purestorage.flashblade.purefb_userpolicy – Manage FlashBlade Object Store User Access Policies
Note
This plugin is part of the purestorage.flashblade collection (version 1.7.0).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install purestorage.flashblade.
To use it in a playbook, specify: purestorage.flashblade.purefb_userpolicy.
New in version 1.6.0: of purestorage.flashblade
Synopsis
- Add or Remove FlashBlade Object Store Access Policies for Account User
Requirements
The below requirements are needed on the host that executes this module.
- python >= 2.7
- purity_fb >= 1.9
- netaddr
- pytz
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| account
string
|
Name of the Object Store Account associated with the user
|
|
| api_token
string
|
FlashBlade API token for admin privileged user.
|
|
| fb_url
string
|
FlashBlade management IP address or Hostname.
|
|
| name
string
|
Name of the Object Store User
The user to have the policy request applied to
|
|
| policy
list / elements=string
|
Policies to added or deleted from the Object Store User
Only valid policies can be used
use list to see available policies
|
|
| state
string
|
|
Define whether the Access Policy should be added or deleted
Option to list all available policies
|
Notes
Note
- This module requires the
purity_fbPython library - You must set
PUREFB_URLandPUREFB_APIenvironment variables if fb_url and api_token arguments are not passed to the module directly
Examples
- name: List existng ruser access policies for a specific user
purefb_userpolicy:
state: show
account: foo
name: bar
fb_url: 10.10.10.2
api_token: T-68618f31-0c9e-4e57-aa44-5306a2cf10e3
register: policy_list
- name: List all available user access policies
purefb_userpolicy:
state: show
fb_url: 10.10.10.2
api_token: T-68618f31-0c9e-4e57-aa44-5306a2cf10e3
register: policy_list
- name: Add user access policies to account user foo/bar
purefb_userpolicy:
name: bar
account: foo
policy:
- pure:policy/bucket-create
- pure:policy/bucket-delete
fb_url: 10.10.10.2
api_token: T-68618f31-0c9e-4e57-aa44-5306a2cf10e3
- name: Delete user access policies to account user foo/bar
purefb_userpolicy:
name: bar
account: foo
policy:
- pure:policy/bucket-create
- pure:policy/bucket-delete
state: absent
fb_url: 10.10.10.2
api_token: T-68618f31-0c9e-4e57-aa44-5306a2cf10e3
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| policy_list
list / elements=string
|
always |
Returns the list of access policies for a user
If no user specified returns all available access policies
Sample:
['pure:policy/object-list', 'pure:policy/bucket-list', 'pure:policy/object-read', 'pure:policy/bucket-delete', 'pure:policy/full-access']
|
Authors
- Pure Storage Ansible Team (@sdodsley) <pure-ansible-team@purestorage.com>
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/purestorage/flashblade/purefb_userpolicy_module.html