/ home / community / community.general / 8.5.0 / module / rundeck_acl_policy

community.general.rundeck_acl_policy (8.5.0) — module

Manage Rundeck ACL policies

Authors: Loic Blot (@nerzhul)

Install collection

Install with ansible-galaxy collection install community.general:==8.5.0

Add to requirements.yml

  collections:
    - name: community.general
      version: 8.5.0

Description

Create, update and remove Rundeck ACL policies through HTTP API.

Usage examples

Scanned by Steampunk Spotter

- name: Create or update a rundeck ACL policy in project Ansible
  community.general.rundeck_acl_policy:
    name: "Project_01"
    api_version: 18
    url: "https://rundeck.example.org"
    token: "mytoken"
    state: present
    project: "Ansible"
    policy:
      description: "my policy"
      context:
        application: rundeck
      for:
        project:
          - allow: read
      by:
        group: "build"

Scanned by Steampunk Spotter

- name: Remove a rundeck system policy
  community.general.rundeck_acl_policy:
    name: "Project_01"
    url: "https://rundeck.example.org"
    token: "mytoken"
    state: absent

Inputs

    
url:
    description:
    - HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
    required: true
    type: str

name:
    description:
    - Sets the project name.
    required: true
    type: str

force:
    default: false
    description:
    - If V(yes) do not get a cached copy.
    type: bool
    version_added: 0.2.0
    version_added_collection: community.general

state:
    choices:
    - present
    - absent
    default: present
    description:
    - Create or remove Rundeck project.
    type: str

policy:
    description:
    - Sets the ACL policy content.
    - ACL policy content is a YAML object as described in http://rundeck.org/docs/man5/aclpolicy.html.
    - It can be a YAML string or a pure Ansible inventory YAML object.
    type: str

project:
    description:
    - Sets the project which receive the ACL policy.
    - If unset, it's a system ACL policy.
    type: str

api_token:
    aliases:
    - token
    description:
    - Sets the token to authenticate against Rundeck API.
    required: true
    type: str

use_proxy:
    default: true
    description:
    - If V(no), it will not use a proxy, even if one is defined in an environment variable
      on the target hosts.
    type: bool
    version_added: 0.2.0
    version_added_collection: community.general

client_key:
    description:
    - PEM formatted file that contains your private key to be used for SSL client authentication.
    - If O(client_cert) contains both the certificate and key, this option is not required.
    type: path
    version_added: 0.2.0
    version_added_collection: community.general

http_agent:
    default: ansible-httpget
    description:
    - Header to identify as, generally appears in web server logs.
    type: str
    version_added: 0.2.0
    version_added_collection: community.general

use_gssapi:
    default: false
    description:
    - Use GSSAPI to perform the authentication, typically this is for Kerberos or Kerberos
      through Negotiate authentication.
    - Requires the Python library L(gssapi,https://github.com/pythongssapi/python-gssapi)
      to be installed.
    - Credentials for GSSAPI can be specified with O(url_username)/O(url_password) or
      with the GSSAPI env var C(KRB5CCNAME) that specified a custom Kerberos credential
      cache.
    - NTLM authentication is B(not) supported even if the GSSAPI mech for NTLM has been
      installed.
    type: bool
    version_added: '2.11'
    version_added_collection: ansible.builtin

api_version:
    default: 39
    description:
    - Rundeck API version to be used.
    - API version must be at least 14.
    type: int

client_cert:
    description:
    - PEM formatted certificate chain file to be used for SSL client authentication.
    - This file can also include the key as well, and if the key is included, O(client_key)
      is not required.
    type: path
    version_added: 0.2.0
    version_added_collection: community.general

url_password:
    description:
    - The password for use in HTTP basic authentication.
    - If the O(url_username) parameter is not specified, the O(url_password) parameter
      will not be used.
    type: str
    version_added: 0.2.0
    version_added_collection: community.general

url_username:
    description:
    - The username for use in HTTP basic authentication.
    - This parameter can be used without O(url_password) for sites that allow empty passwords
    type: str
    version_added: 0.2.0
    version_added_collection: community.general

validate_certs:
    default: true
    description:
    - If V(no), SSL certificates will not be validated.
    - This should only be used on personally controlled sites using self-signed certificates.
    type: bool
    version_added: 0.2.0
    version_added_collection: community.general

force_basic_auth:
    default: false
    description:
    - Credentials specified with O(url_username) and O(url_password) should be passed
      in HTTP Header.
    type: bool
    version_added: 0.2.0
    version_added_collection: community.general

Outputs

after:
  description: Dictionary containing ACL policy information after modification.
  returned: success
  type: dict
before:
  description: Dictionary containing ACL policy information before modification.
  returned: success
  type: dict
rundeck_response:
  description: Rundeck response when a failure occurs.
  returned: failed
  type: str