search for that in the GUI with "" around it finds nothing but if you search for it separated by spaces it seems like it does a keyword search for each part of the name and is possibly able to locate the account.? So if we do this in ansible using identified_by: name and input the EXACT name results in nothing found.

Could this be a setting in cyberark itself rather than something with the api?