cloudera.cloud.iam_user_info module – Gather information about CDP Public IAM users

Note

This module is part of the cloudera.cloud collection (version 3.3.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cloudera.cloud.

To use it in a playbook, specify: cloudera.cloud.iam_user_info.

New in cloudera.cloud 1.0.0

Synopsis

  • Gather information about CDP Public IAM users

Parameters

Parameter

Comments

access_key

string

If provided, the Cloudera on cloud API will use this value as its access key.

If not provided, the API will attempt to use the value from the environment variable CDP_ACCESS_KEY_ID.

Required if private_key is provided.

Mutually exclusive with credentials_path.

credentials_path

string

If provided, the Cloudera on cloud API will use this value as its credentials path.

If not provided, the API will attempt to use the value from the environment variable CDP_CREDENTIALS_PATH.

Default: "~/.cdp/credentials"

current_user

boolean

Flag to retrieve the current authenticated user.

Mutually exclusive with name and user_id.

Choices:

  • false ← (default)

  • true

debug

aliases: debug_endpoints

boolean

If true, the module will capture the Cloudera on cloud HTTP log and return it in the sdk_out and sdk_out_lines fields.

Choices:

  • false ← (default)

  • true

endpoint

aliases: endpoint_url, url

string

The Cloudera on cloud API endpoint to use.

If not provided, the API will attempt to use the value from the environment variable CDP_ENDPOINT_URL.

Mutually exclusive with endpoint_region.

endpoint_region

aliases: cdp_endpoint_region, cdp_region, region

string

Specify the Cloudera on cloud API endpoint region.

See Cloudera Control Plane regions for more information.

If not provided, the API will attempt to use the value from the environment variable CDP_REGION.

default is an alias for the us-west-1 region.

Mutually exclusive with endpoint.

Choices:

  • "default"

  • "us-west-1" ← (default)

  • "eu-1"

  • "ap-1"

endpoint_tls

aliases: verify_endpoint_tls, verify_tls, verify_api_tls

boolean

Verify the TLS certificates for the Cloudera on cloud API endpoint.

Choices:

  • false

  • true ← (default)

filter

dictionary

Key value pair where the key is the field to compare and the value is a regex statement. If there is a match in the regex statment, the user will return.

Mutually exclusive with current_user and name.

http_agent

aliases: agent_header

string

The HTTP user agent to use for Cloudera on cloud API requests.

Default: "cloudera.cloud"

name

aliases: user_name

list / elements=string

A list of user names or a single user name.

If no user name is provided, all users are returned.

Mutually exclusive with current_user and user_id.

private_key

string

If provided, the Cloudera on cloud API will use this value as its private key.

If not provided, the API will attempt to use the value from the environment variable CDP_PRIVATE_KEY.

Required if access_key is provided.

profile

string

If provided, the Cloudera on cloud API will use this value as its profile.

If not provided, the API will attempt to use the value from the environment variable CDP_PROFILE.

Default: "default"

strict

aliases: strict_errors

boolean

Legacy CDPy SDK error handling.

Choices:

  • false ← (default)

  • true

user_id

list / elements=string

A list of user Ids or a single user Id name/CRN.

Mutually exclusive with current_user and name.

view

string

The level of detail returned for each user.

summary returns the basic User object fields from the list API.

full additionally fetches each user’s assigned roles, resource roles, and group memberships.

Choices:

  • "summary"

  • "full" ← (default)

Examples

# Note: These examples do not set authentication details.

# List basic information about all Users
- cloudera.cloud.iam_user_info:
    view: summary

# Gather detailed information about a named User
- cloudera.cloud.iam_user_info:
    name: Example

# Gather detailed information specific user Id
- cloudera.cloud.iam_user_info:
    user_id: "11a111a-91f0-4ca2-9262-111aa1111"

# Gather detailed information about more users
- cloudera.cloud.iam_user_info:
    filter:
      workloadUsername: my[0-9]{2}_admin.*?'

# Gather detailed information about the current user
- cloudera.cloud.iam_user_info:
    current_user: true

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

sdk_out

string

Returns the captured API HTTP log.

Returned: when supported

sdk_out_lines

list / elements=string

Returns a list of each line of the captured API HTTP log.

Returned: when supported

users

list / elements=dictionary

The information about the current or named User or Users

Returned: always

accountAdmin

boolean

Whether the user is an administrator of their CDP account.

Returned: on success

creationDate

string

The date when this user record was created.

Returned: on success

Sample: "2020-07-06T12:24:05.531000+00:00"

crn

string

The CRN of the user.

Returned: on success

email

string

The user’s email address.

Returned: on success

firstName

string

The user’s first name.

Returned: on success

groups

list / elements=string

List of groups that user is assigned.

Returned: when supported

identityProviderCrn

string

The identity provider that the user belongs to. It can be “Cloudera-Default”, “Cloudera-Administration”, or a customer-defined identity provider.

Returned: on success

lastInteractiveLogin

string

The date of the user’s last interactive login.

Returned: when supported

Sample: "2020-08-04T16:57:37.808000+00:00"

lastName

string

The user’s last name.

Returned: on success

resource_roles

list / elements=dictionary

List of resource role assignments associated with the user.

Returned: when supported

resourceCrn

string

The CRN of the resource granted the rights of the role.

Returned: when supported

resourceRoleCrn

string

The CRN of the resource role.

Returned: when supported

roles

list / elements=string

List of user assigned roles.

Returned: when supported

status

string

The current status of the user.

Returned: when supported

userId

string

The stable, unique identifier of the user.

Returned: on success

Sample: "f2e7cd8a-4c2d-41b5-92e9-784255c25b7d"

workloadUsername

string

The username used in all the workload clusters of the user.

Returned: when supported

Sample: "u_023"

Authors

  • Webster Mudge (@wmudge)

  • Dan Chaffelson (@chaffelson)

  • Ronald Suplina (@rsuplina)