delowan / delowan.googlecloud / 1.0.2 / module / gcp_iam_role Creates a GCP Role Authors: Google Inc. (@googlecloudplatform) preview | supported by communitydelowan.googlecloud.gcp_iam_role (1.0.2) — module
Install with ansible-galaxy collection install delowan.googlecloud:==1.0.2
collections: - name: delowan.googlecloud version: 1.0.2
A role in the Identity and Access Management API .
- name: create a role google.cloud.gcp_iam_role: name: myCustomRole2 title: My Custom Role description: My custom role description included_permissions: - iam.roles.list - iam.roles.create - iam.roles.delete project: test_project auth_kind: serviceaccount service_account_file: "/tmp/auth.pem" state: present
name: description: - The name of the role. required: true type: str stage: description: - The current launch stage of the role. - 'Some valid choices include: "ALPHA", "BETA", "GA", "DEPRECATED", "DISABLED", "EAP"' required: false type: str state: choices: - present - absent default: present description: - Whether the given object should exist in GCP type: str title: description: - A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes. required: false type: str scopes: description: - Array of scopes to be used elements: str type: list project: description: - The Google Cloud Platform project to use. type: str env_type: description: - Specifies which Ansible environment you're running this module within. - This should not be set unless you know what you're doing. - This only alters the User Agent string for any API requests. type: str auth_kind: choices: - application - machineaccount - serviceaccount description: - The type of credential used. required: true type: str description: description: - Human-readable description for the role. required: false type: str included_permissions: description: - Names of permissions this role grants when bound in an IAM policy. elements: str required: false type: list service_account_file: description: - The path of a Service Account JSON file if serviceaccount is selected as type. type: path service_account_email: description: - An optional service account email address if machineaccount is selected and the user does not wish to use the default email. type: str service_account_contents: description: - The contents of a Service Account JSON file, either in a dictionary or as a JSON string that represents it. type: jsonarg
deleted: description: - The current deleted state of the role. returned: success type: bool description: description: - Human-readable description for the role. returned: success type: str includedPermissions: description: - Names of permissions this role grants when bound in an IAM policy. returned: success type: list name: description: - The name of the role. returned: success type: str stage: description: - The current launch stage of the role. returned: success type: str title: description: - A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes. returned: success type: str