/ home / netapp / netapp.storagegrid / 21.12.0 / module / na_sg_org_group

netapp.storagegrid.na_sg_org_group (21.12.0) — module

NetApp StorageGRID manage groups within a tenancy.

| "added in version" 20.6.0 of netapp.storagegrid"

Authors: NetApp Ansible Team (@joshedmonds) <ng-ansibleteam@netapp.com>

preview | supported by community

Install collection

Install with ansible-galaxy collection install netapp.storagegrid:==21.12.0

Add to requirements.yml

  collections:
    - name: netapp.storagegrid
      version: 21.12.0

Description

Create, Update, Delete Groups within NetApp StorageGRID tenant.

Usage examples

Scanned by Steampunk Spotter

  - name: create a group
    netapp.storagegrid.na_sg_org_group:
      api_url: "https://<storagegrid-endpoint-url>"
      auth_token: "storagegrid-auth-token"
      validate_certs: false
      state: present
      display_name: ansiblegroup1
      unique_name: group/ansiblegroup1
      management_policy:
        manage_all_containers: true
        manage_endpoints: true
        manage_own_s3_credentials: false
        root_access: false
      s3_policy: {"Statement":[{"Effect":"Deny","Action":"s3:*","Resource":"arn:aws:s3:::*"}]}

Inputs

    
state:
    choices:
    - present
    - absent
    default: present
    description:
    - Whether the specified group should exist or not.
    type: str

api_url:
    description:
    - The url to the StorageGRID Admin Node REST API.
    required: true
    type: str

s3_policy:
    description:
    - StorageGRID S3 Group Policy.
    type: json

auth_token:
    description:
    - The authorization token for the API request
    required: true
    type: str

unique_name:
    description:
    - Unique Name for the group. Must begin with C(group/) or C(federated-group/).
    - Required for create, modify or delete operation.
    required: true
    type: str

display_name:
    description:
    - Name of the group.
    - Required for create operation.
    type: str

validate_certs:
    default: true
    description:
    - Should https certificates be validated?
    required: false
    type: bool

management_policy:
    description:
    - Management access controls granted to the group within the tenancy.
    suboptions:
      manage_all_containers:
        description:
        - Allows users to manage the settings for all S3 buckets in the tenant account,
          regardless of S3 bucket or group policies.
        type: bool
      manage_endpoints:
        description:
        - Allows users to use the Tenant Manager or the Tenant Management API to create
          or edit endpoints.
        - Endpoints are used as the destination for StorageGRID platform services.
        type: bool
      manage_own_s3_credentials:
        description:
        - Allows users to create and remove their own S3 access keys.
        - Users who do not have this permission do not see the S3 > My Credentials menu
          option.
        type: bool
      root_access:
        description:
        - Provides full access to the Tenant Manager and the Tenant Management API.
        type: bool
    type: dict

Outputs

resp:
  description: Returns information about the StorageGRID tenant group attributes.
  returned: success
  sample:
    accountId: '12345678901234567890'
    displayName: Example Group
    federated: false
    groupURN: urn:sgws:identity::12345678901234567890:group/examplegroup
    id: 00000000-0000-0000-0000-000000000000
    policies:
      management:
        manageAllContainers: true
        manageEndpoints: true
        manageOwnS3Credentials: true
        rootAccess: true
      s3:
        '...': null
      swift:
        '...': null
    uniqueName: group/examplegroup
  type: dict