awx.awx.tower_token – create, update, or destroy Ansible Tower tokens.
awx.awx.tower_token – create, update, or destroy Ansible Tower tokens.
Note
This plugin is part of the awx.awx collection (version 14.1.0).
To install it use: ansible-galaxy collection install awx.awx
.
To use it in a playbook, specify: awx.awx.tower_token
.
New in version 2.3: of awx.awx
Synopsis
- Create or destroy Ansible Tower tokens. See https://www.ansible.com/tower for an overview.
- In addition, the module sets an Ansible fact which can be passed into other tower_* modules as the parameter tower_oauthtoken. See examples for usage.
- Because of the sensitive nature of tokens, the created token value is only available once through the Ansible fact. (See RETURN for details)
- Due to the nature of tokens in Tower this module is not idempotent. A second will with the same parameters will create a new token.
- If you are creating a temporary token for use with modules you should delete the token when you are done with it. See the example for how to do it.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
application string |
The application tied to this token. | |
description string |
Default: "" |
Optional description of this access token. |
existing_token dictionary |
The data structure produced from tower_token in create mode to be used with state absent. | |
existing_token_id string |
A token ID (number) which can be used to delete an arbitrary token with state absent. | |
scope string |
|
Allowed scopes, further restricts user's permissions. Must be a simple space-separated string with allowed scopes ['read', 'write']. |
state string |
|
Desired state of the resource. |
tower_config_file path |
Path to the Tower or AWX config file. If provided, the other locations for config files will not be considered. | |
tower_host string |
URL to your Tower or AWX instance. If value not set, will try environment variable If value not specified by any means, the value of | |
tower_oauthtoken raw added in 3.7 of awx.awx |
The Tower OAuth token to use. This value can be in one of two formats. A string which is the token itself. (i.e. bqV5txm97wqJqtkxlMkhQz0pKhRMMX) A dictionary structure as returned by the tower_token module. If value not set, will try environment variable | |
tower_password string |
Password for your Tower or AWX instance. If value not set, will try environment variable | |
tower_username string |
Username for your Tower or AWX instance. If value not set, will try environment variable | |
validate_certs boolean |
|
Whether to allow insecure connections to Tower or AWX. If This should only be used on personally controlled sites using self-signed certificates. If value not set, will try environment variable
|
Notes
Note
- If no config_file is provided we will attempt to use the tower-cli library defaults to find your Tower host information.
- config_file should contain Tower configuration in the following format host=hostname username=username password=password
Examples
- block:
- name: Create a new token using an existing token
tower_token:
description: '{{ token_description }}'
scope: "write"
state: present
tower_oauthtoken: "{{ my_existing_token }}"
- name: Delete this token
tower_token:
existing_token: "{{ tower_token }}"
state: absent
- name: Create a new token using username/password
tower_token:
description: '{{ token_description }}'
scope: "write"
state: present
tower_username: "{{ my_username }}"
tower_password: "{{ my_password }}"
- name: Use our new token to make another call
tower_job_list:
tower_oauthtoken: "{{ tower_token }}"
always:
- name: Delete our Token with the token we created
tower_token:
existing_token: "{{ tower_token }}"
state: absent
when: tower_token is defined
- name: Delete a token by its id
tower_token:
existing_token_id: 4
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description | |
---|---|---|---|
tower_token dictionary |
on successful create |
An Ansible Fact variable representing a Tower token object which can be used for auth in subsequent modules. See examples for usage.
| |
id string |
success |
The numeric ID of the token created
| |
token string |
success |
The token that was generated. This token can never be accessed again, make sure this value is noted before it is lost.
|
Authors
- John Westcott IV (@john-westcott-iv)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/awx/awx/tower_token_module.html