Try SpotterManage group permissions
| "added in version" 0.4.3 of redhat_cop.ah_configuration"
Authors: Herve Quatremain (@herve4m)
Install with ansible-galaxy collection install redhat_cop.ah_configuration:==0.9.2
collections:
- name: redhat_cop.ah_configuration
version: 0.9.2Add and remove permissions for a group.
- name: Ensure the operators have the correct permissions to manage users
redhat_cop.ah_configuration.ah_group_perm:
name: operators
perms:
- add_user
- change_user
- delete_user
- view_user
state: present
ah_host: hub.example.com
ah_username: admin
ah_password: Sup3r53cr3t
- name: Ensure the administrators have all the permissions
redhat_cop.ah_configuration.ah_group_perm:
name: administrators
perms: "*"
state: present
ah_host: hub.example.com
ah_username: admin
ah_password: Sup3r53cr3t
- name: Ensure the developers cannot manage groups nor users
redhat_cop.ah_configuration.ah_group_perm:
name: developers
perms:
- add_user
- change_user
- delete_user
- add_group
- change_group
- delete_group
state: absent
ah_host: hub.example.com
ah_username: admin
ah_password: Sup3r53cr3t
name:
description:
- Name of the group.
required: true
type: str
perms:
description:
- The list of permissions to add to or remove from the given group.
- The module accepts the following roles.
- For user management, C(add_user), C(change_user), C(delete_user), and C(view_user).
- For group management, C(add_group), C(change_group), C("delete_group"), and C(view_group).
- For collection namespace management, C(add_namespace), C(change_namespace), C(upload_to_namespace),
and C(delete_namespace).
- For collection content management, C(modify_ansible_repo_content), and C(delete_collection).
- For remote repository configuration, C(change_collectionremote), and C(view_collectionremote).
- For container image management, only with private automation hub v4.3.2 or later,
C(change_containernamespace_perms), C(change_container), C(change_image_tag), C(create_container),
and C(push_container), and C(delete_containerrepository).
- For remote registry management, C(add_containerregistryremote), C(change_containerregistryremote),
and C(delete_containerregistryremote).
- For task management, C(change_task), C(view_task), and C(delete_task).
- You can also grant or revoke all permissions with C(*) or C(all).
elements: str
required: true
type: list
state:
choices:
- absent
- present
default: present
description:
- If C(absent), then the module removes the listed permissions from the group. If
the group has permissions that are not listed in C(perms), then the module does
not remove those pre-existing permissions.
- If C(present), then the module adds the listed permissions to the group. The module
does not remove the permissions that the group already has.
type: str
ah_host:
aliases:
- ah_hostname
description:
- URL to Ansible Galaxy or Automation Hub instance.
- If value not set, will try environment variable C(AH_HOST)
- If value not specified by any means, the value of C(127.0.0.1) will be used
type: str
ah_password:
description:
- Password for your Ansible Galaxy or Automation Hub instance.
- If value not set, will try environment variable C(AH_PASSWORD)
type: str
ah_username:
description:
- Username for your Ansible Galaxy or Automation Hub instance.
- If value not set, will try environment variable C(AH_USERNAME)
type: str
ah_path_prefix:
default: galaxy
description:
- API path used to access the api.
- For galaxy_ng this is either 'automation-hub' or the custom prefix used on install
with GALAXY_API_PATH_PREFIX
- For Automation Hub this is 'galaxy'
type: str
validate_certs:
aliases:
- ah_verify_ssl
description:
- Whether to allow insecure connections to Galaxy or Automation Hub Server.
- If C(no), SSL certificates will not be validated.
- This should only be used on personally controlled sites using self-signed certificates.
- If value not set, will try environment variable C(AH_VERIFY_SSL)
type: bool