ansible.builtin.cs_role_permission (v2.9.18) — module

Install Ansible via pip

Install with pip install ansible==2.9.18

Description

Create, update and remove CloudStack role permissions.

Managing role permissions only supported in CloudStack >= 4.9.

Requirements

• python >= 2.6
• cs >= 0.9.0

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Create a role permission
  cs_role_permission:
    role: My_Custom_role
    name: createVPC
    permission: allow
    description: My comments
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Remove a role permission
  cs_role_permission:
    state: absent
    role: My_Custom_role
    name: createVPC
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Update a system role permission
  cs_role_permission:
    role: Domain Admin
    name: createVPC
    permission: deny
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Update rules order. Move the rule at the top of list
  cs_role_permission:
    role: Domain Admin
    name: createVPC
    parent: 0
  delegate_to: localhost

Inputs

    
name:
    description:
    - The API name of the permission.
    required: true
    type: str

role:
    description:
    - Name or ID of the role.
    required: true
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description:
    - State of the role permission.
    type: str

parent:
    description:
    - The parent role permission uuid. use 0 to move this rule at the top of the list.
    type: str

api_key:
    description:
    - API key of the CloudStack API.
    - If not given, the C(CLOUDSTACK_KEY) env variable is considered.
    required: true
    type: str

api_url:
    description:
    - URL of the CloudStack API e.g. https://cloud.example.com/client/api.
    - If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.
    required: true
    type: str

api_secret:
    description:
    - Secret key of the CloudStack API.
    - If not set, the C(CLOUDSTACK_SECRET) env variable is considered.
    required: true
    type: str

permission:
    choices:
    - allow
    - deny
    default: deny
    description:
    - The rule permission, allow or deny. Defaulted to deny.
    type: str

api_timeout:
    default: 10
    description:
    - HTTP timeout in seconds.
    - If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.
    type: int

description:
    description:
    - The description of the role permission.
    type: str

api_http_method:
    choices:
    - get
    - post
    default: get
    description:
    - HTTP method used to query the API endpoint.
    - If not given, the C(CLOUDSTACK_METHOD) env variable is considered.
    type: str

api_verify_ssl_cert:
    description:
    - Verify CA authority cert file.
    - If not given, the C(CLOUDSTACK_VERIFY) env variable is considered.
    type: str

Outputs

description:
  description: The description of the role permission
  returned: success
  sample: Deny createVPC for users
  type: str
id:
  description: The ID of the role permission.
  returned: success
  sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f
  type: str
name:
  description: The API name of the permission.
  returned: success
  sample: createVPC
  type: str
permission:
  description: The permission type of the api name.
  returned: success
  sample: allow
  type: str
role_id:
  description: The ID of the role to which the role permission belongs.
  returned: success
  sample: c6f7a5fc-43f8-11e5-a151-feff819cdc7f
  type: str