Ansible User Module-Ansible Add User To Group
Ansible User Module-Ansible Add User To Group:
Ansible user module is used to create a user’s accounts in any Linux machine. With Ansible user module we can create users, we can delete users, we can add passwords to those users and with ansible user module we can add users to groups. In the following example, I will show how to create the user with ansible user module And I will show you how to add the user to the group with ansible user module.
Ansible Add User To Group:
Playbook:
[root@localhost ~]# cat user.yml --- - hosts: localhost gather_facts: no tasks: - name: Create devops group group: name: devops - name: create devops user and assign primary group user: name: devops group: devops
The correct way to create user with primary group in ansible is create the group before creating user. After creating the group, In next step you can create new user and assign primary group. In the above playbook i have created devops group in the first task and In the second task i created devops user and assigned primary group as devops.
Note: If you mention only second task in the playbook ansible will through you error. Since ansible user module with group argument can not create new groups. So to add any users to any group in ansible first you should have group. So first create groups then add groups to users.
Log Output:
[root@localhost ~]# ansible-playbook user.yml PLAY [localhost] *************************************************************** TASK [Ensure devops group exists] ********************************************** changed: [localhost] TASK [create devops user and assign primary group] ***************************** changed: [localhost] PLAY RECAP ********************************************************************* localhost : ok=2 changed=2 unreachable=0 failed=0 [root@localhost ~]# groups devops devops : devops [root@localhost ~]# ls /home/ devops
You can see the 'groups <username>' Linux command will show the groups of the user. The first group is the primary group of user. In the above you can see the only devops after DevOps: So devops user has only one primary group. No other groups are added to devops.
Change Primary Group of User: or Change The Group of User
To change the primary group of any user, use the below task. It will change devops user primary group from devops to Hadoop.
[root@localhost ~]# cat change_group.yml --- - hosts: localhost gather_facts: no tasks: - name: Change the group of user user: name: devops group: hadoop
Log Output:
[root@localhost ~]# ansible-playbook change_group.yml PLAY [localhost] *********************************************************************************************** TASK [Change the group of user] ******************************************************************************** changed: [localhost] PLAY RECAP ***************************************************************************************************** localhost : ok=1 changed=1 unreachable=0 failed=0
But before running this task you should have Hadoop group in the target machine. We already discussed in the above section that ansible user module with group argument cannot create a new group. Just it will attach this Hadoop group to devops user as a primary group. So this task is used for change the primary group of user.
Verify The Group Of User:
[root@localhost ~]# groups devops devops : hadoop
Here you can see the group of devops user is Hadoop. So we have changed the group of devops user from DevOps group to Hadoop group.
Create User and Primary Group with Groups argument:
[root@localhost ~]# cat jenkins.yml --- - hosts: localhost gather_facts: no tasks: - name: create jenkins user and primary group user: name: jenkins groups:
This will create user Jenkins and it will create primary group, Jenkins. You can see here we are using argument groups not the group. And we have not mentioned anything in the group's argument.
[root@localhost ~]# ansible-playbook jenkins.yml PLAY [localhost] *************************************************************** TASK [create jenkins user and primary group] ********************************************** changed: [localhost] PLAY RECAP ********************************************************************* localhost : ok=1 changed=1 unreachable=0 failed=0 [root@localhost ~]# groups jenkins jenkins : jenkins
Groups:
Groups argument will create a primary group and groups argument will overwrite previous groups with new groups. And groups argument can create the only primary group. It can not create any other groups. in the above example, we have not mentioned anything in the groups argument. That is why we have only Jenkins group for Jenkins user. If you add any groups in the groups argument the user will be added to those groups and whatever the groups he had previously will be overwritten with this new groups. So every time groups argument will overwrite the groups of the user with new groups and there is one exception is that it will not remove the primary group.
- ansible user module
- add user to group ansible
- ansible add user to multiple groups
- ansible add user to another group