community.vmware.vmware_host_lockdown (4.2.0) — module

Install collection

Install with ansible-galaxy collection install community.vmware:==4.2.0

Add to requirements.yml

  collections:
    - name: community.vmware
      version: 4.2.0

Description

This module can be used to manage administrator permission for the local administrative account for the host when ESXi hostname is given.

All parameters and VMware objects values are case sensitive.

This module is destructive as administrator permission are managed using APIs used, please read options carefully and proceed.

Please specify O(hostname) as vCenter IP or hostname only, as lockdown operations are not possible from standalone ESXi server.

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Enter host system into lockdown mode
  community.vmware.vmware_host_lockdown:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    esxi_hostname: '{{ esxi_hostname }}'
    state: normal
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Exit host systems from lockdown mode
  community.vmware.vmware_host_lockdown:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    esxi_hostname: '{{ esxi_hostname }}'
    state: disabled
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Enter host systems into lockdown mode
  community.vmware.vmware_host_lockdown:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    esxi_hostname:
        - '{{ esxi_hostname_1 }}'
        - '{{ esxi_hostname_2 }}'
    state: normal
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Exit host systems from lockdown mode
  community.vmware.vmware_host_lockdown:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    esxi_hostname:
        - '{{ esxi_hostname_1 }}'
        - '{{ esxi_hostname_2 }}'
    state: disabled
  delegate_to: localhost

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Enter all host system from cluster into lockdown mode
  community.vmware.vmware_host_lockdown:
    hostname: '{{ vcenter_hostname }}'
    username: '{{ vcenter_username }}'
    password: '{{ vcenter_password }}'
    cluster_name: '{{ cluster_name }}'
    state: normal
  delegate_to: localhost

Inputs

    
port:
    default: 443
    description:
    - The port number of the vSphere vCenter or ESXi server.
    - If the value is not specified in the task, the value of environment variable E(VMWARE_PORT)
      will be used instead.
    type: int

state:
    choices:
    - disabled
    - normal
    - strict
    default: normal
    description:
    - State of hosts system
    - If set to V(disabled), all host systems will be removed from lockdown mode.
    - If host system is already out of lockdown mode and set to V(disabled), no action
      will be taken.
    - If set to V(normal), all host systems will be set in lockdown mode.
    - If host system is already in lockdown mode and set to V(normal), no action will
      be taken.
    - If set to V(strict), all host systems will be set in strict lockdown mode.
    - If host system is already in strict lockdown mode and set to V(strict), no action
      will be taken.
    type: str

hostname:
    description:
    - The hostname or IP address of the vSphere vCenter or ESXi server.
    - If the value is not specified in the task, the value of environment variable E(VMWARE_HOST)
      will be used instead.
    type: str

password:
    aliases:
    - pass
    - pwd
    description:
    - The password of the vSphere vCenter or ESXi server.
    - If the value is not specified in the task, the value of environment variable E(VMWARE_PASSWORD)
      will be used instead.
    type: str

username:
    aliases:
    - admin
    - user
    description:
    - The username of the vSphere vCenter or ESXi server.
    - If the value is not specified in the task, the value of environment variable E(VMWARE_USER)
      will be used instead.
    type: str

proxy_host:
    description:
    - Address of a proxy that will receive all HTTPS requests and relay them.
    - The format is a hostname or a IP.
    - If the value is not specified in the task, the value of environment variable E(VMWARE_PROXY_HOST)
      will be used instead.
    required: false
    type: str

proxy_port:
    description:
    - Port of the HTTP proxy that will receive all HTTPS requests and relay them.
    - If the value is not specified in the task, the value of environment variable E(VMWARE_PROXY_PORT)
      will be used instead.
    required: false
    type: int

cluster_name:
    description:
    - Name of cluster.
    - All host systems from given cluster used to manage lockdown.
    - Required parameter, if O(esxi_hostname) is not set.
    type: str

esxi_hostname:
    description:
    - List of ESXi hostname to manage lockdown.
    - Required parameter, if O(cluster_name) is not set.
    - See examples for specifications.
    elements: str
    type: list

validate_certs:
    default: true
    description:
    - Allows connection when SSL certificates are not valid. Set to V(false) when certificates
      are not trusted.
    - If the value is not specified in the task, the value of environment variable E(VMWARE_VALIDATE_CERTS)
      will be used instead.
    type: bool

Outputs

results:
  description: metadata about state of Host system lock down
  returned: always
  sample:
    host_lockdown_state:
      DC0_C0:
        current_state: normal
        desired_state: normal
        previous_state: disabled
  type: dict