community.general.nomad_token module – Manage Nomad ACL tokens

Note

This module is part of the community.general collection (version 9.4.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: community.general.nomad_token.

New in community.general 8.1.0

Synopsis

  • This module allows to create Bootstrap tokens, create ACL tokens, update ACL tokens, and delete ACL tokens.

Requirements

The below requirements are needed on the host that executes this module.

  • python-nomad

Parameters

Parameter

Comments

client_cert

path

Path of certificate for TLS/SSL.

client_key

path

Path of certificate’s private key for TLS/SSL.

global_replicated

boolean

Indicates whether or not the token was created with the --global.

Choices:

  • false ← (default)

  • true

host

string / required

FQDN of Nomad server.

name

string

Name of ACL token to create.

namespace

string

Namespace for Nomad.

policies

list / elements=string

A list of the policies assigned to the token.

Default: []

port

integer

added in community.general 8.0.0

Port of Nomad server.

Default: 4646

state

string / required

Create or remove ACL token.

Choices:

  • "present"

  • "absent"

timeout

integer

Timeout (in seconds) for the request to Nomad.

Default: 5

token

string

ACL token for authentication.

token_type

string

The type of the token can be client, management, or bootstrap.

Choices:

  • "client" ← (default)

  • "management"

  • "bootstrap"

use_ssl

boolean

Use TLS/SSL connection.

Choices:

  • false

  • true ← (default)

validate_certs

boolean

Enable TLS/SSL certificate validation.

Choices:

  • false

  • true ← (default)

Attributes

Attribute

Support

Description

check_mode

Support: none

Can run in check_mode and return changed status prediction without modifying target.

diff_mode

Support: none

Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode.

See Also

See also

Nomad ACL documentation

Complete documentation for Nomad API ACL.

Examples

- name: Create boostrap token
  community.general.nomad_token:
    host: localhost
    token_type: bootstrap
    state: present

- name: Create ACL token
  community.general.nomad_token:
    host: localhost
    name: "Dev token"
    token_type: client
    policies:
        - readonly
    global_replicated: false
    state: absent

- name: Update ACL token Dev token
  community.general.nomad_token:
    host: localhost
    name: "Dev token"
    token_type: client
    policies:
        - readonly
        - devpolicy
    global_replicated: false
    state: absent

- name: Delete ACL token
  community.general.nomad_token:
    host: localhost
    name: "Dev token"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

result

dictionary

Result returned by nomad.

Returned: always

Sample: {"accessor_id": "0d01c55f-8d63-f832-04ff-1866d4eb594e", "create_index": 14, "create_time": "2023-11-12T18:48:34.248857001Z", "expiration_time": null, "expiration_ttl": "", "global": true, "hash": "eSn8H8RVqh8As8WQNnC2vlBRqXy6DECogc5umzX0P30=", "modify_index": 836, "name": "devs", "policies": ["readonly"], "roles": null, "secret_id": "12e878ab-e1f6-e103-b4c4-3b5173bb4cea", "type": "client"}

Authors

  • Pedro Nascimento (@apecnascimento)