lowlydba.sqlserver.user_role module – Configures a user’s role in a database.
Note
This module is part of the lowlydba.sqlserver collection (version 2.8.1).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install lowlydba.sqlserver.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: lowlydba.sqlserver.user_role.
New in lowlydba.sqlserver 2.4.0
Synopsis
Adds or removes a user’s role in a database.
Use the roles option to work with multiple roles at once using the add/remove/set pattern.
Requirements
The below requirements are needed on the host that executes this module.
dbatools PowerShell module
Parameters
Parameter |
Comments |
|---|---|
Database for the user. |
|
The database role for the user to be modified. Deprecated: This parameter is deprecated and will be removed in version 3.0.0. Use roles instead. |
|
A dictionary of roles to manage for the user. Supports three keys
At least one key must be present. |
|
A list of role names to add the user to. May be empty to query current membership without changes. |
|
A list of role names to remove the user from. May be empty to query current membership without changes. |
|
A list of role names that replaces the user’s current roles. An empty list removes all role memberships. |
|
The SQL Server instance to modify. |
|
Password for SQL Authentication. |
|
Username for SQL Authentication. |
|
Desired state of the user role membership. Only applicable when using the role parameter (legacy mode). Cannot be used with roles. Choices:
|
|
Name of the user. |
Attributes
Attribute |
Support |
Description |
|---|---|---|
Support: full |
Can run in check_mode and return changed status prediction without modifying target. |
|
Platforms: all |
Target OS/families that can be operated against. |
Examples
- name: Add a user to a fixed db role (legacy)
lowlydba.sqlserver.user_role:
sql_instance: sql-01.myco.io
username: TheIntern
database: InternProject1
role: db_owner
- name: Remove a user from a fixed db role (legacy)
lowlydba.sqlserver.user_role:
sql_instance: sql-01.myco.io
username: TheIntern
database: InternProject1
role: db_owner
state: absent
- name: Add user to multiple roles
lowlydba.sqlserver.user_role:
sql_instance: sql-01.myco.io
username: TheIntern
database: InternProject1
roles:
add:
- db_owner
- db_datareader
- name: Remove user from multiple roles
lowlydba.sqlserver.user_role:
sql_instance: sql-01.myco.io
username: TheIntern
database: InternProject1
roles:
remove:
- db_owner
- db_datareader
- name: Set user's roles (replace all current roles)
lowlydba.sqlserver.user_role:
sql_instance: sql-01.myco.io
username: TheIntern
database: InternProject1
roles:
set:
- db_datareader
- db_datawriter
- name: Combine add and remove operations
lowlydba.sqlserver.user_role:
sql_instance: sql-01.myco.io
username: TheIntern
database: InternProject1
roles:
add:
- db_securityadmin
remove:
- db_owner
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
For the For the legacy Returned: success |
|
List of roles that were added (or would be added in check_mode). Returned: success |
|
List of roles that were removed (or would be removed in check_mode). Returned: success |
|
List of roles the user is currently a member of. In check_mode reflects state before any changes. Returned: success Sample: |