keystone.endpoint_policy package¶
Subpackages¶
Submodules¶
keystone.endpoint_policy.controllers module¶
-
class
keystone.endpoint_policy.controllers.
EndpointPolicyV3Controller
[source]¶ Bases:
keystone.common.controller.V3Controller
-
check_policy_association_for_endpoint
(context, *args, **kwargs)[source]¶ Check an association between a policy and an endpoint.
-
check_policy_association_for_region_and_service
(context, *args, **kwargs)[source]¶ Check an association between a policy and region+service.
-
check_policy_association_for_service
(context, *args, **kwargs)[source]¶ Check an association between a policy and a service.
-
collection_name
= 'endpoints'¶
-
create_policy_association_for_endpoint
(context, *args, **kwargs)[source]¶ Create an association between a policy and an endpoint.
-
create_policy_association_for_region_and_service
(context, *args, **kwargs)[source]¶ Create an association between a policy and region+service.
-
create_policy_association_for_service
(context, *args, **kwargs)[source]¶ Create an association between a policy and a service.
-
delete_policy_association_for_endpoint
(context, *args, **kwargs)[source]¶ Delete an association between a policy and an endpoint.
-
delete_policy_association_for_region_and_service
(context, *args, **kwargs)[source]¶ Delete an association between a policy and region+service.
-
delete_policy_association_for_service
(context, *args, **kwargs)[source]¶ Delete an association between a policy and a service.
-
get_policy_for_endpoint
(context, *args, **kwargs)[source]¶ Get the effective policy for an endpoint.
-
list_endpoints_for_policy
(context, *args, **kwargs)[source]¶ List endpoints with the effective association to a policy.
-
member_name
= 'endpoint'¶
-
keystone.endpoint_policy.core module¶
-
class
keystone.endpoint_policy.core.
EndpointPolicyDriverV8
[source]¶ Bases:
object
Interface description for an Endpoint Policy driver.
-
check_policy_association
(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]¶ Checks existence a policy association.
Parameters: - policy_id (string) – identity of policy that is being associated
- endpoint_id (string) – identity of endpoint to associate
- service_id (string) – identity of the service to associate
- region_id (string) – identity of the region to associate
Raises: keystone.exception.PolicyAssociationNotFound – If there is no match for the specified association.
Returns: None
-
create_policy_association
(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]¶ Creates a policy association.
Parameters: - policy_id (string) – identity of policy that is being associated
- endpoint_id (string) – identity of endpoint to associate
- service_id (string) – identity of the service to associate
- region_id (string) – identity of the region to associate
Returns: None
There are three types of association permitted:
- Endpoint (in which case service and region must be None)
- Service and region (in which endpoint must be None)
- Service (in which case endpoint and region must be None)
-
delete_association_by_endpoint
(endpoint_id)[source]¶ Removes all the policy associations with the specific endpoint.
Parameters: endpoint_id (string) – identity of endpoint to check Returns: None
-
delete_association_by_policy
(policy_id)[source]¶ Removes all the policy associations with the specific policy.
Parameters: policy_id (string) – identity of endpoint to check Returns: None
-
delete_association_by_region
(region_id)[source]¶ Removes all the policy associations with the specific region.
Parameters: region_id (string) – identity of endpoint to check Returns: None
-
delete_association_by_service
(service_id)[source]¶ Removes all the policy associations with the specific service.
Parameters: service_id (string) – identity of endpoint to check Returns: None
-
delete_policy_association
(policy_id, endpoint_id=None, service_id=None, region_id=None)[source]¶ Deletes a policy association.
Parameters: - policy_id (string) – identity of policy that is being associated
- endpoint_id (string) – identity of endpoint to associate
- service_id (string) – identity of the service to associate
- region_id (string) – identity of the region to associate
Returns: None
-
get_policy_association
(endpoint_id=None, service_id=None, region_id=None)[source]¶ Gets the policy for an explicit association.
This method is not exposed as a public API, but is used by get_policy_for_endpoint().
Parameters: - endpoint_id (string) – identity of endpoint
- service_id (string) – identity of the service
- region_id (string) – identity of the region
Raises: keystone.exception.PolicyAssociationNotFound – If there is no match for the specified association.
Returns: dict containing policy_id
-
get_policy_for_endpoint
(endpoint_id)[source]¶ Get the appropriate policy for a given endpoint.
Parameters: endpoint_id (string) – identity of endpoint Returns: Policy entity for the endpoint
-
-
class
keystone.endpoint_policy.core.
Manager
(*args, **kwargs)[source]¶ Bases:
keystone.common.manager.Manager
Default pivot point for the Endpoint Policy backend.
See
keystone.common.manager.Manager
for more details on how this dynamically calls the backend.-
driver_namespace
= 'keystone.endpoint_policy'¶
-