Try SpotterManage users on the PowerScale Storage System
| "added in version" 1.2.0 of dellemc.powerscale"
Authors: P Srinivas Rao (@srinivas-rao5) <ansible.team@dell.com>, Trisha Datta (@trisha-dell) <ansible.team@dell.com>
Install with ansible-galaxy collection install dellemc.powerscale:==3.0.0
collections:
- name: dellemc.powerscale
version: 3.0.0Managing Users on the PowerScale Storage System includes create user, delete user, update user, get user, add role and remove role.
- name: Get User Details using user name
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
access_zone: "{{access_zone}}"
provider_type: "{{provider_type}}"
user_name: "{{account_name}}"
state: "present"
- name: Create User
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
access_zone: "{{access_zone}}"
provider_type: "{{provider_type}}"
user_name: "{{account_name}}"
password: "{{account_password}}"
primary_group: "{{primary_group}}"
enabled: "{{enabled}}"
email: "{{email}}"
full_name: "{{full_name}}"
home_directory: "{{home_directory}}"
shell: "{{shell}}"
role_name: "{{role_name}}"
role_state: "present-for-user"
state: "present"
- name: Create User with user id
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
access_zone: "{{access_zone}}"
provider_type: "{{provider_type}}"
user_name: "Test_User"
user_id: 7000
password: "{{account_password}}"
primary_group: "{{primary_group}}"
enabled: "{{enabled}}"
email: "{{email}}"
full_name: "{{full_name}}"
home_directory: "{{home_directory}}"
shell: "{{shell}}"
role_name: "{{role_name}}"
role_state: "present-for-user"
state: "present"
- name: Update User's Full Name and email using user name
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
access_zone: "{{access_zone}}"
provider_type: "{{provider_type}}"
user_name: "{{account_name}}"
email: "{{new_email}}"
full_name: "{{full_name}}"
state: "present"
- name: Disable User Account using User Id
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
access_zone: "{{access_zone}}"
provider_type: "{{provider_type}}"
user_id: "{{id}}"
enabled: false
state: "present"
- name: Add user to a role using Username
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
user_name: "{{account_name}}"
provider_type: "{{provider_type}}"
role_name: "{{role_name}}"
role_state: "present-for-user"
state: "present"
- name: Remove user from a role using User id
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
user_id: "{{id}}"
role_name: "{{role_name}}"
role_state: "absent-for-user"
state: "present"
- name: Delete User using user name
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
access_zone: "{{access_zone}}"
provider_type: "{{provider_type}}"
user_name: "{{account_name}}"
state: "absent"
- name: Modify password in non-system access zone update_password as "always"
dellemc.powerscale.user:
onefs_host: "{{onefs_host}}"
port_no: "{{port_no}}"
api_user: "{{api_user}}"
api_password: "{{api_password}}"
verify_ssl: "{{verify_ssl}}"
access_zone: "{{access_zone}}"
provider_type: "{{provider_type}}"
user_name: "{{account_name}}"
password: "new_password"
update_password: "always"
state: "present"
email:
description:
- The email id of the user can be added using email option.
- The email id can be set at the time of creation and modified later.
type: str
shell:
description:
- This option is for choosing the type of shell for the user account.
type: str
state:
choices:
- absent
- present
description:
- The state option is used to mention the existence of the user account.
required: true
type: str
enabled:
description:
- Enabled is a bool variable which is used to enable or disable the user account.
type: bool
port_no:
default: '8080'
description:
- Port number of the PowerScale cluster.It defaults to 8080 if not specified.
required: false
type: str
user_id:
description:
- The I(user_id) is auto generated or can be assigned at the time of creation.
- For all other operations either I(user_name) or I(user_id) is needed.
type: int
api_user:
description:
- username of the PowerScale cluster.
required: true
type: str
password:
description:
- The password for the user account.
- Required only in the creation of a user account.
- If given in other operations then the password will be ignored.
type: str
full_name:
description:
- The additional information about the user can be provided using full_name option.
type: str
role_name:
description:
- The name of the role which a user will be assigned.
- User can be added to multiple roles.
type: str
user_name:
description:
- The name of the user account.
type: str
onefs_host:
description:
- IP address or FQDN of the PowerScale cluster.
required: true
type: str
role_state:
choices:
- present-for-user
- absent-for-user
description:
- The I(role_state) option is used to mention the existence of the role for a particular
user.
- It is required when a role is added or removed from user.
type: str
verify_ssl:
choices:
- true
- false
description:
- boolean variable to specify whether to validate SSL certificate or not.
- C(true) - indicates that the SSL certificate should be verified.
- C(false) - indicates that the SSL certificate should not be verified.
required: true
type: bool
access_zone:
default: system
description:
- This option mentions the zone in which a user is created.
- For creation, I(access_zone) acts as an attribute for the user.
- For all other operations I(access_zone) acts as a filter.
type: str
api_password:
description:
- the password of the PowerScale cluster.
required: true
type: str
primary_group:
description:
- A user can be member of multiple groups of which one group has to be assigned as
primary group.
- This group will be used for access checks and can also be used when creating files.
- A user can be added to the group using Group Name.
type: str
provider_type:
choices:
- local
- file
- ldap
- ads
- nis
default: local
description:
- This option defines the type which will be used to authenticate the user.
- Creation, Modification and Deletion is allowed for local users.
- Adding and removing roles is allowed for all users of the system access zone.
- Getting user details is allowed for all users.
- If the I(provider_type) is 'ads' then domain name of the Active Directory Server
has to be mentioned in the I(user_name). The format for the I(user_name) should
be 'DOMAIN_NAME\user_name' or "DOMAIN_NAME\\user_name".
- This option acts as a filter for all operations except creation.
type: str
home_directory:
description:
- The path specified in this option acts as a home directory for the user.
- The directory which is given should not be already in use.
- For a user in a system access zone, the absolute path has to be given.
- For users in a non-system access zone, the path relative to the non-system Access
Zone's base directory has to be given.
type: str
update_password:
choices:
- always
- on_create
default: always
description:
- This parameter controls the way the I(password) is updated during the creation and
modification of a user.
- C(always) will update password for each execution.
- C(on_create) will only set while creating a user.
- For modifying I(password), set the I(update_password) to C(always).
type: str
changed:
description: Whether or not the resource has changed.
returned: always
type: bool
user_details:
contains:
email:
description: The email of the user.
type: str
enabled:
description: Enabled is a bool variable which is used to enable or disable the
user account.
type: bool
gecos:
description: The full description of the user.
type: str
gid:
contains:
id:
description: The id of the primary group.
type: str
name:
description: The name of the primary group.
type: str
type:
description: The resource's type is mentioned.
type: str
description: The details of the primary group for the user.
type: complex
home_directory:
description: The directory path acts as the home directory for the user's account.
type: str
name:
description: The name of the user.
type: str
provider:
description: The provider contains the provider type and access zone.
type: str
roles:
description: The list of all the roles of which user is a member.
returned: For all users in system access zone.
type: list
shell:
description: The type of shell for the user account.
type: str
uid:
contains:
id:
description: The id of the user.
type: str
name:
description: The name of the user.
type: str
type:
description: The resource's type is mentioned.
type: str
description: Details about the id and name of the user.
type: complex
description: Details of the user.
returned: When user exists
type: complex