keystone.endpoint_policy package

Subpackages

• keystone.endpoint_policy.backends package
  • Submodules
  • keystone.endpoint_policy.backends.sql module
  • Module contents

Submodules

keystone.endpoint_policy.controllers module

class keystone.endpoint_policy.controllers.EndpointPolicyV3Controller

Bases: keystone.common.controller.V3Controller

check_policy_association_for_endpoint(context, *args, **kwargs)

Check an association between a policy and an endpoint.

check_policy_association_for_region_and_service(context, *args, **kwargs)

Check an association between a policy and region+service.

check_policy_association_for_service(context, *args, **kwargs)

Check an association between a policy and a service.

collection_name = 'endpoints'

create_policy_association_for_endpoint(context, *args, **kwargs)

Create an association between a policy and an endpoint.

create_policy_association_for_region_and_service(context, *args, **kwargs)

Create an association between a policy and region+service.

create_policy_association_for_service(context, *args, **kwargs)

Create an association between a policy and a service.

delete_policy_association_for_endpoint(context, *args, **kwargs)

Delete an association between a policy and an endpoint.

delete_policy_association_for_region_and_service(context, *args, **kwargs)

Delete an association between a policy and region+service.

delete_policy_association_for_service(context, *args, **kwargs)

Delete an association between a policy and a service.

classmethod filter_endpoint(ref)

get_policy_for_endpoint(context, *args, **kwargs)

Get the effective policy for an endpoint.

list_endpoints_for_policy(context, *args, **kwargs)

List endpoints with the effective association to a policy.

member_name = 'endpoint'

classmethod wrap_member(context, ref)

keystone.endpoint_policy.core module

class keystone.endpoint_policy.core.EndpointPolicyDriverV8

Bases: object

Interface description for an Endpoint Policy driver.

check_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)

Checks existence a policy association.

Parameters:

• policy_id (string) – identity of policy that is being associated
• endpoint_id (string) – identity of endpoint to associate
• service_id (string) – identity of the service to associate
• region_id (string) – identity of the region to associate

Raises keystone.exception.PolicyAssociationNotFound:  

If there is no match for the specified association.

Returns:

None

create_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)

Creates a policy association.

Parameters:

• policy_id (string) – identity of policy that is being associated
• endpoint_id (string) – identity of endpoint to associate
• service_id (string) – identity of the service to associate
• region_id (string) – identity of the region to associate

Returns:

None

There are three types of association permitted:

• Endpoint (in which case service and region must be None)
• Service and region (in which endpoint must be None)
• Service (in which case endpoint and region must be None)

delete_association_by_endpoint(endpoint_id)

Removes all the policy associations with the specific endpoint.

Parameters:endpoint_id (string) – identity of endpoint to check Returns:None

delete_association_by_policy(policy_id)

Removes all the policy associations with the specific policy.

Parameters:policy_id (string) – identity of endpoint to check Returns:None

delete_association_by_region(region_id)

Removes all the policy associations with the specific region.

Parameters:region_id (string) – identity of endpoint to check Returns:None

delete_association_by_service(service_id)

Removes all the policy associations with the specific service.

Parameters:service_id (string) – identity of endpoint to check Returns:None

delete_policy_association(policy_id, endpoint_id=None, service_id=None, region_id=None)

Deletes a policy association.

Parameters:

• policy_id (string) – identity of policy that is being associated
• endpoint_id (string) – identity of endpoint to associate
• service_id (string) – identity of the service to associate
• region_id (string) – identity of the region to associate

Returns:

None

get_policy_association(endpoint_id=None, service_id=None, region_id=None)

Gets the policy for an explicit association.

This method is not exposed as a public API, but is used by get_policy_for_endpoint().

Parameters:

• endpoint_id (string) – identity of endpoint
• service_id (string) – identity of the service
• region_id (string) – identity of the region

Raises keystone.exception.PolicyAssociationNotFound:  

If there is no match for the specified association.

Returns:

dict containing policy_id

get_policy_for_endpoint(endpoint_id)

Get the appropriate policy for a given endpoint.

Parameters:endpoint_id (string) – identity of endpoint Returns:Policy entity for the endpoint

list_associations_for_policy(policy_id)

List the associations for a policy.

This method is not exposed as a public API, but is used by list_endpoints_for_policy().

Parameters:policy_id (string) – identity of policy Returns:List of association dicts

list_endpoints_for_policy(policy_id)

List all the endpoints using a given policy.

Parameters:policy_id (string) – identity of policy that is being associated Returns:list of endpoints that have an effective association with that policy

class keystone.endpoint_policy.core.Manager(*args, **kwargs)

Bases: keystone.common.manager.Manager

Default pivot point for the Endpoint Policy backend.

See keystone.common.manager.Manager for more details on how this dynamically calls the backend.

check_policy_association(*args, **kwargs)

create_policy_association(*args, **kwargs)

delete_policy_association(*args, **kwargs)

driver_namespace = 'keystone.endpoint_policy'

get_policy_for_endpoint(*args, **kwargs)

list_endpoints_for_policy(*args, **kwargs)

keystone.endpoint_policy.routers module

class keystone.endpoint_policy.routers.Routers

Bases: keystone.common.wsgi.RoutersBase

PATH_PREFIX = '/OS-ENDPOINT-POLICY'

append_v3_routers(mapper, routers)

Module contents