Merge pull request #361 from wazuh/feature-359-agent-auth-groups

Add the option to create agent groups and add an agent to 1 or more group

roles/wazuh/ansible-wazuh-agent/defaults/main.yml

@@ -47,6 +47,7 @@ wazuh_agent_authd:
   enable: false
   port: 1515
   agent_name: null
+  groups: []
   ssl_agent_ca: null
   ssl_agent_cert: null
   ssl_agent_key: null

roles/wazuh/ansible-wazuh-agent/tasks/Linux.yml

@@ -82,6 +82,9 @@
         -k "/var/ossec/etc/{{ wazuh_agent_authd.ssl_agent_key | basename }}"
         {% endif %}
         {% if wazuh_agent_authd.ssl_auto_negotiate == 'yes' %} -a {% endif %}
+        {% if wazuh_agent_authd.groups is defined and wazuh_agent_authd.groups | length > 0 %}
+        -G "{{ wazuh_agent_authd.groups | join(',') }}"
+        {% endif %}
       register: agent_auth_output
       notify: restart wazuh-agent
       vars:

roles/wazuh/ansible-wazuh-manager/defaults/main.yml

@@ -409,3 +409,5 @@ nodejs:
       debian: "deb"
       redhat: "rpm"
   repo_url_ext: "nodesource.com/setup_10.x"
+
+agent_groups: [] # groups to create

roles/wazuh/ansible-wazuh-manager/tasks/main.yml

@@ -351,6 +351,14 @@
   tags:
     - config
 
+- name: Create agent groups
+  command: "/var/ossec/bin/agent_groups -a -g {{ item }} -q"
+  with_items:
+    - "{{ agent_groups }}"
+  when:
+    - ( agent_groups is defined) and ( agent_groups|length > 0)
+  tags: molecule-idempotence-notest
+
 - include_tasks: "RMRedHat.yml"
   when:
     - ansible_os_family == "RedHat" or ansible_os_family == "Amazon"