Running Ansible task as a specific user
Solution 1:
You're misunderstanding both settings there:
remote_user is an Ansible setting that controls the SSH user Ansible is using to connect:
ssh ${REMOTE_USER}@remotehostsomeusername ALL=(ALL) NOPASSWD:ALL is a sudo configuration that allows the user
someusernameto execute all commands in any host without a password. It does not allow anyone to issue commands assomeusernamethough.
Ideally, you would login directly as the right user and that's what remote_user is all about. But usually you are only able to login as an administrative user (say, ubuntu) and have to sudo commands as another user (let's say scrapy). Then you should leave remote_user to the user that logs in and the add the following ansible properties to the job:
- name: log in as ubuntu and do something as scrapy
remote_user: ubuntu
sudo: true
sudo_user: scrapy
shell: do-something.sh
Solution 2:
Note that after Ansible 1.9, the sudo wording was replaced with become, thus
sudo: yes
sudo_user: some_user
becomes (pun intended):
become: yes
become_user: some_user
See more specifics here: https://stackoverflow.com/a/22749788/402727
Also write this before the actual module (e.g. command or shell) you want to execute for it to take effect. At least in my experience it didn't work correctly if I have written become and become_user after the shell module.
- name: Example user change
become: true
become_user: '{{ user }}'
shell: |
...