search

IBM-Security / isam-ansible-roles

Ansible Custom Modules, Handlers and Tasks for ISAM. Requires "ibmsecurity" python package.
Apache License 2.0
24 stars 43 forks source link

isam ansible remove a group from a role #159

Open rfransix opened 4 years ago

rfransix commented 4 years ago

Hi, while overwriting a key requires adding the new value to the yml. How do i remove a key that could be in a multi-valued field, like the mgmt az role field? I added a group that needs to be removed. Thank you.

ram-ibm commented 4 years ago

Were you able to resolve this please?

rfransix commented 4 years ago

Hi, I have not. I solved deleting a role, but not a group already added to a role. I guess I could delete the role altogether and re-create it but I don’t want to do that since its one of the default roles.

From: Ram Sreerangam [mailto:notifications@github.com] Sent: Saturday, December 07, 2019 1:48 AM To: IBM-Security/isam-ansible-roles Cc: rfransix; Author Subject: Re: [IBM-Security/isam-ansible-roles] isam ansible remove a group from a role (#159)

Were you able to resolve this please?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/IBM-Security/isam-ansible-roles/issues/159?email_source=notifications&email_token=AKFUPRF7TPZR455R2LJVKSTQXNIJPA5CNFSM4JHAVUAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEGGASIQ#issuecomment-562825506 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AKFUPRGNZY3MA7JFI6KOFRDQXNIJPANCNFSM4JHAVUAA . https://github.com/notifications/beacon/AKFUPRFK5ZCNA274MUFGE7TQXNIJPA5CNFSM4JHAVUAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEGGASIQ.gif

rfransix commented 4 years ago

Hi, revisiting this query to IBMers: can anyone help resolve this issue ?

ram-ibm commented 4 years ago

Please provide sample data that you have and are looking to replace it with new values. I speculate you will want to use ibmsecurity.isam.base.management_authorization.role_group.delete()?

rfransix commented 4 years ago

Hi, when i use the delete action, that fails with the following:

PLAY [Configure Mgmt AZ] ****

TASK [Gathering Facts] ** ok: [hostname.com]

TASK [add_mgmtazn_role : Snapshot Appliance Before Deleting Management Authorization Roles] ***** ok: [hostname.com]

TASK [add_mgmtazn_role : Delete Management Authorization Roles] ***** failed: [hostname.com] (item=wwwadmin) => {"ansible_loop_var": "item", "changed": false, "item": "wwwadmin", "log": "", "msg": "Error> action does not have the right set of arguments or there is a code bug! Options: isamAppliance=isam_server, force=False, name=\"wwwadmin\"", "name": "ibmsecurity.isam.base.management_authorization.role_group.delete"}

PLAY RECAP ** hostname.com : ok=2 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0

ram-ibm commented 4 years ago

The function is looking for a group_name -- are you looking to remove a group from a role or something else?

rfransix commented 4 years ago

Hi, I just had to change the add to delete in the action. When I added group_delete, it failed. Thank you.

From: Ram Sreerangam [mailto:notifications@github.com] Sent: Thursday, February 06, 2020 6:19 PM To: IBM-Security/isam-ansible-roles Cc: rfransix; Author Subject: Re: [IBM-Security/isam-ansible-roles] isam ansible remove a group from a role (#159)

The function is looking for a group_name -- are you looking to remove a group from a role or something else?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/IBM-Security/isam-ansible-roles/issues/159?email_source=notifications&email_token=AKFUPRHWN7LHEXPNHS7JEVTRBSSIJA5CNFSM4JHAVUAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELBIZ2I#issuecomment-583175401 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AKFUPREVZXWDA3D4T54RCRDRBSSIJANCNFSM4JHAVUAA . https://github.com/notifications/beacon/AKFUPRESQ2LS3W4GBGCM7VTRBSSIJA5CNFSM4JHAVUAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELBIZ2I.gif

rfransix commented 4 years ago

Hi, Can you help wih #181 ? Thank you.

From: Ram Sreerangam [mailto:notifications@github.com] Sent: Thursday, February 06, 2020 6:19 PM To: IBM-Security/isam-ansible-roles Cc: rfransix; Author Subject: Re: [IBM-Security/isam-ansible-roles] isam ansible remove a group from a role (#159)

The function is looking for a group_name -- are you looking to remove a group from a role or something else?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/IBM-Security/isam-ansible-roles/issues/159?email_source=notifications&email_token=AKFUPRHWN7LHEXPNHS7JEVTRBSSIJA5CNFSM4JHAVUAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELBIZ2I#issuecomment-583175401 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AKFUPREVZXWDA3D4T54RCRDRBSSIJANCNFSM4JHAVUAA . https://github.com/notifications/beacon/AKFUPRESQ2LS3W4GBGCM7VTRBSSIJA5CNFSM4JHAVUAKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELBIZ2I.gif