corpus_parole: dev/provisioning/modules/elasticsearch/manifests/shield/role.pp@25f3d28f51b2 (annotated)

406 cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	1	# == Define: elasticsearch::shield::role
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	2	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	3	# Manage shield roles.
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	4	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	5	# === Parameters
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	6	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	7	# [ensure]
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	8	# Whether the role should be present or not.
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	9	# Set to 'absent' to ensure a role is not present.
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	10	# Value type is string
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	11	# Default value: present
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	12	# This variable is optional
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	13	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	14	# [privileges]
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	15	# A hash of permissions defined for the role. Valid privilege settings can
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	16	# be found in the Shield documentation:
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	17	# https://www.elastic.co/guide/en/shield/current/index.html
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	18	# Value type is hash
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	19	# Default value: {}
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	20	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	21	# [mappings]
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	22	# A list of optional mappings defined for this role.
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	23	# Value type is array
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	24	# Default value: []
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	25	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	26	# === Examples
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	27	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	28	# # Creates and manages the role 'power_user' mapped to an LDAP group.
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	29	# elasticsearch::shield::role { 'power_user':
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	30	# privileges => {
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	31	# 'cluster' => 'monitor',
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	32	# 'indices' => {
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	33	# '*' => 'all',
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	34	# },
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	35	# },
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	36	# mappings => [
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	37	# "cn=users,dc=example,dc=com",
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	38	# ],
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	39	# }
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	40	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	41	# === Authors
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	42	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	43	# * Tyler Langlois <mailto:tyler@elastic.co>
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	44	#
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	45	define elasticsearch::shield::role (
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	46	$ensure = 'present',
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	47	$privileges = {},
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	48	$mappings = [],
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	49	) {
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	50	validate_string($ensure)
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	51	validate_hash($privileges)
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	52	validate_array($mappings)
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	53	validate_slength($name, 30, 1)
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	54
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	55	if empty($privileges) or $ensure == 'absent' {
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	56	$_role_ensure = 'absent'
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	57	} else {
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	58	$_role_ensure = $ensure
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	59	}
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	60
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	61	if empty($mappings) or $ensure == 'absent' {
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	62	$_mapping_ensure = 'absent'
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	63	} else {
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	64	$_mapping_ensure = $ensure
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	65	}
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	66
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	67	elasticsearch_shield_role { $name :
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	68	ensure => $_role_ensure,
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	69	privileges => $privileges,
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	70	}
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	71
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	72	elasticsearch_shield_role_mapping { $name :
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	73	ensure => $_mapping_ensure,
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	74	mappings => $mappings,
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	75	}
cf0f23803a53 upgrade elasticsearch to 5.0, upgrade ember ymh <ymh.work@gmail.com> parents: diff changeset	76	}

author	ymh <ymh.work@gmail.com>
	Tue, 20 Mar 2018 15:02:40 +0100
changeset 573	25f3d28f51b2
parent 406	cf0f23803a53
permissions	-rwxr-xr-x