summaryrefslogtreecommitdiffstats
path: root/ansible_collections/cyberark/conjur/dev/policy/root.yml
diff options
context:
space:
mode:
Diffstat (limited to 'ansible_collections/cyberark/conjur/dev/policy/root.yml')
-rw-r--r--ansible_collections/cyberark/conjur/dev/policy/root.yml32
1 files changed, 32 insertions, 0 deletions
diff --git a/ansible_collections/cyberark/conjur/dev/policy/root.yml b/ansible_collections/cyberark/conjur/dev/policy/root.yml
new file mode 100644
index 000000000..0309cf702
--- /dev/null
+++ b/ansible_collections/cyberark/conjur/dev/policy/root.yml
@@ -0,0 +1,32 @@
+---
+- !policy
+ id: ansible
+ annotations:
+ description: Policy for Ansible master and remote hosts
+ body:
+
+ - !host
+ id: ansible-master
+ annotations:
+ description: Host for running Ansible on remote targets
+
+ - !layer &remote_hosts_layer
+ id: remote_hosts
+ annotations:
+ description: Layer for Ansible remote hosts
+
+ - !host-factory
+ id: ansible-factory
+ annotations:
+ description: Factory to create new hosts for ansible
+ layer: [ *remote_hosts_layer ]
+
+ - !variable
+ id: target-password
+ annotations:
+ description: Password needed by the Ansible remote machine
+
+ - !permit
+ role: *remote_hosts_layer
+ privileges: [ execute ]
+ resources: [ !variable target-password ]
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 23:23:11 +0000