awx.awx.tower_token – create, update, or destroy Ansible Tower tokens.
Note
This plugin is part of the awx.awx collection (version 17.0.1).
To install it use: ansible-galaxy collection install awx.awx.
To use it in a playbook, specify: awx.awx.tower_token.
New in version 2.3: of awx.awx
Synopsis
- Create or destroy Ansible Tower tokens. See https://www.ansible.com/tower for an overview.
- In addition, the module sets an Ansible fact which can be passed into other tower_* modules as the parameter tower_oauthtoken. See examples for usage.
- Because of the sensitive nature of tokens, the created token value is only available once through the Ansible fact. (See RETURN for details)
- Due to the nature of tokens in Tower this module is not idempotent. A second will with the same parameters will create a new token.
- If you are creating a temporary token for use with modules you should delete the token when you are done with it. See the example for how to do it.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| application
string
|
The application tied to this token.
|
|
| description
string
|
Default:
""
|
Optional description of this access token.
|
| existing_token
dictionary
|
The data structure produced from tower_token in create mode to be used with state absent.
|
|
| existing_token_id
string
|
A token ID (number) which can be used to delete an arbitrary token with state absent.
|
|
| scope
string
|
|
Allowed scopes, further restricts user's permissions. Must be a simple space-separated string with allowed scopes ['read', 'write'].
|
| state
string
|
|
Desired state of the resource.
|
| tower_config_file
path
|
Path to the Tower or AWX config file.
If provided, the other locations for config files will not be considered.
|
|
| tower_host
string
|
URL to your Tower or AWX instance.
If value not set, will try environment variable
TOWER_HOST and then config files
If value not specified by any means, the value of 127.0.0.1 will be used
|
|
| tower_oauthtoken
raw
added in 3.7 of awx.awx
|
The Tower OAuth token to use.
This value can be in one of two formats.
A string which is the token itself. (i.e. bqV5txm97wqJqtkxlMkhQz0pKhRMMX)
A dictionary structure as returned by the tower_token module.
If value not set, will try environment variable TOWER_OAUTH_TOKEN and then config files
|
|
| tower_password
string
|
Password for your Tower or AWX instance.
If value not set, will try environment variable TOWER_PASSWORD and then config files
|
|
| tower_username
string
|
Username for your Tower or AWX instance.
If value not set, will try environment variable TOWER_USERNAME and then config files
|
|
| validate_certs
boolean
|
|
Whether to allow insecure connections to Tower or AWX.
If
no, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates.
If value not set, will try environment variable
TOWER_VERIFY_SSL and then config files
aliases: tower_verify_ssl |
Notes
Note
- If no config_file is provided we will attempt to use the tower-cli library defaults to find your Tower host information.
- config_file should contain Tower configuration in the following format host=hostname username=username password=password
Examples
- block:
- name: Create a new token using an existing token
tower_token:
description: '{{ token_description }}'
scope: "write"
state: present
tower_oauthtoken: "{{ my_existing_token }}"
- name: Delete this token
tower_token:
existing_token: "{{ tower_token }}"
state: absent
- name: Create a new token using username/password
tower_token:
description: '{{ token_description }}'
scope: "write"
state: present
tower_username: "{{ my_username }}"
tower_password: "{{ my_password }}"
- name: Use our new token to make another call
tower_job_list:
tower_oauthtoken: "{{ tower_token }}"
always:
- name: Delete our Token with the token we created
tower_token:
existing_token: "{{ tower_token }}"
state: absent
when: tower_token is defined
- name: Delete a token by its id
tower_token:
existing_token_id: 4
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description | |
|---|---|---|---|
| tower_token
dictionary
|
on successful create |
An Ansible Fact variable representing a Tower token object which can be used for auth in subsequent modules. See examples for usage.
|
|
| id
string
|
success |
The numeric ID of the token created
|
|
| token
string
|
success |
The token that was generated. This token can never be accessed again, make sure this value is noted before it is lost.
|
|
Authors
- John Westcott IV (@john-westcott-iv)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/awx/awx/tower_token_module.html