This repository provides a tool to easily propagate the "use" permission of the listed instance groups within organizations to administrators or users of the organization. It addresses the need to ensure that the "use" permission for instance groups is managed by dedicated teams. This tool replicates the behavior of "use" permission for organization administrators introduced in AWX (ansible/awx#4292), serving as a workaround until the official solution is available (ansible/awx#14564).
- Manage "use" permission for instance groups within organizations.
- Replicate the behavior of "use" permission for organization administrators in AWX.
- Work as a temporary workaround until the official solution is available in AWX.
- Clone this repository:
git clone https://github.com/youtous/awx-ig-org-sync.git
- Run the script, providing your controller's OAuth2 token and URL:
python main.py --controller-oauth2-token="******************" --controller-url=https://1.1.1.2
You can also schedule this script to enable regular synchronization of the permissions.
This is an extract from the --help
command:
Usage: main.py [OPTIONS]
Perform the mapping of permissions base on Organizations.
Options:
--controller-url TEXT Base URL of the controller.
--team-prefix TEXT Team prefix used to hold the permissions.
--parent-organization TEXT The parent organization of the teams holding
permissions.
--role-from-org-to-allow TEXT List of Organization roles to add to the
Instance Group Team with use permission,
coma (,) separated.
--skip-list-instance-groups TEXT
Instance Groups list to ignore, coma (,)
separated.
--controller-oauth2-token TEXT The awx controller oauth2 token with System
Administrator privilege.
--cleanup-use-role If enabled, all use of instance group not
managed by the team will be removed.
--ignore-certs-validation Ignore SSL certs validation.
--help Show this message and exit.
Please check our GitHub Issues and GitLab Issues for reporting any problems, requesting features, or discussing the project.
This project is licensed under the MIT License.