diff --git a/.github/workflows/rst-pr.yml b/.github/workflows/rst-pr.yml deleted file mode 100644 index c648fb8e..00000000 --- a/.github/workflows/rst-pr.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: RST PR -on: - pull_request_target: - types: [opened, synchronize, reopened] - paths: - - "docs/*.rst" - -jobs: - notify: - permissions: - pull-requests: write - runs-on: ubuntu-latest - steps: - - name: Look for an existing comment - id: fc - uses: peter-evans/find-comment@v1 - with: - issue-number: ${{ github.event.number }} - body-includes: '### Generated Docs Modified' - comment-author: 'github-actions[bot]' - - - name: Notify the author - id: comment - uses: peter-evans/create-or-update-comment@v1 - with: - comment-id: ${{ steps.fc.outputs.comment-id }} - issue-number: ${{ github.event.number }} - edit-mode: replace - body: | - ### Generated Docs Modified - - This PR with commit ${{ github.event.pull_request.head.sha }} is directly editing an RST file. - These files are auto-generated and will be overwritten on release. - - To update documentation, please edit the appropriate `.py` file(s) used to generate the documentation. diff --git a/README.md b/README.md index f431040d..a1fdd6cd 100644 --- a/README.md +++ b/README.md @@ -20,102 +20,10 @@ PEP440 is the schema used to describe the versions of Ansible. ## Included content -### Lookup plugins -Name | Description ---- | --- -[community.windows.laps_password](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.laps_password_lookup.rst)|Retrieves the LAPS password for a server. - -### Modules -Name | Description ---- | --- -[community.windows.psexec](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.psexec_module.rst)|Runs commands on a remote Windows host based on the PsExec model -[community.windows.win_audit_policy_system](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_audit_policy_system_module.rst)|Used to make changes to the system wide Audit Policy -[community.windows.win_audit_rule](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_audit_rule_module.rst)|Adds an audit rule to files, folders, or registry keys -[community.windows.win_auto_logon](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_auto_logon_module.rst)|Adds or Sets auto logon registry keys. -[community.windows.win_certificate_info](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_certificate_info_module.rst)|Get information on certificates from a Windows Certificate Store -[community.windows.win_computer_description](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_computer_description_module.rst)|Set windows description, owner and organization -[community.windows.win_credential](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_credential_module.rst)|Manages Windows Credentials in the Credential Manager -[community.windows.win_data_deduplication](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_data_deduplication_module.rst)|Module to enable Data Deduplication on a volume. -[community.windows.win_defrag](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_defrag_module.rst)|Consolidate fragmented files on local volumes -[community.windows.win_dhcp_lease](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_dhcp_lease_module.rst)|Manage Windows Server DHCP Leases -[community.windows.win_disk_facts](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_disk_facts_module.rst)|Show the attached disks and disk information of the target host -[community.windows.win_disk_image](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_disk_image_module.rst)|Manage ISO/VHD/VHDX mounts on Windows hosts -[community.windows.win_dns_record](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_dns_record_module.rst)|Manage Windows Server DNS records -[community.windows.win_dns_zone](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_dns_zone_module.rst)|Manage Windows Server DNS Zones -[community.windows.win_domain_computer](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_domain_computer_module.rst)|Manage computers in Active Directory -[community.windows.win_domain_group](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_domain_group_module.rst)|Creates, modifies or removes domain groups -[community.windows.win_domain_group_membership](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_domain_group_membership_module.rst)|Manage Windows domain group membership -[community.windows.win_domain_object_info](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_domain_object_info_module.rst)|Gather information an Active Directory object -[community.windows.win_domain_ou](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_domain_ou_module.rst)|Manage Active Directory Organizational Units -[community.windows.win_domain_user](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_domain_user_module.rst)|Manages Windows Active Directory user accounts -[community.windows.win_dotnet_ngen](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_dotnet_ngen_module.rst)|Runs ngen to recompile DLLs after .NET updates -[community.windows.win_eventlog](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_eventlog_module.rst)|Manage Windows event logs -[community.windows.win_eventlog_entry](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_eventlog_entry_module.rst)|Write entries to Windows event logs -[community.windows.win_feature_info](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_feature_info_module.rst)|Gather information about Windows features -[community.windows.win_file_compression](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_file_compression_module.rst)|Alters the compression of files and directories on NTFS partitions. -[community.windows.win_file_version](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_file_version_module.rst)|Get DLL or EXE file build version -[community.windows.win_firewall](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_firewall_module.rst)|Enable or disable the Windows Firewall -[community.windows.win_firewall_rule](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_firewall_rule_module.rst)|Windows firewall automation -[community.windows.win_format](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_format_module.rst)|Formats an existing volume or a new volume on an existing partition on Windows -[community.windows.win_hosts](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_hosts_module.rst)|Manages hosts file entries on Windows. -[community.windows.win_hotfix](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_hotfix_module.rst)|Install and uninstalls Windows hotfixes -[community.windows.win_http_proxy](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_http_proxy_module.rst)|Manages proxy settings for WinHTTP -[community.windows.win_iis_virtualdirectory](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_iis_virtualdirectory_module.rst)|Configures a virtual directory in IIS -[community.windows.win_iis_webapplication](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_iis_webapplication_module.rst)|Configures IIS web applications -[community.windows.win_iis_webapppool](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_iis_webapppool_module.rst)|Configure IIS Web Application Pools -[community.windows.win_iis_webbinding](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_iis_webbinding_module.rst)|Configures a IIS Web site binding -[community.windows.win_iis_website](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_iis_website_module.rst)|Configures a IIS Web site -[community.windows.win_inet_proxy](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_inet_proxy_module.rst)|Manages proxy settings for WinINet and Internet Explorer -[community.windows.win_initialize_disk](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_initialize_disk_module.rst)|Initializes disks on Windows Server -[community.windows.win_lineinfile](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_lineinfile_module.rst)|Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression -[community.windows.win_listen_ports_facts](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_listen_ports_facts_module.rst)|Recopilates the facts of the listening ports of the machine -[community.windows.win_mapped_drive](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_mapped_drive_module.rst)|Map network drives for users -[community.windows.win_msg](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_msg_module.rst)|Sends a message to logged in users on Windows hosts -[community.windows.win_net_adapter_feature](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_net_adapter_feature_module.rst)|Enable or disable certain network adapters. -[community.windows.win_netbios](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_netbios_module.rst)|Manage NetBIOS over TCP/IP settings on Windows. -[community.windows.win_nssm](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_nssm_module.rst)|Install a service using NSSM -[community.windows.win_pagefile](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_pagefile_module.rst)|Query or change pagefile configuration -[community.windows.win_partition](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_partition_module.rst)|Creates, changes and removes partitions on Windows Server -[community.windows.win_pester](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_pester_module.rst)|Run Pester tests on Windows hosts -[community.windows.win_power_plan](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_power_plan_module.rst)|Changes the power plan of a Windows system -[community.windows.win_product_facts](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_product_facts_module.rst)|Provides Windows product and license information -[community.windows.win_psexec](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_psexec_module.rst)|Runs commands (remotely) as another (privileged) user -[community.windows.win_psmodule](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_psmodule_module.rst)|Adds or removes a Windows PowerShell module -[community.windows.win_psmodule_info](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_psmodule_info_module.rst)|Gather information about PowerShell Modules -[community.windows.win_psrepository](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_psrepository_module.rst)|Adds, removes or updates a Windows PowerShell repository. -[community.windows.win_psrepository_copy](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_psrepository_copy_module.rst)|Copies registered PSRepositories to other user profiles -[community.windows.win_psrepository_info](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_psrepository_info_module.rst)|Gather information about PSRepositories -[community.windows.win_psscript](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_psscript_module.rst)|Install and manage PowerShell scripts from a PSRepository -[community.windows.win_psscript_info](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_psscript_info_module.rst)|Gather information about installed PowerShell Scripts -[community.windows.win_pssession_configuration](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_pssession_configuration_module.rst)|Manage PSSession Configurations -[community.windows.win_rabbitmq_plugin](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_rabbitmq_plugin_module.rst)|Manage RabbitMQ plugins -[community.windows.win_rds_cap](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_rds_cap_module.rst)|Manage Connection Authorization Policies (CAP) on a Remote Desktop Gateway server -[community.windows.win_rds_rap](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_rds_rap_module.rst)|Manage Resource Authorization Policies (RAP) on a Remote Desktop Gateway server -[community.windows.win_rds_settings](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_rds_settings_module.rst)|Manage main settings of a Remote Desktop Gateway server -[community.windows.win_region](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_region_module.rst)|Set the region and format settings -[community.windows.win_regmerge](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_regmerge_module.rst)|Merges the contents of a registry file into the Windows registry -[community.windows.win_robocopy](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_robocopy_module.rst)|Synchronizes the contents of two directories using Robocopy -[community.windows.win_route](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_route_module.rst)|Add or remove a static route -[community.windows.win_say](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_say_module.rst)|Text to speech module for Windows to speak messages and optionally play sounds -[community.windows.win_scheduled_task](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_scheduled_task_module.rst)|Manage scheduled tasks -[community.windows.win_scheduled_task_stat](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_scheduled_task_stat_module.rst)|Get information about Windows Scheduled Tasks -[community.windows.win_scoop](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_scoop_module.rst)|Manage packages using Scoop -[community.windows.win_scoop_bucket](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_scoop_bucket_module.rst)|Manage Scoop buckets -[community.windows.win_security_policy](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_security_policy_module.rst)|Change local security policy settings -[community.windows.win_shortcut](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_shortcut_module.rst)|Manage shortcuts on Windows -[community.windows.win_snmp](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_snmp_module.rst)|Configures the Windows SNMP service -[community.windows.win_timezone](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_timezone_module.rst)|Sets Windows machine timezone -[community.windows.win_toast](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_toast_module.rst)|Sends Toast windows notification to logged in users on Windows 10 or later hosts -[community.windows.win_unzip](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_unzip_module.rst)|Unzips compressed files and archives on the Windows node -[community.windows.win_user_profile](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_user_profile_module.rst)|Manages the Windows user profiles. -[community.windows.win_wait_for_process](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_wait_for_process_module.rst)|Waits for a process to exist or not exist before continuing. -[community.windows.win_wakeonlan](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_wakeonlan_module.rst)|Send a magic Wake-on-LAN (WoL) broadcast packet -[community.windows.win_webpicmd](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_webpicmd_module.rst)|Installs packages using Web Platform Installer command-line -[community.windows.win_xml](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_xml_module.rst)|Manages XML file content on Windows hosts -[community.windows.win_zip](https://github.com/ansible-collections/community.windows/blob/main/docs/community.windows.win_zip_module.rst)|Compress file or directory as zip archive on the Windows node - +See the complete list of collection content in the [Plugin Index](https://ansible-collections.github.io/community.windows/branch/main/collections/community/windows/index.html#plugin-index). + ## Installation and Usage diff --git a/docs/README.md b/docs/README.md deleted file mode 100644 index f52cc2fe..00000000 --- a/docs/README.md +++ /dev/null @@ -1,4 +0,0 @@ -# Generated Documentation -The `docs/` directory contains **automatically generated** documentation from the plugins and modules in this collection. - -**Please do not submit pull requests to edit this documentation directly.** Instead, open a pull request to the `.py` file that contains the content these files are generated from. diff --git a/docs/community.windows.laps_password_lookup.rst b/docs/community.windows.laps_password_lookup.rst deleted file mode 100644 index 2725ee40..00000000 --- a/docs/community.windows.laps_password_lookup.rst +++ /dev/null @@ -1,413 +0,0 @@ -.. _community.windows.laps_password_lookup: - - -******************************* -community.windows.laps_password -******************************* - -**Retrieves the LAPS password for a server.** - - - -.. contents:: - :local: - :depth: 1 - - -Synopsis --------- -- This lookup returns the LAPS password set for a server from the Active Directory database. -- See https://github.com/jborean93/ansible-lookup-laps_password for more information around installing pre-requisites and testing. - - - -Requirements ------------- -The below requirements are needed on the local Ansible controller node that executes this lookup. - -- python-ldap - - -Parameters ----------- - -.. raw:: html - -
Key | -Returned | -Description | -
---|---|---|
-
- _raw
-
-
- string
-
- |
- - |
- The LAPS password(s) for the host(s) requested.
- - |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- arguments
-
-
- string
-
- |
- - | -
- Any arguments as a single string to use when running the executable.
- |
-
-
- asynchronous
-
-
- boolean
-
- |
-
-
|
-
- Will run the command as a detached process and the module returns immediately after starting the process while the process continues to run in the background.
- The stdout and stderr return values will be null when this is set to
- yes .The stdin option does not work with this type of process.
- The rc return value is not set when this is
- yes |
-
-
- connection_password
-
-
- string
-
- |
- - | -
- The password for connection_user.
- Required if the Kerberos requirements are not installed or the username is a local account to the Windows host.
- Can be omitted to use a Kerberos principal ticket for the principal set by connection_user if the Kerberos library is installed and the ticket has already been retrieved with the
- kinit command before. |
-
-
- connection_timeout
-
-
- integer
-
- |
-
- Default: 60
- |
-
- The timeout in seconds to wait when receiving the initial SMB negotiate response from the server.
- |
-
-
- connection_username
-
-
- string
-
- |
- - | -
- The username to use when connecting to the remote Windows host.
- This user must be a member of the
- Administrators group of the Windows host.Required if the Kerberos requirements are not installed or the username is a local account to the Windows host.
- Can be omitted to use the default Kerberos principal ticket in the local credential cache if the Kerberos library is installed.
- If process_username is not specified, then the remote process will run under a Network Logon under this account.
- |
-
-
- encrypt
-
-
- boolean
-
- |
-
-
|
-
- Will use SMB encryption to encrypt the SMB messages sent to and from the host.
- This requires the SMB 3 protocol which is only supported from Windows Server 2012 or Windows 8, older versions like Windows 7 or Windows Server 2008 (R2) must set this to
- no and use no encryption.When setting to
- no , the packets are in plaintext and can be seen by anyone sniffing the network, any process options are included in this. |
-
-
- executable
-
-
- string
- / required
-
- |
- - | -
- The executable to run on the Windows host.
- |
-
-
- hostname
-
-
- string
- / required
-
- |
- - | -
- The remote Windows host to connect to, can be either an IP address or a hostname.
- |
-
-
- integrity_level
-
-
- string
-
- |
-
-
|
-
- The integrity level of the process when process_username is defined and is not equal to
- System .When
- default , the default integrity level based on the system setup.When
- elevated , the command will be run with Administrative rights.When
- limited , the command will be forced to run with non-Administrative rights. |
-
-
- interactive
-
-
- boolean
-
- |
-
-
|
-
- Will run the process as an interactive process that shows a process Window of the Windows session specified by interactive_session.
- The stdout and stderr return values will be null when this is set to
- yes .The stdin option does not work with this type of process.
- |
-
-
- interactive_session
-
-
- integer
-
- |
-
- Default: 0
- |
-
- The Windows session ID to use when displaying the interactive process on the remote Windows host.
- This is only valid when interactive is
- yes .The default is
- 0 which is the console session of the Windows host. |
-
-
- load_profile
-
-
- boolean
-
- |
-
-
|
-
- Runs the remote command with the user's profile loaded.
- |
-
-
- port
-
-
- integer
-
- |
-
- Default: 445
- |
-
- The port that the remote SMB service is listening on.
- |
-
-
- priority
-
-
- string
-
- |
-
-
|
-
- Set the command's priority on the Windows host.
- See https://msdn.microsoft.com/en-us/library/windows/desktop/ms683211.aspx for more details.
- |
-
-
- process_password
-
-
- string
-
- |
- - | -
- The password for process_username.
- Required if process_username is defined and not
- System . |
-
-
- process_timeout
-
-
- integer
-
- |
-
- Default: 0
- |
-
- The timeout in seconds that is placed upon the running process.
- A value of
- 0 means no timeout. |
-
-
- process_username
-
-
- string
-
- |
- - | -
- The user to run the process as.
- This can be set to run the process under an Interactive logon of the specified account which bypasses limitations of a Network logon used when this isn't specified.
- If omitted then the process is run under the same account as connection_username with a Network logon.
- Set to
- System to run as the builtin SYSTEM account, no password is required with this account.If encrypt is
- no , the username and password are sent as a simple XOR scrambled byte string that is not encrypted. No special tools are required to get the username and password just knowledge of the protocol. |
-
-
- show_ui_on_logon_screen
-
-
- boolean
-
- |
-
-
|
-
- Shows the process UI on the Winlogon secure desktop when process_username is
- System . |
-
-
- stdin
-
-
- string
-
- |
- - | -
- Data to send on the stdin pipe once the process has started.
- This option has no effect when interactive or asynchronous is
- yes . |
-
-
- working_directory
-
-
- string
-
- |
-
- Default: "C:\\Windows\\System32"
- |
-
- Changes the working directory set when starting the process.
- |
-
Key | -Returned | -Description | -
---|---|---|
-
- current_audit_policy
-
-
- dictionary
-
- |
- always | -
- details on the policy being targetted
- - Sample:
- {
- "File Share":"failure"
- }
- |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- audit_flags
-
-
- list
- / elements=string
- / required
-
- |
-
-
|
-
- Defines whether to log on failure, success, or both.
- To log both define as comma separated list "Success, Failure".
- |
-
-
- inheritance_flags
-
-
- list
- / elements=string
-
- |
-
-
"ContainerInherit,ObjectInherit"
- |
-
- Defines what objects inside of a folder or registry key will inherit the settings.
- If you are setting a rule on a file, this value has to be changed to
- none .For more information on the choices see MSDN PropagationFlags enumeration at https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.inheritanceflags.aspx.
- |
-
-
- path
-
-
- path
- / required
-
- |
- - | -
- Path to the file, folder, or registry key.
- Registry paths should be in Powershell format, beginning with an abbreviation for the root such as,
- HKLM:\Software .aliases: dest, destination |
-
-
- propagation_flags
-
-
- -
-
- |
-
-
|
-
- Propagation flag on the audit rules.
- This value is ignored when the path type is a file.
- For more information on the choices see MSDN PropagationFlags enumeration at https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.propagationflags.aspx.
- |
-
-
- rights
-
-
- list
- / elements=string
- / required
-
- |
- - | -
- Comma separated list of the rights desired. Only required for adding a rule.
- If path is a file or directory, rights can be any right under MSDN FileSystemRights https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.filesystemrights.aspx.
- If path is a registry key, rights can be any right under MSDN RegistryRights https://msdn.microsoft.com/en-us/library/system.security.accesscontrol.registryrights.aspx.
- |
-
-
- state
-
-
- string
-
- |
-
-
|
-
- Whether the rule should be
- present or absent .For absent, only path, user, and state are required.
- Specifying
- absent will remove all rules matching the defined user. |
-
-
- user
-
-
- string
- / required
-
- |
- - | -
- The user or group to adjust rules for.
- |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- store_location
-
-
- string
-
- |
-
-
|
-
- The location of the store to search.
- |
-
-
- store_name
-
-
- string
-
- |
-
- Default: "My"
- |
-
- The name of the store to search.
- See https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.x509certificates.storename for a list of built-in store names.
- |
-
-
- thumbprint
-
-
- string
-
- |
- - | -
- The thumbprint as a hex string of a certificate to find.
- When specified, filters the certificates return value to a single certificate
- See the examples for how to format the thumbprint.
- |
-
Parameter | -Choices/Defaults | -Comments | -|
---|---|---|---|
-
- alias
-
-
- string
-
- |
- - | -
- Adds an alias for the credential.
- Typically this is the NetBIOS name of a host if name is set to the DNS name.
- |
- |
-
- attributes
-
-
- list
- / elements=dictionary
-
- |
- - | -
- A list of dicts that set application specific attributes for a credential.
- When set, existing attributes will be compared to the list as a whole, any differences means all attributes will be replaced.
- |
- |
- |
-
- data
-
-
- string
-
- |
- - | -
- The value for the attribute.
- |
-
- |
-
- data_format
-
-
- string
-
- |
-
-
|
-
- Controls the input type for data.
- If
- text , data is a text string that is UTF-16LE encoded to bytes.If
- base64 , data is a base64 string that is base64 decoded to bytes. |
-
- |
-
- name
-
-
- string
- / required
-
- |
- - | -
- The key for the attribute.
- This is not a unique identifier as multiple attributes can have the same key.
- |
-
-
- comment
-
-
- string
-
- |
- - | -
- A user defined comment for the credential.
- |
- |
-
- name
-
-
- string
- / required
-
- |
- - | -
- The target that identifies the server or servers that the credential is to be used for.
- If the value can be a NetBIOS name, DNS server name, DNS host name suffix with a wildcard character (
- * ), a NetBIOS of DNS domain name that contains a wildcard character sequence, or an asterisk.See
- TargetName in https://docs.microsoft.com/en-us/windows/win32/api/wincred/ns-wincred-credentiala for more details on what this value can be.This is used with type to produce a unique credential.
- |
- |
-
- persistence
-
-
- string
-
- |
-
-
|
-
- Defines the persistence of the credential.
- If
- local , the credential will persist for all logons of the same user on the same host.enterprise is the same as local but the credential is visible to the same domain user when running on other hosts and not just localhost. |
- |
-
- secret
-
-
- string
-
- |
- - | -
- The secret for the credential.
- When omitted, then no secret is used for the credential if a new credentials is created.
- When type is a password type, this is the password for username.
- When type is a certificate type, this is the pin for the certificate.
- |
- |
-
- secret_format
-
-
- string
-
- |
-
-
|
-
- Controls the input type for secret.
- If
- text , secret is a text string that is UTF-16LE encoded to bytes.If
- base64 , secret is a base64 string that is base64 decoded to bytes. |
- |
-
- state
-
-
- string
-
- |
-
-
|
-
- When
- absent , the credential specified by name and type is removed.When
- present , the credential specified by name and type is removed. |
- |
-
- type
-
-
- string
- / required
-
- |
-
-
|
-
- The type of credential to store.
- This is used with name to produce a unique credential.
- When the type is a
- domain type, the credential is used by Microsoft authentication packages like Negotiate.When the type is a
- generic type, the credential is not used by any particular authentication package.It is recommended to use a
- domain type as only authentication providers can access the secret. |
- |
-
- update_secret
-
-
- string
-
- |
-
-
|
-
- When
- always , the secret will always be updated if they differ.When
- on_create , the secret will only be checked/updated when it is first created.If the secret cannot be retrieved and this is set to
- always , the module will always result in a change. |
- |
-
- username
-
-
- string
-
- |
- - | -
- When type is a password type, then this is the username to store for the credential.
- When type is a credential type, then this is the thumbprint as a hex string of the certificate to use.
- When
- type=domain_password , this should be in the form of a Netlogon (DOMAIN\Username) or a UPN (username@DOMAIN).If using a certificate thumbprint, the certificate must exist in the
- CurrentUser\My certificate store for the executing user. |
-
Key | -Returned | -Description | -
---|---|---|
-
- mount_paths
-
-
- list
-
- |
- when state is present |
-
- A list of filesystem paths mounted from the target image.
- - Sample:
- ['E:\\', 'F:\\']
- |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- description
-
-
- string
-
- |
-
- Default: ""
- |
-
- Specifies a description of the object.
- This parameter sets the value of the Description property for the object.
- The LDAP display name (ldapDisplayName) for this property is description.
- |
-
-
- dns_hostname
-
-
- string
-
- |
- - | -
- Specifies the fully qualified domain name (FQDN) of the computer.
- This parameter sets the DNSHostName property for a computer object.
- The LDAP display name for this property is dNSHostName.
- Required when state=present.
- |
-
-
- domain_password
-
-
- string
-
- |
- - | -
- The password for username.
- |
-
-
- domain_server
-
-
- string
-
- |
- - | -
- Specifies the Active Directory Domain Services instance to connect to.
- Can be in the form of an FQDN or NetBIOS name.
- If not specified then the value is based on the domain of the computer running PowerShell.
- |
-
-
- domain_username
-
-
- string
-
- |
- - | -
- The username to use when interacting with AD.
- If this is not set then the user Ansible used to log in with will be used instead when using CredSSP or Kerberos with credential delegation.
- |
-
-
- enabled
-
-
- boolean
-
- |
-
-
|
-
- Specifies if an account is enabled.
- An enabled account requires a password.
- This parameter sets the Enabled property for an account object.
- This parameter also sets the ADS_UF_ACCOUNTDISABLE flag of the Active Directory User Account Control (UAC) attribute.
- |
-
-
- managed_by
-
-
- string
-
- added in 1.3.0
- |
- - | -
- The value to be assigned to the LDAP
- managedBy attribute.This value can be in the forms
- Distinguished Name , objectGUID , objectSid or sAMAccountName , see examples for more details. |
-
-
- name
-
-
- string
- / required
-
- |
- - | -
- Specifies the name of the object.
- This parameter sets the Name property of the Active Directory object.
- The LDAP display name (ldapDisplayName) of this property is name.
- |
-
-
- odj_blob_path
-
-
- -
-
- |
- - | -
- The path to the file where the BLOB will be saved. If omitted, a temporary file will be used.
- If offline_domain_join=output the file will be deleted after its contents are returned.
- The parent directory for the BLOB file must exist; intermediate directories will not be created.
- |
-
-
- offline_domain_join
-
-
- string
-
- |
-
-
|
-
- Provisions a computer in the directory and provides a BLOB file that can be used on the target computer/image to join it to the domain while offline.
- The
- none value doesn't do any offline join operations.output returns the BLOB in output. The BLOB should be treated as secret (it contains the machine password) so use no_log when using this option.path preserves the offline domain join BLOB file on the target machine for later use. The path will be returned.If the computer already exists, no BLOB will be created/returned, and the module will operate as it would have without offline domain join.
- |
-
-
- ou
-
-
- string
-
- |
- - | -
- Specifies the X.500 path of the Organizational Unit (OU) or container where the new object is created. Required when state=present.
- Special characters must be escaped, see Distinguished Names for details.
- |
-
-
- sam_account_name
-
-
- string
-
- |
- - | -
- Specifies the Security Account Manager (SAM) account name of the computer.
- It maximum is 256 characters, 15 is advised for older operating systems compatibility.
- The LDAP display name (ldapDisplayName) for this property is sAMAccountName.
- If ommitted the value is the same as
- name .Note that all computer SAMAccountNames need to end with a
- $ .If
- $ is omitted, it will be added to the end. |
-
-
- state
-
-
- string
-
- |
-
-
|
-
- Specified whether the computer should be
- present or absent in Active Directory. |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- path
-
-
- path
- / required
-
- |
- - | -
- File to get version.
- Always provide absolute path.
- |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- action
-
-
- string
-
- |
-
-
|
-
- What to do with the items this rule is for.
- Defaults to
- allow when creating a new rule. |
-
-
- description
-
-
- string
-
- |
- - | -
- Description for the firewall rule.
- |
-
-
- direction
-
-
- string
-
- |
-
-
|
-
- Whether this rule is for inbound or outbound traffic.
- Defaults to
- in when creating a new rule. |
-
-
- enabled
-
-
- boolean
-
- |
-
-
|
-
- Whether this firewall rule is enabled or disabled.
- Defaults to
- true when creating a new rule.aliases: enable |
-
-
- group
-
-
- string
-
- |
- - | -
- The group name for the rule.
- If name is not specified then the module will set the firewall options for all the rules in this group.
- |
-
-
- icmp_type_code
-
-
- list
- / elements=string
-
- |
- - | -
- The ICMP types and codes for the rule.
- This is only valid when protocol is
- icmpv4 or icmpv6 .Each entry follows the format
- type:code where type is the type number and code is the code number for that type or * for all codes.Set the value to just
- * to apply the rule for all ICMP type codes.See https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml for a list of ICMP types and the codes that apply to them.
- |
-
-
- localip
-
-
- string
-
- |
- - | -
- The local ip address this rule applies to.
- Set to
- any to apply to all local ip addresses.Defaults to
- any when creating a new rule. |
-
-
- localport
-
-
- string
-
- |
- - | -
- The local port this rule applies to.
- Set to
- any to apply to all local ports.Defaults to
- any when creating a new rule.Must have protocol set
- |
-
-
- name
-
-
- string
-
- |
- - | -
- The rule's display name.
- This is required unless group is specified.
- |
-
-
- profiles
-
-
- list
- / elements=string
-
- |
- - | -
- The profile this rule applies to.
- Defaults to
- domain,private,public when creating a new rule.aliases: profile |
-
-
- program
-
-
- string
-
- |
- - | -
- The program this rule applies to.
- Set to
- any to apply to all programs.Defaults to
- any when creating a new rule. |
-
-
- protocol
-
-
- string
-
- |
- - | -
- The protocol this rule applies to.
- Set to
- any to apply to all services.Defaults to
- any when creating a new rule. |
-
-
- remoteip
-
-
- string
-
- |
- - | -
- The remote ip address/range this rule applies to.
- Set to
- any to apply to all remote ip addresses.Defaults to
- any when creating a new rule. |
-
-
- remoteport
-
-
- string
-
- |
- - | -
- The remote port this rule applies to.
- Set to
- any to apply to all remote ports.Defaults to
- any when creating a new rule.Must have protocol set
- |
-
-
- service
-
-
- string
-
- |
- - | -
- The service this rule applies to.
- Set to
- any to apply to all services.Defaults to
- any when creating a new rule. |
-
-
- state
-
-
- string
-
- |
-
-
|
-
- Should this rule be added or removed.
- |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- attributes
-
-
- -
-
- |
- - | -
- This field is a free form dictionary value for the application pool attributes.
- These attributes are based on the naming standard at https://www.iis.net/configreference/system.applicationhost/applicationpools/add#005, see the examples section for more details on how to set this.
- You can also set the attributes of child elements like cpu and processModel, see the examples to see how it is done.
- While you can use the numeric values for enums it is recommended to use the enum name itself, e.g. use SpecificUser instead of 3 for processModel.identityType.
- managedPipelineMode may be either "Integrated" or "Classic".
- startMode may be either "OnDemand" or "AlwaysRunning".
- Use
- state module parameter to modify the state of the app pool.When trying to set 'processModel.password' and you receive a 'Value does fall within the expected range' error, you have a corrupted keystore. Please follow http://structuredsight.com/2014/10/26/im-out-of-range-youre-out-of-range/ to help fix your host.
- |
-
-
- name
-
-
- string
- / required
-
- |
- - | -
- Name of the application pool.
- |
-
-
- state
-
-
- string
-
- |
-
-
|
-
- The state of the application pool.
- If
- absent will ensure the app pool is removed.If
- present will ensure the app pool is configured and exists.If
- restarted will ensure the app pool exists and will restart, this is never idempotent.If
- started will ensure the app pool exists and is started.If
- stopped will ensure the app pool exists and is stopped. |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- auto_config_url
-
-
- string
-
- |
- - | -
- The URL of a proxy configuration script.
- Proxy configuration scripts are typically JavaScript files with the
- .pac extension that implement the C(FindProxyForURurl function.Omit, set to null or an empty string to remove the auto config URL.
- This corresponds to the checkbox Use automatic configuration script in the connection settings window.
- |
-
-
- auto_detect
-
-
- boolean
-
- |
-
-
|
-
- Whether to configure WinINet to automatically detect proxy settings through Web Proxy Auto-Detection
- WPAD .This corresponds to the checkbox Automatically detect settings in the connection settings window.
- |
-
-
- bypass
-
-
- list
- / elements=string
-
- |
- - | -
- A list of hosts that will bypass the set proxy when being accessed.
- Use
- <local> to match hostnames that are not fully qualified domain names. This is useful when needing to connect to intranet sites using just the hostname. If defined, this should be the last entry in the bypass list.Use
- <-loopback> to stop automatically bypassing the proxy when connecting through any loopback address like 127.0.0.1 , localhost , or the local hostname.Omit, set to null or an empty string/list to remove the bypass list.
- If this is set then proxy must also be set.
- |
-
-
- connection
-
-
- string
-
- |
- - | -
- The name of the IE connection to set the proxy settings for.
- These are the connections under the Dial-up and Virtual Private Network header in the IE settings.
- When omitted, the default LAN connection is used.
- |
-
-
- proxy
-
-
- raw
-
- |
- - | -
- A string or dict that specifies the proxy to be set.
- If setting a string, should be in the form
- hostname , hostname:port , or protocol=hostname:port .If the port is undefined, the default port for the protocol in use is used.
- If setting a dict, the keys should be the protocol and the values should be the hostname and/or port for that protocol.
- Valid protocols are
- http , https , ftp , and socks .Omit, set to null or an empty string to remove the proxy settings.
- |
-
Parameter | -Choices/Defaults | -Comments | -
---|---|---|
-
- backrefs
-
-
- boolean
-
- |
-
-
|
-
- Used with
- state=present . If set, line can contain backreferences (both positional and named) that will get populated if the regexp matches. This flag changes the operation of the module slightly; insertbefore and insertafter will be ignored, and if the regexp doesn't match anywhere in the file, the file will be left unchanged.If the
- regexp does match, the last matching line will be replaced by the expanded line parameter. |
-
-
- backup
-
-
- boolean
-
- |
-
-
|
-
- Determine whether a backup should be created.
- When set to
- yes , create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
-
-
- create
-
-
- boolean
-
- |
-
-
|
-
- Used with
- state=present . If specified, the file will be created if it does not already exist. By default it will fail if the file is missing. |
-
-
- encoding
-
-
- string
-
- |
-
- Default: "auto"
- |
-
- Specifies the encoding of the source text file to operate on (and thus what the output encoding will be). The default of
- auto will cause the module to auto-detect the encoding of the source file and ensure that the modified file is written with the same encoding.An explicit encoding can be passed as a string that is a valid value to pass to the .NET framework System.Text.Encoding.GetEncoding() method - see https://msdn.microsoft.com/en-us/library/system.text.encoding%28v=vs.110%29.aspx.
- This is mostly useful with
- create=yes if you want to create a new file with a specific encoding. If create=yes is specified without a specific encoding, the default encoding (UTF-8, no BOM) will be used. |
-
-
- insertafter
-
-
- string
-
- |
-
-
|
-
- Used with
- state=present . If specified, the line will be inserted after the last match of specified regular expression. A special value is available; EOF for inserting the line at the end of the file.If specified regular expression has no matches, EOF will be used instead. May not be used with
- backrefs . |
-
-
- insertbefore
-
-
- string
-
- |
-
-
|
-
- Used with
- state=present . If specified, the line will be inserted before the last match of specified regular expression. A value is available; BOF for inserting the line at the beginning of the file.If specified regular expression has no matches, the line will be inserted at the end of the file. May not be used with
- backrefs . |
-
-
- line
-
-
- string
-
- |
- - | -
- Required for
- state=present . The line to insert/replace into the file. If backrefs is set, may contain backreferences that will get expanded with the regexp capture groups if the regexp matches.Be aware that the line is processed first on the controller and thus is dependent on yaml quoting rules. Any double quoted line will have control characters, such as '\r\n', expanded. To print such characters literally, use single or no quotes.
- |
-
-
- newline
-
-
- string
-
- |
-
-
|
-
- Specifies the line separator style to use for the modified file. This defaults to the windows line separator (
- \r\n ). Note that the indicated line separator will be used for file output regardless of the original line separator that appears in the input file. |
-
-
- path
-
-
- path
- / required
-
- |
- - | -
- The path of the file to modify.
- Note that the Windows path delimiter
- \ must be escaped as \\ when the line is double quoted.aliases: dest, destfile, name |
-
-
- regex
-
-
- -
-
- |
- - | -
- The regular expression to look for in every line of the file. For
- state=present , the pattern to replace if found; only the last line found will be replaced. For state=absent , the pattern of the line to remove. Uses .NET compatible regular expressions; see https://msdn.microsoft.com/en-us/library/hs600312%28v=vs.110%29.aspx.aliases: regexp |
-
-
- state
-
-
- string
-
- |
-
-
|
-
- Whether the line should be there or not.
- |
-
-
- validate
-
-
- string
-
- |
- - | -
- Validation to run before copying into place. Use %s in the command to indicate the current file to validate.
- The command is passed securely so shell features like expansion and pipes won't work.
- |
-
Key | -Returned | -Description | -
---|---|---|
-
- reboot_required
-
-
- boolean
-
- |
- always | -
- Boolean value stating whether a system reboot is required.
- - Sample:
- True
- |
-