heat.engine.clients.os.keystone.heat_keystoneclient module¶
Keystone Client functionality for use by resources.
-
class
heat.engine.clients.os.keystone.heat_keystoneclient.
AccessKey
(id, access, secret)¶ Bases:
tuple
-
access
¶ Alias for field number 1
-
id
¶ Alias for field number 0
-
secret
¶ Alias for field number 2
-
-
class
heat.engine.clients.os.keystone.heat_keystoneclient.
KeystoneClient
(context, region_name=None)[source]¶ Bases:
object
Keystone Auth Client.
Delay choosing the backend client module until the client’s class needs to be initialized.
-
class
heat.engine.clients.os.keystone.heat_keystoneclient.
KsClientWrapper
(context, region_name)[source]¶ Bases:
object
Wrap keystone client so we can encapsulate logic used in resources.
Note this is intended to be initialized from a resource on a per-session basis, so the session context is passed in on initialization Also note that an instance of this is created in each request context as part of a lazy-loaded cloud backend and it can be easily referenced in each resource as
self.keystone()
, so there should not be any need to directly instantiate instances of this class inside resources themselves.-
property
auth_region_name
¶
-
property
client
¶
-
property
context
¶
-
create_stack_domain_user
(username, project_id, password=None)[source]¶ Create a domain user defined as part of a stack.
The user is defined either via template or created internally by a resource. This user will be added to the heat_stack_user_role as defined in the config, and created in the specified project (which is expected to be in the stack_domain).
Returns the keystone ID of the resulting user.
-
create_stack_user
(username, password='')[source]¶ Create a user defined as part of a stack.
The user is defined either via template or created internally by a resource. This user will be added to the heat_stack_user_role as defined in the config.
Returns the keystone ID of the resulting user.
-
create_trust_context
()[source]¶ Create a trust using the trustor identity in the current context.
The trust is created with the trustee as the heat service user.
If the current context already contains a trust_id, we do nothing and return the current context.
Returns a context containing the new trust_id.
-
delete_ec2_keypair
(credential_id=None, access=None, user_id=None)[source]¶ Delete credential containing ec2 keypair.
-
property
domain_admin_auth
¶
-
property
domain_admin_client
¶
-
get_ec2_keypair
(credential_id=None, access=None, user_id=None)[source]¶ Get an ec2 keypair via v3/credentials, by id or access.
-
regenerate_trust_context
()[source]¶ Regenerate a trust using the trustor identity of current user_id.
The trust is created with the trustee as the heat service user.
Returns a context containing the new trust_id.
-
property
stack_domain
¶ Domain scope data.
This is only used for checking for scoping data, not using the value.
-
property
stack_domain_id
¶
-
property