community / community.vmware / 0.4.0 / module / vmware_local_role_manager Manage local roles on an ESXi host Authors: Abhijeet Kasurde (@Akasurde), Christian Kotte (@ckotte) preview | supported by communitycommunity.vmware.vmware_local_role_manager (0.4.0) — module
Install with ansible-galaxy collection install community.vmware:==0.4.0
collections: - name: community.vmware version: 0.4.0
This module can be used to manage local roles on an ESXi host.
- name: Add local role to ESXi vmware_local_role_manager: hostname: '{{ esxi_hostname }}' username: '{{ esxi_username }}' password: '{{ esxi_password }}' local_role_name: vmware_qa state: present delegate_to: localhost
- name: Add local role with privileges to ESXi vmware_local_role_manager: hostname: '{{ esxi_hostname }}' username: '{{ esxi_username }}' password: '{{ esxi_password }}' local_role_name: vmware_qa local_privilege_ids: [ 'Folder.Create', 'Folder.Delete'] state: present delegate_to: localhost
- name: Remove local role from ESXi vmware_local_role_manager: hostname: '{{ esxi_hostname }}' username: '{{ esxi_username }}' password: '{{ esxi_password }}' local_role_name: vmware_qa state: absent delegate_to: localhost
- name: Add a privilege to an existing local role vmware_local_role_manager: hostname: '{{ esxi_hostname }}' username: '{{ esxi_username }}' password: '{{ esxi_password }}' local_role_name: vmware_qa local_privilege_ids: [ 'Folder.Create' ] action: add delegate_to: localhost
- name: Remove a privilege to an existing local role vmware_local_role_manager: hostname: '{{ esxi_hostname }}' username: '{{ esxi_username }}' password: '{{ esxi_password }}' local_role_name: vmware_qa local_privilege_ids: [ 'Folder.Create' ] action: remove delegate_to: localhost
- name: Set a privilege to an existing local role vmware_local_role_manager: hostname: '{{ esxi_hostname }}' username: '{{ esxi_username }}' password: '{{ esxi_password }}' local_role_name: vmware_qa local_privilege_ids: [ 'Folder.Create' ] action: set delegate_to: localhost
port: default: 443 description: - The port number of the vSphere vCenter or ESXi server. - If the value is not specified in the task, the value of environment variable C(VMWARE_PORT) will be used instead. - Environment variable support added in Ansible 2.6. type: int state: choices: - present - absent default: present description: - Indicate desired state of the role. - If the role already exists when C(state=present), the role info is updated. type: str action: choices: - add - remove - set default: set description: - This parameter is only valid while updating an existing role with privileges. - C(add) will add the privileges to the existing privilege list. - C(remove) will remove the privileges from the existing privilege list. - C(set) will replace the privileges of the existing privileges with user defined list of privileges. type: str hostname: description: - The hostname or IP address of the vSphere vCenter or ESXi server. - If the value is not specified in the task, the value of environment variable C(VMWARE_HOST) will be used instead. - Environment variable support added in Ansible 2.6. type: str password: aliases: - pass - pwd description: - The password of the vSphere vCenter or ESXi server. - If the value is not specified in the task, the value of environment variable C(VMWARE_PASSWORD) will be used instead. - Environment variable support added in Ansible 2.6. type: str username: aliases: - admin - user description: - The username of the vSphere vCenter or ESXi server. - If the value is not specified in the task, the value of environment variable C(VMWARE_USER) will be used instead. - Environment variable support added in Ansible 2.6. type: str proxy_host: description: - Address of a proxy that will receive all HTTPS requests and relay them. - The format is a hostname or a IP. - If the value is not specified in the task, the value of environment variable C(VMWARE_PROXY_HOST) will be used instead. - This feature depends on a version of pyvmomi greater than v6.7.1.2018.12 required: false type: str proxy_port: description: - Port of the HTTP proxy that will receive all HTTPS requests and relay them. - If the value is not specified in the task, the value of environment variable C(VMWARE_PROXY_PORT) will be used instead. required: false type: int force_remove: default: false description: - If set to C(False) then prevents the role from being removed if any permissions are using it. type: bool validate_certs: default: true description: - Allows connection when SSL certificates are not valid. Set to C(false) when certificates are not trusted. - If the value is not specified in the task, the value of environment variable C(VMWARE_VALIDATE_CERTS) will be used instead. - Environment variable support added in Ansible 2.6. - If set to C(yes), please make sure Python >= 2.7.9 is installed on the given machine. type: bool local_role_name: description: - The local role name to be managed. required: true type: str local_privilege_ids: default: [] description: - The list of privileges that role needs to have. - Please see U(https://docs.vmware.com/en/VMware-vSphere/6.0/com.vmware.vsphere.security.doc/GUID-ED56F3C4-77D0-49E3-88B6-B99B8B437B62.html) type: list
local_role_name: description: Name of local role returned: always type: str new_privileges: description: List of privileges returned: always type: list old_privileges: description: List of privileges of role before the update returned: on update type: list privileges: description: List of privileges returned: always type: list privileges_previous: description: List of privileges of role before the update returned: on update type: list role_id: description: ESXi generated local role id returned: always type: int role_name: description: Name of local role returned: always type: str