DO467 - ch12s03

This command ensures that automation controller and private automation hub are installed. The command also removes resources created in previous chapters and downloads content collections to the /home/student/content-collections directory.

[student@workstation ~]$ lab start compreview-users

Specifications

Configure organizations, users, and teams on your automation controller at https://controller.lab.example.com based on the following specification. The admin user on your automation controller has redhat as its password.

In addition, configure users and groups on your private automation hub at https://hub.lab.example.com, based on the following specification. An Ansible Content Collection also must be uploaded to your private automation hub and approved for use. The admin user on your private automation hub also has redhat as its password.

On your automation controller, create a new organization based on the following information:
Field Value
Name BLA
Description Business Line Applications
On your automation controller, create a new team based on the following information:
Field Value
Name SRE
Description Site Reliability Engineering
Organization BLA
On your automation controller, create three new users based on the following information:
Field Value
First Name Site Reliability Engineer 1
Email sre1@lab.example.com
Username sre1
Password redhat123
Confirm Password redhat123
User Type Normal User
Organization BLA
Field Value
First Name Site Reliability Engineer 2
Email sre2@lab.example.com
Username sre2
Password redhat123
Confirm Password redhat123
User Type Normal User
Organization BLA
Field Value
First Name System Admin
Email sysadmin@lab.example.com
Username sysadmin
Password redhat123
Confirm Password redhat123
User Type System Administrator
Organization BLA
On your automation controller, assign team roles to users on the SRE team based on the following information:
User Role
sre1 Admin
sre2 Member
On your private automation hub, add a group named Infrastructure Team, and assign that group permissions that allow it to manage Ansible Content Collections and containers.

Field	Value
Name	`BLA`
Description	`Business Line Applications`

Field	Value
Name	`SRE`
Description	`Site Reliability Engineering`
Organization	`BLA`

Field	Value
First Name	`Site Reliability Engineer 1`
Email	`sre1@lab.example.com`
Username	`sre1`
Password	`redhat123`
Confirm Password	`redhat123`
User Type	`Normal User`
Organization	`BLA`

Field	Value
First Name	`Site Reliability Engineer 2`
Email	`sre2@lab.example.com`
Username	`sre2`
Password	`redhat123`
Confirm Password	`redhat123`
User Type	`Normal User`
Organization	`BLA`

Field	Value
First Name	`System Admin`
Email	`sysadmin@lab.example.com`
Username	`sysadmin`
Password	`redhat123`
Confirm Password	`redhat123`
User Type	`System Administrator`
Organization	`BLA`

User	Role
`sre1`	`Admin`
`sre2`	`Member`

On your private automation hub, add two users using the information in the following table.

Field	Value for the first user	Value for the second user
Username	`infra1`	`super`
First Name	`Infrastructure Engineer 1`	`Super User`
Email	`infra1@lab.example.com`	`super@lab.example.com`
Password	`redhat123`	`redhat123`
Password confirmation	`redhat123`	`redhat123`
Groups	`Infrastructure Team`	(no group)
User Type	Not a super user	Super user

On your private automation hub, use the infra1 user to create a namespace called community and select the Infrastructure Team group as the namespace owner.
On your private automation hub, as the infra1 user, upload the Ansible Content Collection archive, located at /home/student/content-collections/community/community-mysql-3.1.1.tar.gz on the workstation machine to that namespace, and then approve the community.mysql Ansible Content Collection.

Create a new organization called BLA in automation controller.
1. Navigate to https://controller.lab.example.com and log in as the admin user with redhat as the password.
2. Navigate to Access → Organizations and then click Add.
3. On the Create New Organization page, fill in the following details:
  Field Value
  Name BLA
  Description Business Line Applications
4. Click Save to create the new organization.
Create a new team called SRE in automation controller.
1. Navigate to Access → Teams and then click Add.
2. On the Create New Team page, fill in the following details:
  Field Value
  Name SRE
  Description Site Reliability Engineering
  Organization BLA
3. Click Save to create the new team.
Create three new users in automation controller.
1. Navigate to Access → Users and then click Add.
2. On the Create New User page, fill in the following details:
  Field Value
  First Name Site Reliability Engineer 1
  Email sre1@lab.example.com
  Username sre1
  Password redhat123
  Confirm Password redhat123
  User Type Normal User
  Organization BLA
3. Click Save to create the new user.
4. Repeat the steps to create the sre2 user and fill in the following details:
  Field Value
  First Name Site Reliability Engineer 2
  Email sre2@lab.example.com
  Username sre2
  Password redhat123
  Confirm Password redhat123
  User Type Normal User
  Organization BLA
5. Repeat the steps to create the sysadmin user and fill in the following details:
  Field Value
  First Name System Admin
  Email sysadmin@lab.example.com
  Username sysadmin
  Password redhat123
  Confirm Password redhat123
  User Type System Administrator
  Organization BLA
Assign the sre1 user the Admin role on the SRE team.
1. Navigate to Access → Teams and then click the link for the SRE team.
2. Click the Access tab and then click Add.
3. Click Users and then click Next.
4. Select sre1 and then click Next.
5. Select Admin and then click Save to assign the role.
Assign the sre2 user the Member role on the SRE team.
1. Navigate to Access → Teams and then click the link for the SRE team.
2. Click the Access tab and then click Add.
3. Click Users and then click Next.
4. Select sre2 and then click Next.
5. Select Member and then click Save to assign the role.
Verify the permissions for the SRE team.
1. Navigate to Access → Teams and then click the link for the SRE team.
2. Click the Access tab.
  Notice that the sre1 user has the Admin role and the sre2 user has the Member role on the SRE team. The sysadmin user automatically inherited the System Administrator role on all resources.
Add a new group in your private automation hub called Infrastructure Team and assign permissions to manage Ansible Content Collections and containers.
1. Navigate to https://hub.lab.example.com and log in as the admin user with redhat as the password.
2. Navigate to User Access → Groups and then click Create.
3. Enter Infrastructure Team in the Name field and then click Create.
4. Click Edit. In the Collection Namespaces object list, select the following permissions:
  - Add namespace
  - Change namespace
  - Delete namespace
  - Upload to namespace
5. In the Collections object list, select the following permissions:
  - Delete collection
  - Modify Ansible repo content
6. In the Collection Remotes object list, select the following permissions:
  - Change collection remote
  - View collection remote
7. In the Containers object list, select the following permissions:
  - Change container namespace permissions
  - Change containers
  - Change image tags
  - Create new containers
  - Delete container repository
  - Push to existing containers
8. In the Remote Registries object list, select the following permissions:
  - Add remote registry
  - Change remote registry
  - Delete remote registry
9. Click Save to create the new group.

Field	Value
Name	`BLA`
Description	`Business Line Applications`

Field	Value
Name	`SRE`
Description	`Site Reliability Engineering`
Organization	BLA

Field	Value
First Name	`Site Reliability Engineer 1`
Email	`sre1@lab.example.com`
Username	`sre1`
Password	`redhat123`
Confirm Password	`redhat123`
User Type	`Normal User`
Organization	`BLA`

Field	Value
First Name	`Site Reliability Engineer 2`
Email	`sre2@lab.example.com`
Username	`sre2`
Password	`redhat123`
Confirm Password	`redhat123`
User Type	`Normal User`
Organization	`BLA`

Field	Value
First Name	`System Admin`
Email	`sysadmin@lab.example.com`
Username	`sysadmin`
Password	`redhat123`
Confirm Password	`redhat123`
User Type	`System Administrator`
Organization	`BLA`

Add two private automation hub users.

Navigate to User Access → Users and then click Create.

On the Create new user page, fill in the details for infra1 as follows and click Save to create the new user.

Field	Value
Username	`infra1`
First Name	`Infrastructure Engineer 1`
Email	`infra1@lab.example.com`
Password	`redhat123`
Password confirmation	`redhat123`
Groups	`Infrastructure Team`
User Type	Not a super user

Repeat the step to create the super user with the following details:
Field Value
Username super
First Name Super User
Email super@lab.example.com
Password redhat123
Password confirmation redhat123
Groups (no group)
User Type Super user
Notice that the super user displays the Super user icon next to the name.

Verify the permissions for the Infrastructure Team group. Using the infra1 user, create a namespace and then upload and approve a content collection.
1. Log out from the private automation hub web UI and log in as infra1 with redhat123 as the password.
2. Navigate to Collections → Namespaces and then click Create.
3. On the Create new namespace page, fill in the following details and click Create to create the new namespace.
  Field Value
  Name community
  Namespace owners Infrastructure Team
  Important
  Assigning a namespace owner allows that group to upload to the namespace. Adding a group as a namespace owner provides the Change namespace and Upload to namespace permissions to the group.
4. Click Upload collection.
5. Click Select file, select the archive located at /home/student/content-collections/community/community-mysql-3.1.1.tar.gz, and then click Upload.
6. After the upload completes successfully, navigate to Collections → Approval.
7. Click Approve to approve the community.mysql content collection.
8. Navigate to Collections → Collections and verify that your private automation hub server displays the mysql automation content collection.

Field	Value
Username	`super`
First Name	`Super User`
Email	`super@lab.example.com`
Password	`redhat123`
Password confirmation	`redhat123`
Groups	(no group)
User Type	Super user

Field	Value
Name	`community`
Namespace owners	`Infrastructure Team`

Finish

On the workstation machine, change to the student user home directory and use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish compreview-users

This concludes the section.

Discuss Managing Enterprise Automation with Red Hat Ansible Automation Platform

Go to community

Welcome to the Managing Enterprise Automation with Red Hat Ansible Automation Platform group!

Syed

26 wrz 2023

We are excited to launch a space dedicated to the Red Hat Training course Managing Enterprise Automation with Red Hat Ansible Automation Platform! To gain the most value from this group - click the "Join Group" button in the upper right hand corner of the group home page.We encourage group members to collaborate in this group to discuss topics, ask questions, share best practices and tips, provide course feedback, and share their accomplishments as it relates to DO467.Read more about Managing Enterprise Automation with Red Hat Ansible Automation Platform here.

312

Revision: do467-2.2-08877c1

Managing Enterprise Automation with Red Hat Ansible Automation Platform

Lab: Adding Users and Teams

Important