awx.awx.role module – grant or revoke an Automation Platform Controller role.
Note
This module is part of the awx.awx collection (version 24.6.1).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install awx.awx
.
To use it in a playbook, specify: awx.awx.role
.
Synopsis
Roles are used for access control, this module is for managing user access to server resources.
Grant or revoke Automation Platform Controller roles to users. See https://www.ansible.com/tower for an overview.
Aliases: tower_role
Parameters
Parameter |
Comments |
---|---|
Path to the controller config file. If provided, the other locations for config files will not be considered. |
|
URL to your Automation Platform Controller instance. If value not set, will try environment variable If value not specified by any means, the value of |
|
The OAuth token to use. This value can be in one of two formats. A string which is the token itself. (i.e. bqV5txm97wqJqtkxlMkhQz0pKhRMMX) A dictionary structure as returned by the token module. If value not set, will try environment variable |
|
Password for your controller instance. If value not set, will try environment variable |
|
Username for your controller instance. If value not set, will try environment variable |
|
Credential name, ID, or named URL the role acts on. Deprecated, use ‘credentials’. |
|
Credential names, IDs, or named URLs the role acts on. |
|
Instance Group names, IDs, or named URLs the role acts on. |
|
Inventory names, IDs, or named URLs the role acts on. |
|
Inventory name, ID, or named URL the role acts on. Deprecated, use ‘inventories’. |
|
The job template name, ID, or named URL the role acts on. Deprecated, use ‘job_templates’. |
|
The job template names, IDs, or named URLs the role acts on. |
|
Organization name, ID, or named URL the inventories, job templates, projects, or workflows the items exists in. Used to help lookup the object, for organization roles see organization. If not provided, will lookup by name only, which does not work with duplicates. |
|
Organization name, ID, or named URL the role acts on. Deprecated, use ‘organizations’. |
|
Organization names, IDs, or named URLs the role acts on. |
|
Project name, ID, or named URL the role acts on. Deprecated, use ‘projects’. |
|
Project names, IDs, or named URLs the role acts on. |
|
Specify the timeout Ansible should use in requests to the controller host. Defaults to 10s, but this is handled by the shared module_utils code |
|
The role type to grant/revoke. Choices:
|
|
Desired state. State of present indicates the user should have the role. State of absent indicates the user should have the role taken away, if they have it. Choices:
|
|
Team name, ID, or named URL that the role acts on. For example, make someone a member or an admin of a team. Members of a team implicitly receive the permissions that the team has. Deprecated, use ‘target_teams’. |
|
Team names, IDs, or named URLs that the role acts on. For example, make someone a member or an admin of a team. Members of a team implicitly receive the permissions that the team has. |
|
Team name, ID, or named URL that receives the permissions specified by the role. Deprecated, use ‘teams’. |
|
Team names, IDs, or named URLs that receive the permissions specified by the role. |
|
User name, ID, or named URL that receives the permissions specified by the role. Deprecated, use ‘users’. |
|
User names, IDs, or named URLs that receive the permissions specified by the role. |
|
Whether to allow insecure connections to AWX. If This should only be used on personally controlled sites using self-signed certificates. If value not set, will try environment variable Choices:
|
|
The workflow job template name, ID, or named URL the role acts on. Deprecated, use ‘workflows’. |
|
The workflow job template names, IDs, or named URLs the role acts on. |
Notes
Note
If no config_file is provided we will attempt to use the tower-cli library defaults to find your host information.
config_file should be in the following format host=hostname username=username password=password
Examples
- name: Add jdoe to the member role of My Team
role:
user: jdoe
target_team: "My Team"
role: member
state: present
- name: Add Joe to multiple job templates and a workflow
role:
user: joe
role: execute
workflows:
- test-role-workflow
job_templates:
- jt1
- jt2
state: present