freeipa / freeipa.ansible_freeipa / 1.8.4 / module / ipadelegation Manage FreeIPA delegations Authors: unknown preview | supported by communityfreeipa.ansible_freeipa.ipadelegation (1.8.4) — module
Install with ansible-galaxy collection install freeipa.ansible_freeipa:==1.8.4
collections: - name: freeipa.ansible_freeipa version: 1.8.4
Manage FreeIPA delegations and delegation attributes
# Ensure delegation "basic manager attributes" is present - freeipa.ansible_freeipa.ipadelegation: ipaadmin_password: SomeADMINpassword name: "basic manager attributes" permission: read attribute: - businesscategory - employeetype group: managers membergroup: employees
# Ensure delegation "basic manager attributes" member attribute # departmentnumber is present - freeipa.ansible_freeipa.ipadelegation: ipaadmin_password: SomeADMINpassword name: "basic manager attributes" attribute: - departmentnumber action: member
# Ensure delegation "basic manager attributes" member attributes # employeetype and employeenumber are present - freeipa.ansible_freeipa.ipadelegation: ipaadmin_password: SomeADMINpassword name: "basic manager attributes" attribute: - employeenumber - employeetype action: member state: absent
# Ensure delegation "basic manager attributes" is absent - freeipa.ansible_freeipa.ipadelegation: ipaadmin_password: SomeADMINpassword name: "basic manager attributes" state: absent
name: aliases: - aciname description: The list of delegation name strings. required: true group: description: User group ACI grants access to required: false state: choices: - present - absent default: present description: The state to ensure. required: true action: choices: - delegation - member default: delegation description: Work on delegation or member level. required: false attribute: aliases: - attrs description: Attribute list to which the delegation applies required: false permission: aliases: - permissions description: Permissions to grant (read, write). Default is write. required: false membergroup: aliases: - memberof description: User group to apply delegation to required: false ipaapi_context: choices: - server - client description: 'The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. ' required: false ipaadmin_password: description: The admin password. required: false ipaapi_ldap_cache: default: true description: Use LDAP cache for IPA connection. type: bool ipaadmin_principal: default: admin description: The admin principal.