AWX/API

From Omnia
< AWX
Revision as of 23:38, 7 January 2024 by Kenneth (talk | contribs) (→‎Version)
Jump to navigation Jump to search

API Documantation

10. Tower API Reference Guide — Ansible Tower API Guide
https://docs.ansible.com/ansible-tower/latest/html/towerapi/api_ref.html

Version

$ curl -s https://awx.example.com/api/ | jq
{
  "description": "AWX REST API",
  "current_version": "/api/v2/",
  "available_versions": {
    "v2": "/api/v2/"
  },
  "oauth2": "/api/o/",
  "custom_logo": "",
  "custom_login_info": "",
  "lo

Get APIs

$ curl -s https://awx.example.com/api/v2/ | jq
{
  "ping": "/api/v2/ping/",
  "instances": "/api/v2/instances/",
  "instance_groups": "/api/v2/instance_groups/",
  "config": "/api/v2/config/",
  "settings": "/api/v2/settings/",
  "me": "/api/v2/me/",
  "dashboard": "/api/v2/dashboard/",
  "organizations": "/api/v2/organizations/",
  "users": "/api/v2/users/",
  "execution_environments": "/api/v2/execution_environments/",
  "projects": "/api/v2/projects/",
  "project_updates": "/api/v2/project_updates/",
  "teams": "/api/v2/teams/",
  "credentials": "/api/v2/credentials/",
  "credential_types": "/api/v2/credential_types/",
  "credential_input_sources": "/api/v2/credential_input_sources/",
  "applications": "/api/v2/applications/",
  "tokens": "/api/v2/tokens/",
  "metrics": "/api/v2/metrics/",
  "inventory": "/api/v2/inventories/",
  "constructed_inventory": "/api/v2/constructed_inventories/",
  "inventory_sources": "/api/v2/inventory_sources/",
  "inventory_updates": "/api/v2/inventory_updates/",
  "groups": "/api/v2/groups/",
  "hosts": "/api/v2/hosts/",
  "host_metrics": "/api/v2/host_metrics/",
  "host_metric_summary_monthly": "/api/v2/host_metric_summary_monthly/",
  "job_templates": "/api/v2/job_templates/",
  "jobs": "/api/v2/jobs/",
  "ad_hoc_commands": "/api/v2/ad_hoc_commands/",
  "system_job_templates": "/api/v2/system_job_templates/",
  "system_jobs": "/api/v2/system_jobs/",
  "schedules": "/api/v2/schedules/",
  "roles": "/api/v2/roles/",
  "notification_templates": "/api/v2/notification_templates/",
  "notifications": "/api/v2/notifications/",
  "labels": "/api/v2/labels/",
  "unified_job_templates": "/api/v2/unified_job_templates/",
  "unified_jobs": "/api/v2/unified_jobs/",
  "activity_stream": "/api/v2/activity_stream/",
  "workflow_job_templates": "/api/v2/workflow_job_templates/",
  "workflow_jobs": "/api/v2/workflow_jobs/",
  "workflow_approvals": "/api/v2/workflow_approvals/",
  "workflow_job_template_nodes": "/api/v2/workflow_job_template_nodes/",
  "workflow_job_nodes": "/api/v2/workflow_job_nodes/",
  "mesh_visualizer": "/api/v2/mesh_visualizer/",
  "bulk": "/api/v2/bulk/",
  "analytics": "/api/v2/analytics/"
}

Login

Session Authentication

GET /api/login/

$ curl -k -c - https://awx.example.com/api/login/
...
awx.example.com     FALSE   /       FALSE   0       csrftoken       AswSFn5p1qQvaX4KoRZN6A5yer0Pq0VG2cXMTzZnzuhaY0L4tiidYqwf5PXZckuj

Grab the csrftoken.

POST /api/login/ username, password, and csrftoken

curl -X POST -H 'Content-Type: application/x-www-form-urlencoded' \
  --referer https://awx.example.com/api/login/ \
  -H 'X-CSRFToken: K580zVVm0rWX8pmNylz5ygTPamgUJxifrdJY0UDtMMoOis5Q1UOxRmV9918BUBIN' \
  --data 'username=root&password=reverse' \
  --cookie 'csrftoken=K580zVVm0rWX8pmNylz5ygTPamgUJxifrdJY0UDtMMoOis5Q1UOxRmV9918BUBIN' \
  https://awx.example.com/api/login/ -k -D - -o /dev/null


Ref: https://docs.ansible.com/automation-controller/latest/html/controllerapi/authentication.html

Stateless Basica Authentication

Or you can pass in user/password with each request... (Have to enable - "Enable HTTP Basic Auth" under Miscellaneous Autehntication)

curl -X GET -H 'Authorization: Basic dXNlcjpwYXNzd29yZA==’ https://<controller-host>/api/v2/credentials -k -L
# the --user flag adds this Authorization header for us
curl -X GET --user 'user:password' https://<controller-host>/api/v2/credentials -k -L

Take note of:

  • X-API-Session-Cookie-Name
  • awx_session_id
  • Set-Cookie

Token Authentication

Or you can request a token to use: (have to enable - "Allow external users to create OAtuh2 Toekn" under Miscellaneous Autehntication)

curl -u user:password -k -X POST https://<controller-host>/api/v2/tokens/
...
 "token":"..."

Use:

curl -k -X POST \
  -H “Content-Type: application/json”
  -H “Authorization: Bearer <oauth2-token-value>” \
  https://<controller-host>/api/v2/hosts/