shanemcd / shanemcd.awx / 20.0.14 / module / role grant or revoke an Automation Platform Controller role. Authors: Wayne Witzel III (@wwitzel3) preview | supported by communityshanemcd.awx.role (20.0.14) — module
Install with ansible-galaxy collection install shanemcd.awx:==20.0.14
collections: - name: shanemcd.awx version: 20.0.14
Roles are used for access control, this module is for managing user access to server resources.
Grant or revoke Automation Platform Controller roles to users. See U(https://www.ansible.com/tower) for an overview.
- name: Add jdoe to the member role of My Team role: user: jdoe target_team: "My Team" role: member state: present
- name: Add Joe to multiple job templates and a workflow role: user: joe role: execute workflow: test-role-workflow job_templates: - jt1 - jt2 state: present
role: choices: - admin - read - member - execute - adhoc - update - use - approval - auditor - project_admin - inventory_admin - credential_admin - workflow_admin - notification_admin - job_template_admin - execution_environment_admin description: - The role type to grant/revoke. required: true type: str team: description: - Team that receives the permissions specified by the role. type: str user: description: - User that receives the permissions specified by the role. type: str state: choices: - present - absent default: present description: - Desired state. - State of present indicates the user should have the role. - State of absent indicates the user should have the role taken away, if they have it. type: str project: description: - Project the role acts on. - Deprecated, use 'projects'. type: str projects: description: - Project the role acts on. elements: str type: list workflow: description: - The workflow job template the role acts on. - Deprecated, use 'workflows'. type: str inventory: description: - Inventory the role acts on. - Deprecated, use 'inventories'. type: str workflows: description: - The workflow job template the role acts on. elements: str type: list credential: description: - Credential the role acts on. - Deprecated, use 'credentials'. type: str credentials: description: - Credential the role acts on. elements: str type: list inventories: description: - Inventory the role acts on. elements: str type: list target_team: description: - Team that the role acts on. - For example, make someone a member or an admin of a team. - Members of a team implicitly receive the permissions that the team has. - Deprecated, use 'target_teams'. type: str job_template: description: - The job template the role acts on. - Deprecated, use 'job_templates'. type: str organization: description: - Organization the role acts on. - Deprecated, use 'organizations'. type: str target_teams: description: - Team that the role acts on. - For example, make someone a member or an admin of a team. - Members of a team implicitly receive the permissions that the team has. elements: str type: list job_templates: description: - The job template the role acts on. elements: str type: list organizations: description: - Organization the role acts on. elements: str type: list validate_certs: aliases: - tower_verify_ssl description: - Whether to allow insecure connections to AWX. - If C(no), SSL certificates will not be validated. - This should only be used on personally controlled sites using self-signed certificates. - If value not set, will try environment variable C(CONTROLLER_VERIFY_SSL) and then config files type: bool controller_host: aliases: - tower_host description: - URL to your Automation Platform Controller instance. - If value not set, will try environment variable C(CONTROLLER_HOST) and then config files - If value not specified by any means, the value of C(127.0.0.1) will be used type: str controller_password: aliases: - tower_password description: - Password for your controller instance. - If value not set, will try environment variable C(CONTROLLER_PASSWORD) and then config files type: str controller_username: aliases: - tower_username description: - Username for your controller instance. - If value not set, will try environment variable C(CONTROLLER_USERNAME) and then config files type: str lookup_organization: description: - Organization the inventories, job templates, projects, or workflows the items exists in. - Used to help lookup the object, for organization roles see organization. - If not provided, will lookup by name only, which does not work with duplicates. type: str controller_oauthtoken: aliases: - tower_oauthtoken description: - The OAuth token to use. - This value can be in one of two formats. - A string which is the token itself. (i.e. bqV5txm97wqJqtkxlMkhQz0pKhRMMX) - A dictionary structure as returned by the token module. - If value not set, will try environment variable C(CONTROLLER_OAUTH_TOKEN) and then config files type: raw version_added: 3.7.0 version_added_collection: shanemcd.awx controller_config_file: aliases: - tower_config_file description: - Path to the controller config file. - If provided, the other locations for config files will not be considered. type: path