community.general.rundeck_acl_policy – Manage Rundeck ACL policies.

Note

This plugin is part of the community.general collection (version 3.7.0).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.rundeck_acl_policy.

Synopsis

  • Create, update and remove Rundeck ACL policies through HTTP API.

Parameters

Parameter Choices/Defaults Comments
api_version
integer
Default:
14
Sets the API version used by module.
API version must be at least 14.
client_cert
path
added in 0.2.0 of community.general
PEM formatted certificate chain file to be used for SSL client authentication.
This file can also include the key as well, and if the key is included, client_key is not required.
client_key
path
added in 0.2.0 of community.general
PEM formatted file that contains your private key to be used for SSL client authentication.
If client_cert contains both the certificate and key, this option is not required.
force
boolean
added in 0.2.0 of community.general
    Choices:
  • no ←
  • yes
If yes do not get a cached copy.
Alias thirsty has been deprecated and will be removed in 2.13.

aliases: thirsty
force_basic_auth
boolean
added in 0.2.0 of community.general
    Choices:
  • no ←
  • yes
Credentials specified with url_username and url_password should be passed in HTTP Header.
http_agent
string
added in 0.2.0 of community.general
Default:
"ansible-httpget"
Header to identify as, generally appears in web server logs.
name
string / required
Sets the project name.
policy
string
Sets the ACL policy content.
ACL policy content is a YAML object as described in http://rundeck.org/docs/man5/aclpolicy.html.
It can be a YAML string or a pure Ansible inventory YAML object.
project
string
Sets the project which receive the ACL policy.
If unset, it's a system ACL policy.
state
string
    Choices:
  • present ←
  • absent
Create or remove Rundeck project.
token
string / required
Sets the token to authenticate against Rundeck API.
url
string / required
Sets the rundeck instance URL.
url_password
string
added in 0.2.0 of community.general
The password for use in HTTP basic authentication.
If the url_username parameter is not specified, the url_password parameter will not be used.
url_username
string
added in 0.2.0 of community.general
The username for use in HTTP basic authentication.
This parameter can be used without url_password for sites that allow empty passwords
use_gssapi
boolean
added in 2.11 of ansible.builtin
    Choices:
  • no ←
  • yes
Use GSSAPI to perform the authentication, typically this is for Kerberos or Kerberos through Negotiate authentication.
Requires the Python library gssapi to be installed.
Credentials for GSSAPI can be specified with url_username/url_password or with the GSSAPI env var KRB5CCNAME that specified a custom Kerberos credential cache.
NTLM authentication is not supported even if the GSSAPI mech for NTLM has been installed.
use_proxy
boolean
added in 0.2.0 of community.general
    Choices:
  • no
  • yes ←
If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
validate_certs
boolean
added in 0.2.0 of community.general
    Choices:
  • no
  • yes ←
If no, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates.

Examples

- name: Create or update a rundeck ACL policy in project Ansible
  community.general.rundeck_acl_policy:
    name: "Project_01"
    api_version: 18
    url: "https://rundeck.example.org"
    token: "mytoken"
    state: present
    project: "Ansible"
    policy:
      description: "my policy"
      context:
        application: rundeck
      for:
        project:
          - allow: read
      by:
        group: "build"

- name: Remove a rundeck system policy
  community.general.rundeck_acl_policy:
    name: "Project_02"
    url: "https://rundeck.example.org"
    token: "mytoken"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
after
dictionary
success
Dictionary containing ACL policy informations after modification.

before
dictionary
success
Dictionary containing ACL policy informations before modification.

rundeck_response
string
failed
Rundeck response when a failure occurs.



Authors

  • Loic Blot (@nerzhul)