community.general.manageiq_policies module – Management of resource policy_profiles in ManageIQ

Note

This module is part of the community.general collection (version 9.4.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: community.general.manageiq_policies.

Synopsis

  • The manageiq_policies module supports adding and deleting policy_profiles in ManageIQ.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

manageiq_connection

dictionary

ManageIQ connection configuration information.

ca_cert

aliases: ca_bundle_path

string

The path to a CA bundle file or directory with certificates.

password

string

ManageIQ password. MIQ_PASSWORD environment variable if set. Otherwise, required if no token is passed in.

token

string

ManageIQ token. MIQ_TOKEN environment variable if set. Otherwise, required if no username or password is passed in.

url

string

ManageIQ environment URL. MIQ_URL environment variable if set. Otherwise, it is required to pass it.

username

string

ManageIQ username. MIQ_USERNAME environment variable if set. Otherwise, required if no token is passed in.

validate_certs

aliases: verify_ssl

boolean

Whether SSL certificates should be verified for HTTPS requests.

Choices:

  • false

  • true ← (default)

policy_profiles

list / elements=dictionary

List of dictionaries, each includes the policy_profile name key.

Required if state is present or absent.

resource_id

integer

added in community.general 2.2.0

The ID of the resource to which the profile should be [un]assigned.

Must be specified if resource_name is not set. Both options are mutually exclusive.

resource_name

string

The name of the resource to which the profile should be [un]assigned.

Must be specified if resource_id is not set. Both options are mutually exclusive.

resource_type

string / required

The type of the resource to which the profile should be [un]assigned.

Choices:

  • "provider"

  • "host"

  • "vm"

  • "blueprint"

  • "category"

  • "cluster"

  • "data store"

  • "group"

  • "resource pool"

  • "service"

  • "service template"

  • "template"

  • "tenant"

  • "user"

state

string

absent - policy_profiles should not exist,

present - policy_profiles should exist,

Choices:

  • "absent"

  • "present" ← (default)

Attributes

Attribute

Support

Description

check_mode

Support: none

Can run in check_mode and return changed status prediction without modifying target.

diff_mode

Support: none

Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode.

Examples

- name: Assign new policy_profile for a provider in ManageIQ
  community.general.manageiq_policies:
    resource_name: 'EngLab'
    resource_type: 'provider'
    policy_profiles:
      - name: openscap profile
    manageiq_connection:
      url: 'http://127.0.0.1:3000'
      username: 'admin'
      password: 'smartvm'
      validate_certs: false  # only do this when you trust the network!

- name: Unassign a policy_profile for a provider in ManageIQ
  community.general.manageiq_policies:
    state: absent
    resource_name: 'EngLab'
    resource_type: 'provider'
    policy_profiles:
      - name: openscap profile
    manageiq_connection:
      url: 'http://127.0.0.1:3000'
      username: 'admin'
      password: 'smartvm'
      validate_certs: false  # only do this when you trust the network!

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

manageiq_policies

dictionary

List current policy_profile and policies for a provider in ManageIQ

Returned: always

Sample: {"changed": false, "profiles": [{"policies": [{"active": true, "description": "OpenSCAP", "name": "openscap policy"}, {"active": true, "description": "Analyse incoming container images", "name": "analyse incoming container images"}, {"active": true, "description": "Schedule compliance after smart state analysis", "name": "schedule compliance after smart state analysis"}], "profile_description": "OpenSCAP profile", "profile_name": "openscap profile"}]}

Authors

  • Daniel Korn (@dkorn)