XLAB Steampunk logo Try Spotter
 / home / shanemcd / shanemcd.awx / 20.0.14 / module / token

shanemcd.awx.token (20.0.14) — module

create, update, or destroy Automation Platform Controller tokens.

| "added in version" 2.3.0 of shanemcd.awx"

Authors: John Westcott IV (@john-westcott-iv)

preview | supported by community

Install collection | Add to requirements.yml | Description | Usage examples | Inputs | Outputs

Install collection

Install with ansible-galaxy collection install shanemcd.awx:==20.0.14


Add to requirements.yml

  collections:
    - name: shanemcd.awx
      version: 20.0.14

Description

Create or destroy Automation Platform Controller tokens. See U(https://www.ansible.com/tower) for an overview.

In addition, the module sets an Ansible fact which can be passed into other controller modules as the parameter controller_oauthtoken. See examples for usage.

Because of the sensitive nature of tokens, the created token value is only available once through the Ansible fact. (See RETURN for details)

Due to the nature of tokens this module is not idempotent. A second will with the same parameters will create a new token.

If you are creating a temporary token for use with modules you should delete the token when you are done with it. See the example for how to do it.

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- block:
    - name: Create a new token using an existing token
      token:
        description: '{{ token_description }}'
        scope: "write"
        state: present
        controller_oauthtoken: "{{ my_existing_token }}"

    - name: Delete this token
      token:
        existing_token: "{{ controller_token }}"
        state: absent

    - name: Create a new token using username/password
      token:
        description: '{{ token_description }}'
        scope: "write"
        state: present
        controller_username: "{{ my_username }}"
        controller_password: "{{ my_password }}"

    - name: Use our new token to make another call
      job_list:
        controller_oauthtoken: "{{ controller_token }}"

  always:
    - name: Delete our Token with the token we created
      token:
        existing_token: "{{ controller_token }}"
        state: absent
      when: token is defined
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
- name: Delete a token by its id
  token:
    existing_token_id: 4
    state: absent

Inputs

    
scope:
    choices:
    - read
    - write
    default: write
    description:
    - Allowed scopes, further restricts user's permissions. Must be a simple space-separated
      string with allowed scopes ['read', 'write'].
    required: false
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description:
    - Desired state of the resource.
    type: str

application:
    description:
    - The application tied to this token.
    required: false
    type: str

description:
    default: ''
    description:
    - Optional description of this access token.
    required: false
    type: str

existing_token:
    description: The data structure produced from token in create mode to be used with
      state absent.
    type: dict

validate_certs:
    aliases:
    - tower_verify_ssl
    description:
    - Whether to allow insecure connections to AWX.
    - If C(no), SSL certificates will not be validated.
    - This should only be used on personally controlled sites using self-signed certificates.
    - If value not set, will try environment variable C(CONTROLLER_VERIFY_SSL) and then
      config files
    type: bool

controller_host:
    aliases:
    - tower_host
    description:
    - URL to your Automation Platform Controller instance.
    - If value not set, will try environment variable C(CONTROLLER_HOST) and then config
      files
    - If value not specified by any means, the value of C(127.0.0.1) will be used
    type: str

existing_token_id:
    description: A token ID (number) which can be used to delete an arbitrary token with
      state absent.
    type: str

controller_password:
    aliases:
    - tower_password
    description:
    - Password for your controller instance.
    - If value not set, will try environment variable C(CONTROLLER_PASSWORD) and then
      config files
    type: str

controller_username:
    aliases:
    - tower_username
    description:
    - Username for your controller instance.
    - If value not set, will try environment variable C(CONTROLLER_USERNAME) and then
      config files
    type: str

controller_oauthtoken:
    aliases:
    - tower_oauthtoken
    description:
    - The OAuth token to use.
    - This value can be in one of two formats.
    - A string which is the token itself. (i.e. bqV5txm97wqJqtkxlMkhQz0pKhRMMX)
    - A dictionary structure as returned by the token module.
    - If value not set, will try environment variable C(CONTROLLER_OAUTH_TOKEN) and then
      config files
    type: raw
    version_added: 3.7.0
    version_added_collection: shanemcd.awx

controller_config_file:
    aliases:
    - tower_config_file
    description:
    - Path to the controller config file.
    - If provided, the other locations for config files will not be considered.
    type: path

Outputs

controller_token:
  contains:
    id:
      description: The numeric ID of the token created
      type: str
    token:
      description: The token that was generated. This token can never be accessed
        again, make sure this value is noted before it is lost.
      type: str
  description: An Ansible Fact variable representing a token object which can be used
    for auth in subsequent modules. See examples for usage.
  returned: on successful create
  type: dict
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy