Defined Type: rundeck::config::aclpolicyfile

Defined in:
manifests/config/aclpolicyfile.pp

Summary

This define will create a custom acl policy file.

Overview

Examples:

Admin access.

rundeck::config::aclpolicyfile { 'myPolicyFile':
  acl_policies => [
    {
      'description' => 'Admin, all access',
      'context'     => { 'project' => '.*' },
      'for'         => {
        'resource' => [{ 'allow' => '*' }],
        'adhoc'    => [{ 'allow' => '*' }],
        'job'      => [{ 'allow' => '*' }],
        'node'     => [{ 'allow' => '*' }],
      },
      'by'          => [{ 'group' => ['admin'] }],
    },
    {
      'description' => 'Admin, all access',
      'context'     => { 'application' => 'rundeck' },
      'for'         => {
        'project'     => [{ 'allow' => '*' }],
        'resource'    => [{ 'allow' => '*' }],
        'storage'     => [{ 'allow' => '*' }],
      },
      'by'          => [{ 'group' => ['admin'] }],
    },
  ],
}

Parameters:

  • acl_policies (Array[Hash])

    An array of hashes containing acl policies. See example.

  • ensure (Enum['present', 'absent']) (defaults to: 'present')

    Set present or absent to add or remove the acl policy file.

  • owner (String[1]) (defaults to: 'rundeck')

    The user that rundeck is installed as.

  • group (String[1]) (defaults to: 'rundeck')

    The group permission that rundeck is installed as.

  • properties_dir (Stdlib::Absolutepath) (defaults to: '/etc/rundeck')

    The rundeck configuration directory.



41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'manifests/config/aclpolicyfile.pp', line 41

define rundeck::config::aclpolicyfile (
  Array[Hash] $acl_policies,
  Enum['present', 'absent'] $ensure = 'present',
  String[1] $owner = 'rundeck',
  String[1] $group = 'rundeck',
  Stdlib::Absolutepath $properties_dir = '/etc/rundeck',
) {
  validate_rd_policy($acl_policies)

  ensure_resource('file', $properties_dir, { 'ensure' => 'directory', 'owner' => $owner, 'group' => $group, 'mode' => '0755' })

  file { "${properties_dir}/${name}.aclpolicy":
    ensure  => $ensure,
    owner   => $owner,
    group   => $group,
    mode    => '0644',
    content => epp('rundeck/aclpolicy.epp', { _acl_policies => $acl_policies }),
  }
}