tower_credential – create, update, or destroy Ansible Tower credential.

New in version 2.3.

Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • ansible-tower-cli >= 3.0.2

Parameters

Parameter Choices/Defaults Comments
authorize
boolean
    Choices:
  • no ←
  • yes
Should use authorize for net type.
authorize_password
-
Password for net credentials that require authorize.
become_method
-
    Choices:
  • None
  • sudo
  • su
  • pbrun
  • pfexec
  • pmrun
Become method to Use for privledge escalation.
become_password
-
Become password. Use ASK for prompting.
become_username
-
Become username. Use ASK for prompting.
client
-
Default:
null
Client or application ID for azure_rm type.
description
-
The description to use for the credential.
domain
-
Domain for openstack type.
host
-
Host for this credential.
kind
- / required
    Choices:
  • ssh
  • vault
  • net
  • scm
  • aws
  • vmware
  • satellite6
  • cloudforms
  • gce
  • azure_rm
  • openstack
  • rhv
  • insights
  • tower
Type of credential being added. The ssh choice refers to a Tower Machine credential.
name
- / required
The name to use for the credential.
organization
- / required
Organization that should own the credential.
password
-
Password for this credential. Use ASK for prompting. secret_key for AWS. api_key for RAX.
project
-
Project that should for this credential.
secret
-
Secret token for azure_rm type.
security_token
-
added in 2.6
Default:
null
STS token for aws type.
ssh_key_data
-
Path to SSH private key.
ssh_key_unlock
-
Unlock password for ssh_key. Use ASK for prompting.
state
-
    Choices:
  • present ←
  • absent
Desired state of the resource.
subscription
-
Subscription ID for azure_rm type.
team
-
Team that should own this credential.
tenant
-
Tenant ID for azure_rm type.
tower_config_file
-
Path to the Tower config file. See notes.
tower_host
-
URL to your Tower instance.
tower_password
-
Password for your Tower instance.
tower_username
-
Username for your Tower instance.
tower_verify_ssl
boolean
    Choices:
  • no
  • yes ←
Dis/allow insecure connections to Tower. If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
user
-
User that should own this credential.
username
-
Username for this credential. access_key for AWS.
vault_password
-
Vault password. Use ASK for prompting.

Notes

Note

  • If no config_file is provided we will attempt to use the tower-cli library defaults to find your Tower host information.
  • config_file should contain Tower configuration in the following format host=hostname username=username password=password

Examples

- name: Add tower credential
  tower_credential:
    name: Team Name
    description: Team Description
    organization: test-org
    kind: ssh
    state: present
    tower_config_file: "~/tower_cli.cfg"

- name: Create a valid SCM credential from a private_key file
  tower_credential:
    name: SCM Credential
    organization: Default
    state: present
    kind: scm
    username: joe
    password: secret
    ssh_key_data: "{{ lookup('file', '/tmp/id_rsa') }}"
    ssh_key_unlock: "passphrase"

- name: Add Credential Into Tower
  tower_credential:
    name: Workshop Credential
    ssh_key_data: "/home/{{ansible_user}}/.ssh/aws-private.pem"
    kind: ssh
    organization: Default
    tower_username: admin
    tower_password: ansible
    tower_host: https://localhost
  run_once: true
  delegate_to: localhost

Status

Authors

  • Wayne Witzel III (@wwitzel3)

Hint

If you notice any issues in this documentation you can edit this document to improve it.