Open ai13f opened 5 years ago
to clarify, is this use case is only concerned with playbook runs? Is there a coherent way someone would want to import inventory using machineaccount authentication?
To clarify, the use case would be if you have AWX deployed on a GCE VM, you should be able to use the default authentication from the VM to import the inventory.
Using machineaccount authentication would alleviate the operational overhead of managing and rotating service account private keys.
According to the docs here: https://docs.ansible.com/ansible/latest/scenario_guides/guide_gce.html#providing-credentials-as-environment-variables
auth_kind can be machineaccount, serviceaccount, or application. But from AWX UI only Service Account credentials are allowed.
ISSUE TYPE
SUMMARY
GCE Dynamic Inventory should be able to use machineaccount to authenticate. Right now only serviceaccount can be used. https://github.com/ansible/awx/blob/6.1.0/awx/main/models/credential/injectors.py