---
- name: "Configure pve for Terraform Provider"
  hosts: pve
  gather_facts: no
  remote_user: ansuser

  tasks:

    - name: create role pve for terraform
      command: "pveum role add {{ role }} -privs \"Datastore.AllocateSpace Datastore.Audit Pool.Allocate Sys.Audit Sys.Console Sys.Modify VM.Allocate VM.Audit VM.Clone VM.Config.CDROM VM.Config.Cloudinit VM.Config.CPU VM.Config.Disk VM.Config.HWType VM.Config.Memory VM.Config.Network VM.Config.Options VM.Monitor VM.PowerMgmt\""
      become: yes

    - name: create account pve for terraform 
      command: "pveum user add {{ account }} --password {{ passwd }}"
      become: yes

    - name: apply role to account
      command: "pveum aclmod / -user {{ account }} -role {{ role }}"
      become: yes