Identity API v3¶

For details on how to use identity, see Using OpenStack Identity

The Identity v3 Class¶

The identity high-level interface is available through the identity member of a Connection object. The identity member will only be added if the service is detected.

Credential Operations¶

class openstack.identity.v3._proxy.Proxy(session, statsd_client=None, statsd_prefix=None, prometheus_counter=None, prometheus_histogram=None, influxdb_config=None, influxdb_client=None, *args, **kwargs)

create_credential(**attrs)

Create a new credential from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Credential, comprised of the properties on the Credential class.
Returns:: The results of credential creation
Return type:: Credential

delete_credential(credential, ignore_missing=True)

Delete a credential

Parameters:

credential – The value can be either the ID of a credential or a Credential instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the credential does not exist. When set to True, no exception will be set when attempting to delete a nonexistent credential.

Returns:

None

find_credential(name_or_id, ignore_missing=True)

Find a single credential

Parameters:

name_or_id – The name or ID of a credential.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Credential or None

get_credential(credential)

Get a single credential

Parameters:: credential – The value can be the ID of a credential or a Credential instance.
Returns:: One Credential
Raises:: ResourceNotFound when no resource can be found.

credentials(**query)

Retrieve a generator of credentials

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of credentials instances.
Return type:: Credential

update_credential(credential, **attrs)

Update a credential

Parameters:

credential – Either the ID of a credential or a Credential instance.
attrs – The attributes to update on the credential represented by credential.

Returns:

The updated credential

Return type:

Credential

Domain Operations¶

create_domain(**attrs)

Create a new domain from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Domain, comprised of the properties on the Domain class.
Returns:: The results of domain creation
Return type:: Domain

delete_domain(domain, ignore_missing=True)

Delete a domain

Parameters:

domain – The value can be either the ID of a domain or a Domain instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the domain does not exist. When set to True, no exception will be set when attempting to delete a nonexistent domain.

Returns:

None

find_domain(name_or_id, ignore_missing=True)

Find a single domain

Parameters:

name_or_id – The name or ID of a domain.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Domain or None

get_domain(domain)

Get a single domain

Parameters:: domain – The value can be the ID of a domain or a Domain instance.
Returns:: One Domain
Raises:: ResourceNotFound when no resource can be found.

domains(**query)

Retrieve a generator of domains

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of domain instances.
Return type:: Domain

update_domain(domain, **attrs)

Update a domain

Parameters:

domain – Either the ID of a domain or a Domain instance.
attrs – The attributes to update on the domain represented by domain.

Returns:

The updated domain

Return type:

Domain

Domain Config Operations¶

create_domain_config(domain, **attrs)

Create a new config for a domain from attributes.

Parameters:

domain – The value can be the ID of a domain or a Domain instance.
attrs (dict) – Keyword arguments which will be used to create a DomainConfig comprised of the properties on the DomainConfig class.

Returns:

The results of domain config creation

Return type:

DomainConfig

delete_domain_config(domain, ignore_missing=True)

Delete a config for a domain

Parameters:

domain – The value can be the ID of a domain or a a Domain instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the identity provider does not exist. When set to True, no exception will be set when attempting to delete a nonexistent config for a domain.

Returns:

None

get_domain_config(domain)

Get a single config for a domain

Parameters:: domain_id – The value can be the ID of a domain or a Domain instance.
Returns:: One DomainConfig
Raises:: ResourceNotFound when no resource can be found.

update_domain_config(domain, **attrs)

Update a config for a domain

Parameters:

domain_id – The value can be the ID of a domain or a Domain instance.
attrs – The attributes to update on the config for a domain represented by domain_id.

Returns:

The updated config for a domain

Return type:

DomainConfig

Endpoint Operations¶

create_endpoint(**attrs)

Create a new endpoint from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Endpoint, comprised of the properties on the Endpoint class.
Returns:: The results of endpoint creation
Return type:: Endpoint

delete_endpoint(endpoint, ignore_missing=True)

Delete an endpoint

Parameters:

endpoint – The value can be either the ID of an endpoint or a Endpoint instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the endpoint does not exist. When set to True, no exception will be set when attempting to delete a nonexistent endpoint.

Returns:

None

find_endpoint(name_or_id, ignore_missing=True)

Find a single endpoint

Parameters:

name_or_id – The name or ID of a endpoint.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Endpoint or None

get_endpoint(endpoint)

Get a single endpoint

Parameters:: endpoint – The value can be the ID of an endpoint or a Endpoint instance.
Returns:: One Endpoint
Raises:: ResourceNotFound when no resource can be found.

endpoints(**query)

Retrieve a generator of endpoints

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of endpoint instances.
Return type:: Endpoint

update_endpoint(endpoint, **attrs)

Update a endpoint

Parameters:

endpoint – Either the ID of an endpoint or a Endpoint instance.
attrs – The attributes to update on the endpoint represented by endpoint.

Returns:

The updated endpoint

Return type:

Endpoint

Group Operations¶

create_group(**attrs)

Create a new group from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Group, comprised of the properties on the Group class.
Returns:: The results of group creation
Return type:: Group

delete_group(group, ignore_missing=True)

Delete a group

Parameters:

group – The value can be either the ID of a group or a Group instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the group does not exist. When set to True, no exception will be set when attempting to delete a nonexistent group.

Returns:

None

find_group(name_or_id, ignore_missing=True, **query)

Find a single group

Parameters:

name_or_id – The name or ID of a group.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Group or None

get_group(group)

Get a single group

Parameters:: group – The value can be the ID of a group or a Group instance.
Returns:: One Group
Raises:: ResourceNotFound when no resource can be found.

groups(**query)

Retrieve a generator of groups

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of group instances.
Return type:: Group

update_group(group, **attrs)

Update a group

Parameters:

group – Either the ID of a group or a Group instance.
attrs – The attributes to update on the group represented by group.

Returns:

The updated group

Return type:

Group

add_user_to_group(user, group)

Add user to group

Parameters:

user – Either the ID of a user or a User instance.
group – Either the ID of a group or a Group instance.

Returns:

None

remove_user_from_group(user, group)

Remove user to group

Parameters:

user – Either the ID of a user or a User instance.
group – Either the ID of a group or a Group instance.

Returns:

None

check_user_in_group(user, group)

Check whether user belongsto group

Parameters:

user – Either the ID of a user or a User instance.
group – Either the ID of a group or a Group instance.

Returns:

A boolean representing current relation

group_users(group, **attrs)

List users in a group

Parameters:

group – Either the ID of a group or a Group instance.
attrs – Only password_expires_at can be filter for result.

Returns:

List of User

Policy Operations¶

create_policy(**attrs)

Create a new policy from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Policy, comprised of the properties on the Policy class.
Returns:: The results of policy creation
Return type:: Policy

delete_policy(policy, ignore_missing=True)

Delete a policy

Parameters:

policy – The value can be either the ID of a policy or a Policy instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the policy does not exist. When set to True, no exception will be set when attempting to delete a nonexistent policy.

Returns:

None

find_policy(name_or_id, ignore_missing=True)

Find a single policy

Parameters:

name_or_id – The name or ID of a policy.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Policy or None

get_policy(policy)

Get a single policy

Parameters:: policy – The value can be the ID of a policy or a Policy instance.
Returns:: One Policy
Raises:: ResourceNotFound when no resource can be found.

policies(**query)

Retrieve a generator of policies

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of policy instances.
Return type:: Policy

update_policy(policy, **attrs)

Update a policy

Parameters:

policy – Either the ID of a policy or a Policy instance.
attrs – The attributes to update on the policy represented by policy.

Returns:

The updated policy

Return type:

Policy

Project Operations¶

create_project(**attrs)

Create a new project from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Project, comprised of the properties on the Project class.
Returns:: The results of project creation
Return type:: Project

delete_project(project, ignore_missing=True)

Delete a project

Parameters:

project – The value can be either the ID of a project or a Project instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the project does not exist. When set to True, no exception will be set when attempting to delete a nonexistent project.

Returns:

None

find_project(name_or_id, ignore_missing=True, **query)

Find a single project

Parameters:

name_or_id – The name or ID of a project.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Project or None

get_project(project)

Get a single project

Parameters:: project – The value can be the ID of a project or a Project instance.
Returns:: One Project
Raises:: ResourceNotFound when no resource can be found.

projects(**query)

Retrieve a generator of projects

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of project instances.
Return type:: Project

user_projects(user, **query)

Retrieve a generator of projects to which the user has authorization: to access.

Parameters:

user – Either the user id or an instance of User
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.

Returns:

A generator of project instances.

Return type:

UserProject

update_project(project, **attrs)

Update a project

Parameters:

project – Either the ID of a project or a Project instance.
attrs – The attributes to update on the project represented by project.

Returns:

The updated project

Return type:

Project

Service Operations¶

create_service(**attrs)

Create a new service from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Service, comprised of the properties on the Service class.
Returns:: The results of service creation
Return type:: Service

delete_service(service, ignore_missing=True)

Delete a service

Parameters:

service – The value can be either the ID of a service or a Service instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the service does not exist. When set to True, no exception will be set when attempting to delete a nonexistent service.

Returns:

None

find_service(name_or_id, ignore_missing=True)

Find a single service

Parameters:

name_or_id – The name or ID of a service.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Service or None

get_service(service)

Get a single service

Parameters:: service – The value can be the ID of a service or a Service instance.
Returns:: One Service
Raises:: ResourceNotFound when no resource can be found.

services(**query)

Retrieve a generator of services

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of service instances.
Return type:: Service

update_service(service, **attrs)

Update a service

Parameters:

service – Either the ID of a service or a Service instance.
attrs – The attributes to update on the service represented by service.

Returns:

The updated service

Return type:

Service

User Operations¶

create_user(**attrs)

Create a new user from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a User, comprised of the properties on the User class.
Returns:: The results of user creation
Return type:: User

delete_user(user, ignore_missing=True)

Delete a user

Parameters:

user – The value can be either the ID of a user or a User instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the user does not exist. When set to True, no exception will be set when attempting to delete a nonexistent user.

Returns:

None

find_user(name_or_id, ignore_missing=True, **query)

Find a single user

Parameters:

name_or_id – The name or ID of a user.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One User or None

get_user(user)

Get a single user

Parameters:: user – The value can be the ID of a user or a User instance.
Returns:: One User
Raises:: ResourceNotFound when no resource can be found.

users(**query)

Retrieve a generator of users

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of user instances.
Return type:: User

update_user(user, **attrs)

Update a user

Parameters:

user – Either the ID of a user or a User instance.
attrs – The attributes to update on the user represented by attrs.

Returns:

The updated user

Return type:

User

Trust Operations¶

create_trust(**attrs)

Create a new trust from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Trust, comprised of the properties on the Trust class.
Returns:: The results of trust creation
Return type:: Trust

delete_trust(trust, ignore_missing=True)

Delete a trust

Parameters:

trust – The value can be either the ID of a trust or a Trust instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the credential does not exist. When set to True, no exception will be set when attempting to delete a nonexistent credential.

Returns:

None

find_trust(name_or_id, ignore_missing=True)

Find a single trust

Parameters:

name_or_id – The name or ID of a trust.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Trust or None

get_trust(trust)

Get a single trust

Parameters:: trust – The value can be the ID of a trust or a Trust instance.
Returns:: One Trust
Raises:: ResourceNotFound when no resource can be found.

trusts(**query)

Retrieve a generator of trusts

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of trust instances.
Return type:: Trust

Region Operations¶

create_region(**attrs)

Create a new region from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Region, comprised of the properties on the Region class.
Returns:: The results of region creation.
Return type:: Region

delete_region(region, ignore_missing=True)

Delete a region

Parameters:

region – The value can be either the ID of a region or a Region instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the region does not exist. When set to True, no exception will be thrown when attempting to delete a nonexistent region.

Returns:

None

find_region(name_or_id, ignore_missing=True)

Find a single region

Parameters:

name_or_id – The name or ID of a region.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the region does not exist. When set to True, None will be returned when attempting to find a nonexistent region.

Returns:

One Region or None

get_region(region)

Get a single region

Parameters:: region – The value can be the ID of a region or a Region instance.
Returns:: One Region
Raises:: ResourceNotFound when no matching region can be found.

regions(**query)

Retrieve a generator of regions

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the regions being returned.
Returns:: A generator of region instances.
Return type:: Region

update_region(region, **attrs)

Update a region

Parameters:

region – Either the ID of a region or a Region instance.
attrs – The attributes to update on the region represented by region.

Returns:

The updated region.

Return type:

Region

Role Operations¶

create_role(**attrs)

Create a new role from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Role, comprised of the properties on the Role class.
Returns:: The results of role creation.
Return type:: Role

delete_role(role, ignore_missing=True)

Delete a role

Parameters:

role – The value can be either the ID of a role or a Role instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the role does not exist. When set to True, no exception will be thrown when attempting to delete a nonexistent role.

Returns:

None

find_role(name_or_id, ignore_missing=True, **query)

Find a single role

Parameters:

name_or_id – The name or ID of a role.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the role does not exist. When set to True, None will be returned when attempting to find a nonexistent role.

Returns:

One Role or None

get_role(role)

Get a single role

Parameters:: role – The value can be the ID of a role or a Role instance.
Returns:: One Role
Raises:: ResourceNotFound when no matching role can be found.

roles(**query)

Retrieve a generator of roles

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned. The options are: domain_id, name.
Returns:: A generator of role instances.
Return type:: Role

update_role(role, **attrs)

Update a role

Parameters:

role – Either the ID of a role or a Role instance.
kwargs (dict) – The attributes to update on the role represented by value. Only name can be updated

Returns:

The updated role.

Return type:

Role

Role Assignment Operations¶

role_assignments_filter(domain=None, project=None, system=None, group=None, user=None)

Retrieve a generator of roles assigned to user/group

Parameters:

domain – Either the ID of a domain or a Domain instance.
project – Either the ID of a project or a Project instance.
system – Either the system name or a System instance.
group – Either the ID of a group or a Group instance.
user – Either the ID of a user or a User instance.

Returns:

A generator of role instances.

Return type:

Role

role_assignments(**query)

Retrieve a generator of role assignments

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned. The options are: group_id, role_id, scope_domain_id, scope_project_id, inherited_to, user_id, include_names, include_subtree.
Returns:: RoleAssignment

assign_domain_role_to_user(domain, user, role)

Assign role to user on a domain

Parameters:

domain – Either the ID of a domain or a Domain instance.
user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.

Returns:

None

unassign_domain_role_from_user(domain, user, role)

Unassign role from user on a domain

Parameters:

domain – Either the ID of a domain or a Domain instance.
user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.

Returns:

None

validate_user_has_domain_role(domain, user, role)

Validates that a user has a role on a domain

Parameters:

domain – Either the ID of a domain or a Domain instance.
user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.

Returns:

True if user has role in domain

assign_domain_role_to_group(domain, group, role)

Assign role to group on a domain

Parameters:

domain – Either the ID of a domain or a Domain instance.
group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.

Returns:

None

unassign_domain_role_from_group(domain, group, role)

Unassign role from group on a domain

Parameters:

domain – Either the ID of a domain or a Domain instance.
group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.

Returns:

None

validate_group_has_domain_role(domain, group, role)

Validates that a group has a role on a domain

Parameters:

domain – Either the ID of a domain or a Domain instance.
group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.

Returns:

True if group has role on domain

assign_project_role_to_user(project, user, role)

Assign role to user on a project

Parameters:

project – Either the ID of a project or a Project instance.
user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.

Returns:

None

unassign_project_role_from_user(project, user, role)

Unassign role from user on a project

Parameters:

project – Either the ID of a project or a Project instance.
user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.

Returns:

None

validate_user_has_project_role(project, user, role)

Validates that a user has a role on a project

Parameters:

project – Either the ID of a project or a Project instance.
user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.

Returns:

True if user has role in project

assign_project_role_to_group(project, group, role)

Assign role to group on a project

Parameters:

project – Either the ID of a project or a Project instance.
group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.

Returns:

None

unassign_project_role_from_group(project, group, role)

Unassign role from group on a project

Parameters:

project – Either the ID of a project or a Project instance.
group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.

Returns:

None

validate_group_has_project_role(project, group, role)

Validates that a group has a role on a project

Parameters:

project – Either the ID of a project or a Project instance.
group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.

Returns:

True if group has role in project

assign_system_role_to_user(user, role, system)

Assign a role to user on a system

Parameters:

user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.
system – The system name

Returns:

None

unassign_system_role_from_user(user, role, system)

Unassign a role from user on a system

Parameters:

user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.
system – The system name

Returns:

None

validate_user_has_system_role(user, role, system)

Validates that a user has a role on a system

Parameters:

user – Either the ID of a user or a User instance.
role – Either the ID of a role or a Role instance.
system – The system name

Returns:

True if user has role in system

assign_system_role_to_group(group, role, system)

Assign a role to group on a system

Parameters:

group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.
system – The system name

Returns:

None

unassign_system_role_from_group(group, role, system)

Unassign a role from group on a system

Parameters:

group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.
system – The system name

Returns:

None

validate_group_has_system_role(group, role, system)

Validates that a group has a role on a system

Parameters:

group – Either the ID of a group or a Group instance.
role – Either the ID of a role or a Role instance.
system – The system name

Returns:

True if group has role on system

Registered Limit Operations¶

registered_limits(**query)

Retrieve a generator of registered_limits

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the registered_limits being returned.
Returns:: A generator of registered_limits instances.
Return type:: RegisteredLimit

get_registered_limit(registered_limit)

Get a single registered_limit

Parameters:: registered_limit – The value can be the ID of a registered_limit or a RegisteredLimit instance.
Returns:: One RegisteredLimit
Raises:: ResourceNotFound when no resource can be found.

create_registered_limit(**attrs)

Create a new registered_limit from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a RegisteredLimit, comprised of the properties on the RegisteredLimit class.
Returns:: The results of registered_limit creation.
Return type:: RegisteredLimit

update_registered_limit(registered_limit, **attrs)

Update a registered_limit

Parameters:

registered_limit – Either the ID of a registered_limit. or a RegisteredLimit instance.
kwargs (dict) – The attributes to update on the registered_limit represented by value.

Returns:

The updated registered_limit.

Return type:

RegisteredLimit

delete_registered_limit(registered_limit, ignore_missing=True)

Delete a registered_limit

Parameters:

registered_limit – The value can be either the ID of a registered_limit or a RegisteredLimit instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the registered_limit does not exist. When set to True, no exception will be thrown when attempting to delete a nonexistent registered_limit.

Returns:

None

Limit Operations¶

limits(**query)

Retrieve a generator of limits

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the limits being returned.
Returns:: A generator of limits instances.
Return type:: Limit

get_limit(limit)

Get a single limit

Parameters:: limit – The value can be the ID of a limit or a Limit instance.
Returns:: One Limit
Raises:: ResourceNotFound when no resource can be found.

create_limit(**attrs)

Create a new limit from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Limit, comprised of the properties on the Limit class.
Returns:: The results of limit creation.
Return type:: Limit

update_limit(limit, **attrs)

Update a limit

Parameters:

limit – Either the ID of a limit. or a Limit instance.
kwargs (dict) – The attributes to update on the limit represented by value.

Returns:

The updated limit.

Return type:

Limit

delete_limit(limit, ignore_missing=True)

Delete a limit

Parameters:

limit – The value can be either the ID of a limit or a Limit instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the limit does not exist. When set to True, no exception will be thrown when attempting to delete a nonexistent limit.

Returns:

None

Application Credential Operations¶

application_credentials(user, **query)

Retrieve a generator of application credentials

Parameters:

user – Either the ID of a user or a User instance.
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.

Returns:

A generator of application credentials instances.

Return type:

ApplicationCredential

get_application_credential(user, application_credential)

Get a single application credential

Parameters:

user – Either the ID of a user or a User instance.
application_credential – The value can be the ID of a application credential or a ApplicationCredential instance.

Returns:

One ApplicationCredential

Raises:

ResourceNotFound when no resource can be found.

create_application_credential(user, name, **attrs)

Create a new application credential from attributes

Parameters:

user – Either the ID of a user or a User instance.
name – The name of the application credential which is unique to the user.
attrs (dict) – Keyword arguments which will be used to create a ApplicationCredential, comprised of the properties on the ApplicationCredential class.

Returns:

The results of application credential creation.

Return type:

ApplicationCredential

find_application_credential(user, name_or_id, ignore_missing=True, **query)

Find a single application credential

Parameters:

user – Either the ID of a user or a User instance.
name_or_id – The name or ID of an application credential.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One ApplicationCredential or None

delete_application_credential(user, application_credential, ignore_missing=True)

Delete an application credential

Parameters:

user – Either the ID of a user or a User instance.
credential (application) – The value can be either the ID of an application credential or a ApplicationCredential instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the application credential does not exist. When set to True, no exception will be thrown when attempting to delete a nonexistent application credential.

Returns:

None

Federation Protocol Operations¶

create_federation_protocol(idp_id, **attrs)

Create a new federation protocol from attributes

Parameters:

idp_id – The ID of the identity provider or a IdentityProvider representing the identity provider the protocol is to be attached to.
attrs (dict) – Keyword arguments which will be used to create a FederationProtocol, comprised of the properties on the FederationProtocol class.

Returns:

The results of federation protocol creation

Return type:

FederationProtocol

delete_federation_protocol(idp_id, protocol, ignore_missing=True)

Delete a federation protocol

Parameters:

idp_id – The ID of the identity provider or a IdentityProvider representing the identity provider the protocol is attached to. Can be None if protocol is a FederationProtocol instance.
protocol – The ID of a federation protocol or a FederationProtocol instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the federation protocol does not exist. When set to True, no exception will be set when attempting to delete a nonexistent federation protocol.

Returns:

None

find_federation_protocol(idp_id, protocol, ignore_missing=True)

Find a single federation protocol

Parameters:

idp_id – The ID of the identity provider or a IdentityProvider representing the identity provider the protocol is attached to.
protocol – The name or ID of a federation protocol.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One federation protocol or None

Return type:

FederationProtocol

get_federation_protocol(idp_id, protocol)

Get a single federation protocol

Parameters:

idp_id – The ID of the identity provider or a IdentityProvider representing the identity provider the protocol is attached to. Can be None if protocol is a FederationProtocol
protocol – The value can be the ID of a federation protocol or a FederationProtocol instance.

Returns:

One federation protocol

Return type:

FederationProtocol

Raises:

ResourceNotFound when no resource can be found.

federation_protocols(idp_id, **query)

Retrieve a generator of federation protocols

Parameters:

idp_id – The ID of the identity provider or a IdentityProvider representing the identity provider the protocol is attached to.
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.

Returns:

A generator of federation protocol instances.

Return type:

FederationProtocol

update_federation_protocol(idp_id, protocol, **attrs)

Update a federation protocol

Parameters:

idp_id – The ID of the identity provider or a IdentityProvider representing the identity provider the protocol is attached to. Can be None if protocol is a FederationProtocol
protocol – Either the ID of a federation protocol or a FederationProtocol instance.
attrs – The attributes to update on the federation protocol represented by protocol.

Returns:

The updated federation protocol

Return type:

FederationProtocol

Mapping Operations¶

create_mapping(**attrs)

Create a new mapping from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a Mapping, comprised of the properties on the Mapping class.
Returns:: The results of mapping creation
Return type:: Mapping

delete_mapping(mapping, ignore_missing=True)

Delete a mapping

Parameters:

mapping – The ID of a mapping or a Mapping instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the mapping does not exist. When set to True, no exception will be set when attempting to delete a nonexistent mapping.

Returns:

None

find_mapping(name_or_id, ignore_missing=True)

Find a single mapping

Parameters:

name_or_id – The name or ID of a mapping.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

One Mapping or None

get_mapping(mapping)

Get a single mapping

Parameters:: mapping – The value can be the ID of a mapping or a Mapping instance.
Returns:: One Mapping
Raises:: ResourceNotFound when no resource can be found.

mappings(**query)

Retrieve a generator of mappings

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of mapping instances.
Return type:: Mapping

update_mapping(mapping, **attrs)

Update a mapping

Parameters:

mapping – Either the ID of a mapping or a Mapping instance.
attrs – The attributes to update on the mapping represented by mapping.

Returns:

The updated mapping

Return type:

Mapping

Identity Provider Operations¶

create_identity_provider(**attrs)

Create a new identity provider from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a IdentityProvider comprised of the properties on the IdentityProvider class.
Returns:: The results of identity provider creation
Return type:: IdentityProvider

delete_identity_provider(identity_provider, ignore_missing=True)

Delete an identity provider

Parameters:

mapping – The ID of an identity provoder or a IdentityProvider instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the identity provider does not exist. When set to True, no exception will be set when attempting to delete a nonexistent identity provider.

Returns:

None

find_identity_provider(name_or_id, ignore_missing=True)

Find a single identity provider

Parameters:

name_or_id – The name or ID of an identity provider
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

The details of an identity provider or None.

Return type:

IdentityProvider

get_identity_provider(identity_provider)

Get a single mapping

Parameters:: mapping – The value can be the ID of an identity provider or a IdentityProvider instance.
Returns:: The details of an identity provider.
Return type:: IdentityProvider
Raises:: ResourceNotFound when no resource can be found.

identity_providers(**query)

Retrieve a generator of identity providers

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of identity provider instances.
Return type:: IdentityProvider

update_identity_provider(identity_provider, **attrs)

Update a mapping

Parameters:

mapping – Either the ID of an identity provider or a IdentityProvider instance.
attrs – The attributes to update on the identity_provider represented by identity_provider.

Returns:

The updated identity provider.

Return type:

IdentityProvider

Access Rule Operations¶

access_rules(user, **query)

Retrieve a generator of access rules

Parameters:

user – Either the ID of a user or a User instance.
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.

Returns:

A generator of access rules instances.

Return type:

AccessRule

access_rules(user, **query)

Retrieve a generator of access rules

Parameters:

user – Either the ID of a user or a User instance.
query (kwargs) – Optional query parameters to be sent to limit the resources being returned.

Returns:

A generator of access rules instances.

Return type:

AccessRule

delete_access_rule(user, access_rule, ignore_missing=True)

Delete an access rule

Parameters:

user – Either the ID of a user or a User instance.
rule (access) – The value can be either the ID of an access rule or a AccessRule instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the access rule does not exist. When set to True, no exception will be thrown when attempting to delete a nonexistent access rule.

Returns:

None

Service Provider Operations¶

create_service_provider(**attrs)

Create a new service provider from attributes

Parameters:: attrs (dict) – Keyword arguments which will be used to create a ServiceProvider, comprised of the properties on the ServiceProvider class.
Returns:: The results of service provider creation
Return type:: ServiceProvider

delete_service_provider(service_provider, ignore_missing=True)

Delete a service provider

Parameters:

service_provider – The ID of a service provider or a ServiceProvider instance.
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the service provider does not exist. When set to True, no exception will be set when attempting to delete a nonexistent service provider.

Returns:

None

find_service_provider(name_or_id, ignore_missing=True)

Find a single service provider

Parameters:

name_or_id – The name or ID of a service provider
ignore_missing (bool) – When set to False ResourceNotFound will be raised when the resource does not exist. When set to True, None will be returned when attempting to find a nonexistent resource.

Returns:

The details of an service provider or None.

Return type:

ServiceProvider

get_service_provider(service_provider)

Get a single service provider

Parameters:: service_provider – The value can be the ID of a service provider or a ServiceProvider instance.
Returns:: The details of an service provider.
Return type:: ServiceProvider
Raises:: ResourceNotFound when no resource can be found.

service_providers(**query)

Retrieve a generator of service providers

Parameters:: query (kwargs) – Optional query parameters to be sent to limit the resources being returned.
Returns:: A generator of service provider instances.
Return type:: ServiceProvider

update_service_provider(service_provider, **attrs)

Update a service provider

Parameters:

service_provider – Either the ID of an service provider or a ServiceProvider instance.
attrs – The attributes to update on the service provider represented by service_provider.

Returns:

The updated service provider.

Return type:

ServiceProvider

Identity API v3

Identity API v3¶

The Identity v3 Class¶

Credential Operations¶

Domain Operations¶

Domain Config Operations¶

Endpoint Operations¶

Group Operations¶

Policy Operations¶

Project Operations¶

Service Operations¶

User Operations¶

Trust Operations¶

Region Operations¶

Role Operations¶

Role Assignment Operations¶

Registered Limit Operations¶

Limit Operations¶

Application Credential Operations¶

Federation Protocol Operations¶

Mapping Operations¶

Identity Provider Operations¶

Access Rule Operations¶

Service Provider Operations¶

openstacksdk 3.1.1.dev54

Page Contents