| Parameter |
Choices/Defaults |
Comments |
|
arguments
raw
|
|
Any arguments the installer needs to either install or uninstall the package.
If the package is an MSI do not supply the /qn, /log or /norestart arguments.
This is only used for the msi, msp, and registry providers.
Can be a list of arguments and the module will escape the arguments as necessary, it is recommended to use a string when dealing with MSI packages due to the unique escaping issues with msiexec.
When using a list of arguments each item in the list is considered to be a single argument. As such, if an argument in the list contains a space then Ansible will quote this to ensure that this is seen by Windows as a single argument. Should this behaviour not be what is required, the argument should be split into two separate list items. See the examples section for more detail.
|
|
chdir
path
|
|
Set the specified path as the current working directory before installing or uninstalling a package.
This is only used for the msi, msp, and registry providers.
|
|
client_cert
string
|
|
The path to the client certificate (.pfx) that is used for X509 authentication. This path can either be the path to the pfx on the filesystem or the PowerShell certificate path Cert:\CurrentUser\My\<thumbprint>.
The WinRM connection must be authenticated with CredSSP or become is used on the task if the certificate file is not password protected.
Other authentication types can set client_cert_password when the cert is password protected.
|
|
client_cert_password
string
|
|
The password for client_cert if the cert is password protected.
|
|
creates_path
path
|
|
Will check the existence of the path specified and use the result to determine whether the package is already installed.
You can use this in conjunction with product_id and other creates_*.
|
|
creates_service
string
|
|
Will check the existing of the service specified and use the result to determine whether the package is already installed.
You can use this in conjunction with product_id and other creates_*.
|
|
creates_version
string
|
|
Will check the file version property of the file at creates_path and use the result to determine whether the package is already installed.
creates_path MUST be set and is a file.
You can use this in conjunction with product_id and other creates_*.
|
|
expected_return_code
list
/ elements=integer
|
Default:
[0, 3010]
|
One or more return codes from the package installation that indicates success.
The return codes are read as a signed integer, any values greater than 2147483647 need to be represented as the signed equivalent, i.e. 4294967295 is -1.
To convert a unsigned number to the signed equivalent you can run "[Int32]("0x{0:X}" -f ([UInt32]3221225477))".
A return code of 3010 usually means that a reboot is required, the reboot_required return value is set if the return code is 3010.
This is only used for the msi, msp, and registry providers.
|
|
follow_redirects
string
|
|
Whether or the module should follow redirects.
all will follow all redirect.
none will not follow any redirect.
safe will follow only "safe" redirects, where "safe" means that the client is only doing a GET or HEAD on the URI to which it is being redirected.
When following a redirected URL, the Authorization header and any credentials set will be dropped and not redirected.
|
|
force_basic_auth
boolean
|
|
By default the authentication header is only sent when a webservice responses to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins will fail.
This option forces the sending of the Basic authentication header upon the original request.
|
|
headers
dictionary
|
|
Extra headers to set on the request.
This should be a dictionary where the key is the header name and the value is the value for that header.
|
|
http_agent
string
|
Default:
"ansible-httpget"
|
Header to identify as, generally appears in web server logs.
This is set to the User-Agent header on a HTTP request.
|
|
log_path
path
|
|
Specifies the path to a log file that is persisted after a package is installed or uninstalled.
This is only used for the msi or msp provider.
When omitted, a temporary log file is used instead for those providers.
This is only valid for MSI files, use arguments for the registry provider.
|
|
maximum_redirection
integer
|
Default:
50
|
Specify how many times the module will redirect a connection to an alternative URI before the connection fails.
If set to 0 or follow_redirects is set to none, or safe when not doing a GET or HEAD it prevents all redirection.
|
|
password
string
|
|
The password for user_name, must be set when user_name is.
This option is deprecated in favour of using become, see examples for more information. Will be removed on the major release after 2022-07-01.
aliases: user_password
|
|
path
string
|
|
Location of the package to be installed or uninstalled.
This package can either be on the local file system, network share or a url.
When state=present, product_id is not set and the path is a URL, this file will always be downloaded to a temporary directory for idempotency checks, otherwise the file will only be downloaded if the package has not been installed based on the product_id checks.
If state=present then this value MUST be set.
If state=absent then this value does not need to be set if product_id is.
|
|
product_id
string
|
|
The product id of the installed packaged.
This is used for checking whether the product is already installed and getting the uninstall information if state=absent.
For msi packages, this is the ProductCode (GUID) of the package. This can be found under the same registry paths as the registry provider.
For msp packages, this is the PatchCode (GUID) of the package which can found under the Details -> Revision number of the file's properties.
For msix packages, this is the Name or PackageFullName of the package found under the Get-AppxPackage cmdlet.
For registry (exe) packages, this is the registry key name under the registry paths specified in provider.
This value is ignored if path is set to a local accesible file path and the package is not an exe.
This SHOULD be set when the package is an exe, or the path is a url or a network share and credential delegation is not being used. The creates_* options can be used instead but is not recommended.
The alias productid is deprecated and will be removed on the major release after 2022-07-01.
aliases: productid
|
|
provider
string
|
Choices:
auto ← - msi
- msix
- msp
- registry
|
Set the package provider to use when searching for a package.
The auto provider will select the proper provider if path otherwise it scans all the other providers based on the product_id.
The msi provider scans for MSI packages installed on a machine wide and current user context based on the ProductCode of the MSI.
The msix provider is used to install .appx, .msix, .appxbundle, or .msixbundle packages. These packages are only installed or removed on the current use. The host must be set to allow sideloaded apps or in developer mode. See the examples for how to enable this. If a package is already installed but path points to an updated package, this will be installed over the top of the existing one.
The msp provider scans for all MSP patches installed on a machine wide and current user context based on the PatchCode of the MSP. A msp will be applied or removed on all msi products that it applies to and is installed. If the patch is obsoleted or superseded then no action will be taken.
The registry provider is used for traditional exe installers and uses the following registry path to determine if a product was installed; HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall, HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall, HKCU:\Software\Microsoft\Windows\CurrentVersion\Uninstall, and HKCU:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall.
|
|
proxy_password
string
|
|
The password for proxy_username.
|
|
proxy_url
string
|
|
An explicit proxy to use for the request.
By default, the request will use the IE defined proxy unless use_proxy is set to no.
|
|
proxy_use_default_credential
boolean
|
|
Uses the current user's credentials when authenticating with a proxy host protected with NTLM, Kerberos, or Negotiate authentication.
Proxies that use Basic auth will still require explicit credentials through the proxy_username and proxy_password options.
The module will only have access to the user's credentials if using become with a password, you are connecting with SSH using a password, or connecting with WinRM using CredSSP or Kerberos with delegation.
If not using become or a different auth method to the ones stated above, there will be no default credentials available and no proxy authentication will occur.
|
|
proxy_username
string
|
|
The username to use for proxy authentication.
|
|
state
string
|
Choices:
- absent
present ←
|
Whether to install or uninstall the package.
The module uses product_id to determine whether the package is installed or not.
For all providers but auto, the path can be used for idempotency checks if it is locally accesible filesystem path.
The alias ensure is deprecated and will be removed on the major release after 2022-07-01.
aliases: ensure
|
|
url_method
string
|
|
The HTTP Method of the request.
|
|
url_password
string
|
|
The password for url_username.
|
|
url_timeout
integer
|
Default:
30
|
Specifies how long the request can be pending before it times out (in seconds).
Set to 0 to specify an infinite timeout.
|
|
url_username
string
|
|
The username to use for authentication.
|
|
use_default_credential
boolean
|
|
Uses the current user's credentials when authenticating with a server protected with NTLM, Kerberos, or Negotiate authentication.
Sites that use Basic auth will still require explicit credentials through the url_username and url_password options.
The module will only have access to the user's credentials if using become with a password, you are connecting with SSH using a password, or connecting with WinRM using CredSSP or Kerberos with delegation.
If not using become or a different auth method to the ones stated above, there will be no default credentials available and no authentication will occur.
|
|
use_proxy
boolean
|
|
If no, it will not use the proxy defined in IE for the current user.
|
|
username
string
|
|
Username of an account with access to the package if it is located on a file share.
This is only needed if the WinRM transport is over an auth method that does not support credential delegation like Basic or NTLM or become is not used.
This option is deprecated in favour of using become, see examples for more information. Will be removed on the major release after 2022-07-01.
aliases: user_name
|
|
validate_certs
boolean
|
|
If no, SSL certificates will not be validated.
This should only be used on personally controlled sites using self-signed certificates.
|
|
wait_for_children
boolean
added in 1.3.0
|
|
The module will wait for the process it spawns to finish but any processes spawned in that child process as ignored.
Set to yes to wait for all descendent processes to finish before the module returns.
This is useful if the install/uninstaller is just a wrapper which then calls the actual installer as its own child process. When this option is yes then the module will wait for both processes to finish before returning.
This should not be required for most installers and setting to yes could result in the module not returning until the process it is waiting for has been stopped manually.
Requires Windows Server 2012 or Windows 8 or newer to use.
|