You are reading an unmaintained version of the Ansible documentation. Unmaintained Ansible versions can contain unfixed security vulnerabilities (CVE). Please upgrade to a maintained version. See the latest Ansible documentation.

purestorage.flashblade.purefb_keytabs module – Manage FlashBlade Kerberos Keytabs

Note

This module is part of the purestorage.flashblade collection (version 1.14.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install purestorage.flashblade. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: purestorage.flashblade.purefb_keytabs.

New in purestorage.flashblade 1.6.0

Synopsis

• Manage Kerberos Keytabs for FlashBlades

Requirements

The below requirements are needed on the host that executes this module.

• python >= 2.7

• purity_fb >= 1.9

• netaddr

• pytz

Parameters

Parameter	Comments
api_token string	FlashBlade API token for admin privileged user.
fb_url string	FlashBlade management IP address or Hostname.
filetype string	Format of the keytab file Choices: "binary" "base64"
keytab_file string	Name of file holding Keytab
name string	Name of the Keytab Must include prefix and suffix
prefix string	Only required for import or rotate Prefix to use for naming the files slots Specifying a file entry prefix is required because a single keytab file can contain multiple keytab entries in multiple slots. If not provided for import the current AD Account name will be used.
state string	Manage Kerberos Keytabs Choices: "absent" "import" ← (default) "export" "rotate"

Notes

Note

• This module requires the purity_fb Python library

• You must set PUREFB_URL and PUREFB_API environment variables if fb_url and api_token arguments are not passed to the module directly

Examples

- name: Import a binary keytab
  purestorage.flashblade.purefb_keytabs:
    state: import
    prefix: example
    keytab_file: pure_krb.keytab
    filetype: binary
    fb_url: 10.10.10.2
    api_token: T-9f276a18-50ab-446e-8a0c-666a3529a1b6

- name: Import a base64 keytab
  purestorage.flashblade.purefb_keytabs:
    state: import
    prefix: example
    keytab_file: pure_krb.keytab.mime
    filetype: base64
    fb_url: 10.10.10.2
    api_token: T-9f276a18-50ab-446e-8a0c-666a3529a1b6

- name: Export a keytab
  purestorage.flashblade.purefb_keytabs:
    state: export
    name: example.3
    fb_url: 10.10.10.2
    api_token: T-9f276a18-50ab-446e-8a0c-666a3529a1b6
  register: download_file

- name: Delete a keytab
  purestorage.flashblade.purefb_keytabs:
    state: absent
    name: example.3
    fb_url: 10.10.10.2
    api_token: T-9f276a18-50ab-446e-8a0c-666a3529a1b6

- name: Rotate current AD account keytabs
  purestorage.flashblade.purefb_keytabs:
    state: rotate
    fb_url: 10.10.10.2

- name: Rotate AD account keytabs by creating new series
  purestorage.flashblade.purefb_keytabs:
    state: rotate
    name: next_prefix
    fb_url: 10.10.10.2
    api_token: T-9f276a18-50ab-446e-8a0c-666a3529a1b6

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
download_file string	Name of file containing exported keytab Returned: When using export option Sample: "/tmp/pure_krb8939478070214877726.keytab"

Authors

• Pure Storage Ansible Team (@sdodsley)

Collection links

• Issue Tracker
• Repository (Sources)