機能
- MySQLデータベースへのユーザ追加/削除を行う。
使用例
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 |
- name: Removes anonymous user account for localhost mysql_user: name: '' host: localhost state: absent - name: Removes all anonymous user accounts mysql_user: name: '' host_all: yes state: absent - name: Create database user with name 'bob' and password '12345' with all database privileges mysql_user: name: bob password: 12345 priv: '*.*:ALL' state: present - name: Create database user using hashed password with all database privileges mysql_user: name: bob password: '*EE0D72C1085C46C5278932678FBE2C6A782821B4' encrypted: yes priv: '*.*:ALL' state: present - name: Create database user with password and all database privileges and 'WITH GRANT OPTION' mysql_user: name: bob password: 12345 priv: '*.*:ALL,GRANT' state: present # Note that REQUIRESSL is a special privilege that should only apply to *.* by itself. - name: Modify user to require SSL connections. mysql_user: name: bob append_privs: yes priv: '*.*:REQUIRESSL' state: present - name: Ensure no user named 'sally'@'localhost' exists, also passing in the auth credentials. mysql_user: login_user: root login_password: 123456 name: sally state: absent - name: Ensure no user named 'sally' exists at all mysql_user: name: sally host_all: yes state: absent - name: Specify grants composed of more than one word mysql_user: name: replication password: 12345 priv: "*.*:REPLICATION CLIENT" state: present - name: Revoke all privileges for user 'bob' and password '12345' mysql_user: name: bob password: 12345 priv: "*.*:USAGE" state: present # Example privileges string format # mydb.*:INSERT,UPDATE/anotherdb.*:SELECT/yetanotherdb.*:ALL - name: Example using login_unix_socket to connect to server mysql_user: name: root password: abc123 login_unix_socket: /var/run/mysqld/mysqld.sock - name: Example of skipping binary logging while adding user 'bob' mysql_user: name: bob password: 12345 priv: "*.*:USAGE" state: present sql_log_bin: no # Example .my.cnf file for setting the root password # [client] # user=root # password=n<_665{vS43y |
参考サイト
mysql_user – Adds or removes a user from a MySQL database — Ansible Documentation
https://docs.ansible.com/ansible/2.9/modules/mysql_user_module.html#mysql-user-module
Database modules — Ansible Documentation
https://docs.ansible.com/ansible/2.9/modules/list_of_database_modules.html