Run Ansible tasks as different remote user

Had a somewhat curious situation: need to run a task in Ansible in different user accounts, but I don’t have sudo or su access, only ssh access for every account. Took me a moment to figure out how to do that.

In Ansible one can use the $remote_user variable which specifies the account used on the remote system. Usually this is used on a Play(book) level:

1
2
3
4

- hosts: some.host.tld
  gather_facts: True
  become: no
  remote_user: "someremoteuser"

Then the entire Play will use someremoteuser as login. So far, so good. But I need to change remote_user for single tasks. That is possible as well:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

- name: Try user 1
  command:
    cmd: "id"
  remote_user: "user1"
  register: whoami_1

- name: Debug user 1
  debug:
    msg: "{{ whoami_1 }}"

- name: Try user 2
  command:
    cmd: "id"
  remote_user: "user2"
  register: whoami_2

- name: Debug user 2
  debug:
    msg: "{{ whoami_2 }}"

The task Try user 1 will login as user user1, and Try user 2 will open a new connection and login as user2.

This can even be used in a loop:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

  vars:
    run_users:
      - "user1"
      - "user2"

- name: Try user
  command:
    cmd: "whoami"
  remote_user: "{{ item }}"
  register: whoami
  loop: "{{ run_users }}"

Every whoami command will be executed as a different login user.

Excuse me while I rewrite my Playbook.