The heat.engine.clients.os.keystone.heat_keystoneclient Module

Keystone Client functionality for use by resources.

class heat.engine.clients.os.keystone.heat_keystoneclient.AccessKey(id, access, secret)

Bases: tuple

access

Alias for field number 1

id

Alias for field number 0

secret

Alias for field number 2

class heat.engine.clients.os.keystone.heat_keystoneclient.KeystoneClient

Bases: object

Keystone Auth Client.

Delay choosing the backend client module until the client’s class needs to be initialized.

class heat.engine.clients.os.keystone.heat_keystoneclient.KsClientWrapper(context)

Bases: object

Wrap keystone client so we can encapsulate logic used in resources.

Note this is intended to be initialized from a resource on a per-session basis, so the session context is passed in on initialization Also note that an instance of this is created in each request context as part of a lazy-loaded cloud backend and it can be easily referenced in each resource as self.keystone(), so there should not be any need to directly instantiate instances of this class inside resources themselves.

auth_ref

auth_token

client

context

create_ec2_keypair(user_id=None)

create_stack_domain_project(stack_id)

Create a project in the heat stack-user domain.

create_stack_domain_user(username, project_id, password=None)

Create a domain user defined as part of a stack.

The user is defined either via template or created internally by a resource. This user will be added to the heat_stack_user_role as defined in the config, and created in the specified project (which is expected to be in the stack_domain).

Returns the keystone ID of the resulting user.

create_stack_domain_user_keypair(user_id, project_id)

create_stack_user(username, password='')

Create a user defined as part of a stack.

The user is defined either via template or created internally by a resource. This user will be added to the heat_stack_user_role as defined in the config.

Returns the keystone ID of the resulting user.

create_trust_context()

Create a trust using the trustor identity in the current context.

The trust is created with the trustee as the heat service user.

If the current context already contains a trust_id, we do nothing and return the current context.

Returns a context containing the new trust_id.

delete_ec2_keypair(credential_id=None, access=None, user_id=None)

Delete credential containing ec2 keypair.

delete_stack_domain_project(project_id)

delete_stack_domain_user(user_id, project_id)

delete_stack_domain_user_keypair(user_id, project_id, credential_id)

delete_stack_user(user_id)

delete_trust(trust_id)

Delete the specified trust.

disable_stack_domain_user(user_id, project_id)

disable_stack_user(user_id)

domain_admin_auth

domain_admin_client

enable_stack_domain_user(user_id, project_id)

enable_stack_user(user_id)

get_ec2_keypair(credential_id=None, access=None, user_id=None)

Get an ec2 keypair via v3/credentials, by id or access.

region_name

stack_domain

Domain scope data.

This is only used for checking for scoping data, not using the value.

stack_domain_id

stack_domain_user_token(user_id, project_id, password)

Get a token for a stack domain user.

url_for(**kwargs)

heat.engine.clients.os.keystone.heat_keystoneclient.list_opts()