dellemc / dellemc.powerscale / 1.4.0 / module / dellemc_powerscale_accesszone Manages access zones on PowerScale | "added in version" 1.2.0 of dellemc.powerscale" Authors: Akash Shendge (@shenda1) <ansible.team@dell.com> preview | supported by communitydellemc.powerscale.dellemc_powerscale_accesszone (1.4.0) — module
Install with ansible-galaxy collection install dellemc.powerscale:==1.4.0
collections: - name: dellemc.powerscale version: 1.4.0
Managing access zones on the PowerScale storage system includes getting details of the access zone and modifying the smb and nfs settings.
- name: Get details of access zone including smb and nfs settings dellemc_powerscale_accesszone: onefs_host: "{{onefs_host}}" api_user: "{{api_user}}" api_password: "{{api_password}}" verify_ssl: "{{verify_ssl}}" az_name: "{{access zone}}" state: "present"
- name: Modify smb settings of access zone dellemc_powerscale_accesszone: onefs_host: "{{onefs_host}}" api_user: "{{api_user}}" api_password: "{{api_password}}" verify_ssl: "{{verify_ssl}}" az_name: "{{access zone}}" state: "present" smb: create_permissions: 'default acl' directory_create_mask: '777' directory_create_mode: '700' file_create_mask: '700' file_create_mode: '100' access_based_enumeration: true access_based_enumeration_root_only: false ntfs_acl_support: true oplocks: true
- name: Modify nfs settings of access zone dellemc_powerscale_accesszone: onefs_host: "{{onefs_host}}" api_user: "{{api_user}}" api_password: "{{api_password}}" verify_ssl: "{{verify_ssl}}" az_name: "{{access zone}}" state: "present" nfs: commit_asynchronous: false nfsv4_allow_numeric_ids: false nfsv4_domain: 'localhost' nfsv4_no_domain: false nfsv4_no_domain_uids: false nfsv4_no_names: false
- name: Modify smb and nfs settings of access zone dellemc_powerscale_accesszone: onefs_host: "{{onefs_host}}" api_user: "{{api_user}}" api_password: "{{api_password}}" verify_ssl: "{{verify_ssl}}" az_name: "{{access zone}}" state: "present" smb: create_permissions: 'default acl' directory_create_mask: '777' directory_create_mode: '700' file_create_mask: '700' file_create_mode: '100' access_based_enumeration: true access_based_enumeration_root_only: false ntfs_acl_support: true oplocks: true nfs: commit_asynchronous: false nfsv4_allow_numeric_ids: false nfsv4_domain: 'localhost' nfsv4_no_domain: false nfsv4_no_domain_uids: false nfsv4_no_names: false
- name: Add Auth Providers to the access zone dellemc_powerscale_accesszone: onefs_host: "{{onefs_host}}" api_user: "{{api_user}}" api_password: "{{api_password}}" verify_ssl: "{{verify_ssl}}" az_name: "{{access zone}}" provider_state: "add" auth_providers: - provider_name: "System" provider_type: "file" - provider_name: "ldap-prashant" provider_type: "ldap" state: "present"
- name: Remove Auth Providers from the access zone dellemc_powerscale_accesszone: onefs_host: "{{onefs_host}}" api_user: "{{api_user}}" api_password: "{{api_password}}" verify_ssl: "{{verify_ssl}}" az_name: "{{access zone}}" provider_state: "remove" auth_providers: - provider_name: "System" provider_type: "file" state: "present"
- name: Create New Access Zone dellemc_powerscale_accesszone: onefs_host: "{{onefs_host}}" api_user: "{{api_user}}" api_password: "{{api_password}}" verify_ssl: "{{verify_ssl}}" az_name: "{{access zone}}" path: "/ifs/test_dir" groupnet: "groupnet1" create_path: True provider_state: "add" auth_providers: - provider_name: "System" provider_type: "file" state: "present"
nfs: description: - Specifies the default NFS setting parameters of access zone. suboptions: commit_asynchronous: description: - Set to True if NFS commit requests execute asynchronously. type: bool nfsv4_allow_numeric_ids: description: - If true, sends owners and groups as UIDs and GIDs when look up fails or if the 'nfsv4_no_name' property is set to 1. type: bool nfsv4_domain: description: - Specifies the domain or realm through which users and groups are associated. type: str nfsv4_no_domain: description: - If true, sends owners and groups without a domain name. type: bool nfsv4_no_domain_uids: description: - If true, sends UIDs and GIDs without a domain name. type: bool nfsv4_no_names: description: - If true, sends owners and groups as UIDs and GIDs. type: bool type: dict smb: description: - Specifies the default SMB setting parameters of access zone. suboptions: access_based_enumeration: description: - Allows access based enumeration only on the files and folders that the requesting user can access. type: bool access_based_enumeration_root_only: description: - Access-based enumeration on only the root directory of the share. type: bool create_permissions: choices: - default acl - Inherit mode bits - Use create mask and mode default: default acl description: - Sets the default source permissions to apply when a file or directory is created. type: str directory_create_mask: description: - Specifies the UNIX mask bits (octal) that are removed when a directory is created, restricting permissions. - Mask bits are applied before mode bits are applied. type: str directory_create_mode: description: - Specifies the UNIX mode bits (octal) that are added when a directory is created, enabling permissions. type: str file_create_mask: description: - Specifies the UNIX mask bits (octal) that are removed when a file is created, restricting permissions. type: str file_create_mode: description: - Specifies the UNIX mode bits (octal) that are added when a file is created, enabling permissions. type: str ntfs_acl_support: description: - Allows ACLs to be stored and edited from SMB clients. type: bool oplocks: description: - An oplock allows clients to provide performance improvements by using locally-cached information. type: bool type: dict path: description: - Specifies the access zone base directory path. type: str state: choices: - present - absent description: - Defines whether the access zone should exist or not. - present - indicates that the access zone should exist on the system. - absent - indicates that the access zone should not exist on the system. required: true type: str az_name: description: - The name of the access zone. required: true type: str port_no: default: '8080' description: - Port number of the PowerScale cluster.It defaults to 8080 if not specified. required: false type: str api_user: description: - username of the PowerScale cluster. required: true type: str groupnet: default: groupnet0 description: - Name of the groupnet for create access zone type: str onefs_host: description: - IP address or FQDN of the PowerScale cluster. required: true type: str verify_ssl: choices: - true - false description: - boolean variable to specify whether to validate SSL certificate or not. - True - indicates that the SSL certificate should be verified. - False - indicates that the SSL certificate should not be verified. required: true type: bool create_path: description: - Determines if a path is created when a path does not exist. type: bool api_password: description: - the password of the PowerScale cluster. required: true type: str auth_providers: description: - Specifies the auth providers which need to be added or removed from access zone. - If auth_providers are given, then provider_state should also be specified. elements: dict suboptions: provider_name: description: - Specifies the auth provider name which needs to be added or removed from access zone. required: true type: str provider_type: choices: - local - file - ldap - ads description: - Specifies the auth provider type which needs to be added or removed from access zone. required: true type: str type: list provider_state: choices: - add - remove description: - Defines whether the auth providers should be added or removed from access zone. - If auth_providers are given, then provider_state should also be specified. - add - indicates that the auth providers should be added to the access zone. - remove - indicates that auth providers should be removed from the access zone. required: false type: str
access_zone_details: contains: nfs_settings: contains: export_settings: contains: commit_asynchronous: description: Set to True if NFS commit requests execute asynchronously type: bool description: Default values for NFS exports type: complex zone_settings: contains: nfsv4_allow_numeric_ids: description: If true, sends owners and groups as UIDs and GIDs when look up fails or if the 'nfsv4_no_name' property is set to 1 type: bool nfsv4_domain: description: Specifies the domain or realm through which users and groups are associated type: str nfsv4_no_domain: description: If true, sends owners and groups without a domain name type: bool nfsv4_no_domain_uids: description: If true, sends UIDs and GIDs without a domain name type: bool nfsv4_no_names: description: If true, sends owners and groups as UIDs and GIDs type: bool description: NFS server settings for this zone type: complex description: NFS settings of access zone type: complex smb_settings: contains: directory_create_mask(octal): description: UNIX mask bits for directory in octal format type: str directory_create_mode(octal): description: UNIX mode bits for directory in octal format type: str file_create_mask(octal): description: UNIX mask bits for file in octal format type: str file_create_mode(octal): description: UNIX mode bits for file in octal format type: str description: SMB settings of access zone type: complex description: The access zone details returned: When access zone exists type: complex access_zone_modify_flag: description: Whether auth providers linked to access zone has changed returned: on success type: bool changed: description: Whether or not the resource has changed returned: always type: bool nfs_modify_flag: description: Whether or not the default NFS settings of access zone has changed returned: on success type: bool smb_modify_flag: description: Whether or not the default SMB settings of access zone has changed returned: on success type: bool