Ansible adding or removing users from the MySQL database

Source: Internet
Author: User
Tags scalar string format unix domain socket server port


Mysql_user-Add or remove users from the MySQL database.
    • Profile
    • Requirements (on the host that executes the module)
    • Options
    • Example
    • Notes
      • State
      • Support
Profile
    • Add or remove users from the MySQL database.
Requirements (on the host that executes the module)
  • MySQLdb's
Options
Parameters need to default Select Notes
Append_privs
(1.4 added)
No No
  • Yes
  • No
Attaches the permissions defined by Priv to the existing permissions of this user, rather than overwriting the existing permissions.
Check_implicit_admin
(1.3 added)
No No
  • Yes
  • Yes
Check to see if MySQL is allowed to log in as Root/nopassword and then try to provide the credentials.
Config_file
(2.0 added)
No ?/. my.cnf Specifies the configuration file from which to read the user and password.
Connect_timeout
(2.1 added)
No 30 The connection timed out when connecting to the MySQL server.
Encrypted (encrypted)
(2.0 added)
No No
  • Yes
  • No
Indicates that the ' Password ' field is a ' mysql_native_password ' hash value
Host
No localhost The ' host ' part of the MySQL username
Host_all
(2.1 added)
No No
  • Yes
  • No
overrides the host option to allow a given user to apply changes to all host names Ansible. you cannot use this option when creating a user
Login_host
No localhost The host running the database.
Login_password
No The password to use for authentication.
Login_port
No 320W MySQL server port. If you use Login_port, you need to define login_host as a different local host.
Login_unix_socket
No The path to the locally attached UNIX domain socket.
Login_user
No The user name to use for authentication.
Name
Yes Add or remove user names (roles)
Password
No Set the user password.
Priv
No the MySQL privileged string format is: db.table:priv1,priv2. You can specify multiple permissions by separating each privilege with a forward slash: db.table:priv/db.table:priv. The format is based on the MySQL GRANTstatement. Database and table names can be referenced, MySQL style. If you use column permissions, the priv1,priv2section must be exactly the same as theSHOW GRANT statement . If not followed, the module will always report changes. It includes grouping columns by permission ( SELECT(col1,col2) instead of SELECT(col1 SELECT (col2) ).
Sql_log_bin
(2.1 added)
No Yes
  • Yes
  • No
Whether binary logging should be enabled or disabled for the connection.
Ssl_ca
(2.0 added)
No the path of the certification authority (CA) certificate. This option (if used) must specify the same certificate that is used by the server.
Ssl_cert
(2.0 added)
No The path to the client public key certificate.
Ssl_key
(2.0 added)
No The path to the client private key.
State No Present
  • Present
  • Absent
Whether the user should exist when absent时Delete the user.
Update_password
(2.0 added)
No Always
  • Always
  • On_create
if it is different, always updates the password. theon_createpassword will only be set for the newly created user.
Example
# removes anonymous user account for localhost-Mysql_user:Name:‘‘Host:localhostState:Absent# Removes all anonymous user accounts-Mysql_user:Name:‘‘Host_all:YesState:Absent# Create database user with Name ' Bob ' and password ' 12345 ' with all database privileges-Mysql_user:Name:BobPassword:12345Priv:' *.*:all 'State:Present# Create database user with Name ' Bob ' and previously hashed MySQL native password ' *ee0d72c1085c46c5278932678fbe2c6a78282 1B4 ' With all database privileges-Mysql_user:Name:BobPassword:' *ee0d72c1085c46c5278932678fbe2c6a782821b4 'Encrypted:YesPriv:' *.*:all 'State:Present# Creates database user ' Bob ' and password ' 12345 ' with any database privileges and ' with GRANT OPTION '-Mysql_user:Name:BobPassword:12345Priv:' *.*:all,grant 'State:Present# Modify user Bob to require SSL connections. Note that requireSSL is a special privilege this should only apply to *. * by itself.-Mysql_user:Name:BobAppend_privs:TruePriv:' *.*:requiressl 'State:Present# Ensure no user named ' Sally ' @ ' localhost ' exists, also passing in the auth credentials.-Mysql_user:Login_user:RootLogin_password:123456Name:SallyState:Absent# Ensure no user named ' Sally ' exists at all-Mysql_user:Name:SallyHost_all:YesState:Absent# specify grants composed of more than one word-Mysql_user:Name:ReplicationPassword:12345Priv:"*.*:replication CLIENT "State:Present# Revoke all privileges for user ' Bob ' and password ' 12345 '-Mysql_user:Name:BobPassword:12345Priv:"*.*:usage"State:Present# Example Privileges string format# Mydb.*:insert,update/anotherdb.*:select/yetanotherdb.*:all# Example using Login_unix_socket to connect to server-Mysql_user:Name:RootPassword:abc123Login_unix_socket:/var/run/mysqld/mysqld.sock# Example of skipping binary logging while adding user ' Bob '-mysql_user: name:  Bob password: 12345 priv:  "*.*:usage" state: present sql_log_bin: no# Example. my.cnf file for setting the root Password# [Client]# user=root# password=n<_665{vs43y      


Attention

Ansible user

  • The default login_user for MySQL server is "root" with no password. in order to use this user as part of idempotent playboot, ansible add user to group you must create at least two tasks: You must first change the root user's password without providing any login_user/login_password details. The second must delete the?/. my.cnf file that contains the new root credential. Then, by reading the new credentials from the file, the subsequent game will succeed.
  • Currently, only support Mysql_native_passwordEncrypt the password hash module.
  • requires the MySQLdb python package on the remote host. for Ubuntu, this is as simple as Apt-get install PYTHON-MYSQLDB. (see apt.) For Centos/fedora, ansible add user this is as easy as Yum to install Mysql-python. (see yum.) )
  • no matter login_passwordand the login_user your lost credentials are required. If it does not exist, the module will attempt to read the credentials from it~/.my.cnf, and finally go back to "root" with the MySQL default login, without the password.
State

Ansible user module

the module is marked as Preview , which means that it does not guarantee a backward-compatible interface.


Support

ansible create user

This module is maintained by the community without the supervision of the core submitter.



For more information on what this means, please read the module support



to help develop the module, if you have this tendency, read the community information and contributions to test the programmable and development modules .



Ansible adding or removing users from the MySQL database


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.