ovirt_users - Module to manage users in oVirt/RHV

New in version 2.3.

Synopsis

  • Module to manage users in oVirt/RHV.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.7
  • ovirt-engine-sdk-python >= 4.2.4

Parameters

Parameter Choices/Defaults Comments
auth
required
Dictionary with values needed to create HTTP/HTTPS connection to oVirt:
username[required] - The name of the user, something like admin@internal. Default value is set by OVIRT_USERNAME environment variable.
password[required] - The password of the user. Default value is set by OVIRT_PASSWORD environment variable.
url - A string containing the API URL of the server, usually something like `https://server.example.com/ovirt-engine/api`. Default value is set by OVIRT_URL environment variable. Either url or hostname is required.
hostname - A string containing the hostname of the server, usually something like `server.example.com`. Default value is set by OVIRT_HOSTNAME environment variable. Either url or hostname is required.
token - Token to be used instead of login with username/password. Default value is set by OVIRT_TOKEN environment variable.
insecure - A boolean flag that indicates if the server TLS certificate and host name should be checked.
ca_file - A PEM file containing the trusted CA certificates. The certificate presented by the server will be verified using these CA certificates. If `ca_file` parameter is not set, system wide CA certificate store is used. Default value is set by OVIRT_CAFILE environment variable.
kerberos - A boolean flag indicating if Kerberos authentication should be used instead of the default basic authentication.
headers - Dictionary of HTTP headers to be added to each API call.
authz_name
required
Authorization provider of the user. In previous versions of oVirt/RHV known as domain.

aliases: domain
fetch_nested
(added in 2.3)
If True the module will fetch additional data from the API.
It will fetch IDs of the VMs disks, snapshots, etc. User can configure to fetch other attributes of the nested entities by specifying nested_attributes.
name
required
Name of the user to manage. In most LDAPs it's uid of the user, but in Active Directory you must specify UPN of the user.
nested_attributes
(added in 2.3)
Specifies list of the attributes which should be fetched from the API.
This parameter apply only when fetch_nested is true.
poll_interval Default:
3
Number of the seconds the module waits until another poll request on entity status is sent.
state
    Choices:
  • present
  • absent
Should the user be present/absent.
timeout Default:
180
The amount of time in seconds the module should wait for the instance to get into desired state.
wait
True if the module should wait for the entity to get into desired state.

Notes

Note

  • In order to use this module you have to install oVirt Python SDK. To ensure it’s installed with correct version you can create the following task: pip: name=ovirt-engine-sdk-python version=4.2.4

Examples

# Examples don't contain auth parameter for simplicity,
# look at ovirt_auth module to see how to reuse authentication:

# Add user user1 from authorization provider example.com-authz
- ovirt_users:
    name: user1
    domain: example.com-authz

# Add user user1 from authorization provider example.com-authz
# In case of Active Directory specify UPN:
- ovirt_users:
    name: [email protected]
    domain: example.com-authz

# Remove user user1 with authorization provider example.com-authz
- ovirt_users:
    state: absent
    name: user1
    authz_name: example.com-authz

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
id
str
On success if user is found.
ID of the user which is managed

Sample:
7de90f31-222c-436c-a1ca-7e655bd5b60c
user
dict
On success if user is found.
Dictionary of all the user attributes. User attributes can be found on your oVirt/RHV instance at following url: http://ovirt.github.io/ovirt-engine-api-model/master/#types/user.



Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author

  • Ondra Machacek (@machacekondra)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/modules/ovirt_users_module.html