Try SpotterManagement of resource policy_profiles in ManageIQ
Authors: Daniel Korn (@dkorn)
Install with ansible-galaxy collection install community.general:==8.5.0
collections:
- name: community.general
version: 8.5.0The manageiq_policies module supports adding and deleting policy_profiles in ManageIQ.
- name: Assign new policy_profile for a provider in ManageIQ
community.general.manageiq_policies:
resource_name: 'EngLab'
resource_type: 'provider'
policy_profiles:
- name: openscap profile
manageiq_connection:
url: 'http://127.0.0.1:3000'
username: 'admin'
password: 'smartvm'
validate_certs: false # only do this when you trust the network!
- name: Unassign a policy_profile for a provider in ManageIQ
community.general.manageiq_policies:
state: absent
resource_name: 'EngLab'
resource_type: 'provider'
policy_profiles:
- name: openscap profile
manageiq_connection:
url: 'http://127.0.0.1:3000'
username: 'admin'
password: 'smartvm'
validate_certs: false # only do this when you trust the network!
state:
choices:
- absent
- present
default: present
description:
- V(absent) - policy_profiles should not exist,
- V(present) - policy_profiles should exist,
type: str
resource_id:
description:
- The ID of the resource to which the profile should be [un]assigned.
- Must be specified if O(resource_name) is not set. Both options are mutually exclusive.
type: int
version_added: 2.2.0
version_added_collection: community.general
resource_name:
description:
- The name of the resource to which the profile should be [un]assigned.
- Must be specified if O(resource_id) is not set. Both options are mutually exclusive.
type: str
resource_type:
choices:
- provider
- host
- vm
- blueprint
- category
- cluster
- data store
- group
- resource pool
- service
- service template
- template
- tenant
- user
description:
- The type of the resource to which the profile should be [un]assigned.
required: true
type: str
policy_profiles:
description:
- List of dictionaries, each includes the policy_profile V(name) key.
- Required if O(state) is V(present) or V(absent).
elements: dict
type: list
manageiq_connection:
description:
- ManageIQ connection configuration information.
required: false
suboptions:
ca_cert:
aliases:
- ca_bundle_path
description:
- The path to a CA bundle file or directory with certificates.
type: str
password:
description:
- ManageIQ password. E(MIQ_PASSWORD) environment variable if set. Otherwise, required
if no token is passed in.
type: str
token:
description:
- ManageIQ token. E(MIQ_TOKEN) environment variable if set. Otherwise, required
if no username or password is passed in.
type: str
url:
description:
- ManageIQ environment URL. E(MIQ_URL) environment variable if set. Otherwise,
it is required to pass it.
required: false
type: str
username:
description:
- ManageIQ username. E(MIQ_USERNAME) environment variable if set. Otherwise, required
if no token is passed in.
type: str
validate_certs:
aliases:
- verify_ssl
default: true
description:
- Whether SSL certificates should be verified for HTTPS requests.
type: bool
type: dict
manageiq_policies:
description:
- List current policy_profile and policies for a provider in ManageIQ
returned: always
sample: '{ "changed": false, "profiles": [ { "policies": [ { "active": true, "description":
"OpenSCAP", "name": "openscap policy" }, { "active": true, "description": "Analyse
incoming container images", "name": "analyse incoming container images" }, { "active":
true, "description": "Schedule compliance after smart state analysis", "name":
"schedule compliance after smart state analysis" } ], "profile_description": "OpenSCAP
profile", "profile_name": "openscap profile" } ] }'
type: dict