Introduction
Role-based access control (RBAC) in Nutanix is critical to secure infrastructure operations. Prism Central allows you to define users, roles, and permissions across the enterprise. This post shows you how to automate RBAC with Ansible, ensuring secure, consistent access for admins, operators, and service accounts.
My Personal Repository on GitHub
Diagram: RBAC Playbook Flow
Use Case
- Create and manage internal users
- Assign specific roles (e.g., Viewer, Cluster Admin)
- Reconcile access during onboarding or audit
YAML User Spec: users.yml
nutanix_users:
- username: "backupadmin"
email: "backup@example.com"
full_name: "Backup Admin"
password: "S3cur3!"
roles:
- name: "Viewer"
- username: "devops"
email: "devops@example.com"
full_name: "DevOps Lead"
password: "D3v0ps!"
roles:
- name: "Cluster Admin"
Playbook: manage_users.yml
- name: Manage Nutanix Prism Central users
hosts: localhost
gather_facts: false
collections:
- nutanix.ncp
vars_files:
- nutanix_credentials.yml
- users.yml
tasks:
- name: Create or update user roles
loop: "{{ nutanix_users }}"
loop_control:
loop_var: user
nutanix.ncp.users:
state: present
username: "{{ user.username }}"
password: "{{ user.password }}"
email: "{{ user.email }}"
full_name: "{{ user.full_name }}"
roles: "{{ user.roles }}"
Secure Passwords
Use ansible-vault to store passwords safely:
ansible-vault encrypt users.yml
Run the Playbook
ansible-playbook manage_users.yml --ask-vault-pass -i inventory.yml
Optional Enhancements
- Include group membership for AD/LDAP users
- Delete inactive users with
state: absent - Combine with user audit scripts for compliance
Summary
Ansible allows you to scale RBAC policies across Nutanix clusters with minimal manual effort. From user onboarding to service account management, the automation ensures you never miss an assignment or misconfigure access.
External Documentation:
Introduction In enterprise environments, admins require a consolidated script that executes multiple Nutanix operational tasks safely and consistently. This article presents a...