ansible.builtin.group module – Add or remove groups

Note

This module is part of ansible-core and included in all Ansible installations. In most cases, you can use the short module name group even without specifying the collections keyword. However, we recommend you use the Fully Qualified Collection Name (FQCN) ansible.builtin.group for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.

Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • groupadd

  • groupdel

  • groupmod

Parameters

Parameter

Comments

force

boolean

added in ansible-core 2.15

Whether to delete a group even if it is the primary group of a user.

Only applicable on platforms which implement a --force flag on the group deletion command.

Choices:

  • false ← (default)

  • true

gid

integer

Optional GID to set for the group.

gid_max

integer

added in ansible-core 2.18

Sets the GID_MAX value for group creation.

Overwrites /etc/login.defs default value.

Currently supported on Linux. Does nothing when used with other platforms.

Requires local is omitted or False.

gid_min

integer

added in ansible-core 2.18

Sets the GID_MIN value for group creation.

Overwrites /etc/login.defs default value.

Currently supported on Linux. Does nothing when used with other platforms.

Requires local is omitted or False.

local

boolean

Forces the use of “local” command alternatives on platforms that implement it.

This is useful in environments that use centralized authentication when you want to manipulate the local groups. (for example, it uses lgroupadd instead of groupadd).

This requires that these commands exist on the targeted host, otherwise it will be a fatal error.

Choices:

  • false ← (default)

  • true

name

string / required

Name of the group to manage.

non_unique

boolean

added in Ansible 2.8

This option allows to change the group ID to a non-unique value. Requires gid.

Not supported on macOS or BusyBox distributions.

Choices:

  • false ← (default)

  • true

state

string

Whether the group should be present or not on the remote host.

Choices:

  • "absent"

  • "present" ← (default)

system

boolean

If yes, indicates that the group created is a system group.

Choices:

  • false ← (default)

  • true

Attributes

Attribute

Support

Description

check_mode

Support: full

Can run in check_mode and return changed status prediction without modifying target, if not supported the action will be skipped.

diff_mode

Support: none

Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode

platform

Platform: posix

Target OS/families that can be operated against

See Also

See also

ansible.builtin.user

Manage user accounts.

ansible.windows.win_group

Add and remove local groups.

Examples

- name: Ensure group "somegroup" exists
  ansible.builtin.group:
    name: somegroup
    state: present

- name: Ensure group "docker" exists with correct gid
  ansible.builtin.group:
    name: docker
    state: present
    gid: 1750

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

gid

integer

Group ID of the group.

Returned: When state is present

Sample: 1001

name

string

Group name.

Returned: always

Sample: "users"

state

string

Whether the group is present or not.

Returned: always

Sample: "absent"

system

boolean

Whether the group is a system group or not.

Returned: When state is present

Sample: false

Authors

  • Stephen Fromm (@sfromm)