Note
This plugin is part of the community.grafana collection (version 1.1.0).
To install it use: ansible-galaxy collection install community.grafana
.
To use it in a playbook, specify: community.grafana.grafana_datasource
.
Parameter | Choices/Defaults | Comments |
---|---|---|
access string |
| The access mode for this datasource. |
additional_json_data dictionary | Default: {} | Defined data is used for datasource jsonData Data may be overridden by specifically defined parameters (like zabbix_user) |
additional_secure_json_data dictionary | Default: {} | Defined data is used for datasource secureJsonData Data may be overridden by specifically defined parameters (like tls_client_cert) Stored as secure data, see enforce_secure_data and notes! |
aws_access_key string | Default: "" | AWS access key for CloudWatch datasource type when aws_auth_type is keys
|
aws_assume_role_arn string | Default: "" | AWS IAM role arn to assume for CloudWatch datasource type when aws_auth_type is arn
|
aws_auth_type string |
| Type for AWS authentication for CloudWatch datasource type (authType of grafana api) |
aws_credentials_profile string | Default: "" | Profile for AWS credentials for CloudWatch datasource type when aws_auth_type is credentials
|
aws_custom_metrics_namespaces string | Default: "" | Namespaces of Custom Metrics for CloudWatch datasource type |
aws_default_region string |
| AWS default region for CloudWatch datasource type |
aws_secret_key string | Default: "" | AWS secret key for CloudWatch datasource type when aws_auth_type is keys
|
basic_auth_password string | The datasource basic auth password, when basic auth is yes . | |
basic_auth_user string | The datasource basic auth user. Setting this option with basic_auth_password will enable basic auth. | |
client_cert path | PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key as well, and if the key is included, client_key is not required | |
client_key path | PEM formatted file that contains your private key to be used for SSL client authentication. If client_cert contains both the certificate and key, this option is not required. | |
database string | Name of the database for the datasource. This options is required when the ds_type is influxdb , elasticsearch (index name), mysql or postgres . | |
ds_type string / required |
| The type of the datasource. |
ds_url string / required | The URL of the datasource. | |
enforce_secure_data boolean |
| Secure data is not updated per default (see notes!) To update secure data you have to enable this option! Enabling this, the task will always report changed=True |
es_version integer |
5 | Elasticsearch version (for ds_type = elasticsearch only)Version 56 is for elasticsearch 5.6+ where you can specify the max_concurrent_shard_requests option. |
grafana_api_key string | The Grafana API key. If set, url_username and url_password will be ignored. | |
interval string |
| For elasticsearch ds_type , this is the index pattern used. |
is_default boolean |
| Make this datasource the default one. |
max_concurrent_shard_requests integer | Default: 256 | Starting with elasticsearch 5.6, you can specify the max concurrent shard per requests. |
name string / required | The name of the datasource. | |
org_id integer | Default: 1 | Grafana Organisation ID in which the datasource should be created. Not used when grafana_api_key is set, because the grafana_api_key only belong to one organisation. |
password string | The datasource password. For encrypted password use additional_secure_json_data.password . | |
sslmode string |
| SSL mode for postgres datasource type. |
state string |
| Status of the datasource |
time_field string | Default: "@timestamp" | Name of the time field in elasticsearch ds. For example @timestamp . |
time_interval string | Minimum group by interval for influxdb or elasticsearch datasources.for example >10s . | |
tls_ca_cert string | The TLS CA certificate for self signed certificates. Only used when tls_client_cert and tls_client_key are set.Stored as secure data, see enforce_secure_data and notes! | |
tls_client_cert string | The client TLS certificate. If tls_client_cert and tls_client_key are set, this will enable TLS authentication.Starts with ----- BEGIN CERTIFICATE ----- Stored as secure data, see enforce_secure_data and notes! | |
tls_client_key string | The client TLS private key Starts with ----- BEGIN RSA PRIVATE KEY ----- Stored as secure data, see enforce_secure_data and notes! | |
tls_skip_verify boolean |
| Skip the TLS datasource certificate verification. |
trends boolean |
| Use trends or not for zabbix datasource type. |
tsdb_resolution string |
| The opentsdb time resolution. |
tsdb_version integer |
1 | The opentsdb version. Use 1 for <=2.1, 2 for ==2.2, 3 for ==2.3. |
url string / required | The Grafana URL. aliases: grafana_url | |
url_password string | Default: "admin" | The Grafana password for API authentication. aliases: grafana_password |
url_username string | Default: "admin" | The Grafana user for API authentication. aliases: grafana_user |
use_proxy boolean |
| If no , it will not use a proxy, even if one is defined in an environment variable on the target hosts. |
user string | The datasource login user for influxdb datasources. | |
validate_certs boolean |
| If no , SSL certificates will not be validated.This should only set to no used on personally controlled sites using self-signed certificates. |
with_credentials boolean |
| Whether credentials such as cookies or auth headers should be sent with cross-site requests. |
zabbix_password string | Password for Zabbix API | |
zabbix_user string | User for Zabbix API |
Note
enforce_secure_data
always reporting changed=True, you might just do one Task updating the datasource without any secure data and make a separate playbook/task also changing the secure data. This way it will not break any workflow.--- - name: Create elasticsearch datasource community.grafana.grafana_datasource: name: "datasource-elastic" grafana_url: "https://grafana.company.com" grafana_user: "admin" grafana_password: "xxxxxx" org_id: "1" ds_type: "elasticsearch" ds_url: "https://elastic.company.com:9200" database: "[logstash_]YYYY.MM.DD" basic_auth_user: "grafana" basic_auth_password: "******" time_field: "@timestamp" time_interval: "1m" interval: "Daily" es_version: 56 max_concurrent_shard_requests: 42 tls_ca_cert: "/etc/ssl/certs/ca.pem" - name: Create influxdb datasource community.grafana.grafana_datasource: name: "datasource-influxdb" grafana_url: "https://grafana.company.com" grafana_user: "admin" grafana_password: "xxxxxx" org_id: "1" ds_type: "influxdb" ds_url: "https://influx.company.com:8086" database: "telegraf" time_interval: ">10s" tls_ca_cert: "/etc/ssl/certs/ca.pem" - name: Create postgres datasource community.grafana.grafana_datasource: name: "datasource-postgres" grafana_url: "https://grafana.company.com" grafana_user: "admin" grafana_password: "xxxxxx" org_id: "1" ds_type: "postgres" ds_url: "postgres.company.com:5432" database: "db" user: "postgres" sslmode: "verify-full" additional_json_data: timescaledb: false additional_secure_json_data: password: "iampgroot" - name: Create cloudwatch datasource community.grafana.grafana_datasource: name: "datasource-cloudwatch" grafana_url: "https://grafana.company.com" grafana_user: "admin" grafana_password: "xxxxxx" org_id: "1" ds_type: "cloudwatch" ds_url: "http://monitoring.us-west-1.amazonaws.com" aws_auth_type: "keys" aws_default_region: "us-west-1" aws_access_key: "speakFriendAndEnter" aws_secret_key: "mel10n" aws_custom_metrics_namespaces: "n1,n2" - name: grafana - add thruk datasource community.grafana.grafana_datasource: name: "datasource-thruk" grafana_url: "https://grafana.company.com" grafana_user: "admin" grafana_password: "xxxxxx" org_id: "1" ds_type: "sni-thruk-datasource" ds_url: "https://thruk.company.com/sitename/thruk" basic_auth_user: "thruk-user" basic_auth_password: "******" # handle secure data - workflow example # this will create/update the datasource but dont update the secure data on updates # so you can assert if all tasks are changed=False - name: create prometheus datasource community.grafana.grafana_datasource: name: openshift_prometheus ds_type: prometheus ds_url: https://openshift-monitoring.company.com access: proxy tls_skip_verify: true additional_json_data: httpHeaderName1: "Authorization" additional_secure_json_data: httpHeaderValue1: "Bearer ihavenogroot" # in a separate task or even play you then can force to update # and assert if each datasource is reporting changed=True - name: update prometheus datasource community.grafana.grafana_datasource: name: openshift_prometheus ds_type: prometheus ds_url: https://openshift-monitoring.company.com access: proxy tls_skip_verify: true additional_json_data: httpHeaderName1: "Authorization" additional_secure_json_data: httpHeaderValue1: "Bearer ihavenogroot" enforce_secure_data: true
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
datasource dictionary | changed | datasource created/updated by module Sample: {'access': 'proxy', 'basicAuth': False, 'database': 'test_*', 'id': 1035, 'isDefault': False, 'jsonData': {'esVersion': 5, 'timeField': '@timestamp', 'timeInterval': '10s'}, 'name': 'grafana_datasource_test', 'orgId': 1, 'password': '', 'secureJsonFields': {'JustASecureTest': True}, 'type': 'elasticsearch', 'url': 'http://elastic.company.com:9200', 'user': '', 'withCredentials': False} |
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/community/grafana/grafana_datasource_module.html