ansible / ansible.builtin / v2.9.24 / module / mongodb_user Adds or removes a user from a MongoDB database. | "added in version" 1.1 of ansible.builtin" Authors: Elliott Foster (@elliotttf), Julien Thebault (@Lujeni) preview | supported by communityansible.builtin.mongodb_user (v2.9.24) — module
pip
Install with pip install ansible==2.9.24
Adds or removes a user from a MongoDB database.
# Create 'burgers' database user with name 'bob' and password '12345'. - mongodb_user: database: burgers name: bob password: 12345 state: present
# Create a database user via SSL (MongoDB must be compiled with the SSL option and configured properly) - mongodb_user: database: burgers name: bob password: 12345 state: present ssl: True
# Delete 'burgers' database user with name 'bob'. - mongodb_user: database: burgers name: bob state: absent
# Define more users with various specific roles (if not defined, no roles is assigned, and the user will be added via pre mongo 2.2 style) - mongodb_user: database: burgers name: ben password: 12345 roles: read state: present
- mongodb_user: database: burgers name: jim password: 12345 roles: readWrite,dbAdmin,userAdmin state: present
- mongodb_user: database: burgers name: joe password: 12345 roles: readWriteAnyDatabase state: present
# add a user to database in a replica set, the primary server is automatically discovered and written to - mongodb_user: database: burgers name: bob replica_set: belcher password: 12345 roles: readWriteAnyDatabase state: present
# add a user 'oplog_reader' with read only access to the 'local' database on the replica_set 'belcher'. This is useful for oplog access (MONGO_OPLOG_URL). # please notice the credentials must be added to the 'admin' database because the 'local' database is not synchronized and can't receive user credentials # To login with such user, the connection string should be MONGO_OPLOG_URL="mongodb://oplog_reader:oplog_reader_password@server1,server2/local?authSource=admin" # This syntax requires mongodb 2.6+ and pymongo 2.5+ - mongodb_user: login_user: root login_password: root_password database: admin user: oplog_reader password: oplog_reader_password state: present replica_set: belcher roles: - db: local role: read
ssl: description: - Whether to use an SSL connection when connecting to the database type: bool version_added: '1.8' version_added_collection: ansible.builtin name: aliases: - user description: - The name of the user to add or remove required: true roles: description: - 'The database user roles valid values could either be one or more of the following strings: ''read'', ''readWrite'', ''dbAdmin'', ''userAdmin'', ''clusterAdmin'', ''readAnyDatabase'', ''readWriteAnyDatabase'', ''userAdminAnyDatabase'', ''dbAdminAnyDatabase'' ' - 'Or the following dictionary ''{ db: DATABASE_NAME, role: ROLE_NAME }''.' - This param requires pymongo 2.5+. If it is a string, mongodb 2.4+ is also required. If it is a dictionary, mongo 2.6+ is required. version_added: '1.3' version_added_collection: ansible.builtin state: choices: - present - absent default: present description: - The database user state database: description: - The name of the database to add/remove the user from required: true password: description: - The password to use for the user login_host: default: localhost description: - The host running the database login_port: default: 27017 description: - The port to connect to login_user: description: - The username used to authenticate with replica_set: description: - Replica set to connect to (automatically connects to primary for writes) version_added: '1.6' version_added_collection: ansible.builtin ssl_cert_reqs: choices: - CERT_REQUIRED - CERT_OPTIONAL - CERT_NONE default: CERT_REQUIRED description: - Specifies whether a certificate is required from the other side of the connection, and whether it will be validated if provided. version_added: '2.2' version_added_collection: ansible.builtin login_database: description: - The database where login credentials are stored version_added: '2.0' version_added_collection: ansible.builtin login_password: description: - The password used to authenticate with update_password: choices: - always - on_create default: always description: - C(always) will update passwords if they differ. C(on_create) will only set the password for newly created users. version_added: '2.1' version_added_collection: ansible.builtin
user: description: The name of the user to add or remove. returned: success type: str