def create_s3user(module, blade):
"""Create Object Store Account"""
s3user_facts = {}
changed = False
user = module.params['account'] + "/" + module.params['name']
try:
blade.object_store_users.create_object_store_users(names=[user])
if module.params['access_key']:
try:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(
user={'name': user}))
s3user_facts['fb_s3user'] = {
'user': user,
'access_key': result.items[0].secret_access_key,
'access_id': result.items[0].name
}
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg='Object Store User {0}: Creation failed'.format(user))
changed = True
except Exception:
module.fail_json(
msg='Object Store User {0}: Creation failed'.format(user))
module.exit_json(changed=changed, ansible_facts=s3user_facts)
def update_s3user(module, blade):
"""Update Object Store User"""
changed = True
if not module.check_mode:
s3user_facts = {}
user = module.params['account'] + "/" + module.params['name']
if module.params['access_key']:
key_count = 0
keys = blade.object_store_access_keys.list_object_store_access_keys(
)
for key in range(0, len(keys.items)):
if keys.items[key].user.name == user:
key_count += 1
if key_count < 2:
try:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(
user={'name': user}))
s3user_facts['fb_s3user'] = {
'user': user,
'access_key': result.items[0].secret_access_key,
'access_id': result.items[0].name
}
except Exception:
module.fail_json(
msg='Object Store User {0}: Access Key creation failed'
.format(user))
else:
module.warn(
'Object Store User {0}: Maximum Access Key count reached'.
format(user))
module.exit_json(changed=changed, s3user_info=s3user_facts)
def create_s3user(module, blade):
"""Create Object Store Account"""
s3user_facts = {}
changed = True
if not module.check_mode:
user = module.params["account"] + "/" + module.params["name"]
try:
blade.object_store_users.create_object_store_users(names=[user])
if module.params["access_key"] and module.params["imported_key"]:
module.warn("'access_key: true' overrides imported keys")
if module.params["access_key"]:
try:
result = (
blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(
user={"name": user}
)
)
)
s3user_facts["fb_s3user"] = {
"user": user,
"access_key": result.items[0].secret_access_key,
"access_id": result.items[0].name,
}
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg="Object Store User {0}: Creation failed".format(user)
)
else:
if module.params["imported_key"]:
versions = blade.api_version.list_versions().versions
if IMPORT_KEY_API_VERSION in versions:
try:
blade.object_store_access_keys.create_object_store_access_keys(
names=[module.params["imported_key"]],
object_store_access_key=ObjectStoreAccessKeyPost(
user={"name": user},
secret_access_key=module.params["imported_secret"],
),
)
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg="Object Store User {0}: Creation failed with imported access key".format(
user
)
)
except Exception:
module.fail_json(msg="Object Store User {0}: Creation failed".format(user))
module.exit_json(changed=changed, s3user_info=s3user_facts)
def create_s3user(module, blade):
"""Create Object Store Account"""
s3user_facts = {}
changed = True
if not module.check_mode:
user = module.params['account'] + "/" + module.params['name']
try:
blade.object_store_users.create_object_store_users(names=[user])
if module.params['access_key'] and module.params['imported_key']:
module.warn('\'access_key: true\' overrides imported keys')
if module.params['access_key']:
try:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(
user={'name': user}))
s3user_facts['fb_s3user'] = {
'user': user,
'access_key': result.items[0].secret_access_key,
'access_id': result.items[0].name
}
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg='Object Store User {0}: Creation failed'.format(
user))
else:
if module.params['imported_key']:
versions = blade.api_version.list_versions().versions
if IMPORT_KEY_API_VERSION in versions:
try:
blade.object_store_access_keys.create_object_store_access_keys(
names=[module.params['imported_key']],
object_store_access_key=
ObjectStoreAccessKeyPost(
user={'name': user},
secret_access_key=module.
params['imported_secret']))
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg=
'Object Store User {0}: Creation failed with imported access key'
.format(user))
except Exception:
module.fail_json(
msg='Object Store User {0}: Creation failed'.format(user))
module.exit_json(changed=changed, s3user_info=s3user_facts)
def update_s3user(module, blade):
"""Update Object Store User"""
changed = False
s3user_facts = {}
user = module.params['account'] + "/" + module.params['name']
if module.params['access_key']:
try:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(user={'name': user}))
s3user_facts['fb_s3user'] = {'user': user,
'access_key': result.items[0].secret_access_key,
'access_id': result.items[0].name}
except Exception:
delete_s3user(module, blade)
module.fail_json(msg='Object Store User {0}: Creation failed'.format(user))
changed = True
module.exit_json(changed=changed, s3user_info=s3user_facts)
def update_s3user(module, blade):
"""Update Object Store User"""
changed = False
exists = False
s3user_facts = {}
user = module.params["account"] + "/" + module.params["name"]
if module.params["access_key"] or module.params["imported_key"]:
key_count = 0
keys = blade.object_store_access_keys.list_object_store_access_keys()
for key in range(0, len(keys.items)):
if module.params["imported_key"]:
versions = blade.api_version.list_versions().versions
if IMPORT_KEY_API_VERSION in versions:
if keys.items[key].name == module.params["imported_key"]:
module.warn("Imported key provided already belongs to a user")
exists = True
if keys.items[key].user.name == user:
key_count += 1
if not exists:
if key_count < 2:
changed = True
if not module.check_mode:
try:
if (
module.params["access_key"]
and module.params["imported_key"]
):
module.warn("'access_key: true' overrides imported keys")
if module.params["access_key"]:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(
user={"name": user}
)
)
s3user_facts["fb_s3user"] = {
"user": user,
"access_key": result.items[0].secret_access_key,
"access_id": result.items[0].name,
}
else:
if IMPORT_KEY_API_VERSION in versions:
blade.object_store_access_keys.create_object_store_access_keys(
names=[module.params["imported_key"]],
object_store_access_key=ObjectStoreAccessKeyPost(
user={"name": user},
secret_access_key=module.params[
"imported_secret"
],
),
)
except Exception:
if module.params["imported_key"]:
module.fail_json(
msg="Object Store User {0}: Access Key import failed".format(
user
)
)
else:
module.fail_json(
msg="Object Store User {0}: Access Key creation failed".format(
user
)
)
else:
module.warn(
"Object Store User {0}: Maximum Access Key count reached".format(
user
)
)
module.exit_json(changed=changed, s3user_info=s3user_facts)
def update_s3user(module, blade):
"""Update Object Store User"""
changed = True
if not module.check_mode:
changed = False
exists = False
s3user_facts = {}
user = module.params['account'] + "/" + module.params['name']
if module.params['access_key'] or module.params['imported_key']:
key_count = 0
keys = blade.object_store_access_keys.list_object_store_access_keys(
)
for key in range(0, len(keys.items)):
if module.params['imported_key']:
versions = blade.api_version.list_versions().versions
if IMPORT_KEY_API_VERSION in versions:
if keys.items[key].name == module.params[
'imported_key']:
module.warn(
'Imported key provided already belongs to a user'
)
exists = True
if keys.items[key].user.name == user:
key_count += 1
if not exists:
if key_count < 2:
try:
if module.params['access_key'] and module.params[
'imported_key']:
module.warn(
'\'access_key: true\' overrides imported keys')
if module.params['access_key']:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(
user={'name': user}))
changed = True
s3user_facts['fb_s3user'] = {
'user': user,
'access_key':
result.items[0].secret_access_key,
'access_id': result.items[0].name
}
else:
if IMPORT_KEY_API_VERSION in versions:
blade.object_store_access_keys.create_object_store_access_keys(
names=[module.params['imported_key']],
object_store_access_key=
ObjectStoreAccessKeyPost(
user={'name': user},
secret_access_key=module.
params['imported_secret']))
changed = True
except Exception:
if module.params['imported_key']:
module.fail_json(
msg=
'Object Store User {0}: Access Key import failed'
.format(user))
else:
module.fail_json(
msg=
'Object Store User {0}: Access Key creation failed'
.format(user))
else:
module.warn(
'Object Store User {0}: Maximum Access Key count reached'
.format(user))
module.exit_json(changed=changed, s3user_info=s3user_facts)
def create_s3user(module, blade):
"""Create Object Store Account"""
s3user_facts = {}
changed = True
if not module.check_mode:
user = module.params["account"] + "/" + module.params["name"]
blade.object_store_users.create_object_store_users(names=[user])
if module.params["access_key"] and module.params["imported_key"]:
module.warn("'access_key: true' overrides imported keys")
if module.params["access_key"]:
try:
result = blade.object_store_access_keys.create_object_store_access_keys(
object_store_access_key=ObjectStoreAccessKey(
user={"name": user}))
s3user_facts["fb_s3user"] = {
"user": user,
"access_key": result.items[0].secret_access_key,
"access_id": result.items[0].name,
}
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg="Object Store User {0}: Creation failed".format(user))
else:
if module.params["imported_key"]:
versions = blade.api_version.list_versions().versions
if IMPORT_KEY_API_VERSION in versions:
try:
blade.object_store_access_keys.create_object_store_access_keys(
names=[module.params["imported_key"]],
object_store_access_key=ObjectStoreAccessKeyPost(
user={"name": user},
secret_access_key=module.
params["imported_secret"],
),
)
except Exception:
delete_s3user(module, blade)
module.fail_json(
msg=
"Object Store User {0}: Creation failed with imported access key"
.format(user))
if module.params["policy"]:
blade = get_system(module)
api_version = list(blade.get_versions().items)
if POLICY_API_VERSION in api_version:
policy_list = module.params["policy"]
for policy in range(0, len(policy_list)):
if (blade.get_object_store_access_policies(
names=[policy_list[policy]]).status_code != 200):
module.warn(
"Policy {0} is not valid. Ignoring...".format(
policy_list[policy]))
policy_list.remove(policy_list[policy])
username = module.params["account"] + "/" + module.params[
"name"]
for policy in range(0, len(policy_list)):
if not (blade.
get_object_store_users_object_store_access_policies(
member_names=[username],
policy_names=[policy_list[policy]]).items):
res = (
blade.
post_object_store_access_policies_object_store_users(
member_names=[username],
policy_names=[policy_list[policy]],
))
if res.status_code != 200:
module.warn(
"Failed to add policy {0} to account user {1}. Skipping..."
.format(policy_list[policy], username))
if "pure:policy/full-access" not in policy_list:
# User Create adds the pure:policy/full-access policy by default
# If we are specifying a list then remove this default value
blade.delete_object_store_access_policies_object_store_users(
member_names=[username],
policy_names=["pure:policy/full-access"],
)
else:
module.warn(
"FlashBlade REST version not supported for user access policies. Skipping..."
)
module.exit_json(changed=changed, s3user_info=s3user_facts)
