Chapter 6. Roles
Roles are units of organization in the Red Hat Ansible Automation Platform. When you assign a role to a team or user, you are granting access to use, read, or write credentials. Because of the file structure associated with a role, roles become redistributable units that enable you to share behavior among resources, or with other users. All access that is granted to use, read, or write credentials is handled through roles, and roles are defined for a resource.
6.1. Displaying roles
You can display the roles assigned for component resources from the
menu.Procedure
-
From the navigation panel, select
. Select a tab for the component resource for which you want to create custom roles.
NoteIf you have multiple Ansible Automation Platform components installed, you will see selections for the roles associated with each component in the Roles menu bar. For example, Automation Execution for automation controller roles, Automation Decisions for Event-Driven Ansible roles.
- From the table header, you can sort the list of roles by using the arrows for Name, Description, Created and Editable or by making sort selections in the Sort list.
- You can filter the list of roles by selecting Name or Editable from the filter list and clicking the arrow.
6.2. Creating a role
Ansible Automation Platform services provide a set of predefined roles with permissions sufficient for standard automation tasks. It is also possible to configure custom roles, and assign one or more permission filters to them. Permission filters define the actions allowed for a specific resource type.
Procedure
-
From the navigation panel, select
. Select a tab for the component resource for which you want to create custom roles.
NoteIf you have multiple Ansible Automation Platform components installed, you will see selections for the roles associated with each component in the Roles menu bar. For example, Automation Execution for automation controller roles, Automation Decisions for Event-Driven Ansible roles.
- Click .
- Provide a Name and optionally include a Description for the role.
- Select a Content Type.
- Select the Permissions you want assigned to this role.
- Click to create your new role.
6.3. Editing a role
Built in roles can not be changed, however, you can modify custom roles from the Roles list view. The Editable column in the Roles list view indicates whether a role is Built-in or Editable.
Procedure
-
From the navigation panel, select
. Select a tab for the component resource for which you want to modify a custom role.
NoteIf you have multiple Ansible Automation Platform components installed, you will see selections for the roles associated with each component in the Roles menu bar. For example, Automation Execution for automation controller roles, Automation Decisions for Event-Driven Ansible roles.
- Click the Edit role icon next to the role you want and modify the role settings as needed.
- Click to save your changes.
6.4. Deleting a role
Built in roles can not be deleted, however, you can delete custom roles from the Roles list view.
Procedure
-
From the navigation panel, select
. Select a tab for the component resource for which you want to create custom roles.
NoteIf you have multiple Ansible Automation Platform components installed, you will see selections for the roles associated with each component in the Roles menu bar. For example, Automation Execution for automation controller roles, Automation Decisions for Event-Driven Ansible roles.
- Click the More Actions icon ⋮ next to the role you want and select Delete role.
- To delete roles in bulk, select the roles you want to delete from the Roles list view, click the More Actions icon ⋮, and select Delete roles.