community.general.nomad_token module – Manage Nomad ACL tokens

Note

This module is part of the community.general collection (version 9.5.1).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: community.general.nomad_token.

New in community.general 8.1.0

Synopsis

  • This module allows to create Bootstrap tokens, create ACL tokens, update ACL tokens, and delete ACL tokens.

Requirements

The below requirements are needed on the host that executes this module.

  • python-nomad

Parameters

Parameter

Comments

client_cert

path

Path of certificate for TLS/SSL.

client_key

path

Path of certificate’s private key for TLS/SSL.

global_replicated

boolean

Indicates whether or not the token was created with the --global.

Choices:

  • false ← (default)

  • true

host

string / required

FQDN of Nomad server.

name

string

Name of ACL token to create.

namespace

string

Namespace for Nomad.

policies

list / elements=string

A list of the policies assigned to the token.

Default: []

port

integer

added in community.general 8.0.0

Port of Nomad server.

Default: 4646

state

string / required

Create or remove ACL token.

Choices:

  • "present"

  • "absent"

timeout

integer

Timeout (in seconds) for the request to Nomad.

Default: 5

token

string

ACL token for authentication.

token_type

string

The type of the token can be client, management, or bootstrap.

Choices:

  • "client" ← (default)

  • "management"

  • "bootstrap"

use_ssl

boolean

Use TLS/SSL connection.

Choices:

  • false

  • true ← (default)

validate_certs

boolean

Enable TLS/SSL certificate validation.

Choices:

  • false

  • true ← (default)

Attributes

Attribute

Support

Description

check_mode

Support: none

Can run in check_mode and return changed status prediction without modifying target.

diff_mode

Support: none

Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode.

See Also

See also

Nomad ACL documentation

Complete documentation for Nomad API ACL.

Examples

- name: Create boostrap token
  community.general.nomad_token:
    host: localhost
    token_type: bootstrap
    state: present

- name: Create ACL token
  community.general.nomad_token:
    host: localhost
    name: "Dev token"
    token_type: client
    policies:
        - readonly
    global_replicated: false
    state: absent

- name: Update ACL token Dev token
  community.general.nomad_token:
    host: localhost
    name: "Dev token"
    token_type: client
    policies:
        - readonly
        - devpolicy
    global_replicated: false
    state: absent

- name: Delete ACL token
  community.general.nomad_token:
    host: localhost
    name: "Dev token"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

result

dictionary

Result returned by nomad.

Returned: always

Sample: {"accessor_id": "0d01c55f-8d63-f832-04ff-1866d4eb594e", "create_index": 14, "create_time": "2023-11-12T18:48:34.248857001Z", "expiration_time": null, "expiration_ttl": "", "global": true, "hash": "eSn8H8RVqh8As8WQNnC2vlBRqXy6DECogc5umzX0P30=", "modify_index": 836, "name": "devs", "policies": ["readonly"], "roles": null, "secret_id": "12e878ab-e1f6-e103-b4c4-3b5173bb4cea", "type": "client"}

Authors

  • Pedro Nascimento (@apecnascimento)