Note
This plugin is part of the awx.awx collection.
To install it use: ansible-galaxy collection install awx.awx
.
To use it in a playbook, specify: awx.awx.tower_credential
.
Parameter | Choices/Defaults | Comments |
---|---|---|
authorize boolean |
| Should use authorize for net type. Deprecated, please use inputs |
authorize_password string | Password for net credentials that require authorize. Deprecated, please use inputs | |
become_method string | Become method to use for privilege escalation. Some examples are "None", "sudo", "su", "pbrun" Due to become plugins, these can be arbitrary Deprecated, please use inputs | |
become_password string | Become password. Use "ASK" and launch in Tower to be prompted. Deprecated, please use inputs | |
become_username string | Become username. Use "ASK" and launch in Tower to be prompted. Deprecated, please use inputs | |
client string | Client or application ID for azure_rm type. Deprecated, please use inputs | |
credential_type string | Name of credential type. Will be preferred over kind | |
description string | The description to use for the credential. | |
domain string | Domain for openstack type. Deprecated, please use inputs | |
host string | Host for this credential. Deprecated, will be removed in a future release | |
inputs dictionary | Credential inputs where the keys are var names used in templating. Refer to the Ansible Tower documentation for example syntax. Any fields in this dict will take prescedence over any fields mentioned below (i.e. host, username, etc) | |
kind string |
| Type of credential being added. The ssh choice refers to a Tower Machine credential. Deprecated, please use credential_type |
name string / required | The name to use for the credential. | |
new_name string | Setting this option will change the existing name (looked up via the name field. | |
organization string | Organization that should own the credential. | |
password string | Password for this credential. ``secret_key`` for AWS. ``api_key`` for RAX. Use "ASK" and launch in Tower to be prompted. Deprecated, please use inputs | |
project string | Project that should use this credential for GCP. Deprecated, will be removed in a future release | |
secret string | Secret token for azure_rm type. Deprecated, please use inputs | |
security_token string | STS token for aws type. Deprecated, please use inputs | |
ssh_key_data string | SSH private key content. To extract the content from a file path, use the lookup function (see examples). Deprecated, please use inputs | |
ssh_key_unlock string | Unlock password for ssh_key. Use "ASK" and launch in Tower to be prompted. Deprecated, please use inputs | |
state string |
| Desired state of the resource. |
subscription string | Subscription ID for azure_rm type. Deprecated, please use inputs | |
team string | Team that should own this credential. | |
tenant string | Tenant ID for azure_rm type. Deprecated, please use inputs | |
tower_config_file path | Path to the Tower or AWX config file. If provided, the other locations for config files will not be considered. | |
tower_host string | URL to your Tower or AWX instance. If value not set, will try environment variable TOWER_HOST and then config filesIf value not specified by any means, the value of 127.0.0.1 will be used | |
tower_oauthtoken raw added in 3.7 of awx.awx | The Tower OAuth token to use. This value can be in one of two formats. A string which is the token itself. (i.e. bqV5txm97wqJqtkxlMkhQz0pKhRMMX) A dictionary structure as returned by the tower_token module. If value not set, will try environment variable TOWER_OAUTH_TOKEN and then config files | |
tower_password string | Password for your Tower or AWX instance. If value not set, will try environment variable TOWER_PASSWORD and then config files | |
tower_username string | Username for your Tower or AWX instance. If value not set, will try environment variable TOWER_USERNAME and then config files | |
user string | User that should own this credential. | |
username string | Username for this credential. ``access_key`` for AWS. Deprecated, please use inputs | |
validate_certs boolean |
| Whether to allow insecure connections to Tower or AWX. If no , SSL certificates will not be validated.This should only be used on personally controlled sites using self-signed certificates. If value not set, will try environment variable TOWER_VERIFY_SSL and then config filesaliases: tower_verify_ssl |
vault_id string | Vault identifier. This parameter is only valid if kind is specified as vault .Deprecated, please use inputs | |
vault_password string | Vault password. Use "ASK" and launch in Tower to be prompted. Deprecated, please use inputs |
Note
inputs
and the other deprecated fields (such as tenant
) are replacements of existing values. See the last 4 examples for details.- name: Add tower machine credential tower_credential: name: Team Name description: Team Description organization: test-org credential_type: Machine state: present tower_config_file: "~/tower_cli.cfg" - name: Create a valid SCM credential from a private_key file tower_credential: name: SCM Credential organization: Default state: present credential_type: Source Control inputs: username: joe password: secret ssh_key_data: "{{ lookup('file', '/tmp/id_rsa') }}" ssh_key_unlock: "passphrase" - name: Fetch private key slurp: src: '$HOME/.ssh/aws-private.pem' register: aws_ssh_key - name: Add Credential Into Tower tower_credential: name: Workshop Credential credential_type: Machine organization: Default inputs: ssh_key_data: "{{ aws_ssh_key['content'] | b64decode }}" run_once: true delegate_to: localhost - name: Add Credential with Custom Credential Type tower_credential: name: Workshop Credential credential_type: MyCloudCredential organization: Default tower_username: admin tower_password: ansible tower_host: https://localhost - name: Create a Vaiult credential (example for notes) tower_credential: name: Example password credential_type: Vault organization: Default inputs: vault_password: 'hello' vault_id: 'My ID' - name: Bad password update (will replace vault_id) tower_credential: name: Example password credential_type: Vault organization: Default inputs: vault_password: 'new_password' - name: Another bad password update (will replace vault_id) tower_credential: name: Example password credential_type: Vault organization: Default vault_password: 'new_password' - name: A safe way to update a password and keep vault_id tower_credential: name: Example password credential_type: Vault organization: Default inputs: vault_password: 'new_password' vault_id: 'My ID'
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/awx/awx/tower_credential_module.html