azure_rm_lock – Manage Azure locks¶
New in version 2.9.
Synopsis¶
- Create, delete an Azure lock.
- To create or delete management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
- Of the built-in roles, only Owner and User Access Administrator are granted those actions.
Requirements¶
The below requirements are needed on the host that executes this module.
- python >= 2.7
- azure >= 2.0.0
Parameters¶
Notes¶
Note
- For authentication with Azure you can pass parameters, set environment variables, use a profile stored in ~/.azure/credentials, or log in before you run your tasks or playbook with
az login
. - Authentication is also possible using a service principal or Active Directory user.
- To authenticate via service principal, pass subscription_id, client_id, secret and tenant or set environment variables AZURE_SUBSCRIPTION_ID, AZURE_CLIENT_ID, AZURE_SECRET and AZURE_TENANT.
- To authenticate via Active Directory user, pass ad_user and password, or set AZURE_AD_USER and AZURE_PASSWORD in the environment.
- Alternatively, credentials can be stored in ~/.azure/credentials. This is an ini file containing a [default] section and the following keys: subscription_id, client_id, secret and tenant or subscription_id, ad_user and password. It is also possible to add additional profiles. Specify the profile by passing profile or setting AZURE_PROFILE in the environment.
See Also¶
See also
- Sign in with Azure CLI
- How to authenticate using the
az login
command.
Examples¶
- name: Create a lock for a resource
azure_rm_lock:
managed_resource_id: /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/myVM
name: myLock
level: read_only
- name: Create a lock for a resource group
azure_rm_lock:
managed_resource_id: /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourcegroups/myResourceGroup
name: myLock
level: read_only
- name: Create a lock for a resource group
azure_rm_lock:
resource_group: myResourceGroup
name: myLock
level: read_only
- name: Create a lock for a subscription
azure_rm_lock:
name: myLock
level: read_only
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Yuwei Zhou (@yuwzho)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.