I would like to use ansible for our user management (I know there are
software for it like LDAP but not for now ...).
This is typical definition of users and their groups:
Groups and users:
- group1
- user1
- user2
- group2
- user1
- user2
- user3
- group3
- user1
- user2
- user3
- user4
The problem I have is that every server is going to have subset of all
groups, i.e:
- server1
- group1
- group3
- server2
- group3
- server3
- group1
Then there is a request from business/developers/managers/whatever that
particular group of users should have access to particular servers so we
need to modify ansible config and add e.g. group3 to server3.
Is it possible to create a role with a sort of "map" file where I could
specify which server will have particular user groups
so we could modify this one (!) file, run site.yml and done (the role and
its file knows where to create each group).
I would like to avoid redundancy in terms of user definitions (error prone)
and have just one file with all users defined in it.
That way I could include this role in every playbook and it would
automatically create (or not) particular group of users
on every host.
Is it possible to do that ?
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/b90ff83b-0e8a-487f-bc00-9132d71bea92%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
