tower_credential – create, update, or destroy Ansible Tower credential.

From Get docs
Ansible/docs/2.7/modules/tower credential module


tower_credential – create, update, or destroy Ansible Tower credential.

New in version 2.3.


Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • ansible-tower-cli >= 3.0.2

Parameters

Parameter Choices/Defaults Comments

authorize

boolean

  • no

  • yes

Should use authorize for net type.

authorize_password

-

Password for net credentials that require authorize.

become_method

-

  • None
  • sudo
  • su
  • pbrun
  • pfexec
  • pmrun

Become method to Use for privledge escalation.

become_password

-

Become password. Use ASK for prompting.

become_username

-

Become username. Use ASK for prompting.

client

-

Default:

null

Client or application ID for azure_rm type.

description

-

The description to use for the credential.

domain

-

Domain for openstack type.

host

-

Host for this credential.

kind

- / required

  • ssh
  • vault
  • net
  • scm
  • aws
  • vmware
  • satellite6
  • cloudforms
  • gce
  • azure_rm
  • openstack
  • rhv
  • insights
  • tower

Type of credential being added. The ssh choice refers to a Tower Machine credential.

name

- / required

The name to use for the credential.

organization

- / required

Organization that should own the credential.

password

-

Password for this credential. Use ASK for prompting. secret_key for AWS. api_key for RAX.

project

-

Project that should for this credential.

secret

-

Secret token for azure_rm type.

security_token

-

added in 2.6

Default:

null

STS token for aws type.

ssh_key_data

-

Path to SSH private key.

ssh_key_unlock

-

Unlock password for ssh_key. Use ASK for prompting.

state

-

  • present

  • absent

Desired state of the resource.

subscription

-

Subscription ID for azure_rm type.

team

-

Team that should own this credential.

tenant

-

Tenant ID for azure_rm type.

tower_config_file

-

Path to the Tower config file. See notes.

tower_host

-

URL to your Tower instance.

tower_password

-

Password for your Tower instance.

tower_username

-

Username for your Tower instance.

tower_verify_ssl

boolean

  • no
  • yes

Dis/allow insecure connections to Tower. If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

user

-

User that should own this credential.

username

-

Username for this credential. access_key for AWS.

vault_password

-

Vault password. Use ASK for prompting.



Notes

Note

  • If no config_file is provided we will attempt to use the tower-cli library defaults to find your Tower host information.
  • config_file should contain Tower configuration in the following format host=hostname username=username password=password


Examples

- name: Add tower credential
  tower_credential:
    name: Team Name
    description: Team Description
    organization: test-org
    kind: ssh
    state: present
    tower_config_file: "~/tower_cli.cfg"

- name: Create a valid SCM credential from a private_key file
  tower_credential:
    name: SCM Credential
    organization: Default
    state: present
    kind: scm
    username: joe
    password: secret
    ssh_key_data: "{{ lookup('file', '/tmp/id_rsa') }}"
    ssh_key_unlock: "passphrase"

- name: Add Credential Into Tower
  tower_credential:
    name: Workshop Credential
    ssh_key_data: "/home/{{ansible_user}}/.ssh/aws-private.pem"
    kind: ssh
    organization: Default
    tower_username: admin
    tower_password: ansible
    tower_host: https://localhost
  run_once: true
  delegate_to: localhost

Status

Authors

  • Wayne Witzel III (@wwitzel3)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/tower_credential_module.html