Managing Enterprise Automation with Red Hat Ansible Automation Platform

Bookmark this page
P123456789101112
PreviousNext

Lab: Managing User Access

  • Create users on automation controller and private automation hub and assign the users access permissions as specified by the lab instructions.

Outcomes

  • Create users in automation controller and in private automation hub.

  • Create teams in automation controller and groups in private automation hub.

  • Add users to automation controller teams and private automation hub groups.

  • Assign team roles to automation controller users and permissions to private automation hub groups.

As the student user on the workstation machine, use the lab command to prepare your system for this exercise.

This command ensures that automation controller and private automation hub are installed.

[student@workstation ~]$ lab start org-review

Procedure 2.4. Instructions

  1. Navigate to https://controller.lab.example.com and log in as the admin user with redhat as the password.

  2. Add two automation controller users with the following information:

    FieldValue for the first userValue for the second user
    First Name Oliver Ophelia
    Last Name Stone Dunham
    Email oliver@lab.example.com ophelia@lab.example.com
    Username oliver ophelia
    Password redhat123 redhat123
    Confirm Password redhat123 redhat123
    User Type Normal User Normal User
    Organization Default Default

    1. Navigate to AccessUsers and then click Add. Create the oliver user with the following information. When finished, click Save to create the new user.

      FieldValue
      First Name Oliver
      Last Name Stone
      Email oliver@lab.example.com
      Username oliver
      Password redhat123
      Confirm Password redhat123
      User Type Normal User
      Organization Default

    2. Navigate to AccessUsers and then click Add. Create the ophelia user with the following information. When finished, click Save to create the new user.

      FieldValue
      First Name Ophelia
      Last Name Dunham
      Email ophelia@lab.example.com
      Username ophelia
      Password redhat123
      Confirm Password redhat123
      User Type Normal User
      Organization Default

  3. Create an automation controller team called Operations using Ops Team as the description. The new team must belong to the Default organization.

    1. Navigate to AccessTeams and then click Add.

    2. Create the team using the following information. When finished, click Save to create the new team.

      FieldValue
      Name Operations
      Description Ops Team
      Organization Default

  4. Add Oliver as a Member to the Operations team.

    1. Navigate to AccessTeams and then click the link for the Operations team.

    2. Click the Access tab and then click Add.

    3. Select Users and then click Next.

    4. Select oliver and then click Next.

    5. Select Member and then click Save to assign the role.

    6. The Access page for the Operations team indicates that Oliver has the Member user role and the Read team role.

  5. Add Ophelia as an Admin to the Operations team.

    1. From the Access page for the Operations team, click Add.

    2. Select Users and then click Next.

    3. Select ophelia and then click Next.

    4. Select Admin and then click Save to assign the role.

    5. The Access page for the Operations team indicates that Ophelia has the Admin user role and the Read team role.

  6. Add a private automation hub group called Container Developers. Assign all of the permissions in the Containers category to the new Container Developers group.

    1. Navigate to https://hub.lab.example.com and log in as the admin user with redhat as the password.

    2. Navigate to User AccessGroups and then click Create. Enter Container Developers in the Name field and then click Create to create the new group.

    3. Click Edit. Add all of the permissions in the Containers category and then click Save.

  7. Add a private automation hub user using the information in the following table. When finished, log out of the private automation hub web UI.

    FieldValue
    Username carlos
    First name Carlos
    Last name Cortez
    Email carlos@lab.example.com
    Password redhat123
    Password confirmation redhat123
    Groups Container Developers
    User type Not a super user

    1. Navigate to User AccessUsers and then click Create. Create the carlos user with information in the previous table. When finished, click Save to create the new private automation hub user.

  8. From a terminal window, use the skopeo command to identify the version and release of the private automation hub ansible-automation-platform-22/ee-supported-rhel8:latest container image.

    To do this, access the container repository on hub.lab.example.com as the newly created carlos user.

    1. Use the skopeo login command to log in to private automation hub as carlos using redhat123 as the password.

      [student@workstation ~]$ skopeo login hub.lab.example.com
Username: carlos
Password: redhat123
Login Succeeded!

      Note

      If running the skopeo login command produces a message indicating that you are already logged in, then run the skopeo logout hub.lab.example.com command and then attempt to log in again as the carlos user.

    2. Reduce the amount of typing in the following skopeo commands by setting a variable:

      [student@workstation ~]$ REPO=ansible-automation-platform-22/ee-supported-rhel8

    3. Use the skopeo inspect command to display information about the ansible-automation-platform-22/ee-supported-rhel8:latest container image on private automation hub. Use the --format "{{ .Labels.version }}-{{ .Labels.release }}" option to only display the version and release of the container image.

      [student@workstation ~]$ skopeo inspect docker://hub.lab.example.com/${REPO} \
> --format "{{ .Labels.version }}-{{ .Labels.release }}"
1.0.0-99

      Important

      When not specified, container images default to using the latest tag.

  9. Using the private automation hub web UI, add a new tag to the ansible-automation-platform-22/ee-supported-rhel8:latest container image. Use information about the version and release of the container image obtained in the previous step to create the tag using the format of "VERSION-RELEASE". For example, the ansible-automation-platform-22/ee-29-rhel8:latest container image would use the 1.0.0-119 tag, where 1.0.0 is the version, and 119 is the release.

    1. Navigate to Execution EnvironmentsExecution Environments and then click the link for the ansible-automation-platform-22/ee-supported-rhel8 container repository.

    2. From the Images tab, click the vertical ellipsis icon and select Manage tags. Add the 1.0.0-99 tag to ansible-automation-platform-22/ee-supported-rhel8, save your changes, and close the Manage tags window.

    3. Navigate to adminLogout to exit the private automation hub web UI.

      Note

      Instead of using the private automation hub web UI, you could add the 1.0.0-99 container image tag by using the skopeo copy command:

      [student@workstation ~]$ skopeo copy docker://hub.lab.example.com/${REPO} \
> docker://hub.lab.example.com/${REPO}:1.0.0-99
...output omitted...

  10. Use the skopeo list-tags command to verify that the ansible-automation-platform-22/ee-supported-rhel8 container repository uses the 1.0.0-99 tag.

    [student@workstation ~]$ skopeo list-tags docker://hub.lab.example.com/${REPO}
{
    "Repository": "hub.lab.example.com/ansible-automation-platform-22/ee-supported-rhel8",
    "Tags": [
        "1.0",
        "1.0.0",
        "1.0.0-99",
        "latest"
    ]
}

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish org-review

This concludes the section.

PreviousNext
Revision: do467-2.2-08877c1