oracle / oracle.oci / 4.21.0 / module / oci_object_storage_preauthenticated_request Manage a PreauthenticatedRequest resource in Oracle Cloud Infrastructure | "added in version" 2.9.0 of oracle.oci" Authors: Oracle (@oracle) preview | supported by communityoracle.oci.oci_object_storage_preauthenticated_request (4.21.0) — module
Install with ansible-galaxy collection install oracle.oci:==4.21.0
collections: - name: oracle.oci version: 4.21.0
This module allows the user to create and delete a PreauthenticatedRequest resource in Oracle Cloud Infrastructure
For I(state=present), creates a pre-authenticated request specific to the bucket.
- name: Create preauthenticated_request oci_object_storage_preauthenticated_request: # required name: name_example access_type: ObjectRead time_expires: time_expires_example namespace_name: namespace_name_example bucket_name: bucket_name_example # optional bucket_listing_action: bucket_listing_action_example object_name: object_name_example
- name: Delete preauthenticated_request oci_object_storage_preauthenticated_request: # required namespace_name: namespace_name_example bucket_name: bucket_name_example par_id: "ocid1.par.oc1..xxxxxxEXAMPLExxxxxx" state: absent
- name: Delete preauthenticated_request using name (when environment variable OCI_USE_NAME_AS_IDENTIFIER is set) oci_object_storage_preauthenticated_request: # required name: name_example namespace_name: namespace_name_example bucket_name: bucket_name_example state: absent
name: description: - A user-specified name for the pre-authenticated request. Names can be helpful in managing pre-authenticated requests. Avoid entering confidential information. - Required for create using I(state=present). - Required for delete when environment variable C(OCI_USE_NAME_AS_IDENTIFIER) is set. type: str state: choices: - present - absent default: present description: - The state of the PreauthenticatedRequest. - Use I(state=present) to create a PreauthenticatedRequest. - Use I(state=absent) to delete a PreauthenticatedRequest. required: false type: str key_by: description: The list of attributes of this resource which should be used to uniquely identify an instance of the resource. By default, all the attributes of a resource are used to uniquely identify a resource. elements: str type: list par_id: aliases: - id description: - The unique identifier for the pre-authenticated request. This can be used to manage operations against the pre-authenticated request, such as GET or DELETE. - Required for delete using I(state=absent) when environment variable C(OCI_USE_NAME_AS_IDENTIFIER) is not set. type: str region: description: - The Oracle Cloud Infrastructure region to use for all OCI API requests. If not set, then the value of the OCI_REGION variable, if any, is used. This option is required if the region is not specified through a configuration file (See C(config_file_location)). Please refer to U(https://docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/regions.htm) for more information on OCI regions. type: str tenancy: description: - OCID of your tenancy. If not set, then the value of the OCI_TENANCY variable, if any, is used. This option is required if the tenancy OCID is not specified through a configuration file (See C(config_file_location)). To get the tenancy OCID, please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm) type: str api_user: description: - The OCID of the user, on whose behalf, OCI APIs are invoked. If not set, then the value of the OCI_USER_ID environment variable, if any, is used. This option is required if the user is not specified through a configuration file (See C(config_file_location)). To get the user's OCID, please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm). type: str auth_type: choices: - api_key - instance_principal - instance_obo_user - resource_principal default: api_key description: - The type of authentication to use for making API requests. By default C(auth_type="api_key") based authentication is performed and the API key (see I(api_user_key_file)) in your config file will be used. If this 'auth_type' module option is not specified, the value of the OCI_ANSIBLE_AUTH_TYPE, if any, is used. Use C(auth_type="instance_principal") to use instance principal based authentication when running ansible playbooks within an OCI compute instance. type: str access_type: choices: - ObjectRead - ObjectWrite - ObjectReadWrite - AnyObjectWrite - AnyObjectRead - AnyObjectReadWrite description: - The operation that can be performed on this resource. - Required for create using I(state=present). type: str bucket_name: description: - 'The name of the bucket. Avoid entering confidential information. Example: `my-new-bucket1`' required: true type: str cert_bundle: description: - The full path to a CA certificate bundle to be used for SSL verification. This will override the default CA certificate bundle. If not set, then the value of the OCI_ANSIBLE_CERT_BUNDLE variable, if any, is used. type: str object_name: description: - The name of the object that is being granted access to by the pre-authenticated request. Avoid entering confidential information. The object name can be null and if so, the pre-authenticated request grants access to the entire bucket if the access type allows that. The object name can be a prefix as well, in that case pre-authenticated request grants access to all the objects within the bucket starting with that prefix provided that we have the correct access type. type: str auth_purpose: choices: - service_principal description: - The auth purpose which can be used in conjunction with 'auth_type=instance_principal'. The default auth_purpose for instance_principal is None. type: str force_create: default: false description: Whether to attempt non-idempotent creation of a resource. By default, create resource is an idempotent operation, and doesn't create the resource if it already exists. Setting this option to true, forcefully creates a copy of the resource, even if it already exists.This option is mutually exclusive with I(key_by). type: bool time_expires: description: - The expiration date for the pre-authenticated request as per L(RFC 3339,https://tools.ietf.org/html/rfc3339). After this date the pre-authenticated request will no longer be valid. - Required for create using I(state=present). type: str namespace_name: description: - The Object Storage namespace used for the request. required: true type: str api_user_key_file: description: - Full path and filename of the private key (in PEM format). If not set, then the value of the OCI_USER_KEY_FILE variable, if any, is used. This option is required if the private key is not specified through a configuration file (See C(config_file_location)). If the key is encrypted with a pass-phrase, the C(api_user_key_pass_phrase) option must also be provided. type: str config_profile_name: description: - The profile to load from the config file referenced by C(config_file_location). If not set, then the value of the OCI_CONFIG_PROFILE environment variable, if any, is used. Otherwise, defaults to the "DEFAULT" profile in C(config_file_location). type: str api_user_fingerprint: description: - Fingerprint for the key pair being used. If not set, then the value of the OCI_USER_FINGERPRINT environment variable, if any, is used. This option is required if the key fingerprint is not specified through a configuration file (See C(config_file_location)). To get the key pair's fingerprint value please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm). type: str config_file_location: description: - Path to configuration file. If not set then the value of the OCI_CONFIG_FILE environment variable, if any, is used. Otherwise, defaults to ~/.oci/config. type: str bucket_listing_action: description: - 'Specifies whether a list operation is allowed on a PAR with accessType "AnyObjectRead" or "AnyObjectReadWrite". Deny: Prevents the user from performing a list operation. ListObjects: Authorizes the user to perform a list operation.' type: str api_user_key_pass_phrase: description: - Passphrase used by the key referenced in C(api_user_key_file), if it is encrypted. If not set, then the value of the OCI_USER_KEY_PASS_PHRASE variable, if any, is used. This option is required if the key passphrase is not specified through a configuration file (See C(config_file_location)). type: str realm_specific_endpoint_template_enabled: description: - Enable/Disable realm specific endpoint template for service client. By Default, realm specific endpoint template is disabled. If not set, then the value of the OCI_REALM_SPECIFIC_SERVICE_ENDPOINT_TEMPLATE_ENABLED variable, if any, is used. type: bool
preauthenticated_request: contains: access_type: description: - The operation that can be performed on this resource. returned: on success sample: ObjectRead type: str bucket_listing_action: description: - 'Specifies whether a list operation is allowed on a PAR with accessType "AnyObjectRead" or "AnyObjectReadWrite". Deny: Prevents the user from performing a list operation. ListObjects: Authorizes the user to perform a list operation.' returned: on success sample: bucket_listing_action_example type: str id: description: - The unique identifier to use when directly addressing the pre-authenticated request. returned: on success sample: ocid1.resource.oc1..xxxxxxEXAMPLExxxxxx type: str name: description: - The user-provided name of the pre-authenticated request. returned: on success sample: name_example type: str object_name: description: - The name of object that is being granted access to by the pre-authenticated request. This can be null and if it is, the pre-authenticated request grants access to the entire bucket. returned: on success sample: object_name_example type: str time_created: description: - The date when the pre-authenticated request was created as per L(RFC 3339,https://tools.ietf.org/html/rfc3339). returned: on success sample: '2013-10-20T19:20:30+01:00' type: str time_expires: description: - The expiration date for the pre-authenticated request as per L(RFC 3339,https://tools.ietf.org/html/rfc3339). After this date the pre- authenticated request will no longer be valid. returned: on success sample: '2013-10-20T19:20:30+01:00' type: str description: - Details of the PreauthenticatedRequest resource acted upon by the current operation returned: on success sample: access_type: ObjectRead bucket_listing_action: bucket_listing_action_example id: ocid1.resource.oc1..xxxxxxEXAMPLExxxxxx name: name_example object_name: object_name_example time_created: '2013-10-20T19:20:30+01:00' time_expires: '2013-10-20T19:20:30+01:00' type: complex