libcloud-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From to...@apache.org
Subject [libcloud] 01/05: Add outscale's api access rule system.
Date Fri, 26 Feb 2021 22:34:52 GMT
This is an automated email from the ASF dual-hosted git repository.

tomaz pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/libcloud.git

commit d9cb371c1368f84ff8c15a87207bc44402231b87
Author: Fran├žois NOUAILLE DEGORCE <francois.nouaille-degorce@outscale.com>
AuthorDate: Thu Jan 7 14:30:36 2021 +0100

    Add outscale's api access rule system.
---
 docs/compute/drivers/outscale.rst    |   8 ++
 libcloud/compute/drivers/outscale.py | 190 +++++++++++++++++++++++++++++++++++
 2 files changed, 198 insertions(+)

diff --git a/docs/compute/drivers/outscale.rst b/docs/compute/drivers/outscale.rst
index 04d4567..9494db9 100644
--- a/docs/compute/drivers/outscale.rst
+++ b/docs/compute/drivers/outscale.rst
@@ -349,3 +349,11 @@ Certificate Authority
 * ``ex_delete_certificate_authority`` - Returns a ``bool``
 * ``ex_read_certificate_authorities`` - Returns a ``list`` of ``dict``
 
+API Access Rules
+----------------
+* ``ex_create_api_access_rule`` - Returns a ``dict``
+* ``ex_delete_api_access_rule`` - Returns a ``bool``
+* ``ex_read_api_access_rules`` - Returns a ``list`` of ``dict``
+* ``ex_update_api_access_rule`` - Returns a ``dict``
+
+
diff --git a/libcloud/compute/drivers/outscale.py b/libcloud/compute/drivers/outscale.py
index c468fd5..261acac 100644
--- a/libcloud/compute/drivers/outscale.py
+++ b/libcloud/compute/drivers/outscale.py
@@ -7831,6 +7831,196 @@ class OutscaleNodeDriver(NodeDriver):
             return response.json()["Ca"]
         return response.json()
 
+    def ex_create_api_access_rule(
+        self,
+        description: str = None,
+        ip_ranges: List[str] = None,
+        ca_ids: List[str] = None,
+        cns: List[str] = None,
+        dry_run: bool = False,
+    ):
+        """
+        Create an API access rule.
+        It is a rule to allow access to the API from your account.
+        You need to specify at least the CaIds or the IpRanges parameter.
+
+        :param      description: The description of the new rule.
+        :type       description: ``str``
+
+        :param      ip_ranges: One or more IP ranges, in CIDR notation
+        (for example, 192.0.2.0/16).
+        :type       ip_ranges: ``List`` of ``str``
+
+        :param      ca_ids: One or more IDs of Client Certificate Authorities
+        (CAs).
+        :type       ca_ids: ``List`` of ``str``
+
+        :param      cns: One or more Client Certificate Common Names (CNs).
+        If this parameter is specified, you must also specify the ca_ids
+        parameter.
+        :type       cns: ``List`` of ``str``
+
+        :param      dry_run: If true, checks whether you have the required
+        permissions to perform the action.
+        :type       dry_run: ``bool``
+
+        :return: a dict containing the API access rule created.
+        :rtype: ``dict``
+        """
+        action = "CreateApiAccessRule"
+        data = {"DryRun": dry_run}
+        if description is not None:
+            data["Description"] = description
+        if ip_ranges is not None:
+            data["IpRanges"] = ip_ranges
+        if ca_ids is not None:
+            data["CaIds"] = ca_ids
+        if cns is not None:
+            data["Cns"] = cns
+        response = self._call_api(action, json.dumps(data))
+        if response.status_code == 200:
+            return response.json()["ApiAccessRule"]
+        return response.json()
+
+    def ex_delete_api_access_rule(
+        self,
+        api_access_rule_id: str = None,
+        dry_run: bool = False,
+    ):
+        """
+        Delete an API access rule.
+        You cannot delete the last remaining API access rule.
+
+        :param      api_access_rule_id: The id of the targeted rule.
+        :type       api_access_rule_id: ``str``
+
+        :param      dry_run: If true, checks whether you have the required
+        permissions to perform the action.
+        :type       dry_run: ``bool``
+
+        :return: true if successfull.
+        :rtype: ``bool`` if successful or  ``dict``
+        """
+        action = "DeleteApiAccessRule"
+        data = {"ApiAccessRuleId": api_access_rule_id, "DryRun": dry_run}
+        response = self._call_api(action, json.dumps(data))
+        if response.status_code == 200:
+            return True
+        return response.json()
+
+    def ex_read_api_access_rules(
+        self,
+        api_access_rules_ids: List[str] = None,
+        ca_ids: List[str] = None,
+        cns: List[str] = None,
+        descriptions: List[str] = None,
+        ip_ranges: List[str] = None,
+        dry_run: bool = False,
+    ):
+        """
+        Read API access rules.
+
+        :param      api_access_rules_ids: The List containing rules ids to
+        filter the request.
+        :type       api_access_rules_ids: ``List`` of ``str``
+
+        :param      ca_ids: The List containing CA ids to filter the request.
+        :type       ca_ids: ``List`` of ``str``
+
+        :param      cns: The List containing cns to filter the request.
+        :type       cns: ``List`` of ``str``
+
+        :param      descriptions: The List containing descriptions to filter
+        the request.
+        :type       descriptions: ``List`` of ``str``
+
+        :param      ip_ranges: The List containing ip ranges in CIDR notation
+        (for example, 192.0.2.0/16) to filter the request.
+        :type       ip_ranges: ``List`` of ``str``
+
+        :param      dry_run: If true, checks whether you have the required
+        permissions to perform the action.
+        :type       dry_run: ``bool``
+
+        :return: a List of API access rules.
+        :rtype: ``List`` of ``dict`` if successfull or  ``dict``
+        """
+
+        action = "ReadApiAccessRules"
+        filters = {}
+        if api_access_rules_ids is not None:
+            filters["ApiAccessRulesIds"] = api_access_rules_ids
+        if ca_ids is not None:
+            filters["CaIds"] = ca_ids
+        if cns is not None:
+            filters["Cns"] = cns
+        if descriptions is not None:
+            filters["Descriptions"] = descriptions
+        if ip_ranges is not None:
+            filters["IpRanges"] = ip_ranges
+        data = {"Filters": filters, "DryRun": dry_run}
+        response = self._call_api(action, json.dumps(data))
+        if response.status_code == 200:
+            return response.json()["ApiAccessRules"]
+        return response.json()
+
+    def ex_update_api_access_rule(
+        self,
+        api_access_rule_id: str = None,
+        ca_ids: List[str] = None,
+        cns: List[str] = None,
+        description: str = None,
+        ip_ranges: List[str] = None,
+        dry_run: bool = False,
+    ):
+        """
+        Update an API access rules.
+        The new rule you specify fully replaces the old rule. Therefore,
+        for a parameter that is not specified, any previously set value
+        is deleted.
+
+        :param      api_access_rule_id: The id of the rule we want to update.
+        :type       api_access_rule_id: ``str``
+
+        :param      ca_ids: One or more IDs of Client Certificate Authorities
+        (CAs).
+        :type       ca_ids: ``List`` of ``str``
+
+        :param      cns: One or more Client Certificate Common Names (CNs).
+        If this parameter is specified, you must also specify the ca_ids
+        parameter.
+        :type       cns: ``List`` of ``str``
+
+        :param      description: The description of the new rule.
+        :type       description: ``str``
+
+        :param      ip_ranges: One or more IP ranges, in CIDR notation
+        (for example, 192.0.2.0/16).
+        :type       ip_ranges: ``List`` of ``str``
+
+        :param      dry_run: If true, checks whether you have the required
+        permissions to perform the action.
+        :type       dry_run: ``bool``
+
+        :return: a List of API access rules.
+        :rtype: ``List`` of ``dict`` if successfull or  ``dict``
+        """
+
+        action = "UpdateApiAccessRule"
+        data = {"DryRun": dry_run, "ApiAccessRuleId": api_access_rule_id}
+        if description is not None:
+            data["Description"] = description
+        if ip_ranges is not None:
+            data["IpRanges"] = ip_ranges
+        if ca_ids is not None:
+            data["CaIds"] = ca_ids
+        if cns is not None:
+            data["Cns"] = cns
+        response = self._call_api(action, json.dumps(data))
+        if response.status_code == 200:
+            return response.json()["ApiAccessRules"]
+        return response.json()
+
     def _get_outscale_endpoint(self, region: str, version: str, action: str):
         return "https://api.{}.{}/api/{}/{}".format(
             region,


Mime
View raw message