New in version 2.6.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
api_http_method
string
|
|
HTTP method used to query the API endpoint.
If not given, the
CLOUDSTACK_METHOD env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is
get if not specified. |
api_key
string
|
API key of the CloudStack API.
If not given, the
CLOUDSTACK_KEY env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
|
|
api_region
string
|
Default: "cloudstack"
|
Name of the ini section in the
cloustack.ini file.If not given, the
CLOUDSTACK_REGION env variable is considered. |
api_secret
string
|
Secret key of the CloudStack API.
If not set, the
CLOUDSTACK_SECRET env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
|
|
api_timeout
integer
|
HTTP timeout in seconds.
If not given, the
CLOUDSTACK_TIMEOUT env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is 10 seconds if not specified.
|
|
api_url
string
|
URL of the CloudStack API e.g. https://cloud.example.com/client/api.
If not given, the
CLOUDSTACK_ENDPOINT env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
|
|
description
string
|
The description of the role permission.
|
|
name
string
/ required
|
The API name of the permission.
|
|
parent
string
|
The parent role permission uuid. use 0 to move this rule at the top of the list.
|
|
permission
string
|
|
The rule permission, allow or deny. Defaulted to deny.
|
role
string
/ required
|
Name or ID of the role.
|
|
state
string
|
|
State of the role permission.
|
Note
cs
library’s configuration method if credentials are not provided by the arguments api_url
, api_key
, api_secret
. Configuration is read from several locations, in the following order. The CLOUDSTACK_ENDPOINT
, CLOUDSTACK_KEY
, CLOUDSTACK_SECRET
and CLOUDSTACK_METHOD
. CLOUDSTACK_TIMEOUT
environment variables. A CLOUDSTACK_CONFIG
environment variable pointing to an .ini
file. A cloudstack.ini
file in the current working directory. A .cloudstack.ini
file in the users home directory. Optionally multiple credentials and endpoints can be specified using ini sections in cloudstack.ini
. Use the argument api_region
to select the section name, default section is cloudstack
. See https://github.com/exoscale/cs for more information.- name: Create a role permission
cs_role_permission:
role: My_Custom_role
name: createVPC
permission: allow
description: My comments
delegate_to: localhost
- name: Remove a role permission
cs_role_permission:
state: absent
role: My_Custom_role
name: createVPC
delegate_to: localhost
- name: Update a system role permission
cs_role_permission:
role: Domain Admin
name: createVPC
permission: deny
delegate_to: localhost
- name: Update rules order. Move the rule at the top of list
cs_role_permission:
role: Domain Admin
name: createVPC
parent: 0
delegate_to: localhost
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
description
string
|
success |
The description of the role permission
Sample:
Deny createVPC for users
|
id
string
|
success |
The ID of the role permission.
Sample:
a6f7a5fc-43f8-11e5-a151-feff819cdc9f
|
name
string
|
success |
The API name of the permission.
Sample:
createVPC
|
permission
string
|
success |
The permission type of the api name.
Sample:
allow
|
role_id
string
|
success |
The ID of the role to which the role permission belongs.
Sample:
c6f7a5fc-43f8-11e5-a151-feff819cdc7f
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.