ngine_io / ngine_io.cloudstack / 2.3.0 / module / cs_role_permission Manages role permissions on Apache CloudStack based clouds. | "added in version" 0.1.0 of ngine_io.cloudstack" Authors: David Passante (@dpassante)ngine_io.cloudstack.cs_role_permission (2.3.0) — module
Install with ansible-galaxy collection install ngine_io.cloudstack:==2.3.0
collections: - name: ngine_io.cloudstack version: 2.3.0
Create, update and remove CloudStack role permissions.
Managing role permissions only supported in CloudStack >= 4.9.
- name: Create a role permission ngine_io.cloudstack.cs_role_permission: role: My_Custom_role name: createVPC permission: allow description: My comments
- name: Remove a role permission ngine_io.cloudstack.cs_role_permission: state: absent role: My_Custom_role name: createVPC
- name: Update a system role permission ngine_io.cloudstack.cs_role_permission: role: Domain Admin name: createVPC permission: deny
- name: Update rules order. Move the rule at the top of list ngine_io.cloudstack.cs_role_permission: role: Domain Admin name: createVPC parent: 0
name: description: - The API name of the permission. required: true type: str role: description: - Name or ID of the role. required: true type: str state: choices: - present - absent default: present description: - State of the role permission. type: str parent: description: - The parent role permission uuid. use 0 to move this rule at the top of the list. type: str api_key: description: - API key of the CloudStack API. - If not given, the C(CLOUDSTACK_KEY) env variable is considered. required: true type: str api_url: description: - URL of the CloudStack API e.g. https://cloud.example.com/client/api. - If not given, the C(CLOUDSTACK_ENDPOINT) env variable is considered. required: true type: str api_secret: description: - Secret key of the CloudStack API. - If not set, the C(CLOUDSTACK_SECRET) env variable is considered. required: true type: str permission: choices: - allow - deny default: deny description: - The rule permission, allow or deny. Defaulted to deny. type: str api_timeout: default: 10 description: - HTTP timeout in seconds. - If not given, the C(CLOUDSTACK_TIMEOUT) env variable is considered. type: int description: description: - The description of the role permission. type: str api_http_method: choices: - get - post default: get description: - HTTP method used to query the API endpoint. - If not given, the C(CLOUDSTACK_METHOD) env variable is considered. type: str api_verify_ssl_cert: description: - Verify CA authority cert file. - If not given, the C(CLOUDSTACK_VERIFY) env variable is considered. type: str
description: description: The description of the role permission returned: success sample: Deny createVPC for users type: str id: description: The ID of the role permission. returned: success sample: a6f7a5fc-43f8-11e5-a151-feff819cdc9f type: str name: description: The API name of the permission. returned: success sample: createVPC type: str permission: description: The permission type of the api name. returned: success sample: allow type: str role_id: description: The ID of the role to which the role permission belongs. returned: success sample: c6f7a5fc-43f8-11e5-a151-feff819cdc7f type: str