ovirt / ovirt.ovirt_collection / 1.0.2 / module / ovirt_auth Module to manage authentication to oVirt/RHV | "added in version" 1.0.0 of ovirt.ovirt_collection" Authors: Ondra Machacek (@machacekondra) preview | supported by communityovirt.ovirt_collection.ovirt_auth (1.0.2) — module
Install with ansible-galaxy collection install ovirt.ovirt_collection:==1.0.2
collections: - name: ovirt.ovirt_collection version: 1.0.2
This module authenticates to oVirt/RHV engine and creates SSO token, which should be later used in all other oVirt/RHV modules, so all modules don't need to perform login and logout. This module returns an Ansible fact called I(ovirt_auth). Every module can use this fact as C(auth) parameter, to perform authentication.
- block: # Create a vault with `ovirt_password` variable which store your # oVirt/RHV user's password, and include that yaml file with variable: - include_vars: ovirt_password.yml - name: Obtain SSO token with using username/password credentials ovirt_auth: url: https://ovirt.example.com/ovirt-engine/api username: admin@internal ca_file: ca.pem password: "{{ ovirt_password }}" # Previous task generated I(ovirt_auth) fact, which you can later use # in different modules as follows: - ovirt_vm: auth: "{{ ovirt_auth }}" state: absent name: myvm always: - name: Always revoke the SSO token ovirt_auth: state: absent ovirt_auth: "{{ ovirt_auth }}"
# When user will set following environment variables: # OVIRT_URL = https://fqdn/ovirt-engine/api # OVIRT_USERNAME = admin@internal # OVIRT_PASSWORD = the_password # User can login the oVirt using environment variable instead of variables # in yaml file. # This is mainly useful when using Ansible Tower or AWX, as it will work # for Red Hat Virtualization credentials type. - name: Obtain SSO token ovirt_auth: state: present
url: description: - 'A string containing the API URL of the server. For example: I(https://server.example.com/ovirt-engine/api). Default value is set by I(OVIRT_URL) environment variable.' - Either C(url) or C(hostname) is required. required: false state: choices: - present - absent default: present description: - Specifies if a token should be created or revoked. token: description: - SSO token to be used instead of login with username/password. Default value is set by I(OVIRT_TOKEN) environment variable. required: false ca_file: description: - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If C(ca_file) parameter is not set, system wide CA certificate store is used. Default value is set by I(OVIRT_CAFILE) environment variable. required: false headers: description: - A dictionary of HTTP headers to be added to each API call. required: false timeout: description: - The maximum total time to wait for the response, in seconds. A value of zero (the default) means wait forever. If the timeout expires before the response is received an exception will be raised. required: false compress: description: - A boolean flag indicating if the SDK should ask the server to send compressed responses. The default is I(True). Note that this is a hint for the server, and that it may return uncompressed data even when this parameter is set to I(True). required: false type: bool hostname: description: - 'A string containing the hostname of the server. For example: I(server.example.com). Default value is set by I(OVIRT_HOSTNAME) environment variable.' - Either C(url) or C(hostname) is required. required: false insecure: description: - A boolean flag that indicates if the server TLS certificate and host name should be checked. required: false type: bool kerberos: description: - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication. required: false type: bool password: description: - The password of the user. Default value is set by I(OVIRT_PASSWORD) environment variable. required: false username: description: - 'The name of the user. For example: I(admin@internal) Default value is set by I(OVIRT_USERNAME) environment variable.' required: false
ovirt_auth: contains: ca_file: description: CA file, which is used to verify SSL/TLS connection. returned: success sample: ca.pem type: str compress: description: Flag indicating if compression is used for connection. returned: success sample: true type: bool headers: description: Dictionary of HTTP headers to be added to each API call. returned: success type: dict insecure: description: Flag indicating if insecure connection is used. returned: success sample: false type: bool kerberos: description: Flag indicating if kerberos is used for authentication. returned: success sample: false type: bool timeout: description: Number of seconds to wait for response. returned: success sample: 0 type: int token: description: SSO token which is used for connection to oVirt/RHV engine. returned: success sample: kdfVWp9ZgeewBXV-iq3Js1-xQJZPSEQ334FLb3eksoEPRaab07DhZ8ED8ghz9lJd-MQ2GqtRIeqhvhCkrUWQPw type: str url: description: URL of the oVirt/RHV engine API endpoint. returned: success sample: https://ovirt.example.com/ovirt-engine/api type: str description: Authentication facts, needed to perform authentication to oVirt/RHV. returned: success type: complex