purestorage.fusion.fusion_ra module – Manage role assignments in Pure Storage Fusion
Note
This module is part of the purestorage.fusion collection (version 1.5.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install purestorage.fusion
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: purestorage.fusion.fusion_ra
.
New in purestorage.fusion 1.0.0
Synopsis
Create or delete a storage class in Pure Storage Fusion.
Requirements
The below requirements are needed on the host that executes this module.
python >= 3.8
purefusion
Parameters
Parameter |
Comments |
---|---|
Access token for Fusion Service Defaults to the set environment variable under FUSION_ACCESS_TOKEN |
|
The key of API client to assign the role to. |
|
Application ID from Pure1 Registration page eg. pure1:apikey:dssf2331sd Defaults to the set environment variable under FUSION_ISSUER_ID |
|
The unique ID of the principal (User or API Client) to assign to the role. |
|
Path to the private key file Defaults to the set environment variable under FUSION_PRIVATE_KEY_FILE. |
|
Password of the encrypted private key file |
|
The name of the role to be assigned/unassigned. |
|
The level to which the role is assigned. Choices:
|
|
Define whether the role assingment should exist or not. Choices:
|
|
The name of the tenant the user has the role applied to. Must be provided if scope is set to either |
|
The name of the tenant_space the user has the role applied to. Must be provided if scope is set to |
|
The username to assign the role to. Currently this only supports the Pure1 App ID. This should be provide in the same format as issuer_id. |
Notes
Note
Supports
check mode
.This module requires the purefusion Python library
You must set
FUSION_ISSUER_ID
andFUSION_PRIVATE_KEY_FILE
environment variables if issuer_id and private_key_file arguments are not passed to the module directlyIf you want to use access token for authentication, you must use
FUSION_ACCESS_TOKEN
environment variable if access_token argument is not passed to the module directly
Examples
- name: Assign role foo to user in tenant bar
purestorage.fusion.fusion_ra:
name: foo
user: key_name
tenant: bar
issuer_id: key_name
private_key_file: "az-admin-private-key.pem"
- name: Delete role foo from user in tenant bar
purestorage.fusion.fusion_ra:
name: foo
user: key_name
tenant: bar
state: absent
issuer_id: key_name
private_key_file: "az-admin-private-key.pem"