community.general.manageiq_policies module – Management of resource policy_profiles in ManageIQ

Note

This module is part of the community.general collection (version 9.4.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: community.general.manageiq_policies.

Synopsis

  • The manageiq_policies module supports adding and deleting policy_profiles in ManageIQ.

Requirements

The below requirements are needed on the host that executes this module.

Parameters

Parameter

Comments

manageiq_connection

dictionary

ManageIQ connection configuration information.

ca_cert

aliases: ca_bundle_path

string

The path to a CA bundle file or directory with certificates.

password

string

ManageIQ password. MIQ_PASSWORD environment variable if set. Otherwise, required if no token is passed in.

token

string

ManageIQ token. MIQ_TOKEN environment variable if set. Otherwise, required if no username or password is passed in.

url

string

ManageIQ environment URL. MIQ_URL environment variable if set. Otherwise, it is required to pass it.

username

string

ManageIQ username. MIQ_USERNAME environment variable if set. Otherwise, required if no token is passed in.

validate_certs

aliases: verify_ssl

boolean

Whether SSL certificates should be verified for HTTPS requests.

Choices:

  • false

  • true ← (default)

policy_profiles

list / elements=dictionary

List of dictionaries, each includes the policy_profile name key.

Required if state is present or absent.

resource_id

integer

added in community.general 2.2.0

The ID of the resource to which the profile should be [un]assigned.

Must be specified if resource_name is not set. Both options are mutually exclusive.

resource_name

string

The name of the resource to which the profile should be [un]assigned.

Must be specified if resource_id is not set. Both options are mutually exclusive.

resource_type

string / required

The type of the resource to which the profile should be [un]assigned.

Choices:

  • "provider"

  • "host"

  • "vm"

  • "blueprint"

  • "category"

  • "cluster"

  • "data store"

  • "group"

  • "resource pool"

  • "service"

  • "service template"

  • "template"

  • "tenant"

  • "user"

state

string

absent - policy_profiles should not exist,

present - policy_profiles should exist,

Choices:

  • "absent"

  • "present" ← (default)

Attributes

Attribute

Support

Description

check_mode

Support: none

Can run in check_mode and return changed status prediction without modifying target.

diff_mode

Support: none

Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode.

Examples

- name: Assign new policy_profile for a provider in ManageIQ
  community.general.manageiq_policies:
    resource_name: 'EngLab'
    resource_type: 'provider'
    policy_profiles:
      - name: openscap profile
    manageiq_connection:
      url: 'http://127.0.0.1:3000'
      username: 'admin'
      password: 'smartvm'
      validate_certs: false  # only do this when you trust the network!

- name: Unassign a policy_profile for a provider in ManageIQ
  community.general.manageiq_policies:
    state: absent
    resource_name: 'EngLab'
    resource_type: 'provider'
    policy_profiles:
      - name: openscap profile
    manageiq_connection:
      url: 'http://127.0.0.1:3000'
      username: 'admin'
      password: 'smartvm'
      validate_certs: false  # only do this when you trust the network!

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

manageiq_policies

dictionary

List current policy_profile and policies for a provider in ManageIQ

Returned: always

Sample: {"changed": false, "profiles": [{"policies": [{"active": true, "description": "OpenSCAP", "name": "openscap policy"}, {"active": true, "description": "Analyse incoming container images", "name": "analyse incoming container images"}, {"active": true, "description": "Schedule compliance after smart state analysis", "name": "schedule compliance after smart state analysis"}], "profile_description": "OpenSCAP profile", "profile_name": "openscap profile"}]}

Authors

  • Daniel Korn (@dkorn)