Skip to content

cisagov/ansible-manage-user

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

949 Commits

.github

.github

 
 

create

create

 
 

delete

delete

 
 

.ansible-lint

.ansible-lint

 
 

.bandit.yml

.bandit.yml

 
 

.flake8

.flake8

 
 

.gitignore

.gitignore

 
 

.isort.cfg

.isort.cfg

 
 

.mdl_config.yaml

.mdl_config.yaml

 
 

.pre-commit-config.yaml

.pre-commit-config.yaml

 
 

.prettierignore

.prettierignore

 
 

.yamllint

.yamllint

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

requirements-dev.txt

requirements-dev.txt

 
 

requirements-test.txt

requirements-test.txt

 
 

requirements.txt

requirements.txt

 
 

requirements.yml

requirements.yml

 
 

setup-env

setup-env

 
 

Repository files navigation

ansible-manage-user ⚙️

GitHub Build Status

Ansible playbooks to manage a user account on a set of hosts.

These are the actions that are currently supported:

  • Create a new user account and add a public ssh key to its authorized_keys file, with the option to allow the user to run privileged commands via sudo
  • Delete an existing user account and all of its directories and files

Warning ⚠️

These commands can be damaging, so always double-check the id of the user that you plan to manage!

Pre-requisites

  • You must run these playbooks as a user that has ssh access to and sudo privileges on each target host in your inventory.

  • You must create an Ansible inventory file at the root of this project containing the name or IP address of each target host on which you wish to manage users. A sample inventory file might look like this:

    all:
  hosts:
    my_ungrouped_host:
  children:
    group1:
      hosts:
        my_server:
        my_database:
    group2:
      hosts:
        sample.mydomain.com:
        db.mydomain.com:
    group3:
      hosts:
        192.168.1.5:
        192.168.1.6:

  • Ansible supports more complicated inventory management. If you have a need for that, consult the Ansible documentation for more information.

  • You must create a directory group_vars at the root of this project that contains files with the Ansible variable values for each group specified in the inventory; for example, to specify the same values for every host in the inventory you might create a single file named all.yml that looks like this:

    allow_sudo: true
ansible_become: yes
username: audit
ssh_public_key: "{{ lookup('aws_ssm', /ssh/public/key) }}"

Usage

Adding a new user account

ansible-playbook --inventory=inventory.yml create/playbook.yml

Deleting an existing user account

ansible-playbook --inventory=inventory.yml delete/playbook.yml

Contributing

We welcome contributions! Please see CONTRIBUTING.md for details.

License

This project is in the worldwide public domain.

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.

Author Information

David Redmin - david.redmin@gwe.cisa.dhs.gov

About

Ansible playbooks to manage a user account on a set of hosts

Topics

ansible ansible-playbook

Resources

Readme

License

CC0-1.0 license

Security policy

Security policy
Activity
Custom properties

Stars

3 stars

Watchers

8 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 11

Languages