Git Product home page Git Product logo

Comments (3)

joshedmonds avatar joshedmonds commented on September 3, 2024 1

Understood, thanks!

Will create an internal ticket to look at uplifting the na_sg_org_info module to provide this capability.

from netapp.storagegrid.

joshedmonds avatar joshedmonds commented on September 3, 2024

@devasmith can you clarify some details about this request...

When you say "impersonating an account" in the GUI, this still logging into a particular tenancy with specific credentials right?

In the proposed playbook you're looping over the list of tenants and getting a token for each, so this makes sense. But then you want to collect access keys for the root user of each tenancy. These wouldn't exist though if you've only just created the tenancy? Additionally, the API doesn't return s3 key details after they're created so it wouldn't be possible to read the key like this.

The other issue I see is in the last task for creating an s3 key for users - the API doesn't allow explicitly setting an access key ID when creating a key. This is system generated instead.

from netapp.storagegrid.

devasmith avatar devasmith commented on September 3, 2024

@joshedmonds thanks for getting back to me.

Yes that is correct.

I've solved this with the uri module as shown below.

- name: Gather access keys information from root user
  ansible.builtin.uri:
    url: "{{ grid_admin_base_url }}/api/v3/org/users/00000000-0000-0000-0000-000000000000/s3-access-keys"
    headers:
      Authorization: "Bearer {{ item.0.json.data }}"
      accept: application/json
    method: get
    body_format: json
  check_mode: false
  register: sg_root_access_keys
  loop_control:
    label: "{{ item.1.name }}"
  loop: "{{ auth.results | zip(sg_tenants) | list }}"

- name: Create s3 keys on root user for our tenant if no keys exists
  netapp.storagegrid.na_sg_org_user_s3_key:
    api_url: "{{ grid_admin_base_url }}"
    auth_token: "{{ item.0.json.data }}"
    state: present
    unique_user_name: "{{ sg_unique_user_name }}"
  register: sg_s3keys
  loop: "{{ auth.results | zip(sg_root_access_keys.results, sg_tenants) | list }}"
  loop_control:
    label: "{{ item.2.name }}"
  when: not item.1.json.data | length > 0

The issue that I wanted to get away from was to not generate a new access key if one already exists.

from netapp.storagegrid.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.