tower_credential – create, update, or destroy Ansible Tower credential.

New in version 2.3.

Synopsis

• Create, update, or destroy Ansible Tower credentials. See https://www.ansible.com/tower for an overview.

Requirements

The below requirements are needed on the host that executes this module.

• ansible-tower-cli >= 3.0.2

Parameters

Parameter	Choices/Defaults	Comments
authorize boolean	Choices: no ← yes	Should use authorize for net type.
authorize_password -		Password for net credentials that require authorize.
become_method -	Choices: None sudo su pbrun pfexec pmrun	Become method to Use for privledge escalation.
become_password -		Become password. Use ASK for prompting.
become_username -		Become username. Use ASK for prompting.
client -	Default: null	Client or application ID for azure_rm type.
description -		The description to use for the credential.
domain -		Domain for openstack type.
host -		Host for this credential.
kind - / required	Choices: ssh vault net scm aws vmware satellite6 cloudforms gce azure_rm openstack rhv insights tower	Type of credential being added. The ssh choice refers to a Tower Machine credential.
name - / required		The name to use for the credential.
organization - / required		Organization that should own the credential.
password -		Password for this credential. Use ASK for prompting. secret_key for AWS. api_key for RAX.
project -		Project that should for this credential.
secret -		Secret token for azure_rm type.
security_token - added in 2.6	Default: null	STS token for aws type.
ssh_key_data -		Path to SSH private key.
ssh_key_unlock -		Unlock password for ssh_key. Use ASK for prompting.
state -	Choices: present ← absent	Desired state of the resource.
subscription -		Subscription ID for azure_rm type.
team -		Team that should own this credential.
tenant -		Tenant ID for azure_rm type.
tower_config_file -		Path to the Tower config file. See notes.
tower_host -		URL to your Tower instance.
tower_password -		Password for your Tower instance.
tower_username -		Username for your Tower instance.
tower_verify_ssl boolean	Choices: no yes ←	Dis/allow insecure connections to Tower. If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
user -		User that should own this credential.
username -		Username for this credential. access_key for AWS.
vault_password -		Vault password. Use ASK for prompting.

Notes

Note

• If no config_file is provided we will attempt to use the tower-cli library defaults to find your Tower host information.
• config_file should contain Tower configuration in the following format host=hostname username=username password=password

Examples

- name: Add tower credential
  tower_credential:
    name: Team Name
    description: Team Description
    organization: test-org
    kind: ssh
    state: present
    tower_config_file: "~/tower_cli.cfg"

- name: Create a valid SCM credential from a private_key file
  tower_credential:
    name: SCM Credential
    organization: Default
    state: present
    kind: scm
    username: joe
    password: secret
    ssh_key_data: "{{ lookup('file', '/tmp/id_rsa') }}"
    ssh_key_unlock: "passphrase"

- name: Add Credential Into Tower
  tower_credential:
    name: Workshop Credential
    ssh_key_data: "/home/{{ansible_user}}/.ssh/aws-private.pem"
    kind: ssh
    organization: Default
    tower_username: admin
    tower_password: ansible
    tower_host: https://localhost
  run_once: true
  delegate_to: localhost

Status

• This module is not guaranteed to have a backwards compatible interface. [preview]
• This module is maintained by the Ansible Community. [community]

Authors

• Wayne Witzel III (@wwitzel3)

Hint

If you notice any issues in this documentation you can edit this document to improve it.