Try SpotterManage S3 buckets on a PowerScale Storage System
| "added in version" 2.1.0 of dellemc.powerscale"
Authors: Bhavneet Sharma(@Bhavneet-Sharma) <ansible.team@dell.com>
Install with ansible-galaxy collection install dellemc.powerscale:==3.0.0
collections:
- name: dellemc.powerscale
version: 3.0.0Managing S3 buckets on an PowerScale system includes retrieving details of S3 bucket, creating S3 bucket, modifying and deleting S3 bucket.
- name: Create S3 Bucket
dellemc.powerscale.s3_bucket:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
s3_bucket_name: "Anisble_S3_bucket"
path: "/sample_bucket_path"
access_zone: "sample-zone"
owner: "sample-user"
description: "the S3 bucket created."
object_acl_policy: "replace"
acl:
- permission: "READ"
grantee:
name: "everyone"
type: "wellknown"
- permission: "READ_ACL"
grantee:
name: "sample-user"
type: "user"
provider_type: "local"
acl_state: "present"
state: "present"
- name: Create S3 Bucket
dellemc.powerscale.s3_bucket:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
s3_bucket_name: "Anisble_S3_bucket_1"
path: "/ifs/sample_bucket_path_1"
create_path: true
access_zone: "System"
owner: "sample-user"
acl:
- permission: "READ"
grantee:
name: "everyone"
type: "wellknown"
state: "present"
- name: Get S3 Bucket
dellemc.powerscale.s3_bucket:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
s3_bucket_name: "Anisble_S3_bucket"
access_zone: "sample-zone"
- name: Modify S3 bucket
dellemc.powerscale.s3_bucket:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
s3_bucket_name: "Anisble_S3_bucket"
access_zone: "sample-zone"
description: "the S3 bucket updated."
object_acl_policy: "deny"
acl:
- permission: "WRITE"
grantee:
name: "sample-group"
type: "group"
provider_type: "ads"
- name: Remove grantee from S3 bucket
dellemc.powerscale.s3_bucket:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
s3_bucket_name: "Anisble_S3_bucket"
access_zone: "sample-zone"
acl:
- permission: "WRITE"
grantee:
name: "sample-group"
type: "group"
provider_type: "ads"
acl_state: "absent"
- name: Delete S3 Bucket
dellemc.powerscale.s3_bucket:
onefs_host: "{{onefs_host}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
s3_bucket_name: "Anisble_S3_bucket"
access_zone: "sample-zone"
state: "absent"
acl:
description:
- Specifies the permissions and grantees in the S3 bucket.
elements: dict
suboptions:
acl_state:
choices:
- present
- absent
default: present
description:
- Specifies if the acls are to be added or removed.
type: str
grantee:
description:
- Specifies the properties of grantee.
- I(permission) and I(grantee) are required together.
- It consists of I(name), I(type), and I(provider_type).
required: true
suboptions:
name:
description:
- Specifies the name of grantee (user, group or wellknown).
required: true
type: str
provider_type:
choices:
- local
- file
- ldap
- ads
- nis
default: local
description:
- Specifies the provider type of grantee.
type: str
type:
choices:
- user
- group
- wellknown
default: user
description:
- Specifies the type of grantee.
type: str
type: dict
permission:
choices:
- READ
- WRITE
- READ_ACP
- WRITE_ACP
- FULL_CONTROL
description:
- Specifies the S3 permission being allowed.
- I(permission) and I(grantee) are required together.
required: true
type: str
type: list
path:
description:
- Specifies path on which the S3 bucket will be created. It is the absolute path for
System access zone and it is relative if using non-system access zone.
- For example, if your access zone is 'Ansible' and it has a base path '/ifs/ansible'
and the path specified is '/user1', then the effective path would be '/ifs/ansible/user1'.
- If your access zone is System, and you have 'directory1' in the access zone, the
path provided should be '/ifs/directory1'.
- I(path) is required while creating a S3 bucket.
- The S3 bucket path can not be modified after creation.
type: str
owner:
description:
- Specifies the owner of the S3 bucket.
- If I(owner) not passed, then C(root) will be default I(owner) for C(System) access
zone only.
- If owner belongs to another provider domain, it should be mentioned along with domain
name as "DOMAIN_NAME\\username" or DOMAIN_NAME\username.
type: str
state:
choices:
- absent
- present
default: present
description:
- Defines whether the S3 bucket should exist or not.
- Value C(present) indicates that the S3 bucket should exist in system.
- Value C(absent) indicates that the S3 bucket should not exist in system.
type: str
port_no:
default: '8080'
description:
- Port number of the PowerScale cluster.It defaults to 8080 if not specified.
required: false
type: str
api_user:
description:
- username of the PowerScale cluster.
required: true
type: str
onefs_host:
description:
- IP address or FQDN of the PowerScale cluster.
required: true
type: str
verify_ssl:
choices:
- true
- false
description:
- boolean variable to specify whether to validate SSL certificate or not.
- C(true) - indicates that the SSL certificate should be verified.
- C(false) - indicates that the SSL certificate should not be verified.
required: true
type: bool
access_zone:
default: System
description:
- Specifies the access zone in which the S3 bucket exists.
- Access zone once set cannot be changed.
type: str
create_path:
description:
- Will create the path if does not exist.
- API default is C(false).
type: bool
description:
description:
- Specifies the description of the S3 bucket.
- Pass empty string to remove the I(description).
type: str
api_password:
description:
- the password of the PowerScale cluster.
required: true
type: str
s3_bucket_name:
description:
- Name of the S3 bucket.
- I(s3_bucket_name) while creating the S3 bucket.
required: true
type: str
object_acl_policy:
choices:
- replace
- deny
description:
- Set behaviour of object acls for a specified S3 bucket.
type: str
S3_bucket_details:
contains:
acl:
contains:
grantee:
contains:
id:
description: ID of the grantee.
type: str
name:
description: Name of the grantee.
type: str
type:
description: Specifies the type of the grantee.
type: str
description: Specifies details of grantee.
type: dict
permission:
description: Specifies the S3 permission being allowed.
type: str
description: Specifies the properties of S3 access controls.
type: list
description:
description: Specifies the description of the S3 bucket.
type: str
id:
description: S3 bucket ID.
type: str
name:
description: S3 bucket name.
type: str
object_acl_policy:
description: Set behaviour of object acls for a specified S3 bucket.
type: str
owner:
description: Specifies the owner of the S3 bucket.
type: str
path:
description: Path of S3 bucket with in C('/ifs').
type: str
zid:
description: Zone id.
type: int
zone:
description: Access zone name.
type: str
description: The updated S3 Bucket details.
returned: always
sample:
access_zone: System
acl:
- grantee:
id: ID
name: ansible-user
type: user
permission: READ
description: description
id: ansible_S3_bucket
name: ansible_S3_bucket
object_acl_policy: replace
owner: ansible-user
path: /ifs/<sample-path>
zid: 1
type: complex
changed:
description: A boolean indicating if the task had to make changes.
returned: always
sample: 'false'
type: bool