You are reading an unmaintained version of the Ansible documentation. Unmaintained Ansible versions can contain unfixed security vulnerabilities (CVE). Please upgrade to a maintained version. See the latest Ansible documentation.

purestorage.fusion.fusion_ra module – Manage role assignments in Pure Storage Fusion

Note

This module is part of the purestorage.fusion collection (version 1.6.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install purestorage.fusion. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: purestorage.fusion.fusion_ra.

New in purestorage.fusion 1.0.0

Synopsis

• Create or delete a storage class in Pure Storage Fusion.

Requirements

The below requirements are needed on the host that executes this module.

• python >= 3.8

• purefusion

Parameters

Parameter	Comments
access_token string	Access token for Fusion Service Defaults to the set environment variable under FUSION_ACCESS_TOKEN
api_client_key string	The issuer ID of the API client to assign the role to.
issuer_id aliases: app_id string	Application ID from Pure1 Registration page eg. pure1:apikey:dssf2331sd Defaults to the set environment variable under FUSION_ISSUER_ID
principal string	The unique ID of the principal (User or API Client) to assign to the role.
private_key_file aliases: key_file string	Path to the private key file Defaults to the set environment variable under FUSION_PRIVATE_KEY_FILE.
private_key_password string	Password of the encrypted private key file
role string / required	The name of the role to be assigned/unassigned.
scope string	The level to which the role is assigned. Choices: "organization" ← (default) "tenant" "tenant_space"
state string	Define whether the role assingment should exist or not. Choices: "absent" "present" ← (default)
tenant string	The name of the tenant the user has the role applied to. Must be provided if scope is set to either tenant or tenant_space.
tenant_space string	The name of the tenant_space the user has the role applied to. Must be provided if scope is set to tenant_space.
user string	The username to assign the role to. Currently this only supports the Pure1 App ID. This should be provide in the same format as issuer_id.

Notes

Note

• Supports check mode.

• This module requires the purefusion Python library

• You must set FUSION_ISSUER_ID and FUSION_PRIVATE_KEY_FILE environment variables if issuer_id and private_key_file arguments are not passed to the module directly

• If you want to use access token for authentication, you must use FUSION_ACCESS_TOKEN environment variable if access_token argument is not passed to the module directly

Examples

- name: Assign role foo to user in tenant bar
  purestorage.fusion.fusion_ra:
    name: foo
    user: key_name
    tenant: bar
    issuer_id: key_name
    private_key_file: "az-admin-private-key.pem"

- name: Delete role foo from user in tenant bar
  purestorage.fusion.fusion_ra:
    name: foo
    user: key_name
    tenant: bar
    state: absent
    issuer_id: key_name
    private_key_file: "az-admin-private-key.pem"

Authors

• Pure Storage Ansible Team (@sdodsley)

Collection links

• Issue Tracker
• Repository (Sources)