settings

func (*Client) SetTransport ¶

func (a *Client) SetTransport(transport runtime.ClientTransport)

SetTransport changes the transport on the client

func (*Client) SettingsSettingsDelete ¶

func (a *Client) SettingsSettingsDelete(params *SettingsSettingsDeleteParams) (*SettingsSettingsDeleteNoContent, error)

SettingsSettingsDelete deletes a setting

Make a DELETE request to this resource to delete this setting.

func (*Client) SettingsSettingsList ¶

func (a *Client) SettingsSettingsList(params *SettingsSettingsListParams) (*SettingsSettingsListOK, error)

SettingsSettingsList lists settings

Make a GET request to this resource to retrieve the list of settings.

The resulting data structure contains:

{
    "count": 99,
    "next": null,
    "previous": null,
    "results": [
        ...
    ]
}

The `count` field indicates the total number of settings found for the given query. The `next` and `previous` fields provides links to additional results if there are more than will fit on a single page. The `results` list contains zero or more setting records.

## Results

Each setting data structure includes the following fields:

* `url`: (string) * `slug`: (string) * `name`: (string)

## Sorting

To specify that settings are returned in a particular order, use the `order_by` query string parameter on the GET request.

?order_by=name

Prefix the field name with a dash `-` to sort in reverse:

?order_by=-name

Multiple sorting fields may be specified by separating the field names with a comma `,`:

?order_by=name,some_other_field

## Pagination

Use the `page_size` query string parameter to change the number of results returned for each request. Use the `page` query string parameter to retrieve a particular page of results.

?page_size=100&page=2

The `previous` and `next` links returned with the results will set these query string parameters automatically.

## Searching

Use the `search` query string parameter to perform a case-insensitive search within all designated text fields of a model.

?search=findme

(_Added in Ansible Tower 3.1.0_) Search across related fields:

?related__search=findme

func (*Client) SettingsSettingsLoggingTestCreate ¶

func (a *Client) SettingsSettingsLoggingTestCreate(params *SettingsSettingsLoggingTestCreateParams) (*SettingsSettingsLoggingTestCreateCreated, error)

SettingsSettingsLoggingTestCreate tests logging configuration

func (*Client) SettingsSettingsPartialUpdate ¶

func (a *Client) SettingsSettingsPartialUpdate(params *SettingsSettingsPartialUpdateParams) (*SettingsSettingsPartialUpdateOK, error)

SettingsSettingsPartialUpdate updates a setting

Make a PUT or PATCH request to this resource to update this setting. The following fields may be modified:

* `ACTIVITY_STREAM_ENABLED`: Enable capturing activity for the activity stream. (boolean, required) * `ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC`: Enable capturing activity for the activity stream when running inventory sync. (boolean, required) * `ORG_ADMINS_CAN_SEE_ALL_USERS`: Controls whether any Organization Admin can view all users and teams, even those not associated with their Organization. (boolean, required) * `MANAGE_ORGANIZATION_AUTH`: Controls whether any Organization Admin has the privileges to create and manage users and teams. You may want to disable this ability if you are using an LDAP or SAML integration. (boolean, required) * `TOWER_URL_BASE`: This setting is used by services like notifications to render a valid url to the Tower host. (string, required) * `REMOTE_HOST_HEADERS`: HTTP headers and meta keys to search to determine remote host name or IP. Add additional items to this list, such as "HTTP_X_FORWARDED_FOR", if behind a reverse proxy. See the "Proxy Support" section of the Adminstrator guide for more details. (list, required) * `PROXY_IP_WHITELIST`: If Tower is behind a reverse proxy/load balancer, use this setting to whitelist the proxy IP addresses from which Tower should trust custom REMOTE_HOST_HEADERS header values. If this setting is an empty list (the default), the headers specified by REMOTE_HOST_HEADERS will be trusted unconditionally') (list, required)

* `REDHAT_USERNAME`: This username is used to retrieve license information and to send Automation Analytics (string, default=`""`) * `REDHAT_PASSWORD`: This password is used to retrieve license information and to send Automation Analytics (string, default=`""`) * `AUTOMATION_ANALYTICS_URL`: This setting is used to to configure data collection for the Automation Analytics dashboard (string, default=`"https://example.com"`)

* `CUSTOM_VENV_PATHS`: Paths where Tower will look for custom virtual environments (in addition to /var/lib/awx/venv/). Enter one path per line. (list, default=`[]`) * `AD_HOC_COMMANDS`: List of modules allowed to be used by ad-hoc jobs. (list, default=`['command', 'shell', 'yum', 'apt', 'apt_key', 'apt_repository', 'apt_rpm', 'service', 'group', 'user', 'mount', 'ping', 'selinux', 'setup', 'win_ping', 'win_service', 'win_updates', 'win_group', 'win_user']`) * `ALLOW_JINJA_IN_EXTRA_VARS`: Ansible allows variable substitution via the Jinja2 templating language for --extra-vars. This poses a potential security risk where Tower users with the ability to specify extra vars at job launch time can use Jinja2 templates to run arbitrary Python. It is recommended that this value be set to "template" or "never". (choice, required)

• `always`: Always
• `never`: Never
• `template`: Only On Job Template Definitions (default)

* `AWX_PROOT_ENABLED`: Isolates an Ansible job from protected parts of the system to prevent exposing sensitive information. (boolean, required) * `AWX_PROOT_BASE_PATH`: The directory in which Tower will create new temporary directories for job execution and isolation (such as credential files and custom inventory scripts). (string, required) * `AWX_PROOT_HIDE_PATHS`: Additional paths to hide from isolated processes. Enter one path per line. (list, default=`[]`) * `AWX_PROOT_SHOW_PATHS`: Whitelist of paths that would otherwise be hidden to expose to isolated jobs. Enter one path per line. (list, default=`[]`) * `AWX_ISOLATED_VERBOSITY`: This can be raised to aid in debugging connection issues for isolated task execution (integer, default=`0`) * `AWX_ISOLATED_CHECK_INTERVAL`: The number of seconds to sleep between status checks for jobs running on isolated instances. (integer, required) * `AWX_ISOLATED_LAUNCH_TIMEOUT`: The timeout (in seconds) for launching jobs on isolated instances. This includes the time needed to copy source control files (playbooks) to the isolated instance. (integer, required) * `AWX_ISOLATED_CONNECTION_TIMEOUT`: Ansible SSH connection timeout (in seconds) to use when communicating with isolated instances. Value should be substantially greater than expected network latency. (integer, default=`10`) * `AWX_ISOLATED_HOST_KEY_CHECKING`: When set to True, AWX will enforce strict host key checking for communication with isolated nodes. (boolean, default=`False`)

* `AWX_RESOURCE_PROFILING_ENABLED`: If set, detailed resource profiling data will be collected on all jobs. This data can be gathered with `sosreport`. (boolean, default=`False`) * `AWX_RESOURCE_PROFILING_CPU_POLL_INTERVAL`: Interval (in seconds) between polls for cpu usage. Setting this lower than the default will affect playbook performance. (float, default=`0.25`) * `AWX_RESOURCE_PROFILING_MEMORY_POLL_INTERVAL`: Interval (in seconds) between polls for memory usage. Setting this lower than the default will affect playbook performance. (float, default=`0.25`) * `AWX_RESOURCE_PROFILING_PID_POLL_INTERVAL`: Interval (in seconds) between polls for PID count. Setting this lower than the default will affect playbook performance. (float, default=`0.25`) * `AWX_TASK_ENV`: Additional environment variables set for playbook runs, inventory updates, project updates, and notification sending. (nested object, default=`{}`) * `INSIGHTS_TRACKING_STATE`: Enables Tower to gather data on automation and send it to Red Hat. (boolean, default=`False`) * `PROJECT_UPDATE_VVV`: Adds the CLI -vvv flag to ansible-playbook runs of project_update.yml used for project updates. (boolean, required) * `AWX_ROLES_ENABLED`: Allows roles to be dynamically downloaded from a requirements.yml file for SCM projects. (boolean, default=`True`) * `AWX_COLLECTIONS_ENABLED`: Allows collections to be dynamically downloaded from a requirements.yml file for SCM projects. (boolean, default=`True`) * `PRIMARY_GALAXY_URL`: For organizations that run their own Galaxy service, this gives the option to specify a host as the primary galaxy server. Requirements will be downloaded from the primary if the specific role or collection is available there. If the content is not avilable in the primary, or if this field is left blank, it will default to galaxy.ansible.com. (string, default=`""`) * `PRIMARY_GALAXY_USERNAME`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The username to use for basic authentication against the Galaxy instance, this is mutually exclusive with PRIMARY_GALAXY_TOKEN. (string, default=`""`) * `PRIMARY_GALAXY_PASSWORD`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The password to use for basic authentication against the Galaxy instance, this is mutually exclusive with PRIMARY_GALAXY_TOKEN. (string, default=`""`) * `PRIMARY_GALAXY_TOKEN`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The token to use for connecting with the Galaxy instance, this is mutually exclusive with corresponding username and password settings. (string, default=`""`) * `PRIMARY_GALAXY_AUTH_URL`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The token_endpoint of a Keycloak server. (string, default=`""`) * `PUBLIC_GALAXY_ENABLED`: Allow or deny access to the public Ansible Galaxy during project updates. (boolean, default=`True`) * `GALAXY_IGNORE_CERTS`: If set to true, certificate validation will not be done wheninstalling content from any Galaxy server. (boolean, default=`False`) * `STDOUT_MAX_BYTES_DISPLAY`: Maximum Size of Standard Output in bytes to display before requiring the output be downloaded. (integer, required) * `EVENT_STDOUT_MAX_BYTES_DISPLAY`: Maximum Size of Standard Output in bytes to display for a single job or ad hoc command event. `stdout` will end with `…` when truncated. (integer, required) * `SCHEDULE_MAX_JOBS`: Maximum number of the same job template that can be waiting to run when launching from a schedule before no more are created. (integer, required) * `AWX_ANSIBLE_CALLBACK_PLUGINS`: List of paths to search for extra callback plugins to be used when running jobs. Enter one path per line. (list, default=`[]`) * `DEFAULT_JOB_TIMEOUT`: Maximum time in seconds to allow jobs to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual job template will override this. (integer, default=`0`) * `DEFAULT_INVENTORY_UPDATE_TIMEOUT`: Maximum time in seconds to allow inventory updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual inventory source will override this. (integer, default=`0`) * `DEFAULT_PROJECT_UPDATE_TIMEOUT`: Maximum time in seconds to allow project updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual project will override this. (integer, default=`0`) * `ANSIBLE_FACT_CACHE_TIMEOUT`: Maximum time, in seconds, that stored Ansible facts are considered valid since the last time they were modified. Only valid, non-stale, facts will be accessible by a playbook. Note, this does not influence the deletion of ansible_facts from the database. Use a value of 0 to indicate that no timeout should be imposed. (integer, default=`0`) * `MAX_FORKS`: Saving a Job Template with more than this number of forks will result in an error. When set to 0, no limit is applied. (integer, default=`200`) * `LOG_AGGREGATOR_HOST`: Hostname/IP where external logs will be sent to. (string, default=`""`) * `LOG_AGGREGATOR_PORT`: Port on Logging Aggregator to send logs to (if required and not provided in Logging Aggregator). (integer, default=`None`) * `LOG_AGGREGATOR_TYPE`: Format messages for the chosen log aggregator. (choice)

• `None`: --------- (default)
• `logstash`
• `splunk`
• `loggly`
• `sumologic`
• `other`

* `LOG_AGGREGATOR_USERNAME`: Username for external log aggregator (if required; HTTP/s only). (string, default=`""`) * `LOG_AGGREGATOR_PASSWORD`: Password or authentication token for external log aggregator (if required; HTTP/s only). (string, default=`""`) * `LOG_AGGREGATOR_LOGGERS`: List of loggers that will send HTTP logs to the collector, these can include any or all of: awx - service logs activity_stream - activity stream records job_events - callback data from Ansible job events system_tracking - facts gathered from scan jobs. (list, default=`['awx', 'activity_stream', 'job_events', 'system_tracking']`) * `LOG_AGGREGATOR_INDIVIDUAL_FACTS`: If set, system tracking facts will be sent for each package, service, or other item found in a scan, allowing for greater search query granularity. If unset, facts will be sent as a single dictionary, allowing for greater efficiency in fact processing. (boolean, default=`False`) * `LOG_AGGREGATOR_ENABLED`: Enable sending logs to external log aggregator. (boolean, default=`False`) * `LOG_AGGREGATOR_TOWER_UUID`: Useful to uniquely identify Tower instances. (string, default=`""`) * `LOG_AGGREGATOR_PROTOCOL`: Protocol used to communicate with log aggregator. HTTPS/HTTP assumes HTTPS unless http:// is explicitly used in the Logging Aggregator hostname. (choice)

• `https`: HTTPS/HTTP (default)
• `tcp`: TCP
• `udp`: UDP

* `LOG_AGGREGATOR_TCP_TIMEOUT`: Number of seconds for a TCP connection to external log aggregator to timeout. Applies to HTTPS and TCP log aggregator protocols. (integer, default=`5`) * `LOG_AGGREGATOR_VERIFY_CERT`: Flag to control enable/disable of certificate verification when LOG_AGGREGATOR_PROTOCOL is "https". If enabled, Tower's log handler will verify certificate sent by external log aggregator before establishing connection. (boolean, default=`True`) * `LOG_AGGREGATOR_LEVEL`: Level threshold used by log handler. Severities from lowest to highest are DEBUG, INFO, WARNING, ERROR, CRITICAL. Messages less severe than the threshold will be ignored by log handler. (messages under category awx.anlytics ignore this setting) (choice)

• `DEBUG`
• `INFO` (default)
• `WARNING`
• `ERROR`
• `CRITICAL`

* `LOG_AGGREGATOR_AUDIT`: When enabled, all external logs emitted by Tower will also be written to /var/log/tower/external.log. This is an experimental setting intended to be used for debugging external log aggregation issues (and may be subject to change in the future). (boolean, default=`False`) * `LOG_AGGREGATOR_MAX_DISK_USAGE_GB`: Amount of data to store (in gigabytes) during an outage of the external log aggregator (defaults to 1). Equivalent to the rsyslogd queue.maxdiskspace setting. (integer, default=`1`) * `LOG_AGGREGATOR_MAX_DISK_USAGE_PATH`: Location to persist logs that should be retried after an outage of the external log aggregator (defaults to /var/lib/awx). Equivalent to the rsyslogd queue.spoolDirectory setting. (string, default=`"/var/lib/awx"`) * `LOG_AGGREGATOR_RSYSLOGD_DEBUG`: Enabled high verbosity debugging for rsyslogd. Useful for debugging connection issues for external log aggregation. (boolean, default=`False`) * `BROKER_DURABILITY`: When set (the default), underlying queues will be persisted to disk. Disable this to enable higher message bus throughput. (boolean, required) * `AUTOMATION_ANALYTICS_LAST_GATHER`: (datetime, required) * `AUTOMATION_ANALYTICS_GATHER_INTERVAL`: Interval (in seconds) between data gathering. (integer, default=`14400`) * `SESSION_COOKIE_AGE`: Number of seconds that a user is inactive before they will need to login again. (integer, required) * `SESSIONS_PER_USER`: Maximum number of simultaneous logged in sessions a user may have. To disable enter -1. (integer, required) * `AUTH_BASIC_ENABLED`: Enable HTTP Basic Auth for the API Browser. (boolean, required) * `OAUTH2_PROVIDER`: Dictionary for customizing OAuth 2 timeouts, available items are `ACCESS_TOKEN_EXPIRE_SECONDS`, the duration of access tokens in the number of seconds, `AUTHORIZATION_CODE_EXPIRE_SECONDS`, the duration of authorization codes in the number of seconds, and `REFRESH_TOKEN_EXPIRE_SECONDS`, the duration of refresh tokens, after expired access tokens, in the number of seconds. (nested object, default=`{'ACCESS_TOKEN_EXPIRE_SECONDS': 31536000000, 'AUTHORIZATION_CODE_EXPIRE_SECONDS': 600, 'REFRESH_TOKEN_EXPIRE_SECONDS': 2628000}`) * `ALLOW_OAUTH2_FOR_EXTERNAL_USERS`: For security reasons, users from external auth providers (LDAP, SAML, SSO, Radius, and others) are not allowed to create OAuth2 tokens. To change this behavior, enable this setting. Existing tokens will not be deleted when this setting is toggled off. (boolean, default=`False`) * `LOGIN_REDIRECT_OVERRIDE`: URL to which unauthorized users will be redirected to log in. If blank, users will be sent to the Tower login page. (string, default=`""`)

* `CUSTOM_LOGIN_INFO`: If needed, you can add specific information (such as a legal notice or a disclaimer) to a text box in the login modal using this setting. Any content added must be in plain text, as custom HTML or other markup languages are not supported. (string, default=`""`) * `CUSTOM_LOGO`: To set up a custom logo, provide a file that you create. For the custom logo to look its best, use a .png file with a transparent background. GIF, PNG and JPEG formats are supported. (string, default=`""`) * `MAX_UI_JOB_EVENTS`: Maximum number of job events for the UI to retrieve within a single request. (integer, required) * `UI_LIVE_UPDATES_ENABLED`: If disabled, the page will not refresh when events are received. Reloading the page will be required to get the latest details. (boolean, required)

* `SOCIAL_AUTH_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_USER_FIELDS`: When set to an empty list `[]`, this setting prevents new user accounts from being created. Only users who have previously logged in using social auth or have a user account with a matching email address will be able to login. (list, default=`None`) * `AUTH_LDAP_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_1_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_1_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_1_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_1_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_1_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_1_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_1_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_1_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_1_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_1_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_1_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_1_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_1_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_1_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_1_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_1_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_2_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_2_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_2_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_2_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_2_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_2_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_2_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_2_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_2_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_2_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_2_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_2_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_2_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_2_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_2_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_2_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_3_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_3_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_3_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_3_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_3_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_3_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_3_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_3_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_3_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_3_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_3_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_3_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_3_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_3_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_3_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_3_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_4_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_4_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_4_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_4_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_4_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_4_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_4_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_4_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_4_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_4_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_4_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_4_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_4_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_4_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_4_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_4_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_5_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_5_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_5_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_5_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_5_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_5_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_5_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_5_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_5_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_5_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_5_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_5_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_5_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_5_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_5_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_5_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `RADIUS_SERVER`: Hostname/IP of RADIUS server. RADIUS authentication is disabled if this setting is empty. (string, default=`""`) * `RADIUS_PORT`: Port of RADIUS server. (integer, default=`1812`) * `RADIUS_SECRET`: Shared secret for authenticating to RADIUS server. (string, default=`""`) * `TACACSPLUS_HOST`: Hostname of TACACS+ server. (string, default=`""`) * `TACACSPLUS_PORT`: Port number of TACACS+ server. (integer, default=`49`) * `TACACSPLUS_SECRET`: Shared secret for authenticating to TACACS+ server. (string, default=`""`) * `TACACSPLUS_SESSION_TIMEOUT`: TACACS+ session timeout value in seconds, 0 disables timeout. (integer, default=`5`) * `TACACSPLUS_AUTH_PROTOCOL`: Choose the authentication protocol used by TACACS+ client. (choice)

• `ascii` (default)
• `pap`

* `SOCIAL_AUTH_GOOGLE_OAUTH2_KEY`: The OAuth2 key from your web application. (string, default=`""`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET`: The OAuth2 secret from your web application. (string, default=`""`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS`: Update this setting to restrict the domains who are allowed to login using Google OAuth2. (list, default=`[]`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS`: Extra arguments for Google OAuth2 login. You can restrict it to only allow a single domain to authenticate, even if the user is logged in with multple Google accounts. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_GITHUB_KEY`: The OAuth2 key (Client ID) from your GitHub developer application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_SECRET`: The OAuth2 secret (Client Secret) from your GitHub developer application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_GITHUB_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_GITHUB_ORG_KEY`: The OAuth2 key (Client ID) from your GitHub organization application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_ORG_SECRET`: The OAuth2 secret (Client Secret) from your GitHub organization application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_ORG_NAME`: The name of your GitHub organization, as used in your organization's URL: https://github.com/<yourorg>/. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_ORG_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_GITHUB_ORG_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_GITHUB_TEAM_KEY`: The OAuth2 key (Client ID) from your GitHub organization application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_TEAM_SECRET`: The OAuth2 secret (Client Secret) from your GitHub organization application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_TEAM_ID`: Find the numeric team ID using the Github API: http://fabian-kostadinov.github.io/2015/01/16/how-to-find-a-github-team-id/. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_TEAM_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_GITHUB_TEAM_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_AZUREAD_OAUTH2_KEY`: The OAuth2 key (Client ID) from your Azure AD application. (string, default=`""`) * `SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET`: The OAuth2 secret (Client Secret) from your Azure AD application. (string, default=`""`) * `SOCIAL_AUTH_AZUREAD_OAUTH2_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_AZUREAD_OAUTH2_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_SAML_SP_ENTITY_ID`: The application-defined unique identifier used as the audience of the SAML service provider (SP) configuration. This is usually the URL for Tower. (string, default=`""`) * `SOCIAL_AUTH_SAML_SP_PUBLIC_CERT`: Create a keypair for Tower to use as a service provider (SP) and include the certificate content here. (string, required) * `SOCIAL_AUTH_SAML_SP_PRIVATE_KEY`: Create a keypair for Tower to use as a service provider (SP) and include the private key content here. (string, required) * `SOCIAL_AUTH_SAML_ORG_INFO`: Provide the URL, display name, and the name of your app. Refer to the Ansible Tower documentation for example syntax. (nested object, required) * `SOCIAL_AUTH_SAML_TECHNICAL_CONTACT`: Provide the name and email address of the technical contact for your service provider. Refer to the Ansible Tower documentation for example syntax. (nested object, required) * `SOCIAL_AUTH_SAML_SUPPORT_CONTACT`: Provide the name and email address of the support contact for your service provider. Refer to the Ansible Tower documentation for example syntax. (nested object, required) * `SOCIAL_AUTH_SAML_ENABLED_IDPS`: Configure the Entity ID, SSO URL and certificate for each identity provider (IdP) in use. Multiple SAML IdPs are supported. Some IdPs may provide user data using attribute names that differ from the default OIDs. Attribute names may be overridden for each IdP. Refer to the Ansible documentation for additional details and syntax. (nested object, default=`{}`) * `SOCIAL_AUTH_SAML_SECURITY_CONFIG`: A dict of key value pairs that are passed to the underlying python-saml security setting https://github.com/onelogin/python-saml#settings (nested object, default=`{'requestedAuthnContext': False}`) * `SOCIAL_AUTH_SAML_SP_EXTRA`: A dict of key value pairs to be passed to the underlying python-saml Service Provider configuration setting. (nested object, default=`None`) * `SOCIAL_AUTH_SAML_EXTRA_DATA`: A list of tuples that maps IDP attributes to extra_attributes. Each attribute will be a list of values, even if only 1 value. (list, default=`None`) * `SOCIAL_AUTH_SAML_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_SAML_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_SAML_ORGANIZATION_ATTR`: Used to translate user organization membership into Tower. (nested object, default=`{}`) * `SOCIAL_AUTH_SAML_TEAM_ATTR`: Used to translate user team membership into Tower. (nested object, default=`{}`)

For a PATCH request, include only the fields that are being modified.

func (*Client) SettingsSettingsRead ¶

func (a *Client) SettingsSettingsRead(params *SettingsSettingsReadParams) (*SettingsSettingsReadOK, error)

SettingsSettingsRead retrieves a setting

Make GET request to this resource to retrieve a single setting record containing the following fields:

* `ACTIVITY_STREAM_ENABLED`: Enable capturing activity for the activity stream. (boolean) * `ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC`: Enable capturing activity for the activity stream when running inventory sync. (boolean) * `ORG_ADMINS_CAN_SEE_ALL_USERS`: Controls whether any Organization Admin can view all users and teams, even those not associated with their Organization. (boolean) * `MANAGE_ORGANIZATION_AUTH`: Controls whether any Organization Admin has the privileges to create and manage users and teams. You may want to disable this ability if you are using an LDAP or SAML integration. (boolean) * `TOWER_URL_BASE`: This setting is used by services like notifications to render a valid url to the Tower host. (string) * `REMOTE_HOST_HEADERS`: HTTP headers and meta keys to search to determine remote host name or IP. Add additional items to this list, such as "HTTP_X_FORWARDED_FOR", if behind a reverse proxy. See the "Proxy Support" section of the Adminstrator guide for more details. (list) * `PROXY_IP_WHITELIST`: If Tower is behind a reverse proxy/load balancer, use this setting to whitelist the proxy IP addresses from which Tower should trust custom REMOTE_HOST_HEADERS header values. If this setting is an empty list (the default), the headers specified by REMOTE_HOST_HEADERS will be trusted unconditionally') (list) * `LICENSE`: The license controls which features and functionality are enabled. Use /api/v2/config/ to update or change the license. (nested object) * `REDHAT_USERNAME`: This username is used to retrieve license information and to send Automation Analytics (string) * `REDHAT_PASSWORD`: This password is used to retrieve license information and to send Automation Analytics (string) * `AUTOMATION_ANALYTICS_URL`: This setting is used to to configure data collection for the Automation Analytics dashboard (string) * `INSTALL_UUID`: (string) * `CUSTOM_VENV_PATHS`: Paths where Tower will look for custom virtual environments (in addition to /var/lib/awx/venv/). Enter one path per line. (list) * `AD_HOC_COMMANDS`: List of modules allowed to be used by ad-hoc jobs. (list) * `ALLOW_JINJA_IN_EXTRA_VARS`: Ansible allows variable substitution via the Jinja2 templating language for --extra-vars. This poses a potential security risk where Tower users with the ability to specify extra vars at job launch time can use Jinja2 templates to run arbitrary Python. It is recommended that this value be set to "template" or "never". (choice)

• `always`: Always
• `never`: Never
• `template`: Only On Job Template Definitions

* `AWX_PROOT_ENABLED`: Isolates an Ansible job from protected parts of the system to prevent exposing sensitive information. (boolean) * `AWX_PROOT_BASE_PATH`: The directory in which Tower will create new temporary directories for job execution and isolation (such as credential files and custom inventory scripts). (string) * `AWX_PROOT_HIDE_PATHS`: Additional paths to hide from isolated processes. Enter one path per line. (list) * `AWX_PROOT_SHOW_PATHS`: Whitelist of paths that would otherwise be hidden to expose to isolated jobs. Enter one path per line. (list) * `AWX_ISOLATED_VERBOSITY`: This can be raised to aid in debugging connection issues for isolated task execution (integer) * `AWX_ISOLATED_CHECK_INTERVAL`: The number of seconds to sleep between status checks for jobs running on isolated instances. (integer) * `AWX_ISOLATED_LAUNCH_TIMEOUT`: The timeout (in seconds) for launching jobs on isolated instances. This includes the time needed to copy source control files (playbooks) to the isolated instance. (integer) * `AWX_ISOLATED_CONNECTION_TIMEOUT`: Ansible SSH connection timeout (in seconds) to use when communicating with isolated instances. Value should be substantially greater than expected network latency. (integer) * `AWX_ISOLATED_HOST_KEY_CHECKING`: When set to True, AWX will enforce strict host key checking for communication with isolated nodes. (boolean) * `AWX_ISOLATED_KEY_GENERATION`: If set, a random RSA key will be generated and distributed to isolated instances. To disable this behavior and manage authentication for isolated instances outside of Tower, disable this setting. (boolean) * `AWX_ISOLATED_PRIVATE_KEY`: The RSA private key for SSH traffic to isolated instances (string) * `AWX_ISOLATED_PUBLIC_KEY`: The RSA public key for SSH traffic to isolated instances (string) * `AWX_RESOURCE_PROFILING_ENABLED`: If set, detailed resource profiling data will be collected on all jobs. This data can be gathered with `sosreport`. (boolean) * `AWX_RESOURCE_PROFILING_CPU_POLL_INTERVAL`: Interval (in seconds) between polls for cpu usage. Setting this lower than the default will affect playbook performance. (float) * `AWX_RESOURCE_PROFILING_MEMORY_POLL_INTERVAL`: Interval (in seconds) between polls for memory usage. Setting this lower than the default will affect playbook performance. (float) * `AWX_RESOURCE_PROFILING_PID_POLL_INTERVAL`: Interval (in seconds) between polls for PID count. Setting this lower than the default will affect playbook performance. (float) * `AWX_TASK_ENV`: Additional environment variables set for playbook runs, inventory updates, project updates, and notification sending. (nested object) * `INSIGHTS_TRACKING_STATE`: Enables Tower to gather data on automation and send it to Red Hat. (boolean) * `PROJECT_UPDATE_VVV`: Adds the CLI -vvv flag to ansible-playbook runs of project_update.yml used for project updates. (boolean) * `AWX_ROLES_ENABLED`: Allows roles to be dynamically downloaded from a requirements.yml file for SCM projects. (boolean) * `AWX_COLLECTIONS_ENABLED`: Allows collections to be dynamically downloaded from a requirements.yml file for SCM projects. (boolean) * `PRIMARY_GALAXY_URL`: For organizations that run their own Galaxy service, this gives the option to specify a host as the primary galaxy server. Requirements will be downloaded from the primary if the specific role or collection is available there. If the content is not avilable in the primary, or if this field is left blank, it will default to galaxy.ansible.com. (string) * `PRIMARY_GALAXY_USERNAME`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The username to use for basic authentication against the Galaxy instance, this is mutually exclusive with PRIMARY_GALAXY_TOKEN. (string) * `PRIMARY_GALAXY_PASSWORD`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The password to use for basic authentication against the Galaxy instance, this is mutually exclusive with PRIMARY_GALAXY_TOKEN. (string) * `PRIMARY_GALAXY_TOKEN`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The token to use for connecting with the Galaxy instance, this is mutually exclusive with corresponding username and password settings. (string) * `PRIMARY_GALAXY_AUTH_URL`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The token_endpoint of a Keycloak server. (string) * `PUBLIC_GALAXY_ENABLED`: Allow or deny access to the public Ansible Galaxy during project updates. (boolean) * `GALAXY_IGNORE_CERTS`: If set to true, certificate validation will not be done wheninstalling content from any Galaxy server. (boolean) * `STDOUT_MAX_BYTES_DISPLAY`: Maximum Size of Standard Output in bytes to display before requiring the output be downloaded. (integer) * `EVENT_STDOUT_MAX_BYTES_DISPLAY`: Maximum Size of Standard Output in bytes to display for a single job or ad hoc command event. `stdout` will end with `…` when truncated. (integer) * `SCHEDULE_MAX_JOBS`: Maximum number of the same job template that can be waiting to run when launching from a schedule before no more are created. (integer) * `AWX_ANSIBLE_CALLBACK_PLUGINS`: List of paths to search for extra callback plugins to be used when running jobs. Enter one path per line. (list) * `DEFAULT_JOB_TIMEOUT`: Maximum time in seconds to allow jobs to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual job template will override this. (integer) * `DEFAULT_INVENTORY_UPDATE_TIMEOUT`: Maximum time in seconds to allow inventory updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual inventory source will override this. (integer) * `DEFAULT_PROJECT_UPDATE_TIMEOUT`: Maximum time in seconds to allow project updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual project will override this. (integer) * `ANSIBLE_FACT_CACHE_TIMEOUT`: Maximum time, in seconds, that stored Ansible facts are considered valid since the last time they were modified. Only valid, non-stale, facts will be accessible by a playbook. Note, this does not influence the deletion of ansible_facts from the database. Use a value of 0 to indicate that no timeout should be imposed. (integer) * `MAX_FORKS`: Saving a Job Template with more than this number of forks will result in an error. When set to 0, no limit is applied. (integer) * `LOG_AGGREGATOR_HOST`: Hostname/IP where external logs will be sent to. (string) * `LOG_AGGREGATOR_PORT`: Port on Logging Aggregator to send logs to (if required and not provided in Logging Aggregator). (integer) * `LOG_AGGREGATOR_TYPE`: Format messages for the chosen log aggregator. (choice)

• `None`: ---------
• `logstash`
• `splunk`
• `loggly`
• `sumologic`
• `other`

* `LOG_AGGREGATOR_USERNAME`: Username for external log aggregator (if required; HTTP/s only). (string) * `LOG_AGGREGATOR_PASSWORD`: Password or authentication token for external log aggregator (if required; HTTP/s only). (string) * `LOG_AGGREGATOR_LOGGERS`: List of loggers that will send HTTP logs to the collector, these can include any or all of: awx - service logs activity_stream - activity stream records job_events - callback data from Ansible job events system_tracking - facts gathered from scan jobs. (list) * `LOG_AGGREGATOR_INDIVIDUAL_FACTS`: If set, system tracking facts will be sent for each package, service, or other item found in a scan, allowing for greater search query granularity. If unset, facts will be sent as a single dictionary, allowing for greater efficiency in fact processing. (boolean) * `LOG_AGGREGATOR_ENABLED`: Enable sending logs to external log aggregator. (boolean) * `LOG_AGGREGATOR_TOWER_UUID`: Useful to uniquely identify Tower instances. (string) * `LOG_AGGREGATOR_PROTOCOL`: Protocol used to communicate with log aggregator. HTTPS/HTTP assumes HTTPS unless http:// is explicitly used in the Logging Aggregator hostname. (choice)

• `https`: HTTPS/HTTP
• `tcp`: TCP
• `udp`: UDP

* `LOG_AGGREGATOR_TCP_TIMEOUT`: Number of seconds for a TCP connection to external log aggregator to timeout. Applies to HTTPS and TCP log aggregator protocols. (integer) * `LOG_AGGREGATOR_VERIFY_CERT`: Flag to control enable/disable of certificate verification when LOG_AGGREGATOR_PROTOCOL is "https". If enabled, Tower's log handler will verify certificate sent by external log aggregator before establishing connection. (boolean) * `LOG_AGGREGATOR_LEVEL`: Level threshold used by log handler. Severities from lowest to highest are DEBUG, INFO, WARNING, ERROR, CRITICAL. Messages less severe than the threshold will be ignored by log handler. (messages under category awx.anlytics ignore this setting) (choice)

• `DEBUG`
• `INFO`
• `WARNING`
• `ERROR`
• `CRITICAL`

* `LOG_AGGREGATOR_AUDIT`: When enabled, all external logs emitted by Tower will also be written to /var/log/tower/external.log. This is an experimental setting intended to be used for debugging external log aggregation issues (and may be subject to change in the future). (boolean) * `LOG_AGGREGATOR_MAX_DISK_USAGE_GB`: Amount of data to store (in gigabytes) during an outage of the external log aggregator (defaults to 1). Equivalent to the rsyslogd queue.maxdiskspace setting. (integer) * `LOG_AGGREGATOR_MAX_DISK_USAGE_PATH`: Location to persist logs that should be retried after an outage of the external log aggregator (defaults to /var/lib/awx). Equivalent to the rsyslogd queue.spoolDirectory setting. (string) * `LOG_AGGREGATOR_RSYSLOGD_DEBUG`: Enabled high verbosity debugging for rsyslogd. Useful for debugging connection issues for external log aggregation. (boolean) * `BROKER_DURABILITY`: When set (the default), underlying queues will be persisted to disk. Disable this to enable higher message bus throughput. (boolean) * `AUTOMATION_ANALYTICS_LAST_GATHER`: (datetime) * `AUTOMATION_ANALYTICS_GATHER_INTERVAL`: Interval (in seconds) between data gathering. (integer) * `SESSION_COOKIE_AGE`: Number of seconds that a user is inactive before they will need to login again. (integer) * `SESSIONS_PER_USER`: Maximum number of simultaneous logged in sessions a user may have. To disable enter -1. (integer) * `AUTH_BASIC_ENABLED`: Enable HTTP Basic Auth for the API Browser. (boolean) * `OAUTH2_PROVIDER`: Dictionary for customizing OAuth 2 timeouts, available items are `ACCESS_TOKEN_EXPIRE_SECONDS`, the duration of access tokens in the number of seconds, `AUTHORIZATION_CODE_EXPIRE_SECONDS`, the duration of authorization codes in the number of seconds, and `REFRESH_TOKEN_EXPIRE_SECONDS`, the duration of refresh tokens, after expired access tokens, in the number of seconds. (nested object) * `ALLOW_OAUTH2_FOR_EXTERNAL_USERS`: For security reasons, users from external auth providers (LDAP, SAML, SSO, Radius, and others) are not allowed to create OAuth2 tokens. To change this behavior, enable this setting. Existing tokens will not be deleted when this setting is toggled off. (boolean) * `LOGIN_REDIRECT_OVERRIDE`: URL to which unauthorized users will be redirected to log in. If blank, users will be sent to the Tower login page. (string) * `PENDO_TRACKING_STATE`: Enable or Disable User Analytics Tracking. (choice)

• `off`: Off
• `anonymous`: Anonymous
• `detailed`: Detailed

* `CUSTOM_LOGIN_INFO`: If needed, you can add specific information (such as a legal notice or a disclaimer) to a text box in the login modal using this setting. Any content added must be in plain text, as custom HTML or other markup languages are not supported. (string) * `CUSTOM_LOGO`: To set up a custom logo, provide a file that you create. For the custom logo to look its best, use a .png file with a transparent background. GIF, PNG and JPEG formats are supported. (string) * `MAX_UI_JOB_EVENTS`: Maximum number of job events for the UI to retrieve within a single request. (integer) * `UI_LIVE_UPDATES_ENABLED`: If disabled, the page will not refresh when events are received. Reloading the page will be required to get the latest details. (boolean) * `AUTHENTICATION_BACKENDS`: List of authentication backends that are enabled based on license features and other authentication settings. (list) * `SOCIAL_AUTH_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object) * `SOCIAL_AUTH_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object) * `SOCIAL_AUTH_USER_FIELDS`: When set to an empty list `[]`, this setting prevents new user accounts from being created. Only users who have previously logged in using social auth or have a user account with a matching email address will be able to login. (list) * `AUTH_LDAP_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string) * `AUTH_LDAP_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string) * `AUTH_LDAP_BIND_PASSWORD`: Password used to bind LDAP user account. (string) * `AUTH_LDAP_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean) * `AUTH_LDAP_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object) * `AUTH_LDAP_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list) * `AUTH_LDAP_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string) * `AUTH_LDAP_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object) * `AUTH_LDAP_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list) * `AUTH_LDAP_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType`
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object) * `AUTH_LDAP_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string) * `AUTH_LDAP_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string) * `AUTH_LDAP_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object) * `AUTH_LDAP_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_1_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string) * `AUTH_LDAP_1_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string) * `AUTH_LDAP_1_BIND_PASSWORD`: Password used to bind LDAP user account. (string) * `AUTH_LDAP_1_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean) * `AUTH_LDAP_1_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object) * `AUTH_LDAP_1_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list) * `AUTH_LDAP_1_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string) * `AUTH_LDAP_1_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object) * `AUTH_LDAP_1_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list) * `AUTH_LDAP_1_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType`
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_1_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object) * `AUTH_LDAP_1_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string) * `AUTH_LDAP_1_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string) * `AUTH_LDAP_1_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object) * `AUTH_LDAP_1_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_1_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_2_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string) * `AUTH_LDAP_2_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string) * `AUTH_LDAP_2_BIND_PASSWORD`: Password used to bind LDAP user account. (string) * `AUTH_LDAP_2_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean) * `AUTH_LDAP_2_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object) * `AUTH_LDAP_2_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list) * `AUTH_LDAP_2_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string) * `AUTH_LDAP_2_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object) * `AUTH_LDAP_2_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list) * `AUTH_LDAP_2_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType`
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_2_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object) * `AUTH_LDAP_2_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string) * `AUTH_LDAP_2_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string) * `AUTH_LDAP_2_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object) * `AUTH_LDAP_2_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_2_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_3_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string) * `AUTH_LDAP_3_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string) * `AUTH_LDAP_3_BIND_PASSWORD`: Password used to bind LDAP user account. (string) * `AUTH_LDAP_3_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean) * `AUTH_LDAP_3_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object) * `AUTH_LDAP_3_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list) * `AUTH_LDAP_3_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string) * `AUTH_LDAP_3_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object) * `AUTH_LDAP_3_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list) * `AUTH_LDAP_3_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType`
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_3_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object) * `AUTH_LDAP_3_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string) * `AUTH_LDAP_3_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string) * `AUTH_LDAP_3_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object) * `AUTH_LDAP_3_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_3_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_4_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string) * `AUTH_LDAP_4_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string) * `AUTH_LDAP_4_BIND_PASSWORD`: Password used to bind LDAP user account. (string) * `AUTH_LDAP_4_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean) * `AUTH_LDAP_4_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object) * `AUTH_LDAP_4_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list) * `AUTH_LDAP_4_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string) * `AUTH_LDAP_4_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object) * `AUTH_LDAP_4_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list) * `AUTH_LDAP_4_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType`
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_4_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object) * `AUTH_LDAP_4_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string) * `AUTH_LDAP_4_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string) * `AUTH_LDAP_4_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object) * `AUTH_LDAP_4_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_4_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_5_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string) * `AUTH_LDAP_5_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string) * `AUTH_LDAP_5_BIND_PASSWORD`: Password used to bind LDAP user account. (string) * `AUTH_LDAP_5_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean) * `AUTH_LDAP_5_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object) * `AUTH_LDAP_5_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list) * `AUTH_LDAP_5_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string) * `AUTH_LDAP_5_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object) * `AUTH_LDAP_5_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list) * `AUTH_LDAP_5_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType`
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_5_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object) * `AUTH_LDAP_5_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string) * `AUTH_LDAP_5_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string) * `AUTH_LDAP_5_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object) * `AUTH_LDAP_5_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object) * `AUTH_LDAP_5_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object) * `RADIUS_SERVER`: Hostname/IP of RADIUS server. RADIUS authentication is disabled if this setting is empty. (string) * `RADIUS_PORT`: Port of RADIUS server. (integer) * `RADIUS_SECRET`: Shared secret for authenticating to RADIUS server. (string) * `TACACSPLUS_HOST`: Hostname of TACACS+ server. (string) * `TACACSPLUS_PORT`: Port number of TACACS+ server. (integer) * `TACACSPLUS_SECRET`: Shared secret for authenticating to TACACS+ server. (string) * `TACACSPLUS_SESSION_TIMEOUT`: TACACS+ session timeout value in seconds, 0 disables timeout. (integer) * `TACACSPLUS_AUTH_PROTOCOL`: Choose the authentication protocol used by TACACS+ client. (choice)

• `ascii`
• `pap`

* `SOCIAL_AUTH_GOOGLE_OAUTH2_CALLBACK_URL`: Provide this URL as the callback URL for your application as part of your registration process. Refer to the Ansible Tower documentation for more detail. (string) * `SOCIAL_AUTH_GOOGLE_OAUTH2_KEY`: The OAuth2 key from your web application. (string) * `SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET`: The OAuth2 secret from your web application. (string) * `SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS`: Update this setting to restrict the domains who are allowed to login using Google OAuth2. (list) * `SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS`: Extra arguments for Google OAuth2 login. You can restrict it to only allow a single domain to authenticate, even if the user is logged in with multple Google accounts. Refer to the Ansible Tower documentation for more detail. (nested object) * `SOCIAL_AUTH_GOOGLE_OAUTH2_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object) * `SOCIAL_AUTH_GOOGLE_OAUTH2_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object) * `SOCIAL_AUTH_GITHUB_CALLBACK_URL`: Provide this URL as the callback URL for your application as part of your registration process. Refer to the Ansible Tower documentation for more detail. (string) * `SOCIAL_AUTH_GITHUB_KEY`: The OAuth2 key (Client ID) from your GitHub developer application. (string) * `SOCIAL_AUTH_GITHUB_SECRET`: The OAuth2 secret (Client Secret) from your GitHub developer application. (string) * `SOCIAL_AUTH_GITHUB_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object) * `SOCIAL_AUTH_GITHUB_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object) * `SOCIAL_AUTH_GITHUB_ORG_CALLBACK_URL`: Provide this URL as the callback URL for your application as part of your registration process. Refer to the Ansible Tower documentation for more detail. (string) * `SOCIAL_AUTH_GITHUB_ORG_KEY`: The OAuth2 key (Client ID) from your GitHub organization application. (string) * `SOCIAL_AUTH_GITHUB_ORG_SECRET`: The OAuth2 secret (Client Secret) from your GitHub organization application. (string) * `SOCIAL_AUTH_GITHUB_ORG_NAME`: The name of your GitHub organization, as used in your organization's URL: https://github.com/<yourorg>/. (string) * `SOCIAL_AUTH_GITHUB_ORG_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object) * `SOCIAL_AUTH_GITHUB_ORG_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object) * `SOCIAL_AUTH_GITHUB_TEAM_CALLBACK_URL`: Create an organization-owned application at https://github.com/organizations/<yourorg>/settings/applications and obtain an OAuth2 key (Client ID) and secret (Client Secret). Provide this URL as the callback URL for your application. (string) * `SOCIAL_AUTH_GITHUB_TEAM_KEY`: The OAuth2 key (Client ID) from your GitHub organization application. (string) * `SOCIAL_AUTH_GITHUB_TEAM_SECRET`: The OAuth2 secret (Client Secret) from your GitHub organization application. (string) * `SOCIAL_AUTH_GITHUB_TEAM_ID`: Find the numeric team ID using the Github API: http://fabian-kostadinov.github.io/2015/01/16/how-to-find-a-github-team-id/. (string) * `SOCIAL_AUTH_GITHUB_TEAM_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object) * `SOCIAL_AUTH_GITHUB_TEAM_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object) * `SOCIAL_AUTH_AZUREAD_OAUTH2_CALLBACK_URL`: Provide this URL as the callback URL for your application as part of your registration process. Refer to the Ansible Tower documentation for more detail. (string) * `SOCIAL_AUTH_AZUREAD_OAUTH2_KEY`: The OAuth2 key (Client ID) from your Azure AD application. (string) * `SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET`: The OAuth2 secret (Client Secret) from your Azure AD application. (string) * `SOCIAL_AUTH_AZUREAD_OAUTH2_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object) * `SOCIAL_AUTH_AZUREAD_OAUTH2_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object) * `SOCIAL_AUTH_SAML_CALLBACK_URL`: Register Tower as a service provider (SP) with each identity provider (IdP) you have configured. Provide your SP Entity ID and this ACS URL for your application. (string) * `SOCIAL_AUTH_SAML_METADATA_URL`: If your identity provider (IdP) allows uploading an XML metadata file, you can download one from this URL. (string) * `SOCIAL_AUTH_SAML_SP_ENTITY_ID`: The application-defined unique identifier used as the audience of the SAML service provider (SP) configuration. This is usually the URL for Tower. (string) * `SOCIAL_AUTH_SAML_SP_PUBLIC_CERT`: Create a keypair for Tower to use as a service provider (SP) and include the certificate content here. (string) * `SOCIAL_AUTH_SAML_SP_PRIVATE_KEY`: Create a keypair for Tower to use as a service provider (SP) and include the private key content here. (string) * `SOCIAL_AUTH_SAML_ORG_INFO`: Provide the URL, display name, and the name of your app. Refer to the Ansible Tower documentation for example syntax. (nested object) * `SOCIAL_AUTH_SAML_TECHNICAL_CONTACT`: Provide the name and email address of the technical contact for your service provider. Refer to the Ansible Tower documentation for example syntax. (nested object) * `SOCIAL_AUTH_SAML_SUPPORT_CONTACT`: Provide the name and email address of the support contact for your service provider. Refer to the Ansible Tower documentation for example syntax. (nested object) * `SOCIAL_AUTH_SAML_ENABLED_IDPS`: Configure the Entity ID, SSO URL and certificate for each identity provider (IdP) in use. Multiple SAML IdPs are supported. Some IdPs may provide user data using attribute names that differ from the default OIDs. Attribute names may be overridden for each IdP. Refer to the Ansible documentation for additional details and syntax. (nested object) * `SOCIAL_AUTH_SAML_SECURITY_CONFIG`: A dict of key value pairs that are passed to the underlying python-saml security setting https://github.com/onelogin/python-saml#settings (nested object) * `SOCIAL_AUTH_SAML_SP_EXTRA`: A dict of key value pairs to be passed to the underlying python-saml Service Provider configuration setting. (nested object) * `SOCIAL_AUTH_SAML_EXTRA_DATA`: A list of tuples that maps IDP attributes to extra_attributes. Each attribute will be a list of values, even if only 1 value. (list) * `SOCIAL_AUTH_SAML_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object) * `SOCIAL_AUTH_SAML_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object) * `SOCIAL_AUTH_SAML_ORGANIZATION_ATTR`: Used to translate user organization membership into Tower. (nested object) * `SOCIAL_AUTH_SAML_TEAM_ATTR`: Used to translate user team membership into Tower. (nested object)

func (*Client) SettingsSettingsUpdate ¶

func (a *Client) SettingsSettingsUpdate(params *SettingsSettingsUpdateParams) (*SettingsSettingsUpdateOK, error)

SettingsSettingsUpdate updates a setting

Make a PUT or PATCH request to this resource to update this setting. The following fields may be modified:

* `ACTIVITY_STREAM_ENABLED`: Enable capturing activity for the activity stream. (boolean, required) * `ACTIVITY_STREAM_ENABLED_FOR_INVENTORY_SYNC`: Enable capturing activity for the activity stream when running inventory sync. (boolean, required) * `ORG_ADMINS_CAN_SEE_ALL_USERS`: Controls whether any Organization Admin can view all users and teams, even those not associated with their Organization. (boolean, required) * `MANAGE_ORGANIZATION_AUTH`: Controls whether any Organization Admin has the privileges to create and manage users and teams. You may want to disable this ability if you are using an LDAP or SAML integration. (boolean, required) * `TOWER_URL_BASE`: This setting is used by services like notifications to render a valid url to the Tower host. (string, required) * `REMOTE_HOST_HEADERS`: HTTP headers and meta keys to search to determine remote host name or IP. Add additional items to this list, such as "HTTP_X_FORWARDED_FOR", if behind a reverse proxy. See the "Proxy Support" section of the Adminstrator guide for more details. (list, required) * `PROXY_IP_WHITELIST`: If Tower is behind a reverse proxy/load balancer, use this setting to whitelist the proxy IP addresses from which Tower should trust custom REMOTE_HOST_HEADERS header values. If this setting is an empty list (the default), the headers specified by REMOTE_HOST_HEADERS will be trusted unconditionally') (list, required)

* `REDHAT_USERNAME`: This username is used to retrieve license information and to send Automation Analytics (string, default=`""`) * `REDHAT_PASSWORD`: This password is used to retrieve license information and to send Automation Analytics (string, default=`""`) * `AUTOMATION_ANALYTICS_URL`: This setting is used to to configure data collection for the Automation Analytics dashboard (string, default=`"https://example.com"`)

* `CUSTOM_VENV_PATHS`: Paths where Tower will look for custom virtual environments (in addition to /var/lib/awx/venv/). Enter one path per line. (list, default=`[]`) * `AD_HOC_COMMANDS`: List of modules allowed to be used by ad-hoc jobs. (list, default=`['command', 'shell', 'yum', 'apt', 'apt_key', 'apt_repository', 'apt_rpm', 'service', 'group', 'user', 'mount', 'ping', 'selinux', 'setup', 'win_ping', 'win_service', 'win_updates', 'win_group', 'win_user']`) * `ALLOW_JINJA_IN_EXTRA_VARS`: Ansible allows variable substitution via the Jinja2 templating language for --extra-vars. This poses a potential security risk where Tower users with the ability to specify extra vars at job launch time can use Jinja2 templates to run arbitrary Python. It is recommended that this value be set to "template" or "never". (choice, required)

• `always`: Always
• `never`: Never
• `template`: Only On Job Template Definitions (default)

* `AWX_PROOT_ENABLED`: Isolates an Ansible job from protected parts of the system to prevent exposing sensitive information. (boolean, required) * `AWX_PROOT_BASE_PATH`: The directory in which Tower will create new temporary directories for job execution and isolation (such as credential files and custom inventory scripts). (string, required) * `AWX_PROOT_HIDE_PATHS`: Additional paths to hide from isolated processes. Enter one path per line. (list, default=`[]`) * `AWX_PROOT_SHOW_PATHS`: Whitelist of paths that would otherwise be hidden to expose to isolated jobs. Enter one path per line. (list, default=`[]`) * `AWX_ISOLATED_VERBOSITY`: This can be raised to aid in debugging connection issues for isolated task execution (integer, default=`0`) * `AWX_ISOLATED_CHECK_INTERVAL`: The number of seconds to sleep between status checks for jobs running on isolated instances. (integer, required) * `AWX_ISOLATED_LAUNCH_TIMEOUT`: The timeout (in seconds) for launching jobs on isolated instances. This includes the time needed to copy source control files (playbooks) to the isolated instance. (integer, required) * `AWX_ISOLATED_CONNECTION_TIMEOUT`: Ansible SSH connection timeout (in seconds) to use when communicating with isolated instances. Value should be substantially greater than expected network latency. (integer, default=`10`) * `AWX_ISOLATED_HOST_KEY_CHECKING`: When set to True, AWX will enforce strict host key checking for communication with isolated nodes. (boolean, default=`False`)

* `AWX_RESOURCE_PROFILING_ENABLED`: If set, detailed resource profiling data will be collected on all jobs. This data can be gathered with `sosreport`. (boolean, default=`False`) * `AWX_RESOURCE_PROFILING_CPU_POLL_INTERVAL`: Interval (in seconds) between polls for cpu usage. Setting this lower than the default will affect playbook performance. (float, default=`0.25`) * `AWX_RESOURCE_PROFILING_MEMORY_POLL_INTERVAL`: Interval (in seconds) between polls for memory usage. Setting this lower than the default will affect playbook performance. (float, default=`0.25`) * `AWX_RESOURCE_PROFILING_PID_POLL_INTERVAL`: Interval (in seconds) between polls for PID count. Setting this lower than the default will affect playbook performance. (float, default=`0.25`) * `AWX_TASK_ENV`: Additional environment variables set for playbook runs, inventory updates, project updates, and notification sending. (nested object, default=`{}`) * `INSIGHTS_TRACKING_STATE`: Enables Tower to gather data on automation and send it to Red Hat. (boolean, default=`False`) * `PROJECT_UPDATE_VVV`: Adds the CLI -vvv flag to ansible-playbook runs of project_update.yml used for project updates. (boolean, required) * `AWX_ROLES_ENABLED`: Allows roles to be dynamically downloaded from a requirements.yml file for SCM projects. (boolean, default=`True`) * `AWX_COLLECTIONS_ENABLED`: Allows collections to be dynamically downloaded from a requirements.yml file for SCM projects. (boolean, default=`True`) * `PRIMARY_GALAXY_URL`: For organizations that run their own Galaxy service, this gives the option to specify a host as the primary galaxy server. Requirements will be downloaded from the primary if the specific role or collection is available there. If the content is not avilable in the primary, or if this field is left blank, it will default to galaxy.ansible.com. (string, default=`""`) * `PRIMARY_GALAXY_USERNAME`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The username to use for basic authentication against the Galaxy instance, this is mutually exclusive with PRIMARY_GALAXY_TOKEN. (string, default=`""`) * `PRIMARY_GALAXY_PASSWORD`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The password to use for basic authentication against the Galaxy instance, this is mutually exclusive with PRIMARY_GALAXY_TOKEN. (string, default=`""`) * `PRIMARY_GALAXY_TOKEN`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The token to use for connecting with the Galaxy instance, this is mutually exclusive with corresponding username and password settings. (string, default=`""`) * `PRIMARY_GALAXY_AUTH_URL`: For using a galaxy server at higher precedence than the public Ansible Galaxy. The token_endpoint of a Keycloak server. (string, default=`""`) * `PUBLIC_GALAXY_ENABLED`: Allow or deny access to the public Ansible Galaxy during project updates. (boolean, default=`True`) * `GALAXY_IGNORE_CERTS`: If set to true, certificate validation will not be done wheninstalling content from any Galaxy server. (boolean, default=`False`) * `STDOUT_MAX_BYTES_DISPLAY`: Maximum Size of Standard Output in bytes to display before requiring the output be downloaded. (integer, required) * `EVENT_STDOUT_MAX_BYTES_DISPLAY`: Maximum Size of Standard Output in bytes to display for a single job or ad hoc command event. `stdout` will end with `…` when truncated. (integer, required) * `SCHEDULE_MAX_JOBS`: Maximum number of the same job template that can be waiting to run when launching from a schedule before no more are created. (integer, required) * `AWX_ANSIBLE_CALLBACK_PLUGINS`: List of paths to search for extra callback plugins to be used when running jobs. Enter one path per line. (list, default=`[]`) * `DEFAULT_JOB_TIMEOUT`: Maximum time in seconds to allow jobs to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual job template will override this. (integer, default=`0`) * `DEFAULT_INVENTORY_UPDATE_TIMEOUT`: Maximum time in seconds to allow inventory updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual inventory source will override this. (integer, default=`0`) * `DEFAULT_PROJECT_UPDATE_TIMEOUT`: Maximum time in seconds to allow project updates to run. Use value of 0 to indicate that no timeout should be imposed. A timeout set on an individual project will override this. (integer, default=`0`) * `ANSIBLE_FACT_CACHE_TIMEOUT`: Maximum time, in seconds, that stored Ansible facts are considered valid since the last time they were modified. Only valid, non-stale, facts will be accessible by a playbook. Note, this does not influence the deletion of ansible_facts from the database. Use a value of 0 to indicate that no timeout should be imposed. (integer, default=`0`) * `MAX_FORKS`: Saving a Job Template with more than this number of forks will result in an error. When set to 0, no limit is applied. (integer, default=`200`) * `LOG_AGGREGATOR_HOST`: Hostname/IP where external logs will be sent to. (string, default=`""`) * `LOG_AGGREGATOR_PORT`: Port on Logging Aggregator to send logs to (if required and not provided in Logging Aggregator). (integer, default=`None`) * `LOG_AGGREGATOR_TYPE`: Format messages for the chosen log aggregator. (choice)

• `None`: --------- (default)
• `logstash`
• `splunk`
• `loggly`
• `sumologic`
• `other`

* `LOG_AGGREGATOR_USERNAME`: Username for external log aggregator (if required; HTTP/s only). (string, default=`""`) * `LOG_AGGREGATOR_PASSWORD`: Password or authentication token for external log aggregator (if required; HTTP/s only). (string, default=`""`) * `LOG_AGGREGATOR_LOGGERS`: List of loggers that will send HTTP logs to the collector, these can include any or all of: awx - service logs activity_stream - activity stream records job_events - callback data from Ansible job events system_tracking - facts gathered from scan jobs. (list, default=`['awx', 'activity_stream', 'job_events', 'system_tracking']`) * `LOG_AGGREGATOR_INDIVIDUAL_FACTS`: If set, system tracking facts will be sent for each package, service, or other item found in a scan, allowing for greater search query granularity. If unset, facts will be sent as a single dictionary, allowing for greater efficiency in fact processing. (boolean, default=`False`) * `LOG_AGGREGATOR_ENABLED`: Enable sending logs to external log aggregator. (boolean, default=`False`) * `LOG_AGGREGATOR_TOWER_UUID`: Useful to uniquely identify Tower instances. (string, default=`""`) * `LOG_AGGREGATOR_PROTOCOL`: Protocol used to communicate with log aggregator. HTTPS/HTTP assumes HTTPS unless http:// is explicitly used in the Logging Aggregator hostname. (choice)

• `https`: HTTPS/HTTP (default)
• `tcp`: TCP
• `udp`: UDP

* `LOG_AGGREGATOR_TCP_TIMEOUT`: Number of seconds for a TCP connection to external log aggregator to timeout. Applies to HTTPS and TCP log aggregator protocols. (integer, default=`5`) * `LOG_AGGREGATOR_VERIFY_CERT`: Flag to control enable/disable of certificate verification when LOG_AGGREGATOR_PROTOCOL is "https". If enabled, Tower's log handler will verify certificate sent by external log aggregator before establishing connection. (boolean, default=`True`) * `LOG_AGGREGATOR_LEVEL`: Level threshold used by log handler. Severities from lowest to highest are DEBUG, INFO, WARNING, ERROR, CRITICAL. Messages less severe than the threshold will be ignored by log handler. (messages under category awx.anlytics ignore this setting) (choice)

• `DEBUG`
• `INFO` (default)
• `WARNING`
• `ERROR`
• `CRITICAL`

* `LOG_AGGREGATOR_AUDIT`: When enabled, all external logs emitted by Tower will also be written to /var/log/tower/external.log. This is an experimental setting intended to be used for debugging external log aggregation issues (and may be subject to change in the future). (boolean, default=`False`) * `LOG_AGGREGATOR_MAX_DISK_USAGE_GB`: Amount of data to store (in gigabytes) during an outage of the external log aggregator (defaults to 1). Equivalent to the rsyslogd queue.maxdiskspace setting. (integer, default=`1`) * `LOG_AGGREGATOR_MAX_DISK_USAGE_PATH`: Location to persist logs that should be retried after an outage of the external log aggregator (defaults to /var/lib/awx). Equivalent to the rsyslogd queue.spoolDirectory setting. (string, default=`"/var/lib/awx"`) * `LOG_AGGREGATOR_RSYSLOGD_DEBUG`: Enabled high verbosity debugging for rsyslogd. Useful for debugging connection issues for external log aggregation. (boolean, default=`False`) * `BROKER_DURABILITY`: When set (the default), underlying queues will be persisted to disk. Disable this to enable higher message bus throughput. (boolean, required) * `AUTOMATION_ANALYTICS_LAST_GATHER`: (datetime, required) * `AUTOMATION_ANALYTICS_GATHER_INTERVAL`: Interval (in seconds) between data gathering. (integer, default=`14400`) * `SESSION_COOKIE_AGE`: Number of seconds that a user is inactive before they will need to login again. (integer, required) * `SESSIONS_PER_USER`: Maximum number of simultaneous logged in sessions a user may have. To disable enter -1. (integer, required) * `AUTH_BASIC_ENABLED`: Enable HTTP Basic Auth for the API Browser. (boolean, required) * `OAUTH2_PROVIDER`: Dictionary for customizing OAuth 2 timeouts, available items are `ACCESS_TOKEN_EXPIRE_SECONDS`, the duration of access tokens in the number of seconds, `AUTHORIZATION_CODE_EXPIRE_SECONDS`, the duration of authorization codes in the number of seconds, and `REFRESH_TOKEN_EXPIRE_SECONDS`, the duration of refresh tokens, after expired access tokens, in the number of seconds. (nested object, default=`{'ACCESS_TOKEN_EXPIRE_SECONDS': 31536000000, 'AUTHORIZATION_CODE_EXPIRE_SECONDS': 600, 'REFRESH_TOKEN_EXPIRE_SECONDS': 2628000}`) * `ALLOW_OAUTH2_FOR_EXTERNAL_USERS`: For security reasons, users from external auth providers (LDAP, SAML, SSO, Radius, and others) are not allowed to create OAuth2 tokens. To change this behavior, enable this setting. Existing tokens will not be deleted when this setting is toggled off. (boolean, default=`False`) * `LOGIN_REDIRECT_OVERRIDE`: URL to which unauthorized users will be redirected to log in. If blank, users will be sent to the Tower login page. (string, default=`""`)

* `CUSTOM_LOGIN_INFO`: If needed, you can add specific information (such as a legal notice or a disclaimer) to a text box in the login modal using this setting. Any content added must be in plain text, as custom HTML or other markup languages are not supported. (string, default=`""`) * `CUSTOM_LOGO`: To set up a custom logo, provide a file that you create. For the custom logo to look its best, use a .png file with a transparent background. GIF, PNG and JPEG formats are supported. (string, default=`""`) * `MAX_UI_JOB_EVENTS`: Maximum number of job events for the UI to retrieve within a single request. (integer, required) * `UI_LIVE_UPDATES_ENABLED`: If disabled, the page will not refresh when events are received. Reloading the page will be required to get the latest details. (boolean, required)

* `SOCIAL_AUTH_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_USER_FIELDS`: When set to an empty list `[]`, this setting prevents new user accounts from being created. Only users who have previously logged in using social auth or have a user account with a matching email address will be able to login. (list, default=`None`) * `AUTH_LDAP_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_1_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_1_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_1_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_1_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_1_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_1_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_1_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_1_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_1_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_1_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_1_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_1_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_1_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_1_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_1_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_1_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_2_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_2_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_2_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_2_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_2_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_2_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_2_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_2_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_2_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_2_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_2_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_2_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_2_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_2_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_2_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_2_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_3_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_3_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_3_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_3_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_3_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_3_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_3_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_3_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_3_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_3_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_3_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_3_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_3_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_3_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_3_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_3_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_4_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_4_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_4_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_4_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_4_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_4_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_4_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_4_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_4_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_4_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_4_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_4_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_4_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_4_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_4_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_4_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_5_SERVER_URI`: URI to connect to LDAP server, such as "ldap://ldap.example.com:389" (non-SSL) or "ldaps://ldap.example.com:636" (SSL). Multiple LDAP servers may be specified by separating with spaces or commas. LDAP authentication is disabled if this parameter is empty. (string, default=`""`) * `AUTH_LDAP_5_BIND_DN`: DN (Distinguished Name) of user to bind for all search queries. This is the system user account we will use to login to query LDAP for other user information. Refer to the Ansible Tower documentation for example syntax. (string, default=`""`) * `AUTH_LDAP_5_BIND_PASSWORD`: Password used to bind LDAP user account. (string, default=`""`) * `AUTH_LDAP_5_START_TLS`: Whether to enable TLS when the LDAP connection is not using SSL. (boolean, default=`False`) * `AUTH_LDAP_5_CONNECTION_OPTIONS`: Additional options to set for the LDAP connection. LDAP referrals are disabled by default (to prevent certain LDAP queries from hanging with AD). Option names should be strings (e.g. "OPT_REFERRALS"). Refer to https://www.python-ldap.org/doc/html/ldap.html#options for possible options and values that can be set. (nested object, default=`{'OPT_REFERRALS': 0, 'OPT_NETWORK_TIMEOUT': 30}`) * `AUTH_LDAP_5_USER_SEARCH`: LDAP search query to find users. Any user that matches the given pattern will be able to login to Tower. The user should also be mapped into a Tower organization (as defined in the AUTH_LDAP_ORGANIZATION_MAP setting). If multiple search queries need to be supported use of "LDAPUnion" is possible. See Tower documentation for details. (list, default=`[]`) * `AUTH_LDAP_5_USER_DN_TEMPLATE`: Alternative to user search, if user DNs are all of the same format. This approach is more efficient for user lookups than searching if it is usable in your organizational environment. If this setting has a value it will be used instead of AUTH_LDAP_USER_SEARCH. (string, default=`""`) * `AUTH_LDAP_5_USER_ATTR_MAP`: Mapping of LDAP user schema to Tower API user attributes. The default setting is valid for ActiveDirectory but users with other LDAP configurations may need to change the values. Refer to the Ansible Tower documentation for additional details. (nested object, default=`{}`) * `AUTH_LDAP_5_GROUP_SEARCH`: Users are mapped to organizations based on their membership in LDAP groups. This setting defines the LDAP search query to find groups. Unlike the user search, group search does not support LDAPSearchUnion. (list, default=`[]`) * `AUTH_LDAP_5_GROUP_TYPE`: The group type may need to be changed based on the type of the LDAP server. Values are listed at: https://django-auth-ldap.readthedocs.io/en/stable/groups.html#types-of-groups (choice)

• `PosixGroupType`
• `GroupOfNamesType`
• `GroupOfUniqueNamesType`
• `ActiveDirectoryGroupType`
• `OrganizationalRoleGroupType`
• `MemberDNGroupType` (default)
• `NestedGroupOfNamesType`
• `NestedGroupOfUniqueNamesType`
• `NestedActiveDirectoryGroupType`
• `NestedOrganizationalRoleGroupType`
• `NestedMemberDNGroupType`
• `PosixUIDGroupType`

* `AUTH_LDAP_5_GROUP_TYPE_PARAMS`: Key value parameters to send the chosen group type init method. (nested object, default=`OrderedDict([('member_attr', 'member'), ('name_attr', 'cn')])`) * `AUTH_LDAP_5_REQUIRE_GROUP`: Group DN required to login. If specified, user must be a member of this group to login via LDAP. If not set, everyone in LDAP that matches the user search will be able to login via Tower. Only one require group is supported. (string, default=`""`) * `AUTH_LDAP_5_DENY_GROUP`: Group DN denied from login. If specified, user will not be allowed to login if a member of this group. Only one deny group is supported. (string, default=`""`) * `AUTH_LDAP_5_USER_FLAGS_BY_GROUP`: Retrieve users from a given group. At this time, superuser and system auditors are the only groups supported. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `AUTH_LDAP_5_ORGANIZATION_MAP`: Mapping between organization admins/users and LDAP groups. This controls which users are placed into which Tower organizations relative to their LDAP group memberships. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `AUTH_LDAP_5_TEAM_MAP`: Mapping between team members (users) and LDAP groups. Configuration details are available in the Ansible Tower documentation. (nested object, default=`{}`) * `RADIUS_SERVER`: Hostname/IP of RADIUS server. RADIUS authentication is disabled if this setting is empty. (string, default=`""`) * `RADIUS_PORT`: Port of RADIUS server. (integer, default=`1812`) * `RADIUS_SECRET`: Shared secret for authenticating to RADIUS server. (string, default=`""`) * `TACACSPLUS_HOST`: Hostname of TACACS+ server. (string, default=`""`) * `TACACSPLUS_PORT`: Port number of TACACS+ server. (integer, default=`49`) * `TACACSPLUS_SECRET`: Shared secret for authenticating to TACACS+ server. (string, default=`""`) * `TACACSPLUS_SESSION_TIMEOUT`: TACACS+ session timeout value in seconds, 0 disables timeout. (integer, default=`5`) * `TACACSPLUS_AUTH_PROTOCOL`: Choose the authentication protocol used by TACACS+ client. (choice)

• `ascii` (default)
• `pap`

* `SOCIAL_AUTH_GOOGLE_OAUTH2_KEY`: The OAuth2 key from your web application. (string, default=`""`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET`: The OAuth2 secret from your web application. (string, default=`""`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_WHITELISTED_DOMAINS`: Update this setting to restrict the domains who are allowed to login using Google OAuth2. (list, default=`[]`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS`: Extra arguments for Google OAuth2 login. You can restrict it to only allow a single domain to authenticate, even if the user is logged in with multple Google accounts. Refer to the Ansible Tower documentation for more detail. (nested object, default=`{}`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_GOOGLE_OAUTH2_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_GITHUB_KEY`: The OAuth2 key (Client ID) from your GitHub developer application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_SECRET`: The OAuth2 secret (Client Secret) from your GitHub developer application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_GITHUB_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_GITHUB_ORG_KEY`: The OAuth2 key (Client ID) from your GitHub organization application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_ORG_SECRET`: The OAuth2 secret (Client Secret) from your GitHub organization application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_ORG_NAME`: The name of your GitHub organization, as used in your organization's URL: https://github.com/<yourorg>/. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_ORG_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_GITHUB_ORG_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_GITHUB_TEAM_KEY`: The OAuth2 key (Client ID) from your GitHub organization application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_TEAM_SECRET`: The OAuth2 secret (Client Secret) from your GitHub organization application. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_TEAM_ID`: Find the numeric team ID using the Github API: http://fabian-kostadinov.github.io/2015/01/16/how-to-find-a-github-team-id/. (string, default=`""`) * `SOCIAL_AUTH_GITHUB_TEAM_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_GITHUB_TEAM_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_AZUREAD_OAUTH2_KEY`: The OAuth2 key (Client ID) from your Azure AD application. (string, default=`""`) * `SOCIAL_AUTH_AZUREAD_OAUTH2_SECRET`: The OAuth2 secret (Client Secret) from your Azure AD application. (string, default=`""`) * `SOCIAL_AUTH_AZUREAD_OAUTH2_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_AZUREAD_OAUTH2_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`)

* `SOCIAL_AUTH_SAML_SP_ENTITY_ID`: The application-defined unique identifier used as the audience of the SAML service provider (SP) configuration. This is usually the URL for Tower. (string, default=`""`) * `SOCIAL_AUTH_SAML_SP_PUBLIC_CERT`: Create a keypair for Tower to use as a service provider (SP) and include the certificate content here. (string, required) * `SOCIAL_AUTH_SAML_SP_PRIVATE_KEY`: Create a keypair for Tower to use as a service provider (SP) and include the private key content here. (string, required) * `SOCIAL_AUTH_SAML_ORG_INFO`: Provide the URL, display name, and the name of your app. Refer to the Ansible Tower documentation for example syntax. (nested object, required) * `SOCIAL_AUTH_SAML_TECHNICAL_CONTACT`: Provide the name and email address of the technical contact for your service provider. Refer to the Ansible Tower documentation for example syntax. (nested object, required) * `SOCIAL_AUTH_SAML_SUPPORT_CONTACT`: Provide the name and email address of the support contact for your service provider. Refer to the Ansible Tower documentation for example syntax. (nested object, required) * `SOCIAL_AUTH_SAML_ENABLED_IDPS`: Configure the Entity ID, SSO URL and certificate for each identity provider (IdP) in use. Multiple SAML IdPs are supported. Some IdPs may provide user data using attribute names that differ from the default OIDs. Attribute names may be overridden for each IdP. Refer to the Ansible documentation for additional details and syntax. (nested object, default=`{}`) * `SOCIAL_AUTH_SAML_SECURITY_CONFIG`: A dict of key value pairs that are passed to the underlying python-saml security setting https://github.com/onelogin/python-saml#settings (nested object, default=`{'requestedAuthnContext': False}`) * `SOCIAL_AUTH_SAML_SP_EXTRA`: A dict of key value pairs to be passed to the underlying python-saml Service Provider configuration setting. (nested object, default=`None`) * `SOCIAL_AUTH_SAML_EXTRA_DATA`: A list of tuples that maps IDP attributes to extra_attributes. Each attribute will be a list of values, even if only 1 value. (list, default=`None`) * `SOCIAL_AUTH_SAML_ORGANIZATION_MAP`: Mapping to organization admins/users from social auth accounts. This setting controls which users are placed into which Tower organizations based on their username and email address. Configuration details are available in the Ansible Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_SAML_TEAM_MAP`: Mapping of team members (users) from social auth accounts. Configuration details are available in Tower documentation. (nested object, default=`None`) * `SOCIAL_AUTH_SAML_ORGANIZATION_ATTR`: Used to translate user organization membership into Tower. (nested object, default=`{}`) * `SOCIAL_AUTH_SAML_TEAM_ATTR`: Used to translate user team membership into Tower. (nested object, default=`{}`)

For a PUT request, include **all** fields in the request.

func (*SettingsSettingsDeleteNoContent) Error ¶

func (o *SettingsSettingsDeleteNoContent) Error() string

func (*SettingsSettingsDeleteParams) SetCategorySlug ¶

func (o *SettingsSettingsDeleteParams) SetCategorySlug(categorySlug string)

SetCategorySlug adds the categorySlug to the settings settings delete params

func (*SettingsSettingsDeleteParams) SetContext ¶

func (o *SettingsSettingsDeleteParams) SetContext(ctx context.Context)

SetContext adds the context to the settings settings delete params

func (*SettingsSettingsDeleteParams) SetHTTPClient ¶

func (o *SettingsSettingsDeleteParams) SetHTTPClient(client *http.Client)

SetHTTPClient adds the HTTPClient to the settings settings delete params

func (*SettingsSettingsDeleteParams) SetTimeout ¶

func (o *SettingsSettingsDeleteParams) SetTimeout(timeout time.Duration)

SetTimeout adds the timeout to the settings settings delete params

func (*SettingsSettingsDeleteParams) WithCategorySlug ¶

func (o *SettingsSettingsDeleteParams) WithCategorySlug(categorySlug string) *SettingsSettingsDeleteParams

WithCategorySlug adds the categorySlug to the settings settings delete params

func (*SettingsSettingsDeleteParams) WithContext ¶

func (o *SettingsSettingsDeleteParams) WithContext(ctx context.Context) *SettingsSettingsDeleteParams

WithContext adds the context to the settings settings delete params

func (*SettingsSettingsDeleteParams) WithHTTPClient ¶

func (o *SettingsSettingsDeleteParams) WithHTTPClient(client *http.Client) *SettingsSettingsDeleteParams

WithHTTPClient adds the HTTPClient to the settings settings delete params

func (*SettingsSettingsDeleteParams) WithTimeout ¶

func (o *SettingsSettingsDeleteParams) WithTimeout(timeout time.Duration) *SettingsSettingsDeleteParams

WithTimeout adds the timeout to the settings settings delete params

func (*SettingsSettingsDeleteParams) WriteToRequest ¶

func (o *SettingsSettingsDeleteParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error

WriteToRequest writes these params to a swagger request

func (*SettingsSettingsDeleteReader) ReadResponse ¶

func (o *SettingsSettingsDeleteReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error)

ReadResponse reads a server response into the received o.

func (*SettingsSettingsListOK) Error ¶

func (o *SettingsSettingsListOK) Error() string

func (*SettingsSettingsListParams) SetContext ¶

func (o *SettingsSettingsListParams) SetContext(ctx context.Context)

SetContext adds the context to the settings settings list params

func (*SettingsSettingsListParams) SetHTTPClient ¶

func (o *SettingsSettingsListParams) SetHTTPClient(client *http.Client)

SetHTTPClient adds the HTTPClient to the settings settings list params

func (*SettingsSettingsListParams) SetPage ¶

func (o *SettingsSettingsListParams) SetPage(page *int64)

SetPage adds the page to the settings settings list params

func (*SettingsSettingsListParams) SetPageSize ¶

func (o *SettingsSettingsListParams) SetPageSize(pageSize *int64)

SetPageSize adds the pageSize to the settings settings list params

func (*SettingsSettingsListParams) SetTimeout ¶

func (o *SettingsSettingsListParams) SetTimeout(timeout time.Duration)

SetTimeout adds the timeout to the settings settings list params

func (*SettingsSettingsListParams) WithContext ¶

func (o *SettingsSettingsListParams) WithContext(ctx context.Context) *SettingsSettingsListParams

WithContext adds the context to the settings settings list params

func (*SettingsSettingsListParams) WithHTTPClient ¶

func (o *SettingsSettingsListParams) WithHTTPClient(client *http.Client) *SettingsSettingsListParams

WithHTTPClient adds the HTTPClient to the settings settings list params

func (*SettingsSettingsListParams) WithPage ¶

func (o *SettingsSettingsListParams) WithPage(page *int64) *SettingsSettingsListParams

WithPage adds the page to the settings settings list params

func (*SettingsSettingsListParams) WithPageSize ¶

func (o *SettingsSettingsListParams) WithPageSize(pageSize *int64) *SettingsSettingsListParams

WithPageSize adds the pageSize to the settings settings list params

func (*SettingsSettingsListParams) WithTimeout ¶

func (o *SettingsSettingsListParams) WithTimeout(timeout time.Duration) *SettingsSettingsListParams

WithTimeout adds the timeout to the settings settings list params

func (*SettingsSettingsListParams) WriteToRequest ¶

func (o *SettingsSettingsListParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error

WriteToRequest writes these params to a swagger request

func (*SettingsSettingsListReader) ReadResponse ¶

func (o *SettingsSettingsListReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error)

ReadResponse reads a server response into the received o.

func (*SettingsSettingsLoggingTestCreateBody) MarshalBinary ¶

func (o *SettingsSettingsLoggingTestCreateBody) MarshalBinary() ([]byte, error)

MarshalBinary interface implementation

func (*SettingsSettingsLoggingTestCreateBody) UnmarshalBinary ¶

func (o *SettingsSettingsLoggingTestCreateBody) UnmarshalBinary(b []byte) error

UnmarshalBinary interface implementation

func (*SettingsSettingsLoggingTestCreateBody) Validate ¶

func (o *SettingsSettingsLoggingTestCreateBody) Validate(formats strfmt.Registry) error

Validate validates this settings settings logging test create body

func (*SettingsSettingsLoggingTestCreateConflict) Error ¶

func (o *SettingsSettingsLoggingTestCreateConflict) Error() string

func (*SettingsSettingsLoggingTestCreateCreated) Error ¶

func (o *SettingsSettingsLoggingTestCreateCreated) Error() string

func (*SettingsSettingsLoggingTestCreateForbidden) Error ¶

func (o *SettingsSettingsLoggingTestCreateForbidden) Error() string

func (*SettingsSettingsLoggingTestCreateParams) SetContext ¶

func (o *SettingsSettingsLoggingTestCreateParams) SetContext(ctx context.Context)

SetContext adds the context to the settings settings logging test create params

func (*SettingsSettingsLoggingTestCreateParams) SetData ¶

func (o *SettingsSettingsLoggingTestCreateParams) SetData(data SettingsSettingsLoggingTestCreateBody)

SetData adds the data to the settings settings logging test create params

func (*SettingsSettingsLoggingTestCreateParams) SetHTTPClient ¶

func (o *SettingsSettingsLoggingTestCreateParams) SetHTTPClient(client *http.Client)

SetHTTPClient adds the HTTPClient to the settings settings logging test create params

func (*SettingsSettingsLoggingTestCreateParams) SetTimeout ¶

func (o *SettingsSettingsLoggingTestCreateParams) SetTimeout(timeout time.Duration)

SetTimeout adds the timeout to the settings settings logging test create params

func (*SettingsSettingsLoggingTestCreateParams) WithContext ¶

func (o *SettingsSettingsLoggingTestCreateParams) WithContext(ctx context.Context) *SettingsSettingsLoggingTestCreateParams

WithContext adds the context to the settings settings logging test create params

func (*SettingsSettingsLoggingTestCreateParams) WithData ¶

func (o *SettingsSettingsLoggingTestCreateParams) WithData(data SettingsSettingsLoggingTestCreateBody) *SettingsSettingsLoggingTestCreateParams

WithData adds the data to the settings settings logging test create params

func (*SettingsSettingsLoggingTestCreateParams) WithHTTPClient ¶

func (o *SettingsSettingsLoggingTestCreateParams) WithHTTPClient(client *http.Client) *SettingsSettingsLoggingTestCreateParams

WithHTTPClient adds the HTTPClient to the settings settings logging test create params

func (*SettingsSettingsLoggingTestCreateParams) WithTimeout ¶

func (o *SettingsSettingsLoggingTestCreateParams) WithTimeout(timeout time.Duration) *SettingsSettingsLoggingTestCreateParams

WithTimeout adds the timeout to the settings settings logging test create params

func (*SettingsSettingsLoggingTestCreateParams) WriteToRequest ¶

func (o *SettingsSettingsLoggingTestCreateParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error

WriteToRequest writes these params to a swagger request

func (*SettingsSettingsLoggingTestCreateReader) ReadResponse ¶

func (o *SettingsSettingsLoggingTestCreateReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error)

ReadResponse reads a server response into the received o.

func (*SettingsSettingsPartialUpdateBadRequest) Error ¶

func (o *SettingsSettingsPartialUpdateBadRequest) Error() string

func (*SettingsSettingsPartialUpdateOK) Error ¶

func (o *SettingsSettingsPartialUpdateOK) Error() string

func (*SettingsSettingsPartialUpdateParams) SetCategorySlug ¶

func (o *SettingsSettingsPartialUpdateParams) SetCategorySlug(categorySlug string)

SetCategorySlug adds the categorySlug to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) SetContext ¶

func (o *SettingsSettingsPartialUpdateParams) SetContext(ctx context.Context)

SetContext adds the context to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) SetData ¶

func (o *SettingsSettingsPartialUpdateParams) SetData(data interface{})

SetData adds the data to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) SetHTTPClient ¶

func (o *SettingsSettingsPartialUpdateParams) SetHTTPClient(client *http.Client)

SetHTTPClient adds the HTTPClient to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) SetTimeout ¶

func (o *SettingsSettingsPartialUpdateParams) SetTimeout(timeout time.Duration)

SetTimeout adds the timeout to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) WithCategorySlug ¶

func (o *SettingsSettingsPartialUpdateParams) WithCategorySlug(categorySlug string) *SettingsSettingsPartialUpdateParams

WithCategorySlug adds the categorySlug to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) WithContext ¶

func (o *SettingsSettingsPartialUpdateParams) WithContext(ctx context.Context) *SettingsSettingsPartialUpdateParams

WithContext adds the context to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) WithData ¶

func (o *SettingsSettingsPartialUpdateParams) WithData(data interface{}) *SettingsSettingsPartialUpdateParams

WithData adds the data to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) WithHTTPClient ¶

func (o *SettingsSettingsPartialUpdateParams) WithHTTPClient(client *http.Client) *SettingsSettingsPartialUpdateParams

WithHTTPClient adds the HTTPClient to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) WithTimeout ¶

func (o *SettingsSettingsPartialUpdateParams) WithTimeout(timeout time.Duration) *SettingsSettingsPartialUpdateParams

WithTimeout adds the timeout to the settings settings partial update params

func (*SettingsSettingsPartialUpdateParams) WriteToRequest ¶

func (o *SettingsSettingsPartialUpdateParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error

WriteToRequest writes these params to a swagger request

func (*SettingsSettingsPartialUpdateReader) ReadResponse ¶

func (o *SettingsSettingsPartialUpdateReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error)

ReadResponse reads a server response into the received o.

func (*SettingsSettingsReadOK) Error ¶

func (o *SettingsSettingsReadOK) Error() string

func (*SettingsSettingsReadParams) SetCategorySlug ¶

func (o *SettingsSettingsReadParams) SetCategorySlug(categorySlug string)

SetCategorySlug adds the categorySlug to the settings settings read params

func (*SettingsSettingsReadParams) SetContext ¶

func (o *SettingsSettingsReadParams) SetContext(ctx context.Context)

SetContext adds the context to the settings settings read params

func (*SettingsSettingsReadParams) SetHTTPClient ¶

func (o *SettingsSettingsReadParams) SetHTTPClient(client *http.Client)

SetHTTPClient adds the HTTPClient to the settings settings read params

func (*SettingsSettingsReadParams) SetTimeout ¶

func (o *SettingsSettingsReadParams) SetTimeout(timeout time.Duration)

SetTimeout adds the timeout to the settings settings read params

func (*SettingsSettingsReadParams) WithCategorySlug ¶

func (o *SettingsSettingsReadParams) WithCategorySlug(categorySlug string) *SettingsSettingsReadParams

WithCategorySlug adds the categorySlug to the settings settings read params

func (*SettingsSettingsReadParams) WithContext ¶

func (o *SettingsSettingsReadParams) WithContext(ctx context.Context) *SettingsSettingsReadParams

WithContext adds the context to the settings settings read params

func (*SettingsSettingsReadParams) WithHTTPClient ¶

func (o *SettingsSettingsReadParams) WithHTTPClient(client *http.Client) *SettingsSettingsReadParams

WithHTTPClient adds the HTTPClient to the settings settings read params

func (*SettingsSettingsReadParams) WithTimeout ¶

func (o *SettingsSettingsReadParams) WithTimeout(timeout time.Duration) *SettingsSettingsReadParams

WithTimeout adds the timeout to the settings settings read params

func (*SettingsSettingsReadParams) WriteToRequest ¶

func (o *SettingsSettingsReadParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error

WriteToRequest writes these params to a swagger request

func (*SettingsSettingsReadReader) ReadResponse ¶

func (o *SettingsSettingsReadReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error)

ReadResponse reads a server response into the received o.

func (*SettingsSettingsUpdateBadRequest) Error ¶

func (o *SettingsSettingsUpdateBadRequest) Error() string

func (*SettingsSettingsUpdateOK) Error ¶

func (o *SettingsSettingsUpdateOK) Error() string

func (*SettingsSettingsUpdateParams) SetCategorySlug ¶

func (o *SettingsSettingsUpdateParams) SetCategorySlug(categorySlug string)

SetCategorySlug adds the categorySlug to the settings settings update params

func (*SettingsSettingsUpdateParams) SetContext ¶

func (o *SettingsSettingsUpdateParams) SetContext(ctx context.Context)

SetContext adds the context to the settings settings update params

func (*SettingsSettingsUpdateParams) SetData ¶

func (o *SettingsSettingsUpdateParams) SetData(data interface{})

SetData adds the data to the settings settings update params

func (*SettingsSettingsUpdateParams) SetHTTPClient ¶

func (o *SettingsSettingsUpdateParams) SetHTTPClient(client *http.Client)

SetHTTPClient adds the HTTPClient to the settings settings update params

func (*SettingsSettingsUpdateParams) SetTimeout ¶

func (o *SettingsSettingsUpdateParams) SetTimeout(timeout time.Duration)

SetTimeout adds the timeout to the settings settings update params

func (*SettingsSettingsUpdateParams) WithCategorySlug ¶

func (o *SettingsSettingsUpdateParams) WithCategorySlug(categorySlug string) *SettingsSettingsUpdateParams

WithCategorySlug adds the categorySlug to the settings settings update params

func (*SettingsSettingsUpdateParams) WithContext ¶

func (o *SettingsSettingsUpdateParams) WithContext(ctx context.Context) *SettingsSettingsUpdateParams

WithContext adds the context to the settings settings update params

func (*SettingsSettingsUpdateParams) WithData ¶

func (o *SettingsSettingsUpdateParams) WithData(data interface{}) *SettingsSettingsUpdateParams

WithData adds the data to the settings settings update params

func (*SettingsSettingsUpdateParams) WithHTTPClient ¶

func (o *SettingsSettingsUpdateParams) WithHTTPClient(client *http.Client) *SettingsSettingsUpdateParams

WithHTTPClient adds the HTTPClient to the settings settings update params

func (*SettingsSettingsUpdateParams) WithTimeout ¶

func (o *SettingsSettingsUpdateParams) WithTimeout(timeout time.Duration) *SettingsSettingsUpdateParams

WithTimeout adds the timeout to the settings settings update params

func (*SettingsSettingsUpdateParams) WriteToRequest ¶

func (o *SettingsSettingsUpdateParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error

WriteToRequest writes these params to a swagger request

func (*SettingsSettingsUpdateReader) ReadResponse ¶

func (o *SettingsSettingsUpdateReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error)

ReadResponse reads a server response into the received o.