cloudera.cluster.user module – Create, delete or update users within Cloudera Manager

Note

This module is part of the cloudera.cluster collection (version 5.0.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cloudera.cluster. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cloudera.cluster.user.

New in cloudera.cluster 4.4.0

Synopsis

  • Creates a user with specified authorization roles in Cloudera Manager, or updates roles for an existing user.

  • Supports purging roles or adding new roles to the existing list.

  • Enables the deletion of a user along with its associated roles if desired.

Requirements

The below requirements are needed on the host that executes this module.

  • cm_client

Parameters

Parameter

Comments

account_name

string / required

The name of the user account to be managed.

account_password

string

The password for the account.

Required when creating a new account.

purge

boolean

When set to True, ensures that roles not listed in roles are removed from the account.

Choices:

  • false ← (default)

  • true

roles

aliases: auth_roles

list / elements=string

A list of authentication roles associated with the account.

Existing roles are preserved unless purge is set to True.

state

string

Controls the desired state of the account.

present ensures the account exists with the specified parameters.

absent deletes the account and its associated roles.

Choices:

  • "present" ← (default)

  • "absent"

Examples

- name: Create new Administrator user
  cloudera.cluster.user:
    host: example.cloudera.com
    port: "7180"
    username: "jane_smith"
    password: "S&peR4Ec*re"
    account_name: "admin_user"
    account_password: "Password123"
    roles: ["Full Administrator"]
    state: "present"
    purge: false

- name: Add additional roles to user
  cloudera.cluster.user:
    host: example.cloudera.com
    port: "7180"
    username: "jane_smith"
    password: "S&peR4Ec*re"
    account_name: "john"
    account_password: "Password123"
    roles: ["Configurator", "Dashboard User", "Limited Operator"]
    state: "present"

- name: Reduce permissions on user to a single role
  cloudera.cluster.user:
    host: example.cloudera.com
    port: "7180"
    username: "jane_smith"
    password: "S&peR4Ec*re"
    account_name: "john"
    account_password: "Password123"
    roles: ["Dashboard User"]
    state: "present"
    purge: true

- name: Remove specified user
  cloudera.cluster.user:
    host: example.cloudera.com
    port: "7180"
    username: "jane_smith"
    password: "S&peR4Ec*re"
    account_name: "john"
    roles: ["Dashboard User"]
    state: "absent"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

user

dictionary

Details of a single user within the cluster

Returned: always

auth_roles

list / elements=string

Cloudera Manager authorization roles assigned to the user.

Returned: optional

name

string

The username, which is unique within a Cloudera Manager installation.

Returned: always

Authors

  • Ronald Suplina (@rsuplina)