manageiq_policies – Management of resource policy_profiles in ManageIQ

New in version 2.5.

Synopsis

  • The manageiq_policies module supports adding and deleting policy_profiles in ManageIQ.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter Choices/Defaults Comments
manageiq_connection
dictionary / required
ManageIQ connection configuration information.
ca_cert
path
The path to a CA bundle file or directory with certificates. defaults to None.

aliases: ca_bundle_path
password
string
ManageIQ password. MIQ_PASSWORD env var if set. otherwise, required if no token is passed in.
token
string
ManageIQ token. MIQ_TOKEN env var if set. otherwise, required if no username or password is passed in.
url
string / required
ManageIQ environment url. MIQ_URL env var if set. otherwise, it is required to pass it.
username
string
ManageIQ username. MIQ_USERNAME env var if set. otherwise, required if no token is passed in.
validate_certs
boolean
    Choices:
  • no
  • yes ←
Whether SSL certificates should be verified for HTTPS requests. defaults to True.

aliases: verify_ssl
policy_profiles
-
list of dictionaries, each includes the policy_profile 'name' key.
required if state is present or absent.
resource_name
- / required
the name of the resource to which the profile should be [un]assigned
resource_type
- / required
    Choices:
  • provider
  • host
  • vm
  • blueprint
  • category
  • cluster
  • data store
  • group
  • resource pool
  • service
  • service template
  • template
  • tenant
  • user
the type of the resource to which the profile should be [un]assigned
state
-
    Choices:
  • absent
  • present ←
  • list
absent - policy_profiles should not exist,
present - policy_profiles should exist,
list - list current policy_profiles and policies.

Examples

- name: Assign new policy_profile for a provider in ManageIQ
  manageiq_policies:
    resource_name: 'EngLab'
    resource_type: 'provider'
    policy_profiles:
      - name: openscap profile
    manageiq_connection:
      url: 'http://127.0.0.1:3000'
      username: 'admin'
      password: 'smartvm'
      validate_certs: False

- name: Unassign a policy_profile for a provider in ManageIQ
  manageiq_policies:
    state: absent
    resource_name: 'EngLab'
    resource_type: 'provider'
    policy_profiles:
      - name: openscap profile
    manageiq_connection:
      url: 'http://127.0.0.1:3000'
      username: 'admin'
      password: 'smartvm'
      validate_certs: False

- name: List current policy_profile and policies for a provider in ManageIQ
  manageiq_policies:
    state: list
    resource_name: 'EngLab'
    resource_type: 'provider'
    manageiq_connection:
      url: 'http://127.0.0.1:3000'
      username: 'admin'
      password: 'smartvm'
      validate_certs: False

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
manageiq_policies
dictionary
always
List current policy_profile and policies for a provider in ManageIQ

Sample:
{ "changed": false, "profiles": [ { "policies": [ { "active": true, "description": "OpenSCAP", "name": "openscap policy" }, { "active": true, "description": "Analyse incoming container images", "name": "analyse incoming container images" }, { "active": true, "description": "Schedule compliance after smart state analysis", "name": "schedule compliance after smart state analysis" } ], "profile_description": "OpenSCAP profile", "profile_name": "openscap profile" } ] }


Status

Authors

  • Daniel Korn (@dkorn)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.