ansible.builtin.group module – Add or remove groups
ansible.builtin.group module – Add or remove groups
https://docs.ansible.com/projects/ansible/latest/collections/ansible/builtin/group_module.html
This module is part of ansible-core and included in all Ansible installations. In most cases, you can use the short module name group even without specifying the collections keyword. However, we recommend you use the Fully Qualified Collection Name (FQCN) ansible.builtin.group for easy linking to the module documentation and to avoid conflicting with other collections that may have the same module name.
Synopsis
Requirements
Parameters
Attributes
See Also
Examples
Return Values
Synopsis Manage presence of groups on a host.
For Windows targets, use the ansible.windows.win_group module instead.
Requirements The below requirements are needed on the host that executes this module.
groupadd
groupdel
groupmod
Parameters Parameter
Comments
force boolean
added in ansible-core 2.15
Whether to delete a group even if it is the primary group of a user.
Only applicable on platforms which implement a –force flag on the group deletion command.
Choices:
false ← (default)
true
gid integer
Optional GID to set for the group.
gid_max integer
added in ansible-core 2.18
Sets the GID_MAX value for group creation.
Overwrites /etc/login.defs default value.
Currently supported on Linux. Does nothing when used with other platforms.
Requires local is omitted or False.
gid_min integer
added in ansible-core 2.18
Sets the GID_MIN value for group creation.
Overwrites /etc/login.defs default value.
Currently supported on Linux. Does nothing when used with other platforms.
Requires local is omitted or False.
local boolean
Forces the use of “local” command alternatives on platforms that implement it.
This is useful in environments that use centralised authentication when you want to manipulate the local groups. (for example, it uses lgroupadd instead of groupadd).
This requires that these commands exist on the targeted host, otherwise it will be a fatal error.
Choices:
false ← (default)
true
name string / required
Name of the group to manage.
non_unique boolean
added in Ansible 2.8
This option allows to change the group ID to a non-unique value. Requires gid.
Not supported on macOS or BusyBox distributions.
Choices:
false ← (default)
true
state string
Whether the group should be present or not on the remote host.
Choices:
“absent”
“present” ← (default)
system boolean
If yes, indicates that the group created is a system group.
Choices:
false ← (default)
true
Attributes Attribute
Support
Description
check_mode full
Can run in check_mode and return changed status prediction without modifying target, if not supported the action will be skipped.
diff_mode none
Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode
platform Platform: posix
Target OS/families that can be operated against
See Also See also
ansible.builtin.user Manage user accounts.
ansible.windows.win_group Add and remove local groups.
Examples
-
name: Ensure group “somegroup” exists ansible.builtin.group: name: somegroup state: present
-
name: Ensure group “docker” exists with correct gid ansible.builtin.group: name: docker state: present gid: 1750 Return Values Common return values are documented here, the following are the fields unique to this module:
Key
Description
gid integer
Group ID of the group.
Returned: When state is present
Sample: 1001
name string
Group name.
Returned: always
Sample: “users”
state string
Whether the group is present or not.
Returned: always
Sample: “absent”
system boolean
Whether the group is a system group or not.
Returned: When state is present
Sample: false
Authors Stephen Fromm (@sfromm)
Collection links Issue Tracker Repository (Sources) Communication © Copyright Ansible project contributors. Last updated on Dec 29, 2025.