Master Ansible’s authorized_key, user, and group Modules for Efficient User Management

In today’s fast‑moving IT environment, automation is essential for efficiency and reducing human error. Ansible, a powerful automation tool, offers concise configuration management and task execution.

authorized_key module

The authorized_key module manages SSH authorized keys on remote hosts, allowing addition, modification, or removal of a user’s public key. Parameters include

user

,

key

,

state

, and

path

.

Example:

<code>$ ansible -i hosts 172.139.20.121 -m authorized_key -a "user=ops key={{ lookup('file', '/home/ops/.ssh/id_rsa.pub') }} state=present"</code>

<code>$ ansible -i hosts 172.139.20.121 -m authorized_key -a "user=ops key={{ lookup('file', '/home/ops/.ssh/id_rsa.pub') }} state=absent"</code>

user module

The user module creates, modifies, or deletes system users. It supports attributes such as

name

,

uid

,

group

,

system

,

comment

,

create_home

,

expires

,

home

,

password

,

remove

, and

state

.

Example configurations:

<code># Create test user with password and 1‑month expiry
$ ansible -i hosts 172.139.20.121 -e pwd="JIf.54*2s" -m user -a "name=test state=present password={{ pwd | password_hash('sha512') }} expires=`date -d '1 month' +%s`"

# Update password
$ ansible -i hosts 172.139.20.121 -e pwd="JIf.54*2sfs" -m user -a "name=test state=present password={{ pwd | password_hash('sha512') }}"

# Create test user with uid 1888, group root, no home, 3‑month expiry
$ ansible -i hosts 172.139.20.121 -m user -a "name=test uid=1888 group=root create_home=no expires=`date -d '3 month' +%s`"

# Delete test user and remove home directory
$ ansible -i hosts 172.139.20.121 -m user -a 'name=test state=absent remove=true'</code>

group module

The group module manages system groups, allowing creation, modification, or deletion of groups. Key options are

name

,

gid

, and

state

.

Example:

<code># Create test group with gid 1888
$ ansible -i hosts local -m group -a "name=test gid=188 state=present"

# Delete test group
$ ansible -i hosts local -m group -a "name=test state=absent"</code>

Conclusion

Understanding Ansible’s authorized_key, user, and group modules enables more efficient and secure user and permission management, laying a solid foundation for automated operations.