#modifying buckets to include new user

Hello all, have a quick question regarding the na_ontap_s3_buckets module. If I want to add a new user as principal under bucket policy for an already existing bucket, will this overwrite the current principal user that has access or just add? Thanks

If you only include that principal yes it would over write it.

An ansible playbook is going to be what you want the end state of the system to end up being

so if you had an existing bucket that had user 2 as the princpal and run the play below.
User2 is remove and user 1 and group/grp1 are added

- name: Create S3 bucket with a policy netapp.ontap.na_ontap_s3_buckets: state: present name: carchi-test-bucket comment: carchi8py was here size: 838860800 policy: statements: - sid: FullAccessToUser1 resources: - bucket1 - bucket1/* actions: - GetObject - PutObject - DeleteObject - ListBucket effect: allow conditions: - operator: ip_address max_keys: - 1000 delimiters: - "/" source_ips: - 1.1.1.1 - 1.2.2.0/24 prefixes: - prex usernames: - user1 principals: - user1 - group/grp1 vserver: ansibleSVM

Thank you Chris. Is there any way of adding a new user without overwriting the old user ?

If you list the old user in your playbook it won't get over writen.

So for the above example if the existing user is user2

- name: Create S3 bucket with a policy netapp.ontap.na_ontap_s3_buckets: state: present name: carchi-test-bucket comment: carchi8py was here size: 838860800 policy: statements: - sid: FullAccessToUser1 resources: - bucket1 - bucket1/* actions: - GetObject - PutObject - DeleteObject - ListBucket effect: allow conditions: - operator: ip_address max_keys: - 1000 delimiters: - "/" source_ips: - 1.1.1.1 - 1.2.2.0/24 prefixes: - prex usernames: - user1 principals: - user1 - user2 - group/grp1 vserver: ansibleSVM