Try SpotterPerform actions on a Domain resource in Oracle Cloud Infrastructure
| "added in version" 2.9.0 of oracle.oci"
Authors: Oracle (@oracle)
preview | supported by community
Install with ansible-galaxy collection install oracle.oci:==5.0.0
collections:
- name: oracle.oci
version: 5.0.0Perform actions on a Domain resource in Oracle Cloud Infrastructure
For I(action=activate), (For tenancies that support identity domains) Activates a deactivated identity domain. You can only activate identity domains that your user account is not a part of. After you send the request, the `lifecycleDetails` of the identity domain is set to ACTIVATING. When the operation completes, the `lifecycleDetails` is set to null and the `lifecycleState` of the identity domain is set to ACTIVE. To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
For I(action=change_compartment), (For tenancies that support identity domains) Moves the identity domain to a different compartment in the tenancy. To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
For I(action=change_domain_license_type), (For tenancies that support identity domains) Changes the license type of the given identity domain. The identity domain's `lifecycleState` must be set to ACTIVE and the requested `licenseType` must be allowed. To retrieve the allowed `licenseType` for the identity domain, use L(ListAllowedDomainLicenseTypes,https://docs.cloud.oracle.com/en- us/iaas/api/#/en/identity/20160918/Domain/ListAllowedDomainLicenseTypes). After you send your request, the `lifecycleDetails` of this identity domain is set to UPDATING. When the update of the identity domain completes, then the `lifecycleDetails` is set to null. To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
For I(action=deactivate), (For tenancies that support identity domains) Deactivates the specified identity domain. Identity domains must be in an ACTIVE `lifecycleState` and have no active apps present in the domain or underlying Identity Cloud Service stripe. You cannot deactivate the default identity domain. After you send your request, the `lifecycleDetails` of this identity domain is set to DEACTIVATING. When the operation completes, then the `lifecycleDetails` is set to null and the `lifecycleState` is set to INACTIVE. To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
For I(action=enable_replication_to_region), (For tenancies that support identity domains) Replicates the identity domain to a new region (provided that the region is the tenancy home region or other region that the tenancy subscribes to). You can only replicate identity domains that are in an ACTIVE `lifecycleState` and not currently updating or already replicating. You also can only trigger the replication of secondary identity domains. The default identity domain is automatically replicated to all regions that the tenancy subscribes to. After you send the request, the `state` of the identity domain in the replica region is set to ENABLING_REPLICATION. When the operation completes, the `state` is set to REPLICATION_ENABLED. To track the progress of the request, submitting an HTTP GET on the /iamWorkRequests/{iamWorkRequestsId} endpoint retrieves the operation's status.
- name: Perform action activate on domain
oci_identity_domain_actions:
# required
domain_id: "ocid1.domain.oc1..xxxxxxEXAMPLExxxxxx"
action: activate
- name: Perform action change_compartment on domain
oci_identity_domain_actions:
# required
compartment_id: "ocid1.compartment.oc1..xxxxxxEXAMPLExxxxxx"
domain_id: "ocid1.domain.oc1..xxxxxxEXAMPLExxxxxx"
action: change_compartment
- name: Perform action change_domain_license_type on domain
oci_identity_domain_actions:
# required
domain_id: "ocid1.domain.oc1..xxxxxxEXAMPLExxxxxx"
action: change_domain_license_type
# optional
license_type: license_type_example
- name: Perform action deactivate on domain
oci_identity_domain_actions:
# required
domain_id: "ocid1.domain.oc1..xxxxxxEXAMPLExxxxxx"
action: deactivate
- name: Perform action enable_replication_to_region on domain
oci_identity_domain_actions:
# required
domain_id: "ocid1.domain.oc1..xxxxxxEXAMPLExxxxxx"
action: enable_replication_to_region
# optional
replica_region: us-phoenix-1
wait:
default: true
description: Whether to wait for create or delete operation to complete.
type: bool
action:
choices:
- activate
- change_compartment
- change_domain_license_type
- deactivate
- enable_replication_to_region
description:
- The action to perform on the Domain.
required: true
type: str
region:
description:
- The Oracle Cloud Infrastructure region to use for all OCI API requests. If not set,
then the value of the OCI_REGION variable, if any, is used. This option is required
if the region is not specified through a configuration file (See C(config_file_location)).
Please refer to U(https://docs.us-phoenix-1.oraclecloud.com/Content/General/Concepts/regions.htm)
for more information on OCI regions.
type: str
tenancy:
description:
- OCID of your tenancy. If not set, then the value of the OCI_TENANCY variable, if
any, is used. This option is required if the tenancy OCID is not specified through
a configuration file (See C(config_file_location)). To get the tenancy OCID, please
refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm)
type: str
api_user:
description:
- The OCID of the user, on whose behalf, OCI APIs are invoked. If not set, then the
value of the OCI_USER_ID environment variable, if any, is used. This option is required
if the user is not specified through a configuration file (See C(config_file_location)).
To get the user's OCID, please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm).
type: str
auth_type:
choices:
- api_key
- instance_principal
- instance_obo_user
- resource_principal
- security_token
default: api_key
description:
- The type of authentication to use for making API requests. By default C(auth_type="api_key")
based authentication is performed and the API key (see I(api_user_key_file)) in
your config file will be used. If this 'auth_type' module option is not specified,
the value of the OCI_ANSIBLE_AUTH_TYPE, if any, is used. Use C(auth_type="instance_principal")
to use instance principal based authentication when running ansible playbooks within
an OCI compute instance.
type: str
domain_id:
aliases:
- id
description:
- The OCID of the identity domain.
required: true
type: str
cert_bundle:
description:
- The full path to a CA certificate bundle to be used for SSL verification. This will
override the default CA certificate bundle. If not set, then the value of the OCI_ANSIBLE_CERT_BUNDLE
variable, if any, is used.
type: str
auth_purpose:
choices:
- service_principal
description:
- The auth purpose which can be used in conjunction with 'auth_type=instance_principal'.
The default auth_purpose for instance_principal is None.
type: str
license_type:
description:
- The license type of the identity domain.
- Applicable only for I(action=change_domain_license_type).
type: str
wait_timeout:
description: Time, in seconds, to wait when I(wait=yes). Defaults to 1200 for most
of the services but some services might have a longer wait timeout.
type: int
compartment_id:
description:
- The L(OCID,https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)
of the destination compartment into which to move the identity domain.
- Required for I(action=change_compartment).
type: str
replica_region:
description:
- A region to which you want identity domain replication to occur. See L(Regions and
Availability Domains,https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm)
for the full list of supported region names.
- 'Example: `us-phoenix-1`'
- Applicable only for I(action=enable_replication_to_region).
type: str
api_user_key_file:
description:
- Full path and filename of the private key (in PEM format). If not set, then the
value of the OCI_USER_KEY_FILE variable, if any, is used. This option is required
if the private key is not specified through a configuration file (See C(config_file_location)).
If the key is encrypted with a pass-phrase, the C(api_user_key_pass_phrase) option
must also be provided.
type: str
config_profile_name:
description:
- The profile to load from the config file referenced by C(config_file_location).
If not set, then the value of the OCI_CONFIG_PROFILE environment variable, if any,
is used. Otherwise, defaults to the "DEFAULT" profile in C(config_file_location).
type: str
api_user_fingerprint:
description:
- Fingerprint for the key pair being used. If not set, then the value of the OCI_USER_FINGERPRINT
environment variable, if any, is used. This option is required if the key fingerprint
is not specified through a configuration file (See C(config_file_location)). To
get the key pair's fingerprint value please refer U(https://docs.us-phoenix-1.oraclecloud.com/Content/API/Concepts/apisigningkey.htm).
type: str
config_file_location:
description:
- Path to configuration file. If not set then the value of the OCI_CONFIG_FILE environment
variable, if any, is used. Otherwise, defaults to ~/.oci/config.
type: str
api_user_key_pass_phrase:
description:
- Passphrase used by the key referenced in C(api_user_key_file), if it is encrypted.
If not set, then the value of the OCI_USER_KEY_PASS_PHRASE variable, if any, is
used. This option is required if the key passphrase is not specified through a configuration
file (See C(config_file_location)).
type: str
realm_specific_endpoint_template_enabled:
description:
- Enable/Disable realm specific endpoint template for service client. By Default,
realm specific endpoint template is disabled. If not set, then the value of the
OCI_REALM_SPECIFIC_SERVICE_ENDPOINT_TEMPLATE_ENABLED variable, if any, is used.
type: bool
domain:
contains:
compartment_id:
description:
- The OCID of the compartment containing the identity domain.
returned: on success
sample: ocid1.compartment.oc1..xxxxxxEXAMPLExxxxxx
type: str
defined_tags:
description:
- 'Defined tags for this resource. Each key is predefined and scoped to a namespace.
For more information, see L(Resource Tags,https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm).
Example: `{"Operations": {"CostCenter": "42"}}`'
returned: on success
sample:
Operations:
CostCenter: US
type: dict
description:
description:
- The identity domain description. You can have an empty description.
returned: on success
sample: description_example
type: str
display_name:
description:
- The mutable display name of the identity domain.
returned: on success
sample: display_name_example
type: str
freeform_tags:
description:
- 'Free-form tags for this resource. Each tag is a simple key-value pair with
no predefined name, type, or namespace. For more information, see L(Resource
Tags,https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm).
Example: `{"Department": "Finance"}`'
returned: on success
sample:
Department: Finance
type: dict
home_region:
description:
- The home region for the identity domain. See L(Regions and Availability Domains,https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm)
for the full list of supported region names.
- 'Example: `us-phoenix-1`'
returned: on success
sample: us-phoenix-1
type: str
home_region_url:
description:
- Region-specific identity domain URL.
returned: on success
sample: home_region_url_example
type: str
id:
description:
- The OCID of the identity domain.
returned: on success
sample: ocid1.resource.oc1..xxxxxxEXAMPLExxxxxx
type: str
is_hidden_on_login:
description:
- Indicates whether the identity domain is hidden on the sign-in screen or not.
returned: on success
sample: true
type: bool
license_type:
description:
- The license type of the identity domain.
returned: on success
sample: license_type_example
type: str
lifecycle_details:
description:
- Any additional details about the current state of the identity domain.
returned: on success
sample: DEACTIVATING
type: str
lifecycle_state:
description:
- The current state.
returned: on success
sample: CREATING
type: str
replica_regions:
contains:
region:
description:
- A REPLICATION_ENABLED region, e.g. us-ashburn-1. See L(Regions and Availability
Domains,https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm)
for the full list of supported region names.
returned: on success
sample: us-phoenix-1
type: str
regional_url:
description:
- Region-specific identity domain URL.
returned: on success
sample: regional_url_example
type: str
state:
description:
- The IDCS-replicated region state.
returned: on success
sample: ENABLING_REPLICATION
type: str
url:
description:
- Region-agnostic identity domain URL.
returned: on success
sample: url_example
type: str
description:
- The regions where replicas of the identity domain exist.
returned: on success
type: complex
time_created:
description:
- Date and time the identity domain was created, in the format defined by RFC3339.
- 'Example: `2016-08-25T21:10:29.600Z`'
returned: on success
sample: '2013-10-20T19:20:30+01:00'
type: str
type:
description:
- The type of the domain.
returned: on success
sample: DEFAULT
type: str
url:
description:
- Region-agnostic identity domain URL.
returned: on success
sample: url_example
type: str
description:
- Details of the Domain resource acted upon by the current operation
returned: on success
sample:
compartment_id: ocid1.compartment.oc1..xxxxxxEXAMPLExxxxxx
defined_tags:
Operations:
CostCenter: US
description: description_example
display_name: display_name_example
freeform_tags:
Department: Finance
home_region: us-phoenix-1
home_region_url: home_region_url_example
id: ocid1.resource.oc1..xxxxxxEXAMPLExxxxxx
is_hidden_on_login: true
license_type: license_type_example
lifecycle_details: DEACTIVATING
lifecycle_state: CREATING
replica_regions:
- region: us-phoenix-1
regional_url: regional_url_example
state: ENABLING_REPLICATION
url: url_example
time_created: '2013-10-20T19:20:30+01:00'
type: DEFAULT
url: url_example
type: complex