cdillc / cdillc.splunk / 0.24.2 / module / splunk_user Manage Splunk user accounts | "added in version" 0.9.0 of cdillc.splunk" Authors: Lowell C. Alleman <lowell.alleman@cdillc.com>cdillc.splunk.splunk_user (0.24.2) — module
Install with ansible-galaxy collection install cdillc.splunk:==0.24.2
collections: - name: cdillc.splunk version: 0.24.2
Create, delete, and update local Splunk user accounts with Ansible.
This module uses the Python Splunk SDK and requires access to the splunkd administrative port.
Authentication can be handled via either I(username) and I(password) or via I(token).
tz: aliases: - timezone default: null description: - Timezone associated with the Splunk user. required: false email: default: null description: - Email address associated with the Splunk user. required: false roles: default: - user description: - List of roles associated with the Splunk user. - By default this will override any users existing role membership. Use I(append_roles=true) to change this behavior to be additive. elements: str required: true type: list state: choices: - present - absent - list default: present description: - Ensure the user is either present or absent; or list the contents of the user's configuration. - With C(present), existing users are updated in place. See notes regarding specific handling of the I(roles), I(splunk_pass), and I(force_change_pass). required: false token: default: null description: - Token to use when authentication has already taken place. - The C(token) can be specified instead of I(username) and I(password). - This module returns an output named I(token) that can be used for subsequent splunkd calls to the same splunkd endpoint. required: false password: default: null description: - The password for username/password authentication to Splunkd. - Must be provided if I(username) is provided. required: false realname: aliases: - fullname - comment default: null description: - The full name (comment) of the user account. required: false username: default: null description: - Splunk username for username/password authentication to Splunkd. - When provided, I(password) must also be specified. required: false defaultapp: aliases: - defaultApp default: null description: - The default Splunk application the user sees when they login to Splunk Web. required: false splunk_home: default: null description: - Path to Splunk installation. - This is used if the splunk-sdk is not installed for all users. required: false splunk_pass: default: null description: - Password for the Splunk user account being created or modified. - See the notes regarding changing passwords under the I(update_password) option. - This option is required when C(state=present). required: false splunk_user: aliases: - name default: null description: - Name of the user to create, modify or delete. required: true splunkd_uri: aliases: - uri default: https://localhost:8089 description: - The Splunkd endpoint of the Splunk server to configure. - Defaults to the local server and default splunkd port. required: false append_roles: default: false description: - When true, the specified I(roles) will be appended to the user's existing roles. required: false type: bool update_password: default: false description: - Replace the existing password with the one specified in I(password). - When I(true) this module will always report changed since there is no way to determine if the new password is different than the currently assigned password. required: false type: bool force_change_pass: default: null description: - Force user to change password. This field is set when the user is first created or when I(update_password=true). required: false type: bool update_force_change_pass: default: false description: - Use in combination with I(force_change_pass) to force an update to an existing user. - Whenever this is set to I(true) the module will always report as changed. The Splunk REST api does not allow the C(force-change-pass) to be read. required: false type: bool
content: contains: capabilities: description: A list of effectively Splunk capabilities for the user elements: str sample: - search - install_apps - '...' type: list defaultApp: type: str email: type: str locked-out: sample: '0' type: str relname: description: Real user name type: str restart_background_jobs: type: str roles: description: Splunk roles assigned to user. sample: - user - power search_assistant: sample: compact type: str search_auto_format: sample: '0' type: str search_line_numbers: sample: '0' type: str search_syntax_highlighting: sample: light type: str search_use_advanced_editor: sample: '1' type: str theme: sample: enterprise type: str tz: description: Time zone type: str description: User attributes as returned by Splunk. A few highlights have provided below for quick reference. returned: when user is listed, created, or updated. Upon deletion this is shown too, but subsequent invocations of I(state=absent) will return an empty dictionary. type: dict endpoint: description: URL used to edit the user object returned: always type: str result: description: - The overall result of the module run. - Options include C(created), C(updated), C(deleted), or C(unchanged). returned: always sample: updated type: str token: description: - The Splunk auth token created used for the REST API calls. - This value can be passed into I(token) of a subsequent REST-based operation. returned: always type: str updated_attrs: description: A list of attributes that were set. type: list