AWX/API: Difference between revisions

From Omnia
< AWX
Jump to navigation Jump to search
Line 99: Line 99:
Ref: https://docs.ansible.com/automation-controller/latest/html/controllerapi/authentication.html
Ref: https://docs.ansible.com/automation-controller/latest/html/controllerapi/authentication.html


=== Stateless Basica Authentication ===
=== Stateless Basic Authentication ===


Or you can pass in user/password with each request... (Have to enable - "Enable HTTP Basic Auth" under Miscellaneous Autehntication)
Or you can pass in user/password with each request... (Have to enable - "Enable HTTP Basic Auth" under Miscellaneous Autehntication)

Revision as of 22:18, 20 September 2024

API Documantation

10. Tower API Reference Guide — Ansible Tower API Guide
https://docs.ansible.com/ansible-tower/latest/html/towerapi/api_ref.html

Version

$ curl -s https://awx.example.com/api/ | jq
{
  "description": "AWX REST API",
  "current_version": "/api/v2/",
  "available_versions": {
    "v2": "/api/v2/"
  },
  "oauth2": "/api/o/",
  "custom_logo": "",
  "custom_login_info": "",
  "lo

Get APIs

$ curl -s https://awx.example.com/api/v2/ | jq
{
  "ping": "/api/v2/ping/",
  "instances": "/api/v2/instances/",
  "instance_groups": "/api/v2/instance_groups/",
  "config": "/api/v2/config/",
  "settings": "/api/v2/settings/",
  "me": "/api/v2/me/",
  "dashboard": "/api/v2/dashboard/",
  "organizations": "/api/v2/organizations/",
  "users": "/api/v2/users/",
  "execution_environments": "/api/v2/execution_environments/",
  "projects": "/api/v2/projects/",
  "project_updates": "/api/v2/project_updates/",
  "teams": "/api/v2/teams/",
  "credentials": "/api/v2/credentials/",
  "credential_types": "/api/v2/credential_types/",
  "credential_input_sources": "/api/v2/credential_input_sources/",
  "applications": "/api/v2/applications/",
  "tokens": "/api/v2/tokens/",
  "metrics": "/api/v2/metrics/",
  "inventory": "/api/v2/inventories/",
  "constructed_inventory": "/api/v2/constructed_inventories/",
  "inventory_sources": "/api/v2/inventory_sources/",
  "inventory_updates": "/api/v2/inventory_updates/",
  "groups": "/api/v2/groups/",
  "hosts": "/api/v2/hosts/",
  "host_metrics": "/api/v2/host_metrics/",
  "host_metric_summary_monthly": "/api/v2/host_metric_summary_monthly/",
  "job_templates": "/api/v2/job_templates/",
  "jobs": "/api/v2/jobs/",
  "ad_hoc_commands": "/api/v2/ad_hoc_commands/",
  "system_job_templates": "/api/v2/system_job_templates/",
  "system_jobs": "/api/v2/system_jobs/",
  "schedules": "/api/v2/schedules/",
  "roles": "/api/v2/roles/",
  "notification_templates": "/api/v2/notification_templates/",
  "notifications": "/api/v2/notifications/",
  "labels": "/api/v2/labels/",
  "unified_job_templates": "/api/v2/unified_job_templates/",
  "unified_jobs": "/api/v2/unified_jobs/",
  "activity_stream": "/api/v2/activity_stream/",
  "workflow_job_templates": "/api/v2/workflow_job_templates/",
  "workflow_jobs": "/api/v2/workflow_jobs/",
  "workflow_approvals": "/api/v2/workflow_approvals/",
  "workflow_job_template_nodes": "/api/v2/workflow_job_template_nodes/",
  "workflow_job_nodes": "/api/v2/workflow_job_nodes/",
  "mesh_visualizer": "/api/v2/mesh_visualizer/",
  "bulk": "/api/v2/bulk/",
  "analytics": "/api/v2/analytics/"
}

Login

Session Authentication

GET /api/login/

$ curl -k -c - https://awx.example.com/api/login/
...
awx.example.com     FALSE   /       FALSE   0       csrftoken       AswSFn5p1qQvaX4KoRZN6A5yer0Pq0VG2cXMTzZnzuhaY0L4tiidYqwf5PXZckuj

Grab the csrftoken.

POST /api/login/ username, password, and csrftoken

curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \
  --referer https://awx.example.com/api/login/ \
  -H 'X-CSRFToken: K580zVVm0rWX8pmNylz5ygTPamgUJxifrdJY0UDtMMoOis5Q1UOxRmV9918BUBIN' \
  --data 'username=root&password=reverse' \
  --cookie 'csrftoken=K580zVVm0rWX8pmNylz5ygTPamgUJxifrdJY0UDtMMoOis5Q1UOxRmV9918BUBIN' \
  https://awx.example.com/api/login/ -k -D - -o /dev/null


Ref: https://docs.ansible.com/automation-controller/latest/html/controllerapi/authentication.html

Stateless Basic Authentication

Or you can pass in user/password with each request... (Have to enable - "Enable HTTP Basic Auth" under Miscellaneous Autehntication)

curl -X GET -H 'Authorization: Basic dXNlcjpwYXNzd29yZA==’ https://<controller-host>/api/v2/credentials -k -L
# the --user flag adds this Authorization header for us
curl -X GET --user 'user:password' https://<controller-host>/api/v2/credentials -k -L

Take note of:

  • X-API-Session-Cookie-Name
  • awx_session_id
  • Set-Cookie

Token Authentication

Or you can request a token to use: (have to enable - "Allow external users to create OAtuh2 Toekn" under Miscellaneous Autehntication)

curl -u user:password -k -X POST https://<controller-host>/api/v2/tokens/
...
 "token":"..."

Use:

curl -k -X POST \
  -H “Content-Type: application/json”
  -H “Authorization: Bearer <oauth2-token-value>” \
  https://<controller-host>/api/v2/hosts/

Add Host to Inventory Group

Add host to inventory group [1]

URI: {your host}/api/v2/groups/{id}/hosts/

Method: POST

Payload:
{
    "name": "{hostname}",
    "description": "",
    "enabled": true,
    "instance_id": "",
    "variables": ""
}

---

POST /api/v2/groups/{id}/hosts/ Create a Host for a Group

https://docs.ansible.com/ansible-tower/latest/html/towerapi/api_ref.html#/Groups/Groups_groups_hosts_create

Make a POST request to this resource with the following host fields to create a new host associated with this group

  • name: Name of this host. (string, required)
  • description: Optional description of this host. (string, default="")
  • inventory: (id, required)
  • enabled: Is this host online and available for running jobs? (boolean, default=True)
  • instance_id: The value used by the remote inventory source to uniquely identify the host (string, default="")
  • variables: Host variables in JSON or YAML format. (json, default=``)

keywords