New in version 2.6.
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| api_http_method |
|
HTTP method used to query the API endpoint.
If not given, the
CLOUDSTACK_METHOD env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is
get if not specified. |
| api_key |
API key of the CloudStack API.
If not given, the
CLOUDSTACK_KEY env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
|
|
| api_region |
Default: cloudstack
|
Name of the ini section in the
cloustack.ini file.If not given, the
CLOUDSTACK_REGION env variable is considered. |
| api_secret |
Secret key of the CloudStack API.
If not set, the
CLOUDSTACK_SECRET env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
|
|
| api_timeout |
HTTP timeout in seconds.
If not given, the
CLOUDSTACK_TIMEOUT env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
Fallback value is 10 seconds if not specified.
|
|
| api_url |
URL of the CloudStack API e.g. https://cloud.example.com/client/api.
If not given, the
CLOUDSTACK_ENDPOINT env variable is considered.As the last option, the value is taken from the ini config file, also see the notes.
|
|
| description |
The description of the role permission.
|
|
|
name
required |
The API name of the permission.
|
|
| parent |
The parent role permission uuid. use 0 to move this rule at the top of the list.
|
|
| permission |
|
The rule permission, allow or deny. Defaulted to deny.
|
|
role
required |
Name or ID of the role.
|
|
| state |
|
State of the role permission.
|
Note
cs library’s configuration method if credentials are not provided by the arguments api_url, api_key, api_secret. Configuration is read from several locations, in the following order. The CLOUDSTACK_ENDPOINT, CLOUDSTACK_KEY, CLOUDSTACK_SECRET and CLOUDSTACK_METHOD. CLOUDSTACK_TIMEOUT environment variables. A CLOUDSTACK_CONFIG environment variable pointing to an .ini file. A cloudstack.ini file in the current working directory. A .cloudstack.ini file in the users home directory. Optionally multiple credentials and endpoints can be specified using ini sections in cloudstack.ini. Use the argument api_region to select the section name, default section is cloudstack. See https://github.com/exoscale/cs for more information.# Create a role permission
- local_action:
module: cs_role_permission
role: "My_Custom_role"
name: "createVPC"
permission: "allow"
description: "My comments"
# Remove a role permission
- local_action:
module: cs_role_permission
state: absent
role: "My_Custom_role"
name: "createVPC"
# Update a system role permission
- local_action:
module: cs_role_permission
role: "Domain Admin"
name: "createVPC"
permission: "deny"
# Update rules order. Move the rule at the top of list
- local_action:
module: cs_role_permission
role: "Domain Admin"
name: "createVPC"
parent: 0
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
|
description
string
|
success |
The description of the role permission
Sample:
Deny createVPC for users
|
|
id
string
|
success |
The ID of the role permission.
Sample:
a6f7a5fc-43f8-11e5-a151-feff819cdc9f
|
|
name
string
|
success |
The API name of the permission.
Sample:
createVPC
|
|
permission
string
|
success |
The permission type of the api name.
Sample:
allow
|
|
role_id
string
|
success |
The ID of the role to which the role permission belongs.
Sample:
c6f7a5fc-43f8-11e5-a151-feff819cdc7f
|
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Hint
If you notice any issues in this documentation you can edit this document to improve it.