ngine_io.cloudstack.cs_account module – Manages accounts on Apache CloudStack based clouds.

Note

This module is part of the ngine_io.cloudstack collection (version 2.5.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install ngine_io.cloudstack. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: ngine_io.cloudstack.cs_account.

New in ngine_io.cloudstack 0.1.0

Synopsis 

Create, disable, lock, enable and remove accounts.

Requirements 

The below requirements are needed on the host that executes this module.

python >= 2.6
cs >= 0.9.0

Parameters 

Parameter	Comments
account_type string	Type of the account. Choices: `"user"` ← (default) `"root_admin"` `"domain_admin"`
api_http_method string	HTTP method used to query the API endpoint. If not given, the `CLOUDSTACK_METHOD` env variable is considered. Choices: `"get"` ← (default) `"post"`
api_key string / required	API key of the CloudStack API. If not given, the `CLOUDSTACK_KEY` env variable is considered.
api_secret string / required	Secret key of the CloudStack API. If not set, the `CLOUDSTACK_SECRET` env variable is considered.
api_timeout integer	HTTP timeout in seconds. If not given, the `CLOUDSTACK_TIMEOUT` env variable is considered. Default: `10`
api_url string / required	URL of the CloudStack API e.g. https://cloud.example.com/client/api. If not given, the `CLOUDSTACK_ENDPOINT` env variable is considered.
api_verify_ssl_cert string	Verify CA authority cert file. If not given, the `CLOUDSTACK_VERIFY` env variable is considered.
domain string	Domain the account is related to. Default: `"ROOT"`
email string	Email of the user to be created if account did not exist. Required on state=present if ldap_domain is not set.
first_name string	First name of the user to be created if account did not exist. Required on state=present if ldap_domain is not set.
last_name string	Last name of the user to be created if account did not exist. Required on state=present if ldap_domain is not set.
ldap_domain string	Name of the LDAP group or OU to bind. If set, account will be linked to LDAP.
ldap_type string	Type of the ldap name. GROUP or OU, defaults to GROUP. Choices: `"GROUP"` ← (default) `"OU"`
name string / required	Name of account.
network_domain string	Network domain of the account.
password string	Password of the user to be created if account did not exist. Required on state=present if ldap_domain is not set.
poll_async boolean	Poll async jobs until job has finished. Choices: `false` `true` ← (default)
role string	Creates the account under the specified role name or id.
state string	State of the account. `unlocked` is an alias for `enabled`. Choices: `"present"` ← (default) `"absent"` `"enabled"` `"disabled"` `"locked"` `"unlocked"`
timezone string	Timezone of the user to be created if account did not exist.
username string	Username of the user to be created if account did not exist. Required on state=present.
validate_certs boolean added in ngine_io.cloudstack 2.4.0	If `false`, SSL certificates will not be validated. If not given, the `CLOUDSTACK_DANGEROUS_NO_TLS_VERIFY` env variable is considered. This should only be used on personally controlled sites using self-signed certificates. Choices: `false` `true` ← (default)

Notes 

Note

A detailed guide about cloudstack modules can be found in the CloudStack Cloud Guide.
This module supports check mode.

Examples 

- name: create an account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    username: customer_xy
    password: S3Cur3
    last_name: Doe
    first_name: John
    email: [email protected]
    domain: CUSTOMERS
    role: Domain Admin

- name: Lock an existing account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    domain: CUSTOMERS
    state: locked

- name: Disable an existing account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    domain: CUSTOMERS
    state: disabled

- name: Enable an existing account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    domain: CUSTOMERS
    state: enabled

- name: Remove an account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    domain: CUSTOMERS
    state: absent

- name: Create a single user LDAP account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    username: customer_xy
    domain: CUSTOMERS
    ldap_domain: cn=customer_xy,cn=team_xy,ou=People,dc=domain,dc=local

- name: Create a LDAP account in domain 'CUSTOMERS' and bind it to a LDAP group
  ngine_io.cloudstack.cs_account:
    name: team_xy
    username: customer_xy
    domain: CUSTOMERS
    ldap_domain: cn=team_xy,ou=People,dc=domain,dc=local

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
account_type string	Type of the account. Returned: success Sample: `"user"`
domain string	Domain the account is related. Returned: success Sample: `"ROOT"`
id string	UUID of the account. Returned: success Sample: `"87b1e0ce-4e01-11e4-bb66-0050569e64b8"`
name string	Name of the account. Returned: success Sample: `"linus@example.com"`
network_domain string	Network domain of the account. Returned: success Sample: `"example.local"`
role string	The role name of the account Returned: success Sample: `"Domain Admin"`
state string	State of the account. Returned: success Sample: `"enabled"`

Authors

René Moser (@resmo)

ngine_io.cloudstack.cs_account module – Manages accounts on Apache CloudStack based clouds.

Synopsis

Requirements

Parameters

Notes

Examples

Return Values