oracle / oracle.oci / 2.38.0 / module / oci_object_storage_object_actions Perform actions on an Object resource in Oracle Cloud Infrastructure | "added in version" 2.9.0 of oracle.oci" Authors: Oracle (@oracle) preview | supported by communityoracle.oci.oci_object_storage_object_actions (2.38.0) — module
Install with ansible-galaxy collection install oracle.oci:==2.38.0
collections: - name: oracle.oci version: 2.38.0
Perform actions on an Object resource in Oracle Cloud Infrastructure
For I(action=copy), creates a request to copy an object within a region or to another region.
For I(action=reencrypt), re-encrypts the data encryption keys that encrypt the object and its chunks. By default, when you create a bucket, the Object Storage service manages the master encryption key used to encrypt each object's data encryption keys. The encryption mechanism that you specify for the bucket applies to the objects it contains. You can alternatively employ one of these encryption strategies for an object: - You can assign a key that you created and control through the Oracle Cloud Infrastructure Vault service. - You can encrypt an object using your own encryption key. The key you supply is known as a customer-provided encryption key (SSE-C).
For I(action=rename), rename an object in the given Object Storage namespace. See L(Object Names,https://docs.cloud.oracle.com/Content/Object/Tasks/managingobjects.htm#namerequirements) for object naming requirements.
For I(action=restore), restores one or more objects specified by the objectName parameter. By default objects will be restored for 24 hours. Duration can be configured using the hours parameter.
For I(action=update_object_storage_tier), changes the storage tier of the object specified by the objectName parameter.
- name: Perform action copy on object oci_object_storage_object_actions: # required namespace_name: namespace_name_example bucket_name: bucket_name_example source_object_name: source_object_name_example destination_region: us-phoenix-1 destination_namespace: destination_namespace_example destination_bucket: destination_bucket_example destination_object_name: destination_object_name_example action: copy # optional source_object_if_match_e_tag: source_object_if_match_e_tag_example source_version_id: "ocid1.sourceversion.oc1..xxxxxxEXAMPLExxxxxx" destination_object_if_match_e_tag: destination_object_if_match_e_tag_example destination_object_if_none_match_e_tag: destination_object_if_none_match_e_tag_example destination_object_metadata: null destination_object_storage_tier: Standard opc_sse_customer_algorithm: opc_sse_customer_algorithm_example opc_sse_customer_key: opc_sse_customer_key_example opc_sse_customer_key_sha256: opc_sse_customer_key_sha256_example opc_source_sse_customer_algorithm: opc_source_sse_customer_algorithm_example opc_source_sse_customer_key: opc_source_sse_customer_key_example opc_source_sse_customer_key_sha256: opc_source_sse_customer_key_sha256_example opc_sse_kms_key_id: "ocid1.opcssekmskey.oc1..xxxxxxEXAMPLExxxxxx"
- name: Perform action reencrypt on object oci_object_storage_object_actions: # required namespace_name: namespace_name_example bucket_name: bucket_name_example object_name: object_name_example action: reencrypt # optional kms_key_id: "ocid1.kmskey.oc1..xxxxxxEXAMPLExxxxxx" sse_customer_key: # required algorithm: AES256 key: key_example key_sha256: key_sha256_example source_sse_customer_key: # required algorithm: AES256 key: key_example key_sha256: key_sha256_example version_id: "ocid1.version.oc1..xxxxxxEXAMPLExxxxxx"
- name: Perform action rename on object oci_object_storage_object_actions: # required namespace_name: namespace_name_example bucket_name: bucket_name_example source_name: source_name_example new_name: new_name_example action: rename # optional src_obj_if_match_e_tag: src_obj_if_match_e_tag_example new_obj_if_match_e_tag: new_obj_if_match_e_tag_example new_obj_if_none_match_e_tag: new_obj_if_none_match_e_tag_example
- name: Perform action restore on object oci_object_storage_object_actions: # required namespace_name: namespace_name_example bucket_name: bucket_name_example object_name: object_name_example action: restore # optional version_id: "ocid1.version.oc1..xxxxxxEXAMPLExxxxxx" hours: 56
- name: Perform action update_object_storage_tier on object oci_object_storage_object_actions: # required namespace_name: namespace_name_example bucket_name: bucket_name_example object_name: object_name_example storage_tier: Standard action: update_object_storage_tier # optional version_id: "ocid1.version.oc1..xxxxxxEXAMPLExxxxxx"
wait: default: true description: Whether to wait for create or delete operation to complete. type: bool hours: description: - The number of hours for which this object will be restored. By default objects will be restored for 24 hours. You can instead configure the duration using the hours parameter. - Applicable only for I(action=restore). type: int action: choices: - copy - reencrypt - rename - restore - update_object_storage_tier description: - The action to perform on the Object. required: true type: str region: description: - The Oracle Cloud Infrastructure region to use for all OCI API requests. If not set, then the value of the OCI_REGION variable, if any, is used. This option is required if the region is not specified through a configuration file (See C(config_file_location)). Please refer to U(https://docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/regions.htm) for more information on OCI regions. type: str tenancy: description: - OCID of your tenancy. If not set, then the value of the OCI_TENANCY variable, if any, is used. This option is required if the tenancy OCID is not specified through a configuration file (See C(config_file_location)). To get the tenancy OCID, please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm) type: str api_user: description: - The OCID of the user, on whose behalf, OCI APIs are invoked. If not set, then the value of the OCI_USER_ID environment variable, if any, is used. This option is required if the user is not specified through a configuration file (See C(config_file_location)). To get the user's OCID, please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm). type: str new_name: description: - The new name of the source object. Avoid entering confidential information. - Required for I(action=rename). type: str auth_type: choices: - api_key - instance_principal - instance_obo_user - resource_principal default: api_key description: - The type of authentication to use for making API requests. By default C(auth_type="api_key") based authentication is performed and the API key (see I(api_user_key_file)) in your config file will be used. If this 'auth_type' module option is not specified, the value of the OCI_ANSIBLE_AUTH_TYPE, if any, is used. Use C(auth_type="instance_principal") to use instance principal based authentication when running ansible playbooks within an OCI compute instance. type: str kms_key_id: description: - The L(OCID,https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the master encryption key used to call the Vault service to re-encrypt the data encryption keys associated with the object and its chunks. If the kmsKeyId value is empty, whether null or an empty string, the API will perform re-encryption by using the kmsKeyId associated with the bucket or the master encryption key managed by Oracle, depending on the bucket encryption mechanism. - Applicable only for I(action=reencrypt). type: str version_id: description: - VersionId used to identify a particular version of the object - Applicable only for I(action=reencrypt)I(action=restore)I(action=update_object_storage_tier). type: str bucket_name: description: - 'The name of the bucket. Avoid entering confidential information. Example: `my-new-bucket1`' required: true type: str object_name: description: - 'The name of the object. Avoid entering confidential information. Example: `test/object1.log`' - Required for I(action=reencrypt), I(action=restore), I(action=update_object_storage_tier). type: str source_name: description: - The name of the source object to be renamed. - Required for I(action=rename). type: str storage_tier: choices: - Standard - InfrequentAccess - Archive description: - The storage tier that the object should be moved to. - Required for I(action=update_object_storage_tier). type: str wait_timeout: description: Time, in seconds, to wait when I(wait=yes). Defaults to 1200 for most of the services but some services might have a longer wait timeout. type: int namespace_name: description: - The Object Storage namespace used for the request. required: true type: str sse_customer_key: description: - '' - Applicable only for I(action=reencrypt). suboptions: algorithm: choices: - AES256 description: - Specifies the encryption algorithm. The only supported value is "AES256". required: true type: str key: description: - Specifies the base64-encoded 256-bit encryption key to use to encrypt or decrypt the object data. required: true type: str key_sha256: description: - Specifies the base64-encoded SHA256 hash of the encryption key. This value is used to check the integrity of the encryption key. required: true type: str type: dict api_user_key_file: description: - Full path and filename of the private key (in PEM format). If not set, then the value of the OCI_USER_KEY_FILE variable, if any, is used. This option is required if the private key is not specified through a configuration file (See C(config_file_location)). If the key is encrypted with a pass-phrase, the C(api_user_key_pass_phrase) option must also be provided. type: str source_version_id: description: - VersionId of the object to copy. If not provided then current version is copied by default. - Applicable only for I(action=copy). type: str destination_bucket: description: - The destination bucket the object will be copied to. - Required for I(action=copy). type: str destination_region: description: - The destination region the object will be copied to, for example "us-ashburn-1". - Required for I(action=copy). type: str opc_sse_kms_key_id: description: - The L(OCID,https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of a master encryption key used to call the Key Management service to generate a data encryption key or to encrypt or decrypt a data encryption key. - Applicable only for I(action=copy). type: str source_object_name: description: - The name of the object to be copied. - Required for I(action=copy). type: str config_profile_name: description: - The profile to load from the config file referenced by C(config_file_location). If not set, then the value of the OCI_CONFIG_PROFILE environment variable, if any, is used. Otherwise, defaults to the "DEFAULT" profile in C(config_file_location). type: str api_user_fingerprint: description: - Fingerprint for the key pair being used. If not set, then the value of the OCI_USER_FINGERPRINT environment variable, if any, is used. This option is required if the key fingerprint is not specified through a configuration file (See C(config_file_location)). To get the key pair's fingerprint value please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm). type: str config_file_location: description: - Path to configuration file. If not set then the value of the OCI_CONFIG_FILE environment variable, if any, is used. Otherwise, defaults to ~/.oci/config. type: str opc_sse_customer_key: description: - The optional header that specifies the base64-encoded 256-bit encryption key to use to encrypt or decrypt the data. For more information, see L(Using Your Own Keys for Server-Side Encryption,https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm). - Applicable only for I(action=copy). type: str destination_namespace: description: - The destination Object Storage namespace the object will be copied to. - Required for I(action=copy). type: str new_obj_if_match_e_tag: description: - The if-match entity tag (ETag) of the new object. - Applicable only for I(action=rename). type: str src_obj_if_match_e_tag: description: - The if-match entity tag (ETag) of the source object. - Applicable only for I(action=rename). type: str destination_object_name: description: - The name of the destination object resulting from the copy operation. Avoid entering confidential information. - Required for I(action=copy). type: str source_sse_customer_key: description: - '' - Applicable only for I(action=reencrypt). suboptions: algorithm: choices: - AES256 description: - Specifies the encryption algorithm. The only supported value is "AES256". required: true type: str key: description: - Specifies the base64-encoded 256-bit encryption key to use to encrypt or decrypt the object data. required: true type: str key_sha256: description: - Specifies the base64-encoded SHA256 hash of the encryption key. This value is used to check the integrity of the encryption key. required: true type: str type: dict api_user_key_pass_phrase: description: - Passphrase used by the key referenced in C(api_user_key_file), if it is encrypted. If not set, then the value of the OCI_USER_KEY_PASS_PHRASE variable, if any, is used. This option is required if the key passphrase is not specified through a configuration file (See C(config_file_location)). type: str opc_sse_customer_algorithm: description: - The optional header that specifies "AES256" as the encryption algorithm. For more information, see L(Using Your Own Keys for Server-Side Encryption,https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm). - Applicable only for I(action=copy). type: str destination_object_metadata: description: - Arbitrary string keys and values for the user-defined metadata for the object. Keys must be in "opc-meta-*" format. Avoid entering confidential information. Metadata key-value pairs entered in this field are assigned to the destination object. If you enter no metadata values, the destination object will inherit any existing metadata values associated with the source object. - Applicable only for I(action=copy). type: dict new_obj_if_none_match_e_tag: description: - The if-none-match entity tag (ETag) of the new object. The only valid value is '*', which indicates request should fail if the new object already exists. - Applicable only for I(action=rename). type: str opc_source_sse_customer_key: description: - The optional header that specifies the base64-encoded 256-bit encryption key to use to decrypt the source object. For more information, see L(Using Your Own Keys for Server-Side Encryption,https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm). - Applicable only for I(action=copy). type: str opc_sse_customer_key_sha256: description: - The optional header that specifies the base64-encoded SHA256 hash of the encryption key. This value is used to check the integrity of the encryption key. For more information, see L(Using Your Own Keys for Server-Side Encryption,https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm). - Applicable only for I(action=copy). type: str source_object_if_match_e_tag: description: - The entity tag (ETag) to match against that of the source object. Used to confirm that the source object with a given name is the version of that object storing a specified ETag. - Applicable only for I(action=copy). type: str destination_object_storage_tier: choices: - Standard - InfrequentAccess - Archive description: - The storage tier that the object should be stored in. If not specified, the object will be stored in the same storage tier as the bucket. - Applicable only for I(action=copy). type: str destination_object_if_match_e_tag: description: - The entity tag (ETag) to match against that of the destination object (an object intended to be overwritten). Used to confirm that the destination object stored under a given name is the version of that object storing a specified entity tag. - Applicable only for I(action=copy). type: str opc_source_sse_customer_algorithm: description: - The optional header that specifies "AES256" as the encryption algorithm to use to decrypt the source object. For more information, see L(Using Your Own Keys for Server-Side Encryption,https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm). - Applicable only for I(action=copy). type: str opc_source_sse_customer_key_sha256: description: - The optional header that specifies the base64-encoded SHA256 hash of the encryption key used to decrypt the source object. This value is used to check the integrity of the encryption key. For more information, see L(Using Your Own Keys for Server-Side Encryption,https://docs.cloud.oracle.com/Content/Object/Tasks/usingyourencryptionkeys.htm). - Applicable only for I(action=copy). type: str destination_object_if_none_match_e_tag: description: - The entity tag (ETag) to avoid matching. The only valid value is '*', which indicates that the request should fail if the object already exists in the destination bucket. - Applicable only for I(action=copy). type: str
object: contains: archival_state: description: - Archival state of an object. This field is set only for objects in Archive tier. returned: on success sample: Archived type: str etag: description: - The current entity tag (ETag) for the object. returned: on success sample: etag_example type: str headers: description: - response headers for the object returned: on success sample: Content-Length: '37' opc-meta-key1: value1 type: dict md5: description: - Base64-encoded MD5 hash of the object data. returned: on success sample: md5_example type: str name: description: - 'The name of the object. Avoid entering confidential information. Example: test/object1.log' returned: on success sample: name_example type: str size: description: - Size of the object in bytes. returned: on success sample: 56 type: int storage_tier: description: - The storage tier that the object is stored in. returned: on success sample: Standard type: str time_created: description: - The date and time the object was created, as described in L(RFC 2616,https://tools.ietf.org/html/rfc2616#section-14.29). returned: on success sample: '2013-10-20T19:20:30+01:00' type: str time_modified: description: - The date and time the object was modified, as described in L(RFC 2616,https://tools.ietf.org/rfc/rfc2616), section 14.29. returned: on success sample: '2013-10-20T19:20:30+01:00' type: str description: - Details of the Object resource acted upon by the current operation returned: on success sample: archival_state: Archived etag: etag_example headers: Content-Length: '37' opc-meta-key1: value1 md5: md5_example name: name_example size: 56 storage_tier: Standard time_created: '2013-10-20T19:20:30+01:00' time_modified: '2013-10-20T19:20:30+01:00' type: complex