freeipa / freeipa.ansible_freeipa / 1.8.4 / module / ipaprivilege Manage FreeIPA privilege Authors: unknown preview | supported by communityfreeipa.ansible_freeipa.ipaprivilege (1.8.4) — module
Install with ansible-galaxy collection install freeipa.ansible_freeipa:==1.8.4
collections: - name: freeipa.ansible_freeipa version: 1.8.4
Manage FreeIPA privilege and privilege members
# Ensure privilege "Broad Privilege" is present - freeipa.ansible_freeipa.ipaprivilege: ipaadmin_password: SomeADMINpassword name: Broad Privilege description: Broad Privilege
# Ensure privilege "Broad Privilege" has permissions set - freeipa.ansible_freeipa.ipaprivilege: ipaadmin_password: SomeADMINpassword name: Broad Privilege permission: - "Write IPA Configuration" - "System: Write DNS Configuration" - "System: Update DNS Entries" action: member
# Ensure privilege member permission 'Write IPA Configuration' is absent - freeipa.ansible_freeipa.ipaprivilege: ipaadmin_password: SomeADMINpassword name: Broad Privilege permission: - "Write IPA Configuration" action: member state: absent
# Rename privilege "Broad Privilege" to "DNS Special Privilege" - freeipa.ansible_freeipa.ipaprivilege: ipaadmin_password: SomeADMINpassword name: Broad Privilege rename: DNS Special Privilege state: renamed
# Ensure privilege "DNS Special Privilege" is absent - freeipa.ansible_freeipa.ipaprivilege: ipaadmin_password: SomeADMINpassword name: DNS Special Privilege state: absent
name: aliases: - cn description: The list of privilege name strings. required: true state: choices: - present - absent - renamed default: present description: The state to ensure. required: true action: choices: - privilege - member default: privilege description: Work on privilege or member level. required: false rename: aliases: - new_name description: Rename the privilege object. required: false permission: description: Permissions to be added to the privilege. required: false description: description: Privilege description required: false ipaapi_context: choices: - server - client description: 'The context in which the module will execute. Executing in a server context is preferred. If not provided context will be determined by the execution environment. ' required: false ipaadmin_password: description: The admin password. required: false ipaapi_ldap_cache: default: true description: Use LDAP cache for IPA connection. type: bool ipaadmin_principal: default: admin description: The admin principal.