You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@libcloud.apache.org by to...@apache.org on 2021/02/26 22:34:52 UTC
[libcloud] 01/05: Add outscale's api access rule system.
This is an automated email from the ASF dual-hosted git repository.
tomaz pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/libcloud.git
commit d9cb371c1368f84ff8c15a87207bc44402231b87
Author: François NOUAILLE DEGORCE <fr...@outscale.com>
AuthorDate: Thu Jan 7 14:30:36 2021 +0100
Add outscale's api access rule system.
---
docs/compute/drivers/outscale.rst | 8 ++
libcloud/compute/drivers/outscale.py | 190 +++++++++++++++++++++++++++++++++++
2 files changed, 198 insertions(+)
diff --git a/docs/compute/drivers/outscale.rst b/docs/compute/drivers/outscale.rst
index 04d4567..9494db9 100644
--- a/docs/compute/drivers/outscale.rst
+++ b/docs/compute/drivers/outscale.rst
@@ -349,3 +349,11 @@ Certificate Authority
* ``ex_delete_certificate_authority`` - Returns a ``bool``
* ``ex_read_certificate_authorities`` - Returns a ``list`` of ``dict``
+API Access Rules
+----------------
+* ``ex_create_api_access_rule`` - Returns a ``dict``
+* ``ex_delete_api_access_rule`` - Returns a ``bool``
+* ``ex_read_api_access_rules`` - Returns a ``list`` of ``dict``
+* ``ex_update_api_access_rule`` - Returns a ``dict``
+
+
diff --git a/libcloud/compute/drivers/outscale.py b/libcloud/compute/drivers/outscale.py
index c468fd5..261acac 100644
--- a/libcloud/compute/drivers/outscale.py
+++ b/libcloud/compute/drivers/outscale.py
@@ -7831,6 +7831,196 @@ class OutscaleNodeDriver(NodeDriver):
return response.json()["Ca"]
return response.json()
+ def ex_create_api_access_rule(
+ self,
+ description: str = None,
+ ip_ranges: List[str] = None,
+ ca_ids: List[str] = None,
+ cns: List[str] = None,
+ dry_run: bool = False,
+ ):
+ """
+ Create an API access rule.
+ It is a rule to allow access to the API from your account.
+ You need to specify at least the CaIds or the IpRanges parameter.
+
+ :param description: The description of the new rule.
+ :type description: ``str``
+
+ :param ip_ranges: One or more IP ranges, in CIDR notation
+ (for example, 192.0.2.0/16).
+ :type ip_ranges: ``List`` of ``str``
+
+ :param ca_ids: One or more IDs of Client Certificate Authorities
+ (CAs).
+ :type ca_ids: ``List`` of ``str``
+
+ :param cns: One or more Client Certificate Common Names (CNs).
+ If this parameter is specified, you must also specify the ca_ids
+ parameter.
+ :type cns: ``List`` of ``str``
+
+ :param dry_run: If true, checks whether you have the required
+ permissions to perform the action.
+ :type dry_run: ``bool``
+
+ :return: a dict containing the API access rule created.
+ :rtype: ``dict``
+ """
+ action = "CreateApiAccessRule"
+ data = {"DryRun": dry_run}
+ if description is not None:
+ data["Description"] = description
+ if ip_ranges is not None:
+ data["IpRanges"] = ip_ranges
+ if ca_ids is not None:
+ data["CaIds"] = ca_ids
+ if cns is not None:
+ data["Cns"] = cns
+ response = self._call_api(action, json.dumps(data))
+ if response.status_code == 200:
+ return response.json()["ApiAccessRule"]
+ return response.json()
+
+ def ex_delete_api_access_rule(
+ self,
+ api_access_rule_id: str = None,
+ dry_run: bool = False,
+ ):
+ """
+ Delete an API access rule.
+ You cannot delete the last remaining API access rule.
+
+ :param api_access_rule_id: The id of the targeted rule.
+ :type api_access_rule_id: ``str``
+
+ :param dry_run: If true, checks whether you have the required
+ permissions to perform the action.
+ :type dry_run: ``bool``
+
+ :return: true if successfull.
+ :rtype: ``bool`` if successful or ``dict``
+ """
+ action = "DeleteApiAccessRule"
+ data = {"ApiAccessRuleId": api_access_rule_id, "DryRun": dry_run}
+ response = self._call_api(action, json.dumps(data))
+ if response.status_code == 200:
+ return True
+ return response.json()
+
+ def ex_read_api_access_rules(
+ self,
+ api_access_rules_ids: List[str] = None,
+ ca_ids: List[str] = None,
+ cns: List[str] = None,
+ descriptions: List[str] = None,
+ ip_ranges: List[str] = None,
+ dry_run: bool = False,
+ ):
+ """
+ Read API access rules.
+
+ :param api_access_rules_ids: The List containing rules ids to
+ filter the request.
+ :type api_access_rules_ids: ``List`` of ``str``
+
+ :param ca_ids: The List containing CA ids to filter the request.
+ :type ca_ids: ``List`` of ``str``
+
+ :param cns: The List containing cns to filter the request.
+ :type cns: ``List`` of ``str``
+
+ :param descriptions: The List containing descriptions to filter
+ the request.
+ :type descriptions: ``List`` of ``str``
+
+ :param ip_ranges: The List containing ip ranges in CIDR notation
+ (for example, 192.0.2.0/16) to filter the request.
+ :type ip_ranges: ``List`` of ``str``
+
+ :param dry_run: If true, checks whether you have the required
+ permissions to perform the action.
+ :type dry_run: ``bool``
+
+ :return: a List of API access rules.
+ :rtype: ``List`` of ``dict`` if successfull or ``dict``
+ """
+
+ action = "ReadApiAccessRules"
+ filters = {}
+ if api_access_rules_ids is not None:
+ filters["ApiAccessRulesIds"] = api_access_rules_ids
+ if ca_ids is not None:
+ filters["CaIds"] = ca_ids
+ if cns is not None:
+ filters["Cns"] = cns
+ if descriptions is not None:
+ filters["Descriptions"] = descriptions
+ if ip_ranges is not None:
+ filters["IpRanges"] = ip_ranges
+ data = {"Filters": filters, "DryRun": dry_run}
+ response = self._call_api(action, json.dumps(data))
+ if response.status_code == 200:
+ return response.json()["ApiAccessRules"]
+ return response.json()
+
+ def ex_update_api_access_rule(
+ self,
+ api_access_rule_id: str = None,
+ ca_ids: List[str] = None,
+ cns: List[str] = None,
+ description: str = None,
+ ip_ranges: List[str] = None,
+ dry_run: bool = False,
+ ):
+ """
+ Update an API access rules.
+ The new rule you specify fully replaces the old rule. Therefore,
+ for a parameter that is not specified, any previously set value
+ is deleted.
+
+ :param api_access_rule_id: The id of the rule we want to update.
+ :type api_access_rule_id: ``str``
+
+ :param ca_ids: One or more IDs of Client Certificate Authorities
+ (CAs).
+ :type ca_ids: ``List`` of ``str``
+
+ :param cns: One or more Client Certificate Common Names (CNs).
+ If this parameter is specified, you must also specify the ca_ids
+ parameter.
+ :type cns: ``List`` of ``str``
+
+ :param description: The description of the new rule.
+ :type description: ``str``
+
+ :param ip_ranges: One or more IP ranges, in CIDR notation
+ (for example, 192.0.2.0/16).
+ :type ip_ranges: ``List`` of ``str``
+
+ :param dry_run: If true, checks whether you have the required
+ permissions to perform the action.
+ :type dry_run: ``bool``
+
+ :return: a List of API access rules.
+ :rtype: ``List`` of ``dict`` if successfull or ``dict``
+ """
+
+ action = "UpdateApiAccessRule"
+ data = {"DryRun": dry_run, "ApiAccessRuleId": api_access_rule_id}
+ if description is not None:
+ data["Description"] = description
+ if ip_ranges is not None:
+ data["IpRanges"] = ip_ranges
+ if ca_ids is not None:
+ data["CaIds"] = ca_ids
+ if cns is not None:
+ data["Cns"] = cns
+ response = self._call_api(action, json.dumps(data))
+ if response.status_code == 200:
+ return response.json()["ApiAccessRules"]
+ return response.json()
+
def _get_outscale_endpoint(self, region: str, version: str, action: str):
return "https://api.{}.{}/api/{}/{}".format(
region,