community.proxmox.proxmox_user module – User management for Proxmox VE cluster
Note
This module is part of the community.proxmox collection (version 2.0.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install community.proxmox.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: community.proxmox.proxmox_user.
New in community.proxmox 1.2.0
Synopsis
Create or delete a user for Proxmox VE clusters.
Requirements
The below requirements are needed on the host that executes this module.
proxmoxer >= 2.3
requests
Parameters
Parameter |
Comments |
|---|---|
Specify the target host of the Proxmox VE cluster. Uses the |
|
Specify the OTP. Uses the |
|
Specify the password to authenticate with. Uses the |
|
Specify the target port of the Proxmox VE cluster. Uses the |
|
Time limit for requests towards the Proxmox VE API. Default: |
|
Specify the token ID. Uses the |
|
Specify the token secret. Uses the |
|
Specify the user to authenticate with. Uses the |
|
Path to a local certificate, which will be used to verify TLS connections. Ignored if |
|
Specify the description for the user. |
|
Email address for the user. |
|
Whether or not the account is active. Choices:
|
|
Expiration date of the user in seconds after epoch. 0 means no expiration date. Default: |
|
First name of the user. |
|
List of groups the user is a member of. |
|
Keys for two factor authentication (yubico). |
|
Last name of the user. |
|
Initial password. Only for PVE Authentication Realm users. Parameter is ignored when user already exists or |
|
Indicate desired state of the user. Choices:
|
|
List of API tokens associated to the user. |
|
Short description of the token. |
|
Expiration date in seconds since EPOCH. Zero means no expiration. Default: |
|
Describe if the API token is further restricted with ACLs or is fully privileged. Choices:
|
|
Token name. Case sensitive and must be unique per user. |
|
The user name. Must include the desired PVE authentication realm. |
|
Validate the TLS certificates used for the connection to the Proxmox VE API. May be set through the environment variable Choices:
|
Attributes
Attribute |
Support |
Description |
|---|---|---|
Action group: community.proxmox.proxmox |
Use |
|
Support: full |
Can run in |
|
Support: none |
Will return details on what has changed (or possibly needs changing in |
See Also
See also
- Authentication
Complete guide for the Proxmox API authentication
Examples
- name: Create new Proxmox VE user
community.proxmox.proxmox_user:
name: user@pve
comment: Expires on 2026-01-01 00:00:00
email: user@example.nl
enable: true
expire: 1767222000
firstname: User
groups:
- admins
password: GoBananas!
tokens:
- tokenid: MyToken
comment: Expires on 2026-01-01 00:00:00
expire: 1767222000
privsep: false
lastname: Some Guy
- name: Delete a Proxmox VE user
community.proxmox.proxmox_user:
name: user@pve
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
A short message on what the module did. Returned: always Sample: |
|
Dictionary of API tokens associated with their secret. Returned: success |
|
The user name. Returned: success Sample: |