redhat_cop / redhat_cop.ah_configuration / 0.8.0 / module / ah_group_perm Manage group permissions | "added in version" 0.4.3 of redhat_cop.ah_configuration" Authors: Herve Quatremain (@herve4m)redhat_cop.ah_configuration.ah_group_perm (0.8.0) — module
Install with ansible-galaxy collection install redhat_cop.ah_configuration:==0.8.0
collections: - name: redhat_cop.ah_configuration version: 0.8.0
Add and remove permissions for a group.
- name: Ensure the operators have the correct permissions to manage users redhat_cop.ah_configuration.ah_group_perm: name: operators perms: - add_user - change_user - delete_user - view_user state: present ah_host: hub.example.com ah_username: admin ah_password: Sup3r53cr3t
- name: Ensure the administrators have all the permissions redhat_cop.ah_configuration.ah_group_perm: name: administrators perms: "*" state: present ah_host: hub.example.com ah_username: admin ah_password: Sup3r53cr3t
- name: Ensure the developers cannot manage groups nor users redhat_cop.ah_configuration.ah_group_perm: name: developers perms: - add_user - change_user - delete_user - add_group - change_group - delete_group state: absent ah_host: hub.example.com ah_username: admin ah_password: Sup3r53cr3t
name: description: - Name of the group. required: true type: str perms: description: - The list of permissions to add to or remove from the given group. - The module accepts the following roles. - For user management, C(add_user), C(change_user), C(delete_user), and C(view_user). - For group management, C(add_group), C(change_group), C("delete_group"), and C(view_group). - For collection namespace management, C(add_namespace), C(change_namespace), C(upload_to_namespace), and C(delete_namespace). - For collection content management, C(modify_ansible_repo_content), and C(delete_collection). - For remote repository configuration, C(change_collectionremote), and C(view_collectionremote). - For container image management, only with private automation hub v4.3.2 or later, C(change_containernamespace_perms), C(change_container), C(change_image_tag), C(create_container), and C(push_container), and C(delete_containerrepository). - For remote registry management, C(add_containerregistryremote), C(change_containerregistryremote), and C(delete_containerregistryremote). - For task management, C(change_task), C(view_task), and C(delete_task). - You can also grant or revoke all permissions with C(*) or C(all). elements: str required: true type: list state: choices: - absent - present default: present description: - If C(absent), then the module removes the listed permissions from the group. If the group has permissions that are not listed in C(perms), then the module does not remove those pre-existing permissions. - If C(present), then the module adds the listed permissions to the group. The module does not remove the permissions that the group already has. type: str ah_host: aliases: - ah_hostname description: - URL to Ansible Galaxy or Automation Hub instance. - If value not set, will try environment variable C(AH_HOST) - If value not specified by any means, the value of C(127.0.0.1) will be used type: str ah_password: description: - Password for your Ansible Galaxy or Automation Hub instance. - If value not set, will try environment variable C(AH_PASSWORD) type: str ah_username: description: - Username for your Ansible Galaxy or Automation Hub instance. - If value not set, will try environment variable C(AH_USERNAME) type: str ah_path_prefix: description: - API path used to access the api. - For galaxy_ng this is either 'automation-hub' or the custom prefix used on install with GALAXY_API_PATH_PREFIX - For Automation Hub this is 'galaxy' type: str validate_certs: aliases: - ah_verify_ssl description: - Whether to allow insecure connections to Galaxy or Automation Hub Server. - If C(no), SSL certificates will not be validated. - This should only be used on personally controlled sites using self-signed certificates. - If value not set, will try environment variable C(AH_VERIFY_SSL) type: bool