purestorage.flashblade.purefb_userpolicy – Manage FlashBlade Object Store User Access Policies

Note

This plugin is part of the purestorage.flashblade collection (version 1.6.0).

To install it use: ansible-galaxy collection install purestorage.flashblade.

To use it in a playbook, specify: purestorage.flashblade.purefb_userpolicy.

New in version 1.6.0: of purestorage.flashblade

Synopsis

  • Add or Remove FlashBlade Object Store Access Policies for Account User

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.7

  • purity_fb >= 1.9

  • netaddr

  • pytz

Parameters

Parameter Choices/Defaults Comments
account
string
Name of the Object Store Account associated with the user
api_token
string
FlashBlade API token for admin privileged user.
fb_url
string
FlashBlade management IP address or Hostname.
name
string
Name of the Object Store User
The user to have the policy request applied to
policy
list / elements=string
Policies to added or deleted from the Object Store User
Only valid policies can be used
use list to see available policies
state
string
    Choices:
  • absent
  • present ←
  • show
Define whether the Access Policy should be added or deleted
Option to list all available policies

Notes

Note

  • This module requires the purity_fb Python library

  • You must set PUREFB_URL and PUREFB_API environment variables if fb_url and api_token arguments are not passed to the module directly

Examples

- name: List existng ruser access policies for a specific user
  purefb_userpolicy:
    state: show
    account: foo
    name: bar
    fb_url: 10.10.10.2
    api_token: T-68618f31-0c9e-4e57-aa44-5306a2cf10e3
  register: policy_list

- name: List all available user access policies
  purefb_userpolicy:
    state: show
    fb_url: 10.10.10.2
    api_token: T-68618f31-0c9e-4e57-aa44-5306a2cf10e3
  register: policy_list

- name: Add user access policies to account user foo/bar
  purefb_userpolicy:
    name: bar
    account: foo
    policy:
      - pure:policy/bucket-create
      - pure:policy/bucket-delete
    fb_url: 10.10.10.2
    api_token: T-68618f31-0c9e-4e57-aa44-5306a2cf10e3

- name: Delete user access policies to account user foo/bar
  purefb_userpolicy:
    name: bar
    account: foo
    policy:
      - pure:policy/bucket-create
      - pure:policy/bucket-delete
    state: absent
    fb_url: 10.10.10.2
    api_token: T-68618f31-0c9e-4e57-aa44-5306a2cf10e3

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
policy_list
list / elements=string
always
Returns the list of access policies for a user
If no user specified returns all available access policies

Sample:
['pure:policy/object-list', 'pure:policy/bucket-list', 'pure:policy/object-read', 'pure:policy/bucket-delete', 'pure:policy/full-access']


Authors