Docs4dev
Docs
ansible / 2.10 / collections / ngine_io / cloudstack / cs_account_module.html

ngine_io.cloudstack.cs_account – Manages accounts on Apache CloudStack based clouds.

Note

This plugin is part of the ngine_io.cloudstack collection (version 1.1.0).

To install it use: ansible-galaxy collection install ngine_io.cloudstack.

To use it in a playbook, specify: ngine_io.cloudstack.cs_account.

New in version 0.1.0: of ngine_io.cloudstack

Synopsis

  • Create, disable, lock, enable and remove accounts.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6
  • cs >= 0.9.0

Parameters

Parameter Choices/Defaults Comments
account_type
string
    Choices:
  • user
  • root_admin
  • domain_admin
Type of the account.
api_http_method
string
    Choices:
  • get
  • post
HTTP method used to query the API endpoint.
If not given, the CLOUDSTACK_METHOD env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is get if not specified.
api_key
string
API key of the CloudStack API.
If not given, the CLOUDSTACK_KEY env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
api_region
string
Default:
"cloudstack"
Name of the ini section in the cloustack.ini file.
If not given, the CLOUDSTACK_REGION env variable is considered.
api_secret
string
Secret key of the CloudStack API.
If not set, the CLOUDSTACK_SECRET env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
api_timeout
integer
HTTP timeout in seconds.
If not given, the CLOUDSTACK_TIMEOUT env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is 10 seconds if not specified.
api_url
string
URL of the CloudStack API e.g. https://cloud.example.com/client/api.
If not given, the CLOUDSTACK_ENDPOINT env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
api_verify_ssl_cert
string
CA authority cert file.
If not given, the CLOUDSTACK_VERIFY env variable is considered.
As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is null if not specified.
domain
string
Default:
"ROOT"
Domain the account is related to.
email
string
Email of the user to be created if account did not exist.
Required on state=present if ldap_domain is not set.
first_name
string
First name of the user to be created if account did not exist.
Required on state=present if ldap_domain is not set.
last_name
string
Last name of the user to be created if account did not exist.
Required on state=present if ldap_domain is not set.
ldap_domain
string
Name of the LDAP group or OU to bind.
If set, account will be linked to LDAP.
ldap_type
string
    Choices:
  • GROUP
  • OU
Type of the ldap name. GROUP or OU, defaults to GROUP.
name
string / required
Name of account.
network_domain
string
Network domain of the account.
password
string
Password of the user to be created if account did not exist.
Required on state=present if ldap_domain is not set.
poll_async
boolean
    Choices:
  • no
  • yes
Poll async jobs until job has finished.
role
string
Creates the account under the specified role name or id.
state
string
    Choices:
  • present
  • absent
  • enabled
  • disabled
  • locked
  • unlocked
State of the account.
unlocked is an alias for enabled.
timezone
string
Timezone of the user to be created if account did not exist.
username
string
Username of the user to be created if account did not exist.
Required on state=present.

Notes

Note

  • Ansible uses the cs library’s configuration method if credentials are not provided by the arguments api_url, api_key, api_secret. Configuration is read from several locations, in the following order. The CLOUDSTACK_ENDPOINT, CLOUDSTACK_KEY, CLOUDSTACK_SECRET and CLOUDSTACK_METHOD. CLOUDSTACK_TIMEOUT environment variables. A CLOUDSTACK_CONFIG environment variable pointing to an .ini file. A cloudstack.ini file in the current working directory. A .cloudstack.ini file in the users home directory. Optionally multiple credentials and endpoints can be specified using ini sections in cloudstack.ini. Use the argument api_region to select the section name, default section is cloudstack. See https://github.com/exoscale/cs for more information.
  • A detailed guide about cloudstack modules can be found in the CloudStack Cloud Guide.
  • This module supports check mode.

Examples

- name: create an account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    username: customer_xy
    password: S3Cur3
    last_name: Doe
    first_name: John
    email: john.doe@example.com
    domain: CUSTOMERS
    role: Domain Admin

- name: Lock an existing account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    domain: CUSTOMERS
    state: locked

- name: Disable an existing account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    domain: CUSTOMERS
    state: disabled

- name: Enable an existing account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    domain: CUSTOMERS
    state: enabled

- name: Remove an account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    domain: CUSTOMERS
    state: absent

- name: Create a single user LDAP account in domain 'CUSTOMERS'
  ngine_io.cloudstack.cs_account:
    name: customer_xy
    username: customer_xy
    domain: CUSTOMERS
    ldap_domain: cn=customer_xy,cn=team_xy,ou=People,dc=domain,dc=local

- name: Create a LDAP account in domain 'CUSTOMERS' and bind it to a LDAP group
  ngine_io.cloudstack.cs_account:
    name: team_xy
    username: customer_xy
    domain: CUSTOMERS
    ldap_domain: cn=team_xy,ou=People,dc=domain,dc=local

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
account_type
string
success
Type of the account.

Sample:
user
domain
string
success
Domain the account is related.

Sample:
ROOT
id
string
success
UUID of the account.

Sample:
87b1e0ce-4e01-11e4-bb66-0050569e64b8
name
string
success
Name of the account.

Sample:
linus@example.com
network_domain
string
success
Network domain of the account.

Sample:
example.local
role
string
success
The role name of the account

Sample:
Domain Admin
state
string
success
State of the account.

Sample:
enabled


Authors

  • René Moser (@resmo)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/ngine_io/cloudstack/cs_account_module.html