cloudera.cloud.env_idbroker_info module – Gather information about CDP ID Broker
Note
This module is part of the cloudera.cloud collection (version 2.5.1).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install cloudera.cloud.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cloudera.cloud.env_idbroker_info.
Synopsis
Gather information about the ID Broker mappings for a CDP Environment.
The module supports check_mode.
Requirements
The below requirements are needed on the host that executes this module.
cdpy
Parameters
Parameter |
Comments |
|---|---|
Specify the Cloudera Data Platform endpoint region. Default: |
|
Capture the CDP SDK debug log. Choices:
|
|
The name of the Environment. |
|
If provided, the CDP SDK will use this value as its profile. |
|
Verify the TLS certificates for the CDP endpoint. Choices:
|
Examples
# Note: These examples do not set authentication details.
# Gather information about the ID Broker mappings
- cloudera.cloud.env_idbroker_info:
name: example-environment
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Returns the mappings and sync status for the ID Broker for the Environment. Returned: when supported |
|
The cloud provider role to which data access services will be mapped (e.g. an ARN in AWS, a Resource ID in Azure). Returned: always |
|
ID Broker mappings for individual actors and groups. Does not include mappings for data access services. Returned: when supported |
|
The CRN of the actor (group or user) mapped to the cloud provider role. Returned: on success |
|
The cloud provider identitier for the role. Returned: on success |
|
The version of the mappings. Returned: always Sample: |
|
The cloud provider role to which services that write to Ranger audit logs will be mapped (e.g. an ARN in AWS, a Resource ID in Azure). Note that some data access services also write to Ranger audit logs; such services will be mapped to the ‘dataAccessRole’, not the ‘rangerAuditRole’. Returned: always |
|
The cloud provider role to which the Ranger RAZ service will be mapped (e.g. an ARN in AWS, a Resource ID in Azure). Returned: when supported |
|
The status of the most recent ID Broker mappings sync operation, if any. Not present if there is no Datalake associated with the Environment. Returned: when supported |
|
The overall mappings sync status for all Datalake clusters in the Environment. Returned: always Sample: |
|
Map of Datalake cluster CRN-to-mappings sync status for each Datalake cluster in the environment. Returned: always |
|
The Datalake cluster CRN Returned: always |
|
The date when the mappings sync completed or was terminated. Omitted if status is NEVER_RUN or RUNNING. Returned: when supported |
|
The detail of the error. Omitted if status is not FAILED. Returned: when supported |
|
The date when the mappings sync started executing. Omitted if status is NEVER_RUN. Returned: when supported |
|
The mappings sync summary status. Returned: always Sample: |
|
Flag indicating whether a sync is needed to bring in-cluster mappings up-to-date. Returned: always |
|
Returns the captured CDP SDK log. Returned: when supported |
|
Returns a list of each line of the captured CDP SDK log. Returned: when supported |