Why Gemfury?
Push, build, and install
RubyGems
npm packages
Python packages
Maven artifacts
PHP packages
Go Modules
Debian packages
RPM packages
NuGet packages
duality-group / ansible python
Repository URL to install this package:
|
Version:
6.0.0 ▾
|
#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2021, Simon Dodsley (simon@purestorage.com)
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
"metadata_version": "1.1",
"status": ["preview"],
"supported_by": "community",
}
DOCUMENTATION = r"""
---
module: purefb_admin
version_added: '1.8.0'
short_description: Configure Pure Storage FlashBlade Global Admin settings
description:
- Set global admin settings for the FlashBlade
author:
- Pure Storage Ansible Team (@sdodsley) <pure-ansible-team@purestorage.com>
options:
max_login:
description:
- Maximum number of failed logins before account is locked
type: int
min_password:
description:
- Minimum user password length
- Range between 1 and 100
default: 1
type: int
lockout:
description:
- Account lockout duration, in seconds, after max_login exceeded
- Range between 1 second and 90 days (7776000 seconds)
type: int
extends_documentation_fragment:
- purestorage.flashblade.purestorage.fb
"""
EXAMPLES = r"""
- name: Set global login parameters
purefb_admin:
max_login: 5
min_password: 10
lockout: 300
fb_url: 10.10.10.2
api_token: T-55a68eb5-c785-4720-a2ca-8b03903bf641
"""
RETURN = r"""
"""
HAS_PURESTORAGE = True
try:
from pypureclient.flashblade import AdminSetting
except ImportError:
HAS_PURESTORAGE = False
from ansible.module_utils.basic import AnsibleModule
from ansible_collections.purestorage.flashblade.plugins.module_utils.purefb import (
get_system,
purefb_argument_spec,
)
MIN_API_VERSION = "2.3"
def main():
argument_spec = purefb_argument_spec()
argument_spec.update(
dict(
max_login=dict(type="int"),
min_password=dict(type="int", default=1, no_log=False),
lockout=dict(type="int"),
)
)
module = AnsibleModule(argument_spec, supports_check_mode=True)
if not HAS_PURESTORAGE:
module.fail_json(msg="py-pure-client sdk is required for this module")
if module.params["lockout"] and not 1 <= module.params["lockout"] <= 7776000:
module.fail_json(msg="Lockout must be between 1 and 7776000 seconds")
if not 1 <= module.params["min_password"] <= 100:
module.fail_json(msg="Minimum password length must be between 1 and 100")
blade = get_system(module)
api_version = list(blade.get_versions().items)
changed = False
if MIN_API_VERSION in api_version:
current_settings = list(blade.get_admins_settings().items)[0]
lockout = getattr(current_settings, "lockout_duration", None)
max_login = getattr(current_settings, "max_login_attempts", None)
min_password = getattr(current_settings, "min_password_length", 1)
if min_password != module.params["min_password"]:
changed = True
min_password = module.params["min_password"]
if lockout and lockout != module.params["lockout"] * 1000:
changed = True
lockout = module.params["lockout"] * 1000
elif not lockout and module.params["lockout"]:
changed = True
lockout = module.params["lockout"] * 1000
if max_login and max_login != module.params["max_login"]:
changed = True
max_login = module.params["max_login"]
elif not max_login and module.params["max_login"]:
changed = True
max_login = module.params["max_login"]
if changed and not module.check_mode:
admin = AdminSetting(
min_password_length=min_password,
max_login_attempts=max_login,
lockout_duration=lockout,
)
res = blade.patch_admins_settings(admin_setting=admin)
if res.status_code != 200:
module.fail_json(
msg="Failed to change Global Admin settings. Error: {0}".format(
res.errors[0].message
)
)
else:
module.fail_json(msg="Purity version does not support Global Admin settings")
module.exit_json(changed=changed)
if __name__ == "__main__":
main()