Role Needed for Ansible User | NetApp | Page 1

warped bolt Mar 24, 2025, 10:02 PM

#

Hello All,
Does the user you want to use for Ansible need to be part of the "admin" role or can it be part of "admin-no-fas" and work fine for things like creating volumes, snapmirrors, etc? I can't seem to find documentation that just tells the minimum permissions or role the ansible user would need for automating.

short lily Mar 25, 2025, 12:38 PM

#

The different modules use different REST API endpoints. So it really depends on your needs. You can set very granular rest-role permissions for each needed endpoint.

warped bolt Mar 25, 2025, 5:07 PM

#

I thought at one point the user needed to be part of the "admin" role, which is why I was asking. So I wanted to confirm if that's still the same. The granular roles could work, but you just have to test, and when you run into a problem, fix it. I was thinking in terms of the minimal role you could give where you can assign and forget it and run pretty much all tasks.

warped bolt Mar 25, 2025, 6:00 PM

#

Too be clear I'm looking for a set it and forget it role that has enough permissions but not too much, which looks like the admin-no-fas" might work. That's why I was mostly inquiring.

glacial crescent Mar 25, 2025, 6:17 PM

#

The required permissions change with every ansible release. So the only "set and forget" role would be "admin"

#Role Needed for Ansible User