Try SpotterManage Oracle privileges (system privileges, role privileges and object privileges)
| "added in version" 0.8.0 of ari_stark.ansible_oracle_modules"
Authors: Mikael Sandström (@oravirt), Ari Stark (@ari-stark)
Install with ansible-galaxy collection install ari_stark.ansible_oracle_modules:==1.2.1
collections:
- name: ari_stark.ansible_oracle_modules
version: 1.2.1This module manage Oracle privileges.
It can deal with system privileges, role privileges and object privileges (procedure, function, package, package body and directory).
It has 3 possible states: I(present), I(absent) and I(identical). States I(present) and I(absent) ensure privileges are present or absent. State I(identical) replace privileges with the ones in parameter.
- name: Set privileges to a user (removing existent privileges not in the list)
oracle_grant:
service_name: "xepdb1"
username: "sys"
password: "password"
mode: "sysdba"
grantee: "foo"
privileges:
- "create session"
- "create table"
objects_privileges:
dbms_random:
- "execute"
my_directory:
- "read"
- "write"
- "execute"
- name: Append a privilege
oracle_grant:
service_name: "xepdb1"
username: "sys"
password: "password"
mode: "sysdba"
grantee: "foo"
privileges: "create table"
state: "present"
- name: Remove a privilege
oracle_grant:
service_name: "xepdb1"
username: "sys"
password: "password"
mode: "sysdba"
grantee: "foo"
privileges: "create table"
state: "absent"
mode:
choices:
- normal
- sysdba
default: normal
description:
- This option is the database administration privileges.
type: str
port:
default: 1521
description:
- Specify the listening port on the database server.
type: int
state:
choices:
- present
- absent
- identical
default: identical
description:
- Specify the state of the privileges.
- If I(present), the privileges will be added if needed.
- If I(absent), the privileges will be removed if neeed.
- If I(identical), the privileges in options will replace the existent privileges.
type: str
grantee:
aliases:
- schema
- role
description:
- The schema or role that should be changed.
required: true
type: str
hostname:
default: localhost
description:
- Specify the host name or IP address of the database server computer.
type: str
password:
description:
- Set the password to use to connect the database server.
- Must not be set if using Oracle wallet.
type: str
username:
description:
- Set the login to use to connect the database server.
- Must not be set if using Oracle wallet.
type: str
privileges:
aliases:
- system_privileges
- role_privileges
default: []
description:
- A list containing the system and role privileges.
elements: str
type: list
oracle_home:
description:
- Define the directory into which all Oracle software is installed.
- Define ORACLE_HOME environment variable if set.
type: str
service_name:
description:
- Specify the service name of the database you want to access.
required: true
type: str
objects_privileges:
aliases:
- obj_privs
default: {}
description:
- A dictionary containing the objects privileges.
- The key of the dictionary is the name of the object in the format I(owner.object_name).
- The value of the dictionary is a list of privileges.
- Object name and privileges are changed to upper case.
- If owner of the object is not specified, the I(username) use to connect will be
used as the default owner.
- Examples of format can be found below.
type: dict
ddls: description: Ordered list of DDL requests executed during module execution. elements: str returned: always type: list