heat.engine.clients.os.keystone.heat_keystoneclient module¶
Keystone Client functionality for use by resources.
- class heat.engine.clients.os.keystone.heat_keystoneclient.AccessKey(id, access, secret)¶
Bases:
tuple
- access¶
Alias for field number 1
- id¶
Alias for field number 0
- secret¶
Alias for field number 2
- class heat.engine.clients.os.keystone.heat_keystoneclient.KeystoneClient(context, region_name=None)[source]¶
Bases:
object
Keystone Auth Client.
Delay choosing the backend client module until the client’s class needs to be initialized.
- class heat.engine.clients.os.keystone.heat_keystoneclient.KsClientWrapper(context, region_name)[source]¶
Bases:
object
Wrap keystone client so we can encapsulate logic used in resources.
Note this is intended to be initialized from a resource on a per-session basis, so the session context is passed in on initialization Also note that an instance of this is created in each request context as part of a lazy-loaded cloud backend and it can be easily referenced in each resource as
self.keystone()
, so there should not be any need to directly instantiate instances of this class inside resources themselves.- property auth_region_name¶
- property client¶
- property context¶
- create_stack_domain_user(username, project_id, password=None)[source]¶
Create a domain user defined as part of a stack.
The user is defined either via template or created internally by a resource. This user will be added to the heat_stack_user_role as defined in the config, and created in the specified project (which is expected to be in the stack_domain).
Returns the keystone ID of the resulting user.
- create_stack_user(username, password)[source]¶
Create a user defined as part of a stack.
The user is defined either via template or created internally by a resource. This user will be added to the heat_stack_user_role as defined in the config.
Returns the keystone ID of the resulting user.
- create_trust_context()[source]¶
Create a trust using the trustor identity in the current context.
The trust is created with the trustee as the heat service user.
If the current context already contains a trust_id, we do nothing and return the current context.
Returns a context containing the new trust_id.
- delete_ec2_keypair(credential_id=None, access=None, user_id=None)[source]¶
Delete credential containing ec2 keypair.
- property domain_admin_auth¶
- property domain_admin_client¶
- get_ec2_keypair(credential_id=None, access=None, user_id=None)[source]¶
Get an ec2 keypair via v3/credentials, by id or access.
- regenerate_trust_context()[source]¶
Regenerate a trust using the trustor identity of current user_id.
The trust is created with the trustee as the heat service user.
Returns a context containing the new trust_id.
- property stack_domain¶
Domain scope data.
This is only used for checking for scoping data, not using the value.
- property stack_domain_id¶