tower_credential – create, update, or destroy Ansible Tower credential

New in version 2.3.

Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • ansible-tower-cli >= 3.0.2

Parameters

Parameter Choices/Defaults Comments
authorize
boolean
    Choices:
  • no ←
  • yes
Should use authorize for net type.
authorize_password
string
Password for net credentials that require authorize.
become_method
string
    Choices:
  • None
  • sudo
  • su
  • pbrun
  • pfexec
  • pmrun
Become method to use for privilege escalation.
become_password
string
Become password. Use ASK for prompting.
become_username
string
Become username. Use ASK for prompting.
client
string
Client or application ID for azure_rm type.
description
string
The description to use for the credential.
domain
string
Domain for openstack type.
host
string
Host for this credential.
kind
string / required
    Choices:
  • ssh
  • vault
  • net
  • scm
  • aws
  • vmware
  • satellite6
  • cloudforms
  • gce
  • azure_rm
  • openstack
  • rhv
  • insights
  • tower
Type of credential being added.
The ssh choice refers to a Tower Machine credential.
name
string / required
The name to use for the credential.
organization
string / required
Organization that should own the credential.
password
string
Password for this credential. Use ASK for prompting. secret_key for AWS. api_key for RAX.
project
string
Project that should for this credential.
secret
string
Secret token for azure_rm type.
security_token
string
added in 2.6
STS token for aws type.
ssh_key_data
string
SSH private key content. To extract the content from a file path, use the lookup function (see examples).
ssh_key_unlock
string
Unlock password for ssh_key. Use ASK for prompting.
state
string
    Choices:
  • present ←
  • absent
Desired state of the resource.
subscription
string
Subscription ID for azure_rm type.
team
string
Team that should own this credential.
tenant
string
Tenant ID for azure_rm type.
tower_config_file
path
Path to the Tower config file.
tower_host
string
URL to your Tower instance.
tower_password
string
Password for your Tower instance.
tower_username
string
Username for your Tower instance.
user
string
User that should own this credential.
username
string
Username for this credential. access_key for AWS.
validate_certs
boolean
    Choices:
  • no
  • yes
Whether to allow insecure connections to Tower.
If no, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates.

aliases: tower_verify_ssl
vault_id
string
added in 2.8
Vault identifier.
This parameter is only valid if kind is specified as vault.
vault_password
string
Vault password. Use ASK for prompting.

Notes

Note

  • If no config_file is provided we will attempt to use the tower-cli library defaults to find your Tower host information.

  • config_file should contain Tower configuration in the following format host=hostname username=username password=password

Examples

- name: Add tower credential
  tower_credential:
    name: Team Name
    description: Team Description
    organization: test-org
    kind: ssh
    state: present
    tower_config_file: "~/tower_cli.cfg"

- name: Create a valid SCM credential from a private_key file
  tower_credential:
    name: SCM Credential
    organization: Default
    state: present
    kind: scm
    username: joe
    password: secret
    ssh_key_data: "{{ lookup('file', '/tmp/id_rsa') }}"
    ssh_key_unlock: "passphrase"

- name: Add Credential Into Tower
  tower_credential:
    name: Workshop Credential
    ssh_key_data: "/home/{{ansible_user}}/.ssh/aws-private.pem"
    kind: ssh
    organization: Default
    tower_username: admin
    tower_password: ansible
    tower_host: https://localhost
  run_once: true
  delegate_to: localhost

Status

Authors

  • Wayne Witzel III (@wwitzel3)

Hint

If you notice any issues in this documentation you can edit this document to improve it.