gateway_teams
In this file allteams that exist in rhaap are defined, these teams are for the local users and the LDAP mapped teams.
The usage for each team can be found in the descriptions.
group_vars/all/gateway_teams.yml
we start the base configuration with some teams for global management tasks such as content management on automation hub, as we do not want everyone to add collections to the hub without checking them (security).
After these we will add some teams that could be created through LDAP, but mapping roles is easier this way.
---
aap_teams_all:
- name: audit
description: audit users
organization: MGT
- name: hub_coll_team
description: hub collection Admins
organization: MGT
- name: hub_ee_team
description: Automationhub Execution Environment Admins
organization: MGT
- name: admin
organization: MGT
description: Organization Admin users (local)
# This set is created for each new organization
- name: LDAP_MGT_Admins
organization: MGT
description: Organization Admins (LDAP)
- name: LDAP_MGT_Developers
organization: MGT
description: Organization Developers (LDAP)
- name: LDAP_MGT_Operators
organization: MGT
description: Organization Operators (LDAP)
# End set
...
But you can already see that the variable name used here has the "_all" extension, so the variable will not be overridden as this is not quite a inventory.
Why we do this, will become clear in a moment.
group_vars/dev/gateway_teams.yml
As we do not configure extra teams in development rhaap, this file is an empty set.
---
gateway_teams_dev: []
# No extra config exists
...
Here the variable has the "_dev" extension, so the variable will not be overridden.
group_vars/prod/gateway_teams.yml
As we do not configure extra teams in production rhaap, this file is an empty set.
---
gateway_teams_prod: []
# No extra config exists
...
Here the variable has the "_prod" extension, so the variable will not be overridden.