1 minute read


We want to allow users to create they own collection under company namespace, but not sharing with the rest of the Hub users


  1. Create a Automation Hub group, but not adding any role to it.
  2. Assign the user to the group. For example, hub_user2 is in hub_group2 User and group
  3. Create a private Automation Hub repository. Make sure Create Distribution check box is selected. Set Pipeline to None, otherwise the approval process will publish to the public published repo. Private repo
  4. Go to Access tab of the created repository, select the group created above Access group
  5. Select galaxy.ansible_repository_owner role on the next step, and then click Add to complete Access role
  6. We can add exisiting collection under the Collection versions tab, but we will push a new collection via command line. Copy the info from the pop-up window by clicking Copy CLI configuration button on top right. Update the ansible.cfg file with this new repo info.

     server_list = developer_repo
  7. Create the namesapce automate_nyc for our collection.
  8. Under the Access tab of the created namespace, select the created group from above Namespace group
  9. Select both galaxy.collection_namespace_owner and galaxy.collection_publisher to give the group full access to the repository content Namespace role
  10. With the updated ansible.cfg pointing to developer_repo, push the collection using ansible-galaxy
    ansible-galaxy collection publish automate_nyc-test-1.0.5.tar.gz
  11. Verify the collection under the repository Collection
  12. But we won’t be able to see it under automate_nyc namespace because the Hide from search option of the repository Namespace
  13. Other Hub users won’t be able to see the repository or collection neither.
  14. To use the collection in AAP, we will need to add a Ansible Galaxy/Automation Hub API Token specificly for this repository, similar to what we added to ansible.cfg, and assign to the organization

Leave a comment