Try SpotterManages accounts on Apache CloudStack based clouds.
Authors: René Moser (@resmo)
stableinterface | supported by community
Install with ansible-galaxy collection install community.general:==0.1.1
collections:
- name: community.general
version: 0.1.1Create, disable, lock, enable and remove accounts.
- name: create an account in domain 'CUSTOMERS'
cs_account:
name: customer_xy
username: customer_xy
password: S3Cur3
last_name: Doe
first_name: John
email: john.doe@example.com
domain: CUSTOMERS
role: Domain Admin
delegate_to: localhost
- name: Lock an existing account in domain 'CUSTOMERS'
cs_account:
name: customer_xy
domain: CUSTOMERS
state: locked
delegate_to: localhost
- name: Disable an existing account in domain 'CUSTOMERS'
cs_account:
name: customer_xy
domain: CUSTOMERS
state: disabled
delegate_to: localhost
- name: Enable an existing account in domain 'CUSTOMERS'
cs_account:
name: customer_xy
domain: CUSTOMERS
state: enabled
delegate_to: localhost
- name: Remove an account in domain 'CUSTOMERS'
cs_account:
name: customer_xy
domain: CUSTOMERS
state: absent
delegate_to: localhost
- name: Create a single user LDAP account in domain 'CUSTOMERS'
cs_account:
name: customer_xy
username: customer_xy
domain: CUSTOMERS
ldap_domain: cn=customer_xy,cn=team_xy,ou=People,dc=domain,dc=local
delegate_to: localhost
- name: Create a LDAP account in domain 'CUSTOMERS' and bind it to a LDAP group
cs_account:
name: team_xy
username: customer_xy
domain: CUSTOMERS
ldap_domain: cn=team_xy,ou=People,dc=domain,dc=local
delegate_to: localhost
name:
description:
- Name of account.
required: true
type: str
role:
description:
- Creates the account under the specified role name or id.
type: str
email:
description:
- Email of the user to be created if account did not exist.
- Required on I(state=present) if I(ldap_domain) is not set.
type: str
state:
choices:
- present
- absent
- enabled
- disabled
- locked
- unlocked
default: present
description:
- State of the account.
- C(unlocked) is an alias for C(enabled).
type: str
domain:
default: ROOT
description:
- Domain the account is related to.
type: str
api_key:
description:
- API key of the CloudStack API.
- If not given, the C(CLOUDSTACK_KEY) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
type: str
api_url:
description:
- URL of the CloudStack API e.g. https://cloud.example.com/client/api.
- If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
type: str
password:
description:
- Password of the user to be created if account did not exist.
- Required on I(state=present) if I(ldap_domain) is not set.
type: str
timezone:
description:
- Timezone of the user to be created if account did not exist.
type: str
username:
description:
- Username of the user to be created if account did not exist.
- Required on I(state=present).
type: str
last_name:
description:
- Last name of the user to be created if account did not exist.
- Required on I(state=present) if I(ldap_domain) is not set.
type: str
ldap_type:
choices:
- GROUP
- OU
default: GROUP
description:
- Type of the ldap name. GROUP or OU, defaults to GROUP.
type: str
api_region:
default: cloudstack
description:
- Name of the ini section in the C(cloustack.ini) file.
- If not given, the C(CLOUDSTACK_REGION) env variable is considered.
type: str
api_secret:
description:
- Secret key of the CloudStack API.
- If not set, the C(CLOUDSTACK_SECRET) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
type: str
first_name:
description:
- First name of the user to be created if account did not exist.
- Required on I(state=present) if I(ldap_domain) is not set.
type: str
poll_async:
default: true
description:
- Poll async jobs until job has finished.
type: bool
api_timeout:
description:
- HTTP timeout in seconds.
- If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
- Fallback value is 10 seconds if not specified.
type: int
ldap_domain:
description:
- Name of the LDAP group or OU to bind.
- If set, account will be linked to LDAP.
type: str
account_type:
choices:
- user
- root_admin
- domain_admin
default: user
description:
- Type of the account.
type: str
network_domain:
description:
- Network domain of the account.
type: str
api_http_method:
choices:
- get
- post
description:
- HTTP method used to query the API endpoint.
- If not given, the C(CLOUDSTACK_METHOD) env variable is considered.
- As the last option, the value is taken from the ini config file, also see the notes.
- Fallback value is C(get) if not specified.
type: str
account_type: description: Type of the account. returned: success sample: user type: str domain: description: Domain the account is related. returned: success sample: ROOT type: str id: description: UUID of the account. returned: success sample: 87b1e0ce-4e01-11e4-bb66-0050569e64b8 type: str name: description: Name of the account. returned: success sample: linus@example.com type: str network_domain: description: Network domain of the account. returned: success sample: example.local type: str role: description: The role name of the account returned: success sample: Domain Admin type: str state: description: State of the account. returned: success sample: enabled type: str