delowan.googlecloud.gcp_iam_role (1.0.2) — module

Install collection

Install with ansible-galaxy collection install delowan.googlecloud:==1.0.2

Add to requirements.yml

  collections:
    - name: delowan.googlecloud
      version: 1.0.2

Description

A role in the Identity and Access Management API .

Requirements

• python >= 2.6
• requests >= 2.18.4
• google-auth >= 1.3.0

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: create a role
  google.cloud.gcp_iam_role:
    name: myCustomRole2
    title: My Custom Role
    description: My custom role description
    included_permissions:
    - iam.roles.list
    - iam.roles.create
    - iam.roles.delete
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
    state: present

Inputs

    
name:
    description:
    - The name of the role.
    required: true
    type: str

stage:
    description:
    - The current launch stage of the role.
    - 'Some valid choices include: "ALPHA", "BETA", "GA", "DEPRECATED", "DISABLED", "EAP"'
    required: false
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description:
    - Whether the given object should exist in GCP
    type: str

title:
    description:
    - A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes.
    required: false
    type: str

scopes:
    description:
    - Array of scopes to be used
    elements: str
    type: list

project:
    description:
    - The Google Cloud Platform project to use.
    type: str

env_type:
    description:
    - Specifies which Ansible environment you're running this module within.
    - This should not be set unless you know what you're doing.
    - This only alters the User Agent string for any API requests.
    type: str

auth_kind:
    choices:
    - application
    - machineaccount
    - serviceaccount
    description:
    - The type of credential used.
    required: true
    type: str

description:
    description:
    - Human-readable description for the role.
    required: false
    type: str

included_permissions:
    description:
    - Names of permissions this role grants when bound in an IAM policy.
    elements: str
    required: false
    type: list

service_account_file:
    description:
    - The path of a Service Account JSON file if serviceaccount is selected as type.
    type: path

service_account_email:
    description:
    - An optional service account email address if machineaccount is selected and the
      user does not wish to use the default email.
    type: str

service_account_contents:
    description:
    - The contents of a Service Account JSON file, either in a dictionary or as a JSON
      string that represents it.
    type: jsonarg

Outputs

deleted:
  description:
  - The current deleted state of the role.
  returned: success
  type: bool
description:
  description:
  - Human-readable description for the role.
  returned: success
  type: str
includedPermissions:
  description:
  - Names of permissions this role grants when bound in an IAM policy.
  returned: success
  type: list
name:
  description:
  - The name of the role.
  returned: success
  type: str
stage:
  description:
  - The current launch stage of the role.
  returned: success
  type: str
title:
  description:
  - A human-readable title for the role. Typically this is limited to 100 UTF-8 bytes.
  returned: success
  type: str