I dare you to find just one other article explaining how to expire a user account using Ansible. You didn’t and that’s why you’re here. An amazingly undocumented (well, there is doco but it’s rubbish) facility that’s more important than creating the user account in the first place.
Note that this will apply to password logins and key-based logins.
This is a mini-HowTo demonstrating how to disable or expire a user using Ansible. Put the following into a file called “playbook-expire-user.yml”.
--- - hosts: all sudo: yes tasks: - name: Expire an existing user user: name: myusername expires : 1486509032
The above would be executed using the following command. Make sure the file “hosts” is populated with a list (one IP or FQDN per line) of hosts to target with this Ansible run. My advice is to do one host first as a test and then do the others when you know it works.
ansible-playbook playbook-expire-user.yml -i hosts
Notice the “expires” line in the YAML file above. It’s the time the account should be expired from. It’s in Epoch time. To get the NOW time in this format, go to “http://www.epochconverter.com/”.