t_systems_mms.icinga_director.icinga_user – Manage users in Icinga2

Note

This plugin is part of the t_systems_mms.icinga_director collection (version 1.21.1).

To install it use: ansible-galaxy collection install t_systems_mms.icinga_director.

To use it in a playbook, specify: t_systems_mms.icinga_director.icinga_user.

New in version 1.0.0: of t_systems_mms.icinga_director

Synopsis

  • Add or remove a user to Icinga2 through the director API.

Parameters

Parameter Choices/Defaults Comments
client_cert
path
PEM formatted certificate chain file to be used for SSL client authentication.
This file can also include the key as well, and if the key is included, client_key is not required.
client_key
path
PEM formatted file that contains your private key to be used for SSL client authentication.
If client_cert contains both the certificate and key, this option is not required.
disabled
boolean
    Choices:
  • no ←
  • yes
Disabled objects will not be deployed.
display_name
string
Alternative name for this user.
In case your object name is a username, this could be the full name of the corresponding person.
email
string
The Email address of the user.
force
boolean
    Choices:
  • no ←
  • yes
If yes do not get a cached copy.
Alias thirsty has been deprecated and will be removed in 2.13.

aliases: thirsty
force_basic_auth
boolean
    Choices:
  • no ←
  • yes
Credentials specified with url_username and url_password should be passed in HTTP Header.
groups
list / elements=string
User groups that should be directly assigned to this user.
Groups can be useful for various reasons. You might prefer to send notifications to groups instead of single users.
http_agent
string
Default:
"ansible-httpget"
Header to identify as, generally appears in web server logs.
imports
list / elements=string
Importable templates, add as many as you want.
Please note that order matters when importing properties from multiple templates - last one wins.
object_name
string / required
Name of the user.

aliases: name
pager
string
The pager address of the user.
period
string
The name of a time period which determines when notifications to this User should be triggered. Not set by default.
state
string
    Choices:
  • present ←
  • absent
Apply feature state.
url
string / required
HTTP, HTTPS, or FTP URL in the form (http|https|ftp)://[user[:pass]]@host.domain[:port]/path
url_password
string
The password for use in HTTP basic authentication.
If the url_username parameter is not specified, the url_password parameter will not be used.
url_username
string
The username for use in HTTP basic authentication.
This parameter can be used without url_password for sites that allow empty passwords
use_gssapi
boolean
added in 2.11 of ansible.builtin
    Choices:
  • no ←
  • yes
Use GSSAPI to perform the authentication, typically this is for Kerberos or Kerberos through Negotiate authentication.
Requires the Python library gssapi to be installed.
Credentials for GSSAPI can be specified with url_username/url_password or with the GSSAPI env var KRB5CCNAME that specified a custom Kerberos credential cache.
NTLM authentication is not supported even if the GSSAPI mech for NTLM has been installed.
use_proxy
boolean
    Choices:
  • no
  • yes ←
If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
validate_certs
boolean
    Choices:
  • no
  • yes ←
If no, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates.

Notes

Note

  • This module supports check mode.

Examples

- name: Create user
  t_systems_mms.icinga_director.icinga_user:
    state: present
    url: "{{ icinga_url }}"
    url_username: "{{ icinga_user }}"
    url_password: "{{ icinga_pass }}"
    object_name: "rb"
    display_name: "Rufbereitschaft"
    pager: 'SIP/emergency'
    period: '24/7'
    email: "[email protected]"
    imports:
      - foousertemplate
    groups:
      - onCall

Authors

  • Sebastian Gumprich (@rndmh3ro)