AWX/API: Difference between revisions
(2 intermediate revisions by the same user not shown) | |||
Line 99: | Line 99: | ||
Ref: https://docs.ansible.com/automation-controller/latest/html/controllerapi/authentication.html | Ref: https://docs.ansible.com/automation-controller/latest/html/controllerapi/authentication.html | ||
=== Stateless | === Stateless Basic Authentication === | ||
Or you can pass in user/password with each request... (Have to enable - "Enable HTTP Basic Auth" under Miscellaneous Autehntication) | Or you can pass in user/password with each request... (Have to enable - "Enable HTTP Basic Auth" under Miscellaneous Autehntication) | ||
Line 127: | Line 127: | ||
https://<controller-host>/api/v2/hosts/ | https://<controller-host>/api/v2/hosts/ | ||
</pre> | </pre> | ||
== API Token == | |||
curl -ku username:password -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' http://<ip_address>/api/v2/users/1/personal_tokens/ | jq -r .token | |||
ref: https://stackoverflow.com/questions/54983803/ansible-awx-login-token-api | |||
== Add Host to Inventory Group == | |||
Add host to inventory group <ref>https://stackoverflow.com/questions/55475740/how-to-add-an-inventory-host-to-specific-group-using-ansible-tower-api-so-that</ref> | |||
<pre> | |||
URI: {your host}/api/v2/groups/{id}/hosts/ | |||
Method: POST | |||
Payload: | |||
{ | |||
"name": "{hostname}", | |||
"description": "", | |||
"enabled": true, | |||
"instance_id": "", | |||
"variables": "" | |||
} | |||
</pre> | |||
--- | |||
POST /api/v2/groups/{id}/hosts/ Create a Host for a Group | |||
https://docs.ansible.com/ansible-tower/latest/html/towerapi/api_ref.html#/Groups/Groups_groups_hosts_create | |||
Make a POST request to this resource with the following host fields to create a new host associated with this group | |||
* name: Name of this host. (string, required) | |||
* description: Optional description of this host. (string, default="") | |||
* inventory: (id, required) | |||
* enabled: Is this host online and available for running jobs? (boolean, default=True) | |||
* instance_id: The value used by the remote inventory source to uniquely identify the host (string, default="") | |||
* variables: Host variables in JSON or YAML format. (json, default=``) | |||
== keywords == |
Latest revision as of 22:20, 20 September 2024
API Documantation
10. Tower API Reference Guide — Ansible Tower API Guide https://docs.ansible.com/ansible-tower/latest/html/towerapi/api_ref.html
Version
$ curl -s https://awx.example.com/api/ | jq { "description": "AWX REST API", "current_version": "/api/v2/", "available_versions": { "v2": "/api/v2/" }, "oauth2": "/api/o/", "custom_logo": "", "custom_login_info": "", "lo
Get APIs
$ curl -s https://awx.example.com/api/v2/ | jq { "ping": "/api/v2/ping/", "instances": "/api/v2/instances/", "instance_groups": "/api/v2/instance_groups/", "config": "/api/v2/config/", "settings": "/api/v2/settings/", "me": "/api/v2/me/", "dashboard": "/api/v2/dashboard/", "organizations": "/api/v2/organizations/", "users": "/api/v2/users/", "execution_environments": "/api/v2/execution_environments/", "projects": "/api/v2/projects/", "project_updates": "/api/v2/project_updates/", "teams": "/api/v2/teams/", "credentials": "/api/v2/credentials/", "credential_types": "/api/v2/credential_types/", "credential_input_sources": "/api/v2/credential_input_sources/", "applications": "/api/v2/applications/", "tokens": "/api/v2/tokens/", "metrics": "/api/v2/metrics/", "inventory": "/api/v2/inventories/", "constructed_inventory": "/api/v2/constructed_inventories/", "inventory_sources": "/api/v2/inventory_sources/", "inventory_updates": "/api/v2/inventory_updates/", "groups": "/api/v2/groups/", "hosts": "/api/v2/hosts/", "host_metrics": "/api/v2/host_metrics/", "host_metric_summary_monthly": "/api/v2/host_metric_summary_monthly/", "job_templates": "/api/v2/job_templates/", "jobs": "/api/v2/jobs/", "ad_hoc_commands": "/api/v2/ad_hoc_commands/", "system_job_templates": "/api/v2/system_job_templates/", "system_jobs": "/api/v2/system_jobs/", "schedules": "/api/v2/schedules/", "roles": "/api/v2/roles/", "notification_templates": "/api/v2/notification_templates/", "notifications": "/api/v2/notifications/", "labels": "/api/v2/labels/", "unified_job_templates": "/api/v2/unified_job_templates/", "unified_jobs": "/api/v2/unified_jobs/", "activity_stream": "/api/v2/activity_stream/", "workflow_job_templates": "/api/v2/workflow_job_templates/", "workflow_jobs": "/api/v2/workflow_jobs/", "workflow_approvals": "/api/v2/workflow_approvals/", "workflow_job_template_nodes": "/api/v2/workflow_job_template_nodes/", "workflow_job_nodes": "/api/v2/workflow_job_nodes/", "mesh_visualizer": "/api/v2/mesh_visualizer/", "bulk": "/api/v2/bulk/", "analytics": "/api/v2/analytics/" }
Login
Session Authentication
GET /api/login/
$ curl -k -c - https://awx.example.com/api/login/ ... awx.example.com FALSE / FALSE 0 csrftoken AswSFn5p1qQvaX4KoRZN6A5yer0Pq0VG2cXMTzZnzuhaY0L4tiidYqwf5PXZckuj
Grab the csrftoken.
POST /api/login/ username, password, and csrftoken
curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \ --referer https://awx.example.com/api/login/ \ -H 'X-CSRFToken: K580zVVm0rWX8pmNylz5ygTPamgUJxifrdJY0UDtMMoOis5Q1UOxRmV9918BUBIN' \ --data 'username=root&password=reverse' \ --cookie 'csrftoken=K580zVVm0rWX8pmNylz5ygTPamgUJxifrdJY0UDtMMoOis5Q1UOxRmV9918BUBIN' \ https://awx.example.com/api/login/ -k -D - -o /dev/null
Ref: https://docs.ansible.com/automation-controller/latest/html/controllerapi/authentication.html
Stateless Basic Authentication
Or you can pass in user/password with each request... (Have to enable - "Enable HTTP Basic Auth" under Miscellaneous Autehntication)
curl -X GET -H 'Authorization: Basic dXNlcjpwYXNzd29yZA==’ https://<controller-host>/api/v2/credentials -k -L
# the --user flag adds this Authorization header for us curl -X GET --user 'user:password' https://<controller-host>/api/v2/credentials -k -L
Take note of:
- X-API-Session-Cookie-Name
- awx_session_id
- Set-Cookie
Token Authentication
Or you can request a token to use: (have to enable - "Allow external users to create OAtuh2 Toekn" under Miscellaneous Autehntication)
curl -u user:password -k -X POST https://<controller-host>/api/v2/tokens/ ... "token":"..."
Use:
curl -k -X POST \ -H “Content-Type: application/json” -H “Authorization: Bearer <oauth2-token-value>” \ https://<controller-host>/api/v2/hosts/
API Token
curl -ku username:password -H "Content-Type: application/json" -X POST -d '{"description":"Tower CLI", "application":null, "scope":"write"}' http://<ip_address>/api/v2/users/1/personal_tokens/ | jq -r .token
ref: https://stackoverflow.com/questions/54983803/ansible-awx-login-token-api
Add Host to Inventory Group
Add host to inventory group [1]
URI: {your host}/api/v2/groups/{id}/hosts/ Method: POST Payload: { "name": "{hostname}", "description": "", "enabled": true, "instance_id": "", "variables": "" }
---
POST /api/v2/groups/{id}/hosts/ Create a Host for a Group
https://docs.ansible.com/ansible-tower/latest/html/towerapi/api_ref.html#/Groups/Groups_groups_hosts_create
Make a POST request to this resource with the following host fields to create a new host associated with this group
- name: Name of this host. (string, required)
- description: Optional description of this host. (string, default="")
- inventory: (id, required)
- enabled: Is this host online and available for running jobs? (boolean, default=True)
- instance_id: The value used by the remote inventory source to uniquely identify the host (string, default="")
- variables: Host variables in JSON or YAML format. (json, default=``)