cloudera.cloud.iam_role_info module – Gather information about CDP Public IAM roles

Note

This module is part of the cloudera.cloud collection (version 3.1.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cloudera.cloud.

To use it in a playbook, specify: cloudera.cloud.iam_role_info.

New in cloudera.cloud 3.0.0

Synopsis

  • Gathers information about CDP Public IAM role or roles

Parameters

Parameter

Comments

access_key

string

If provided, the Cloudera on cloud API will use this value as its access key.

If not provided, the API will attempt to use the value from the environment variable CDP_ACCESS_KEY_ID.

Required if private_key is provided.

Mutually exclusive with credentials_path.

credentials_path

string

If provided, the Cloudera on cloud API will use this value as its credentials path.

If not provided, the API will attempt to use the value from the environment variable CDP_CREDENTIALS_PATH.

Default: "~/.cdp/credentials"

debug

aliases: debug_endpoints

boolean

If true, the module will capture the Cloudera on cloud HTTP log and return it in the sdk_out and sdk_out_lines fields.

Choices:

  • false ← (default)

  • true

endpoint

aliases: endpoint_url, url

string

The Cloudera on cloud API endpoint to use.

Mutually exclusive with endpoint_region.

endpoint_region

aliases: cdp_endpoint_region, cdp_region, region

string

Specify the Cloudera on cloud API endpoint region.

See Cloudera Control Plane regions for more information.

If not provided, the API will attempt to use the value from the environment variable CDP_REGION.

default is an alias for the us-west-1 region.

Mutually exclusive with endpoint.

Choices:

  • "default"

  • "us-west-1" ← (default)

  • "eu-1"

  • "ap-1"

endpoint_tls

aliases: verify_endpoint_tls, verify_tls, verify_api_tls

boolean

Verify the TLS certificates for the Cloudera on cloud API endpoint.

Choices:

  • false

  • true ← (default)

http_agent

aliases: agent_header

string

The HTTP user agent to use for Cloudera on cloud API requests.

Default: "cloudera.cloud"

name

aliases: crn

list / elements=string

A list of Role CRNs or a single role’s CRN.

If no CRNs are provided, all Roles are returned.

private_key

string

If provided, the Cloudera on cloud API will use this value as its private key.

If not provided, the API will attempt to use the value from the environment variable CDP_PRIVATE_KEY.

Required if access_key is provided.

profile

string

If provided, the Cloudera on cloud API will use this value as its profile.

If not provided, the API will attempt to use the value from the environment variable CDP_PROFILE.

Default: "default"

strict

aliases: strict_errors

boolean

Legacy CDPy SDK error handling.

Choices:

  • false ← (default)

  • true

Examples

# Note: These examples do not set authentication details.

- name: Retrieve the details about all roles
  cloudera.cloud.iam_role_info:

- name: Gather information about a specific role
  cloudera.cloud.iam_role_info:
    name: crn:iam:us-east-1:cm:role:ClassicClustersCreator

- name: Gather information about specific roles
  cloudera.cloud.iam_role_info:
    name:
      - crn:iam:us-east-1:cm:role:ClassicClustersCreator
      - crn:iam:us-east-1:cm:role:DFCatalogAdmin

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

roles

list / elements=dictionary

Retrieve details about selected IAM Role or Roles

Returned: always

crn

string

The CRN of the IAM role.

Returned: always

policies

list / elements=dictionary

List of policy rights assigned to the role.

Returned: always

sdk_out

string

Returns the captured API HTTP log.

Returned: when supported

sdk_out_lines

list / elements=string

Returns a list of each line of the captured API HTTP log.

Returned: when supported

Authors

  • Ronald Suplina (@rsuplina)