Try SpotterManage local roles on an ESXi host
| "added in version" 2.5 of ansible.builtin"
Authors: Abhijeet Kasurde (@Akasurde) <akasurde@redhat.com>
preview | supported by community
pipInstall with pip install ansible==2.7.10
Manage local roles on an ESXi host
# Example vmware_local_role_manager command from Ansible Playbooks
- name: Add local role to ESXi
vmware_local_role_manager:
hostname: '{{ esxi_hostname }}'
username: '{{ esxi_username }}'
password: '{{ esxi_password }}'
local_role_name: vmware_qa
state: present
delegate_to: localhost
- name: Add local role with privileges to ESXi
vmware_local_role_manager:
hostname: '{{ esxi_hostname }}'
username: '{{ esxi_username }}'
password: '{{ esxi_password }}'
local_role_name: vmware_qa
local_privilege_ids: [ 'Folder.Create', 'Folder.Delete']
state: present
delegate_to: localhost
- name: Remove local role from ESXi
vmware_local_role_manager:
hostname: '{{ esxi_hostname }}'
username: '{{ esxi_username }}'
password: '{{ esxi_password }}'
local_role_name: vmware_qa
state: absent
delegate_to: localhost
port:
default: 443
description:
- The port number of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable C(VMWARE_PORT)
will be used instead.
- Environment variable support added in Ansible 2.6.
type: int
state:
choices:
- present
- absent
default: present
description:
- Indicate desired state of the role.
- If the role already exists when C(state=present), the role info is updated.
hostname:
description:
- The hostname or IP address of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable C(VMWARE_HOST)
will be used instead.
- Environment variable support added in Ansible 2.6.
type: str
password:
aliases:
- pass
- pwd
description:
- The password of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD)
will be used instead.
- Environment variable support added in Ansible 2.6.
type: str
username:
aliases:
- admin
- user
description:
- The username of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable C(VMWARE_USER)
will be used instead.
- Environment variable support added in Ansible 2.6.
type: str
proxy_host:
description:
- Address of a proxy that will receive all HTTPS requests and relay them.
- The format is a hostname or a IP.
- If the value is not specified in the task, the value of environment variable C(VMWARE_PROXY_HOST)
will be used instead.
- This feature depends on a version of pyvmomi greater than v6.7.1.2018.12
required: false
type: str
proxy_port:
description:
- Port of the HTTP proxy that will receive all HTTPS requests and relay them.
- If the value is not specified in the task, the value of environment variable C(VMWARE_PROXY_PORT)
will be used instead.
required: false
type: int
force_remove:
default: false
description:
- If set to C(False) then prevents the role from being removed if any permissions
are using it.
type: bool
validate_certs:
default: true
description:
- Allows connection when SSL certificates are not valid. Set to C(false) when certificates
are not trusted.
- If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS)
will be used instead.
- Environment variable support added in Ansible 2.6.
- If set to C(yes), please make sure Python >= 2.7.9 is installed on the given machine.
type: bool
local_role_name:
description:
- The local role name to be managed.
required: true
local_privilege_ids:
default: []
description:
- The list of privileges that role needs to have.
- Please see U(https://docs.vmware.com/en/VMware-vSphere/6.0/com.vmware.vsphere.security.doc/GUID-ED56F3C4-77D0-49E3-88B6-B99B8B437B62.html)
local_role_name: description: Name of local role returned: always type: string new_privileges: description: List of privileges of role after update returned: on update type: list old_privileges: description: List of privileges of role before update returned: on update type: list role_id: description: ESXi generated local role id returned: always type: int