community / community.mongodb / 1.6.1 / module / mongodb_role Adds or removes a role from a MongoDB database | "added in version" 1.5.0 of community.mongodb" Authors: Rhys Campbell (@rhysmeister)community.mongodb.mongodb_role (1.6.1) — module
Install with ansible-galaxy collection install community.mongodb:==1.6.1
collections: - name: community.mongodb version: 1.6.1
Adds or removes a role from a MongoDB database.
For further information on the required format for the privileges, authenticationRestriction or roles parameters, see the MongoDB Documentation https://www.mongodb.com/docs/manual/reference/command/createRole/
- name: Create sales role community.mongodb.mongodb_role: name: sales database: salesdb privileges: - resource: db: salesdb collection: "" actions: - find state: present
- name: Create ClusterAdmin Role community.mongodb.mongodb_role: name: myClusterwideAdmin database: admin privileges: - resource: cluster: true actions: - addShard - resource: db: config collection: "" actions: - find - update - insert - remove - resource: db: "users" collection: "usersCollection" actions: - update - insert - remove - resource: db: "" collection: "" actions: - find roles: - role: "read" db: "admin" state: present
- name: Create ClusterAdmin Role with a login only from 127.0.0.1 restriction community.mongodb.mongodb_role: name: myClusterwideAdmin database: admin privileges: - resource: cluster: true actions: - addShard - resource: db: config collection: "" actions: - find - update - insert - resource: db: "users" collection: "usersCollection" actions: - update - insert - remove - resource: db: "" collection: "" actions: - find roles: - role: "read" db: "admin" - role: "read" db: "mynewdb" authenticationRestrictions: - clientSource: - "127.0.0.1" serverAddress: [] state: present
- name: Delete sales role community.mongodb.mongodb_role: name: sales database: "salesdb" state: absent
- name: Delete myClusterwideAdmin role community.mongodb.mongodb_role: name: myClusterwideAdmin database: admin state: absent
ssl: aliases: - tls default: false description: - Whether to use an SSL connection when connecting to the database. required: false type: bool name: aliases: - user description: - The name of the role to add or remove. required: true type: str debug: default: false description: - Enable extra debugging output. type: bool roles: default: [] description: - 'The database user roles should be provided as a dictionary with the db and role keys. ' elements: raw type: list state: choices: - absent - present default: present description: - The database user state. type: str database: aliases: - db description: - The name of the database to add/remove the role from. required: true type: str atlas_auth: default: false description: - Authentication path intended for MongoDB Atlas Instances type: bool login_host: default: localhost description: - The host running MongoDB instance to login to. required: false type: str login_port: default: 27017 description: - The MongoDB server port to login to. required: false type: int login_user: description: - The MongoDB user to login with. - Required when I(login_password) is specified. required: false type: str privileges: default: [] description: - 'The privileges to grant the role. A privilege consists of a resource and permitted actions. ' elements: raw type: list replica_set: description: - Replica set to connect to (automatically connects to primary for writes). type: str ssl_crlfile: description: - The ssl_crlfile option takes a path to a CRL file. required: false type: str ssl_keyfile: description: - Private key for the client certificate. required: false type: str ssl_ca_certs: aliases: - tlsCAFile description: - The ssl_ca_certs option takes a path to a CA file. required: false type: str ssl_certfile: aliases: - tlsCertificateKeyFile description: - Present a client certificate using the ssl_certfile option. required: false type: str ssl_cert_reqs: aliases: - tlsAllowInvalidCertificates choices: - CERT_NONE - CERT_OPTIONAL - CERT_REQUIRED default: CERT_REQUIRED description: - Specifies whether a certificate is required from the other side of the connection, and whether it will be validated if provided. required: false type: str auth_mechanism: choices: - SCRAM-SHA-256 - SCRAM-SHA-1 - MONGODB-X509 - GSSAPI - PLAIN description: - Authentication type. required: false type: str login_database: default: admin description: - The database where login credentials are stored. required: false type: str login_password: description: - The password used to authenticate with. - Required when I(login_user) is specified. required: false type: str connection_options: description: - Additional connection options. - Supply as a list of dicts or strings containing key value pairs seperated with '='. elements: raw required: false type: list ssl_pem_passphrase: aliases: - tlsCertificateKeyFilePassword description: - Passphrase to decrypt encrypted private keys. required: false type: str strict_compatibility: default: true description: - Enforce strict requirements for pymongo and MongoDB software versions type: bool authenticationRestrictions: default: [] description: - 'The authentication restrictions the server enforces on the role. Specifies a list of IP addresses and CIDR ranges users granted this role are allowed to connect to and/or which they can connect from. Provide a list of dictionaries with the following fields: clientSource (list), serverAddress (list). Provide an empty list if you don''t want to use the field. ' elements: raw type: list
user: description: The name of the role to add or remove. returned: success type: str