tower_credential – create, update, or destroy Ansible Tower credential¶
New in version 2.3.
Synopsis¶
Create, update, or destroy Ansible Tower credentials. See https://www.ansible.com/tower for an overview.
Requirements¶
The below requirements are needed on the host that executes this module.
ansible-tower-cli >= 3.0.2
Parameters¶
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
authorize
boolean
|
|
Should use authorize for net type.
|
|
authorize_password
string
|
Password for net credentials that require authorize.
|
|
|
become_method
string
|
|
Become method to use for privilege escalation.
|
|
become_password
string
|
Become password. Use ASK for prompting.
|
|
|
become_username
string
|
Become username. Use ASK for prompting.
|
|
|
client
string
|
Client or application ID for azure_rm type.
|
|
|
description
string
|
The description to use for the credential.
|
|
|
domain
string
|
Domain for openstack type.
|
|
|
host
string
|
Host for this credential.
|
|
|
kind
string
/ required
|
|
Type of credential being added.
The ssh choice refers to a Tower Machine credential.
|
|
name
string
/ required
|
The name to use for the credential.
|
|
|
organization
string
/ required
|
Organization that should own the credential.
|
|
|
password
string
|
Password for this credential. Use ASK for prompting. secret_key for AWS. api_key for RAX.
|
|
|
project
string
|
Project that should for this credential.
|
|
|
secret
string
|
Secret token for azure_rm type.
|
|
|
security_token
string
added in 2.6 |
STS token for aws type.
|
|
|
ssh_key_data
string
|
SSH private key content. To extract the content from a file path, use the lookup function (see examples).
|
|
|
ssh_key_unlock
string
|
Unlock password for ssh_key. Use ASK for prompting.
|
|
|
state
string
|
|
Desired state of the resource.
|
|
subscription
string
|
Subscription ID for azure_rm type.
|
|
|
team
string
|
Team that should own this credential.
|
|
|
tenant
string
|
Tenant ID for azure_rm type.
|
|
|
tower_config_file
path
|
Path to the Tower config file.
|
|
|
tower_host
string
|
URL to your Tower instance.
|
|
|
tower_password
string
|
Password for your Tower instance.
|
|
|
tower_username
string
|
Username for your Tower instance.
|
|
|
user
string
|
User that should own this credential.
|
|
|
username
string
|
Username for this credential. access_key for AWS.
|
|
|
validate_certs
boolean
|
|
Whether to allow insecure connections to Tower.
If
no, SSL certificates will not be validated.This should only be used on personally controlled sites using self-signed certificates.
aliases: tower_verify_ssl |
|
vault_id
string
added in 2.8 |
Vault identifier.
This parameter is only valid if
kind is specified as vault. |
|
|
vault_password
string
|
Vault password. Use ASK for prompting.
|
Notes¶
Note
If no config_file is provided we will attempt to use the tower-cli library defaults to find your Tower host information.
config_file should contain Tower configuration in the following format host=hostname username=username password=password
Examples¶
- name: Add tower credential
tower_credential:
name: Team Name
description: Team Description
organization: test-org
kind: ssh
state: present
tower_config_file: "~/tower_cli.cfg"
- name: Create a valid SCM credential from a private_key file
tower_credential:
name: SCM Credential
organization: Default
state: present
kind: scm
username: joe
password: secret
ssh_key_data: "{{ lookup('file', '/tmp/id_rsa') }}"
ssh_key_unlock: "passphrase"
- name: Add Credential Into Tower
tower_credential:
name: Workshop Credential
ssh_key_data: "/home/{{ansible_user}}/.ssh/aws-private.pem"
kind: ssh
organization: Default
tower_username: admin
tower_password: ansible
tower_host: https://localhost
run_once: true
delegate_to: localhost
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]