cloudera.cluster.external_user_mappings module – Create, update, or delete external user mappings
Note
This module is part of the cloudera.cluster collection (version 5.0.0).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install cloudera.cluster.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: cloudera.cluster.external_user_mappings.
New in cloudera.cluster 5.0.0
Synopsis
Configure details of a specific external user mapping.
Create a new external user mapping.
Update an existing external user mapping.
Delete a external user mapping.
The module supports
check_mode.
Requirements
The below requirements are needed on the host that executes this module.
cm_client
Parameters
Parameter |
Comments |
|---|---|
Set the HTTP user agent header when interacting with the CM API endpoint. Default: |
|
A list of authorization roles that the external user mapping will include. |
|
Capture the HTTP interaction logs with the CM API endpoint. Choices:
|
|
Flag to force TLS during CM API endpoint discovery. If Choices:
|
|
Hostname of the CM API endpoint. If set, the Mutually exclusive with url. |
|
The name of the external mapping. |
|
Password for access to the CM API endpoint. This parameter is set to |
|
Port of the CM API endpoint. If set, CM API endpoint discovery will connect to the designated port first and will follow redirects. Default: |
|
Set the HTTP/S proxy server when interacting with the CM API endpoint. |
|
Flag for whether the declared authorization roles should append or overwrite any existing authorization roles. If purge=True, all existing authorization roles will be removed, and only the provided authorization roles will be set. If purge=False, the provided authorization roles will be added to the existing ones, and any duplicates will be ignored. Choices:
|
|
Path to SSL CA certificate to use for validation. |
|
Defines the desired state of the external user mapping. If state=present, the external user mapping will be created if it doesn’t exist or updated if it does. If state=absent, the external user mapping will be modified by removing the specified authorization roles or entirely deleted if no specific roles are provided. Choices:
|
|
The type of the external mapping. |
|
The CM API endpoint URL and should include scheme, host, port, and API root path. Mutually exclusive with host. |
|
Username for access to the CM API endpoint. |
|
The uuid of the external mapping. |
|
Verify the TLS certificates for the CM API endpoint. Choices:
|
|
API version of the CM API endpoint. Default: |
Attributes
Attribute |
Support |
Description |
|---|---|---|
Support: full |
Can run in check_mode and return changed status prediction without modifying target, if not supported the action will be skipped. |
|
Support: full |
Will return details on what has changed (or possibly needs changing in check_mode), when in diff mode |
|
Platforms: |
Target OS/families that can be operated against |
Examples
- name: Create external user mapping with admin permissions
cloudera.cluster.external_user_mappings:
host: example.cloudera.com
username: "jane_smith"
password: "S&peR4Ec*re"
name: "admin_user"
state: "present"
type: "LDAP"
auth_roles: ["ROLE_CLUSTER_ADMIN"]
- name: Add additional permissions to external user mapping
cloudera.cluster.external_user_mappings:
host: example.cloudera.com
username: "jane_smith"
password: "S&peR4Ec*re"
name: "basic_user"
state: "present"
type: "LDAP"
auth_roles: ["ROLE_DASHBOARD_USER", "ROLE_USER", "ROLE_CLUSTER_CREATOR"]
- name: Replace current permissions in external user mapping
cloudera.cluster.external_user_mappings:
host: example.cloudera.com
username: "jane_smith"
password: "S&peR4Ec*re"
name: "basic_user"
state: "present"
purge: "True"
type: "LDAP"
auth_roles: ["ROLE_DASHBOARD_USER", "ROLE_USER"]
- name: Remove specified authorization roles from external user mapping
cloudera.cluster.external_user_mappings:
host: example.cloudera.com
username: "jane_smith"
password: "S&peR4Ec*re"
name: "default_user"
state: "absent"
type: "LDAP"
auth_roles: ["ROLE_DASHBOARD_USER", "ROLE_USER"]
- name: Remove external user mapping
cloudera.cluster.external_user_mappings:
host: example.cloudera.com
username: "jane_smith"
password: "S&peR4Ec*re"
name: "default_user"
state: "absent"
type: "LDAP"
- name: Remove all authorizing roles from external user mapping
cloudera.cluster.external_user_mappings:
host: example.cloudera.com
username: "jane_smith"
password: "S&peR4Ec*re"
name: "basic_user"
purge: true
auth_roles: []
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
A dictionary containing details of external user mapping. Returned: always |
|
The list of auth roles associated with external user mapping. Returned: always |
|
The name of the external mapping. Returned: always |
|
The type of the external mapping. Returned: always |
|
The UUID of the external mapping. Returned: always |