From 9a5395f1b2e1c62009af21c520dfaf26a0ced3d2 Mon Sep 17 00:00:00 2001 From: Samuel de Medeiros Queiroz Date: Mon, 23 May 2016 18:07:59 -0300 Subject: [PATCH] Migrate identity /v3 docs from api-ref repo Docs at [1] have already been converted from WADL (SGML / XML) to RST using fairy-slipper [2]. This commit polish the results from the conversion and migrate the docs to our repository under 'api-ref/source' directory. In addition, it added missing descriptions for access_token_id and consumer_id to 'parameters.yaml'. Polishing the generated RST files include: - Removing unnecessary blank lines; - Removing empty references. Polishing the generated RST files do not include: - Modifying their content; - Modifying file names; - Wrapping lines at the maximum of 79 chars. Updating the documentation will be done after this migration step. This change also adds a tox environment to build the docs using sphinx under 'api-ref/build', which in turn is added to '.gitignore'. Lastly, 'os-api-ref' is added as a test requirement. It provides the sphinx stanzas rest_method and rest_parameter, used to define OpenStack APIs in RST docs. [1] https://github.com/openstack/api-site/tree/master/api-ref/source/identity/v3 [2] https://github.com/russell/fairy-slipper Change-Id: If1b9a3e1b2e4ea7211c337071254c26b881893a3 --- .gitignore | 1 + api-ref/source/conf.py | 202 +++ api-ref/source/index.inc | 34 + api-ref/source/v3/authenticate-v3.inc | 433 +++++ api-ref/source/v3/credentials.inc | 202 +++ api-ref/source/v3/domains-config-v3.inc | 367 +++++ api-ref/source/v3/domains.inc | 211 +++ api-ref/source/v3/groups.inc | 291 ++++ api-ref/source/v3/identity_v3_OS-OAUTH1.inc | 367 +++++ api-ref/source/v3/parameters.yaml | 1394 +++++++++++++++++ api-ref/source/v3/policies.inc | 201 +++ api-ref/source/v3/projects.inc | 291 ++++ api-ref/source/v3/regions-v3.inc | 210 +++ api-ref/source/v3/roles.inc | 587 +++++++ ...y-endpoint-associations-list-response.json | 29 + .../policy-show-response.json | 14 + .../group-roles-domain-list-response.json | 23 + .../OS-INHERIT/group-roles-list-response.json | 23 + ...e-assignments-effective-list-response.json | 42 + .../role-assignments-list-response.json | 42 + .../user-roles-domain-list-response.json | 23 + .../OS-INHERIT/user-roles-list-response.json | 23 + .../samples/OS-KDS/group-create-request.json | 3 + .../samples/OS-KDS/group-create-response.json | 3 + .../OS-KDS/group-key-show-response.json | 3 + .../v3/samples/OS-KDS/key-create-request.json | 3 + .../samples/OS-KDS/key-create-response.json | 4 + .../OS-KDS/ticket-generate-request.json | 4 + .../OS-KDS/ticket-generate-response.json | 6 + .../access-token-create-response.txt | 1 + .../OS-OAUTH1/access-token-show-response.json | 13 + .../access-tokens-list-response.json | 20 + .../OS-OAUTH1/authorize-update-response.json | 5 + .../OS-OAUTH1/consumer-show-response.json | 9 + .../OS-OAUTH1/consumer-update-request.json | 5 + .../OS-OAUTH1/consumer-update-response.json | 9 + .../OS-OAUTH1/consumers-create-request.json | 5 + .../OS-OAUTH1/consumers-create-response.json | 10 + .../OS-OAUTH1/consumers-list-response.json | 22 + .../request-token-create-response.txt | 1 + .../OS-TRUST/trust-create-request.json | 14 + .../OS-TRUST/trust-create-response.json | 28 + ...th-password-explicit-unscoped-request.json | 16 + ...h-password-explicit-unscoped-response.json | 21 + .../auth-password-project-scoped-request.json | 20 + ...auth-password-project-scoped-response.json | 401 +++++ ...password-unscoped-request-with-domain.json | 18 + .../admin/auth-password-unscoped-request.json | 15 + .../auth-password-unscoped-response.json | 21 + ...h-password-user-name-unscoped-request.json | 18 + ...sword-user-name-unscoped-response-HTTP.txt | 8 + .../admin/auth-token-scoped-request.json | 17 + .../admin/auth-token-scoped-response.json | 401 +++++ .../admin/auth-token-unscoped-request.json | 12 + .../admin/auth-token-unscoped-response.json | 21 + .../admin/credential-create-request.json | 8 + .../admin/credential-create-response.json | 12 + .../admin/credential-show-response.json | 12 + .../admin/credential-update-request.json | 8 + .../admin/credential-update-response.json | 12 + .../admin/credentials-list-response.json | 109 ++ ...ain-config-group-option-show-response.json | 3 + ...in-config-group-option-update-request.json | 3 + ...n-config-group-option-update-response.json | 11 + .../domain-config-group-show-response.json | 6 + .../domain-config-group-update-request.json | 8 + .../domain-config-group-update-response.json | 11 + .../admin/domain-config-show-response.json | 11 + .../admin/domain-config-update-request.json | 8 + .../admin/domain-config-update-response.json | 11 + .../samples/admin/domain-create-request.json | 7 + .../samples/admin/domain-create-response.json | 11 + .../domain-group-roles-list-response.json | 23 + .../admin/domain-group-update-request.json | 8 + .../samples/admin/domain-show-response.json | 11 + .../samples/admin/domain-update-request.json | 5 + .../samples/admin/domain-update-response.json | 11 + .../domain-user-roles-list-response.json | 23 + .../samples/admin/domains-list-response.json | 27 + .../admin/endpoint-create-request.json | 9 + .../admin/endpoint-create-response.json | 15 + .../samples/admin/endpoint-show-response.json | 14 + .../admin/endpoint-update-request.json | 9 + .../admin/endpoint-update-response.json | 13 + .../admin/endpoints-list-response.json | 333 ++++ .../samples/admin/group-create-request.json | 7 + .../samples/admin/group-create-response.json | 11 + .../v3/samples/admin/group-show-response.json | 11 + .../samples/admin/group-update-request.json | 6 + .../samples/admin/group-update-response.json | 11 + .../admin/group-users-list-response.json | 19 + .../samples/admin/groups-list-response.json | 27 + .../admin/identity-version-response.json | 19 + .../admin/identity-versions-response.json | 45 + .../samples/admin/policies-list-response.json | 37 + .../samples/admin/policy-create-request.json | 8 + .../samples/admin/policy-create-response.json | 12 + .../samples/admin/policy-show-response.json | 16 + .../samples/admin/policy-update-request.json | 12 + .../samples/admin/policy-update-response.json | 16 + .../samples/admin/project-create-request.json | 9 + .../admin/project-create-response.json | 14 + .../samples/admin/project-enable-request.json | 5 + .../project-group-roles-list-response.json | 23 + .../samples/admin/project-show-response.json | 13 + .../samples/admin/project-update-request.json | 8 + .../admin/project-update-response.json | 17 + .../project-user-roles-list-response.json | 16 + .../samples/admin/projects-list-response.json | 97 ++ .../samples/admin/region-create-request.json | 7 + .../samples/admin/region-create-response.json | 10 + .../samples/admin/region-show-response.json | 10 + .../samples/admin/region-update-request.json | 5 + .../samples/admin/region-update-response.json | 10 + .../samples/admin/regions-list-response.json | 17 + ...e-assignments-effective-list-response.json | 42 + ...le-assignments-effective-list-response.txt | 1 + .../admin/role-assignments-list-response.json | 41 + .../admin/role-assignments-list-response.txt | 1 + .../v3/samples/admin/role-create-request.json | 5 + .../samples/admin/role-create-response.json | 9 + .../v3/samples/admin/role-show-response.json | 9 + .../v3/samples/admin/role-update-request.json | 5 + .../samples/admin/role-update-response.json | 9 + .../v3/samples/admin/roles-list-response.json | 51 + .../samples/admin/service-create-request.json | 7 + .../admin/service-create-response.json | 12 + .../samples/admin/service-show-response.json | 12 + .../samples/admin/service-update-request.json | 5 + .../admin/service-update-response.json | 12 + .../samples/admin/services-list-response.json | 99 ++ .../samples/admin/token-validate-request.txt | 3 + .../v3/samples/admin/user-create-request.json | 11 + .../samples/admin/user-create-response.json | 14 + .../admin/user-groups-list-response.json | 27 + .../admin/user-password-update-request.json | 6 + .../admin/user-projects-list-response.json | 31 + .../v3/samples/admin/user-show-response.json | 14 + .../v3/samples/admin/user-update-request.json | 8 + .../samples/admin/user-update-response.json | 14 + .../v3/samples/admin/users-list-response.json | 139 ++ api-ref/source/v3/service-catalog.inc | 392 +++++ api-ref/source/v3/users.inc | 288 ++++ keystone/version/__init__.py | 15 + test-requirements.txt | 1 + tox.ini | 17 +- 146 files changed, 8736 insertions(+), 1 deletion(-) create mode 100644 api-ref/source/conf.py create mode 100644 api-ref/source/index.inc create mode 100644 api-ref/source/v3/authenticate-v3.inc create mode 100644 api-ref/source/v3/credentials.inc create mode 100644 api-ref/source/v3/domains-config-v3.inc create mode 100644 api-ref/source/v3/domains.inc create mode 100644 api-ref/source/v3/groups.inc create mode 100644 api-ref/source/v3/identity_v3_OS-OAUTH1.inc create mode 100644 api-ref/source/v3/parameters.yaml create mode 100644 api-ref/source/v3/policies.inc create mode 100644 api-ref/source/v3/projects.inc create mode 100644 api-ref/source/v3/regions-v3.inc create mode 100644 api-ref/source/v3/roles.inc create mode 100644 api-ref/source/v3/samples/OS-ENDPOINT-POLICY/policy-endpoint-associations-list-response.json create mode 100644 api-ref/source/v3/samples/OS-ENDPOINT-POLICY/policy-show-response.json create mode 100644 api-ref/source/v3/samples/OS-INHERIT/group-roles-domain-list-response.json create mode 100644 api-ref/source/v3/samples/OS-INHERIT/group-roles-list-response.json create mode 100644 api-ref/source/v3/samples/OS-INHERIT/role-assignments-effective-list-response.json create mode 100644 api-ref/source/v3/samples/OS-INHERIT/role-assignments-list-response.json create mode 100644 api-ref/source/v3/samples/OS-INHERIT/user-roles-domain-list-response.json create mode 100644 api-ref/source/v3/samples/OS-INHERIT/user-roles-list-response.json create mode 100644 api-ref/source/v3/samples/OS-KDS/group-create-request.json create mode 100644 api-ref/source/v3/samples/OS-KDS/group-create-response.json create mode 100644 api-ref/source/v3/samples/OS-KDS/group-key-show-response.json create mode 100644 api-ref/source/v3/samples/OS-KDS/key-create-request.json create mode 100644 api-ref/source/v3/samples/OS-KDS/key-create-response.json create mode 100644 api-ref/source/v3/samples/OS-KDS/ticket-generate-request.json create mode 100644 api-ref/source/v3/samples/OS-KDS/ticket-generate-response.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/access-token-create-response.txt create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/access-token-show-response.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/access-tokens-list-response.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/authorize-update-response.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/consumer-show-response.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/consumer-update-request.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/consumer-update-response.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/consumers-create-request.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/consumers-create-response.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/consumers-list-response.json create mode 100644 api-ref/source/v3/samples/OS-OAUTH1/request-token-create-response.txt create mode 100644 api-ref/source/v3/samples/OS-TRUST/trust-create-request.json create mode 100644 api-ref/source/v3/samples/OS-TRUST/trust-create-response.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-explicit-unscoped-request.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-explicit-unscoped-response.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-project-scoped-request.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-project-scoped-response.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-unscoped-request-with-domain.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-unscoped-request.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-unscoped-response.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-user-name-unscoped-request.json create mode 100644 api-ref/source/v3/samples/admin/auth-password-user-name-unscoped-response-HTTP.txt create mode 100644 api-ref/source/v3/samples/admin/auth-token-scoped-request.json create mode 100644 api-ref/source/v3/samples/admin/auth-token-scoped-response.json create mode 100644 api-ref/source/v3/samples/admin/auth-token-unscoped-request.json create mode 100644 api-ref/source/v3/samples/admin/auth-token-unscoped-response.json create mode 100644 api-ref/source/v3/samples/admin/credential-create-request.json create mode 100644 api-ref/source/v3/samples/admin/credential-create-response.json create mode 100644 api-ref/source/v3/samples/admin/credential-show-response.json create mode 100644 api-ref/source/v3/samples/admin/credential-update-request.json create mode 100644 api-ref/source/v3/samples/admin/credential-update-response.json create mode 100644 api-ref/source/v3/samples/admin/credentials-list-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-group-option-show-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-group-option-update-request.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-group-option-update-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-group-show-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-group-update-request.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-group-update-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-show-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-update-request.json create mode 100644 api-ref/source/v3/samples/admin/domain-config-update-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-create-request.json create mode 100644 api-ref/source/v3/samples/admin/domain-create-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-group-roles-list-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-group-update-request.json create mode 100644 api-ref/source/v3/samples/admin/domain-show-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-update-request.json create mode 100644 api-ref/source/v3/samples/admin/domain-update-response.json create mode 100644 api-ref/source/v3/samples/admin/domain-user-roles-list-response.json create mode 100644 api-ref/source/v3/samples/admin/domains-list-response.json create mode 100644 api-ref/source/v3/samples/admin/endpoint-create-request.json create mode 100644 api-ref/source/v3/samples/admin/endpoint-create-response.json create mode 100644 api-ref/source/v3/samples/admin/endpoint-show-response.json create mode 100644 api-ref/source/v3/samples/admin/endpoint-update-request.json create mode 100644 api-ref/source/v3/samples/admin/endpoint-update-response.json create mode 100644 api-ref/source/v3/samples/admin/endpoints-list-response.json create mode 100644 api-ref/source/v3/samples/admin/group-create-request.json create mode 100644 api-ref/source/v3/samples/admin/group-create-response.json create mode 100644 api-ref/source/v3/samples/admin/group-show-response.json create mode 100644 api-ref/source/v3/samples/admin/group-update-request.json create mode 100644 api-ref/source/v3/samples/admin/group-update-response.json create mode 100644 api-ref/source/v3/samples/admin/group-users-list-response.json create mode 100644 api-ref/source/v3/samples/admin/groups-list-response.json create mode 100644 api-ref/source/v3/samples/admin/identity-version-response.json create mode 100644 api-ref/source/v3/samples/admin/identity-versions-response.json create mode 100644 api-ref/source/v3/samples/admin/policies-list-response.json create mode 100644 api-ref/source/v3/samples/admin/policy-create-request.json create mode 100644 api-ref/source/v3/samples/admin/policy-create-response.json create mode 100644 api-ref/source/v3/samples/admin/policy-show-response.json create mode 100644 api-ref/source/v3/samples/admin/policy-update-request.json create mode 100644 api-ref/source/v3/samples/admin/policy-update-response.json create mode 100644 api-ref/source/v3/samples/admin/project-create-request.json create mode 100644 api-ref/source/v3/samples/admin/project-create-response.json create mode 100644 api-ref/source/v3/samples/admin/project-enable-request.json create mode 100644 api-ref/source/v3/samples/admin/project-group-roles-list-response.json create mode 100644 api-ref/source/v3/samples/admin/project-show-response.json create mode 100644 api-ref/source/v3/samples/admin/project-update-request.json create mode 100644 api-ref/source/v3/samples/admin/project-update-response.json create mode 100644 api-ref/source/v3/samples/admin/project-user-roles-list-response.json create mode 100644 api-ref/source/v3/samples/admin/projects-list-response.json create mode 100644 api-ref/source/v3/samples/admin/region-create-request.json create mode 100644 api-ref/source/v3/samples/admin/region-create-response.json create mode 100644 api-ref/source/v3/samples/admin/region-show-response.json create mode 100644 api-ref/source/v3/samples/admin/region-update-request.json create mode 100644 api-ref/source/v3/samples/admin/region-update-response.json create mode 100644 api-ref/source/v3/samples/admin/regions-list-response.json create mode 100644 api-ref/source/v3/samples/admin/role-assignments-effective-list-response.json create mode 100644 api-ref/source/v3/samples/admin/role-assignments-effective-list-response.txt create mode 100644 api-ref/source/v3/samples/admin/role-assignments-list-response.json create mode 100644 api-ref/source/v3/samples/admin/role-assignments-list-response.txt create mode 100644 api-ref/source/v3/samples/admin/role-create-request.json create mode 100644 api-ref/source/v3/samples/admin/role-create-response.json create mode 100644 api-ref/source/v3/samples/admin/role-show-response.json create mode 100644 api-ref/source/v3/samples/admin/role-update-request.json create mode 100644 api-ref/source/v3/samples/admin/role-update-response.json create mode 100644 api-ref/source/v3/samples/admin/roles-list-response.json create mode 100644 api-ref/source/v3/samples/admin/service-create-request.json create mode 100644 api-ref/source/v3/samples/admin/service-create-response.json create mode 100644 api-ref/source/v3/samples/admin/service-show-response.json create mode 100644 api-ref/source/v3/samples/admin/service-update-request.json create mode 100644 api-ref/source/v3/samples/admin/service-update-response.json create mode 100644 api-ref/source/v3/samples/admin/services-list-response.json create mode 100644 api-ref/source/v3/samples/admin/token-validate-request.txt create mode 100644 api-ref/source/v3/samples/admin/user-create-request.json create mode 100644 api-ref/source/v3/samples/admin/user-create-response.json create mode 100644 api-ref/source/v3/samples/admin/user-groups-list-response.json create mode 100644 api-ref/source/v3/samples/admin/user-password-update-request.json create mode 100644 api-ref/source/v3/samples/admin/user-projects-list-response.json create mode 100644 api-ref/source/v3/samples/admin/user-show-response.json create mode 100644 api-ref/source/v3/samples/admin/user-update-request.json create mode 100644 api-ref/source/v3/samples/admin/user-update-response.json create mode 100644 api-ref/source/v3/samples/admin/users-list-response.json create mode 100644 api-ref/source/v3/service-catalog.inc create mode 100644 api-ref/source/v3/users.inc diff --git a/.gitignore b/.gitignore index 9c90971207..735cf7ef74 100644 --- a/.gitignore +++ b/.gitignore @@ -9,6 +9,7 @@ vendor keystone.egg-info/ *.log .coverage +api-ref/build coverage.xml cover/* covhtml diff --git a/api-ref/source/conf.py b/api-ref/source/conf.py new file mode 100644 index 0000000000..9781ea6790 --- /dev/null +++ b/api-ref/source/conf.py @@ -0,0 +1,202 @@ +# -*- coding: utf-8 -*- +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# keystone documentation build configuration file, created by +# sphinx-quickstart on Mon May 23 07:54:13 2016. +# +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import subprocess +import warnings + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones.[] +extensions = [ + 'os_api_ref', + 'oslosphinx', +] + +# Add any paths that contain templates here, relative to this directory. +# templates_path = ['_templates'] + +# The suffix of source filenames. +source_suffix = '.inc' + +# The encoding of source files. +# source_encoding = 'utf-8' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'Identity API Reference' +copyright = u'2010-present, OpenStack Foundation' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +from keystone import version as keystone_version +# The short X.Y version. +version = keystone_version.release_string() +# The full version, including alpha/beta/rc tags. +release = keystone_version.release_string() + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +# exclude_patterns = [] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +add_module_names = False + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +# html_theme = 'default' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +# html_theme_path = [] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +# html_static_path = ['_static'] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +git_cmd = ["git", "log", "--pretty=format:'%ad, commit %h'", "--date=local", + "-n1"] +try: + html_last_updated_fmt = subprocess.Popen( + git_cmd, stdout=subprocess.PIPE).communicate()[0] +except Exception: + warnings.warn('Cannot get last updated time from git repository. ' + 'Not setting "html_last_updated_fmt".') + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +# html_use_index = True + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +# html_show_sourcelink = True + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = 'keystonedoc' diff --git a/api-ref/source/index.inc b/api-ref/source/index.inc new file mode 100644 index 0000000000..5bd7d006a3 --- /dev/null +++ b/api-ref/source/index.inc @@ -0,0 +1,34 @@ +.. keystone documentation master file, created by + sphinx-quickstart on Mon May 23 07:54:13 2016. + You can adapt this file completely to your liking, but it should at least + contain the root `toctree` directive. + +Welcome to keystone's documentation! +==================================== + +Contents: + +.. toctree:: + :maxdepth: 2 + + v3/authenticate-v3.inc + v3/credentials + v3/domains + v3/domains-config-v3 + v3/groups + v3/identity_v3_OS-OAUTH1 + v3/policies + v3/projects + v3/regions-v3 + v3/roles + v3/service-catalog + v3/users + + +Indices and tables +================== + +* :ref:`genindex` +* :ref:`modindex` +* :ref:`search` + diff --git a/api-ref/source/v3/authenticate-v3.inc b/api-ref/source/v3/authenticate-v3.inc new file mode 100644 index 0000000000..f5fb55ca82 --- /dev/null +++ b/api-ref/source/v3/authenticate-v3.inc @@ -0,0 +1,433 @@ +.. -*- rst -*- + +================================================== +Authentication and token management (auth, tokens) +================================================== + +In exchange for a set of authentication credentials, the Identity +service generates tokens. A token represents the authenticated +identity of a user and, optionally, grants authorization on a +specific project or domain. + +The body of an authentication request must include a payload that +specifies the authentication method, which is ``password`` or +``token``, the credentials, and, optionally, the authorization +scope. You can scope a token to a project or domain, or the token +can be unscoped. You cannot scope a token to both a project and +domain. + +Tokens have IDs, which the Identity API returns in the ``X-Subject- +Token`` response header. + +Also, validates an authentication token and lists the domains, +projects, roles, and endpoints to which the token gives access. +Forces the immediate revocation of a token. + +After you obtain an authentication token, you can: + +- Make REST API requests to other OpenStack services. You supply the + ID of your authentication token in the ``X-Auth-Token`` request + header. + +- Validate your authentication token and list the domains, projects, + roles, and endpoints that your token gives you access to. + +- Use your token to request another token scoped for a different + domain and project. + +- Force the immediate revocation of a token. + +- List revoked public key infrastructure (PKI) tokens. + +The Identity API treats expired tokens as no longer valid tokens. +The deployment determines how long expired tokens are stored. + +These authentication errors can occur: + +**Authentication errors** + ++------------------------+----------------------------------------------------------------------+ +| Response code | Description | ++------------------------+----------------------------------------------------------------------+ +| ``Bad Request (400)`` | The Identity service failed to parse the request as expected. One | +| | of the following errors occurred: | +| | | +| | - A required attribute was missing. | +| | | +| | - An attribute that is not allowed was specified, such as an ID on a | +| | POST request in a basic CRUD operation. | +| | | +| | - An attribute of an unexpected data type was specified. | ++------------------------+----------------------------------------------------------------------+ +| ``Unauthorized (401)`` | One of the following errors occurred: | +| | | +| | - Authentication was not performed. | +| | | +| | - The specified ``X-Auth-Token`` header is not valid. | +| | | +| | - The authentication credentials are not valid. | ++------------------------+----------------------------------------------------------------------+ +| ``Forbidden (403)`` | The identity was successfully authenticated but it is not | +| | authorized to perform the requested action. | ++------------------------+----------------------------------------------------------------------+ +| ``Not Found (404)`` | An operation failed because a referenced entity cannot be found by | +| | ID. For a POST request, the referenced entity might be specified in | +| | the request body rather than in the resource path. | ++------------------------+----------------------------------------------------------------------+ +| ``Conflict (409)`` | A POST or PATCH operation failed. For example, a client tried to | +| | update a unique attribute for an entity, which conflicts with that | +| | of another entity in the same collection. | +| | | +| | Or, a client issued a create operation twice on a collection with a | +| | user-defined, unique attribute. For example, a client made a POST | +| | ``/users`` request two times for the unique, user-defined name | +| | attribute for a user entity. | ++------------------------+----------------------------------------------------------------------+ + + +Password authentication with unscoped authorization +=================================================== + +.. rest_method:: POST /v3/auth/tokens + +Authenticates an identity and generates a token. Uses the password authentication method. Authorization is unscoped. + +The request body must include a payload that specifies the +authentication method, which is ``password``, and the user, by ID +or name, and password credentials. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain: domain + - name: name + - auth: auth + - user: user + - password: password + - id: id + - identity: identity + - methods: methods + - nocatalog: nocatalog + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/auth-password-unscoped-request-with-domain.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - X-Subject-Token: X-Subject-Token + - domain: domain + - methods: methods + - expires_at: expires_at + - token: token + - extras: extras + - user: user + - audit_ids: audit_ids + - issued_at: issued_at + - id: id + - name: name + + +Password authentication with scoped authorization +================================================= + +.. rest_method:: POST /v3/auth/tokens + +Authenticates an identity and generates a token. Uses the password authentication method and scopes authorization to a project or domain. + +The request body must include a payload that specifies the +``password`` authentication method, the credentials, and the +``project`` or ``domain`` authorization scope. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - name: name + - auth: auth + - user: user + - scope: scope + - password: password + - id: id + - identity: identity + - methods: methods + - nocatalog: nocatalog + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/auth-password-project-scoped-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - X-Subject-Token: X-Subject-Token + - domain: domain + - region_id: region_id + - methods: methods + - roles: roles + - url: url + - region: region + - token: token + - expires_at: expires_at + - project: project + - issued_at: issued_at + - catalog: catalog + - extras: extras + - user: user + - audit_ids: audit_ids + - interface: interface + - endpoints: endpoints + - type: type + - id: id + - name: name + + +Password authentication with explicit unscoped authorization +============================================================ + +.. rest_method:: POST /v3/auth/tokens + +Authenticates an identity and generates a token. Uses the password authentication method with explicit unscoped authorization. + +The request body must include a payload that specifies the +``password`` authentication method, the credentials, and the +``unscoped`` authorization scope. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - name: name + - auth: auth + - user: user + - scope: scope + - password: password + - id: id + - identity: identity + - methods: methods + - nocatalog: nocatalog + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/auth-password-explicit-unscoped-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - X-Subject-Token: X-Subject-Token + - domain: domain + - methods: methods + - roles: roles + - expires_at: expires_at + - token: token + - extras: extras + - user: user + - audit_ids: audit_ids + - issued_at: issued_at + - id: id + - name: name + + +Token authentication with unscoped authorization +================================================ + +.. rest_method:: POST /v3/auth/tokens + +Authenticates an identity and generates a token. Uses the token authentication method. Authorization is unscoped. + +In the request body, provide the token ID. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - identity: identity + - token: token + - id: id + - auth: auth + - methods: methods + - nocatalog: nocatalog + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/auth-token-unscoped-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - X-Subject-Token: X-Subject-Token + - X-Auth-Token: X-Auth-Token + + +Token authentication with scoped authorization +============================================== + +.. rest_method:: POST /v3/auth/tokens + +Authenticates an identity and generates a token. Uses the token authentication method and scopes authorization to a project or domain. + +In the request body, provide the token ID and the ``project`` or +``domain`` authorization scope. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - methods: methods + - auth: auth + - token: token + - audit_ids: audit_ids + - scope: scope + - id: id + - identity: identity + - nocatalog: nocatalog + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/auth-token-scoped-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - X-Subject-Token: X-Subject-Token + - X-Auth-Token: X-Auth-Token + + +Validate and show information for token +======================================= + +.. rest_method:: GET /v3/auth/tokens + +Validates and shows information for a token, including its expiration date and authorization scope. + +Pass your own token in the ``X-Auth-Token`` request header. + +Pass the token that you want to validate in the ``X-Subject-Token`` +request header. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - X-Auth-Token: X-Auth-Token + - X-Subject-Token: X-Subject-Token + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - X-Subject-Token: X-Subject-Token + - X-Auth-Token: X-Auth-Token + - domain: domain + - methods: methods + - links: links + - user: user + - token: token + - expires_at: expires_at + - project: project + - catalog: catalog + - extras: extras + - roles: roles + - audit_ids: audit_ids + - issued_at: issued_at + - id: id + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/auth-token-unscoped-response.json + :language: javascript + + +Check token +=========== + +.. rest_method:: HEAD /v3/auth/tokens + +Validates a token. + +This call is similar to ``GET /auth/tokens`` but no response body +is provided even in the ``X-Subject-Token`` header. + +The Identity API returns the same response as when the subject +token was issued by ``POST /auth/tokens`` even if an error occurs +because the token is not valid. An HTTP ``204`` response code +indicates that the ``X-Subject-Token`` is valid. + + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - X-Auth-Token: X-Auth-Token + - X-Subject-Token: X-Subject-Token + + +Revoke token +============ + +.. rest_method:: DELETE /v3/auth/tokens + +Revokes a token. + +This call is similar to the HEAD ``/auth/tokens`` call except that +the ``X-Subject-Token`` token is immediately not valid, regardless +of the ``expires_at`` attribute value. An additional ``X-Auth- +Token`` is not required. + +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - X-Auth-Token: X-Auth-Token + - X-Subject-Token: X-Subject-Token diff --git a/api-ref/source/v3/credentials.inc b/api-ref/source/v3/credentials.inc new file mode 100644 index 0000000000..10be58e23c --- /dev/null +++ b/api-ref/source/v3/credentials.inc @@ -0,0 +1,202 @@ +.. -*- rst -*- + +========================= +Credentials (credentials) +========================= + +In exchange for a set of authentication credentials that the user +submits, the Identity service generates and returns a token. A +token represents the authenticated identity of a user and, +optionally, grants authorization on a specific project or domain. + +You can list all credentials, and create, show details for, update, +and delete a credential. + + +Create credential +================= + +.. rest_method:: POST /v3/credentials + +Creates a credential. + +The following example shows how to create an EC2-style credential. +The credential blob is a string that contains a JSON-serialized +dictionary with the ``access`` and ``secret`` keys. This format is +required when you specify the ``ec2`` type. To specify other +credentials, such as ``access_key``, change the type and contents +of the data blob. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - credential: credential + - project_id: project_id + - type: type + - blob: blob + - user_id: user_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/credential-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - credential: credential + - user_id: user_id + - links: links + - blob: blob + - project_id: project_id + - type: type + - id: id + + +List credentials +================ + +.. rest_method:: GET /v3/credentials + +Lists all credentials. + +Optionally, you can include the ``user_id`` query parameter in the +URI to filter the response by a user. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - links: links + - blob: blob + - credentials: credentials + - project_id: project_id + - type: type + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/credentials-list-response.json + :language: javascript + + +Show credential details +======================= + +.. rest_method:: GET /v3/credentials/{credential_id} + +Shows details for a credential. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - credential_id: credential_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - credential: credential + - user_id: user_id + - links: links + - blob: blob + - project_id: project_id + - type: type + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/credential-show-response.json + :language: javascript + + +Update credential +================= + +.. rest_method:: PATCH /v3/credentials/{credential_id} + +Updates a credential. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - credential: credential + - project_id: project_id + - type: type + - blob: blob + - user_id: user_id + - credential_id: credential_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/credential-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - credential: credential + - user_id: user_id + - links: links + - blob: blob + - project_id: project_id + - type: type + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/credential-update-response.json + :language: javascript + + +Delete credential +================= + +.. rest_method:: DELETE /v3/credentials/{credential_id} + +Deletes a credential. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - credential_id: credential_id diff --git a/api-ref/source/v3/domains-config-v3.inc b/api-ref/source/v3/domains-config-v3.inc new file mode 100644 index 0000000000..cfcad1488b --- /dev/null +++ b/api-ref/source/v3/domains-config-v3.inc @@ -0,0 +1,367 @@ +.. -*- rst -*- + +================================================================== +Domain configuration (domains, config) (since v3.4) (EXPERIMENTAL) +================================================================== + +You can manage domain-specific configuration options. + +Domain-specific configuration options are structured within their +group objects. The API supports only the ``identity`` and ``ldap`` +groups. These groups override the default configuration settings +for the storage of users and groups by the Identity server. + +You can create, update, and delete domain-specific configuration +options by using the HTTP PUT , PATCH , and DELETE methods. When +updating, it is only necessary to include those options that are +being updated. + +To create an option, use the PUT method. The Identity API does not +return options that are considered sensitive, although you can +create and update these options. The only option currently +considered sensitive is the ``password`` option within the ``ldap`` +group. + +The API enables you to include sensitive options as part of non- +sensitive options. For example, you can include the password as +part of the ``url`` option. + +If you try to create or update configuration options for groups +other than the ``identity`` or ``ldap`` groups, the ``Forbidden +(403)`` response code is returned. + +For information about how to integrate the Identity service with +LDAP, see `Integrate Identity with LDAP `_. + + +Show domain group option configuration +====================================== + +.. rest_method:: GET /v3/domains/{domain_id}/config/{group}/{option} + +Shows details for a domain group option configuration. + +The API supports only the ``identity`` and ``ldap`` groups. For the +``ldap`` group, a valid value is ``url`` or ``user_tree_dn``. For +the ``identity`` group, a valid value is ``driver``. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - group: group + - option: option + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-config-group-option-show-response.json + :language: javascript + + +Update domain group option configuration +======================================== + +.. rest_method:: PATCH /v3/domains/{domain_id}/config/{group}/{option} + +Updates a domain group option configuration. + +The API supports only the ``identity`` and ``ldap`` groups. For the +``ldap`` group, a valid value is ``url`` or ``user_tree_dn``. For +the ``identity`` group, a valid value is ``driver``. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + - domain_id: domain_id + - group: group + - option: option + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/domain-config-group-option-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-config-group-option-update-response.json + :language: javascript + + +Delete domain group option configuration +======================================== + +.. rest_method:: DELETE /v3/domains/{domain_id}/config/{group}/{option} + +Deletes a domain group option configuration. + +The API supports only the ``identity`` and ``ldap`` groups. For the +``ldap`` group, a valid value is ``url`` or ``user_tree_dn``. For +the ``identity`` group, a valid value is ``driver``. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - group: group + - option: option + + +Show domain group configuration +=============================== + +.. rest_method:: GET /v3/domains/{domain_id}/config/{group} + +Shows details for a domain group configuration. + +The API supports only the ``identity`` and ``ldap`` groups. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - group: group + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-config-group-show-response.json + :language: javascript + + +Update domain group configuration +================================= + +.. rest_method:: PATCH /v3/domains/{domain_id}/config/{group} + +Updates a domain group configuration. + +The API supports only the ``identity`` and ``ldap`` groups. If you +try to set configuration options for other groups, this call fails +with the ``Forbidden (403)`` response code. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + - domain_id: domain_id + - group: group + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/domain-config-group-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-config-group-update-response.json + :language: javascript + + +Delete domain group configuration +================================= + +.. rest_method:: DELETE /v3/domains/{domain_id}/config/{group} + +Deletes a domain group configuration. + +The API supports only the ``identity`` and ``ldap`` groups. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - group: group + + +Show domain configuration +========================= + +.. rest_method:: GET /v3/domains/{domain_id}/config + +Shows details for a domain configuration. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-config-show-response.json + :language: javascript + + +Update domain configuration +=========================== + +.. rest_method:: PATCH /v3/domains/{domain_id}/config + +Updates a domain configuration. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + - domain_id: domain_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/domain-config-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - url: url + - driver: driver + - ldap: ldap + - config: config + - user_tree_dn: user_tree_dn + - identity: identity + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-config-update-response.json + :language: javascript + + +Delete domain configuration +=========================== + +.. rest_method:: DELETE /v3/domains/{domain_id}/config + +Deletes a domain configuration. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id diff --git a/api-ref/source/v3/domains.inc b/api-ref/source/v3/domains.inc new file mode 100644 index 0000000000..0640266123 --- /dev/null +++ b/api-ref/source/v3/domains.inc @@ -0,0 +1,211 @@ +.. -*- rst -*- + +======================================= +Domains (domains, users, groups, roles) +======================================= + +A domain is a collection of users, groups, and projects. Each group +and project is owned by exactly one domain. + +Each domain defines a namespace where certain API-visible name +attributes exist, which affects whether those names must be +globally unique or unique within that domain. In the Identity API, +the uniqueness of these attributes is as follows: + +- *Domain name*. Globally unique across all domains. + +- *Role name*. Globally unique across all domains. + +- *User name*. Unique within the owning domain. + +- *Project name*. Unique within the owning domain. + +- *Group name*. Unique within the owning domain. + + +List domains +============ + +.. rest_method:: GET /v3/domains + +Lists all domains. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - name: name + - enabled: enabled + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - name: name + - links: links + - enabled: enabled + - domains: domains + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domains-list-response.json + :language: javascript + + +Create domain +============= + +.. rest_method:: POST /v3/domains + +Creates a domain. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain: domain + - enabled: enabled + - description: description + - name: name + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/domain-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - domain: domain + - name: name + - links: links + - enabled: enabled + - id: id + - description: description + + +Show domain details +=================== + +.. rest_method:: GET /v3/domains/{domain_id} + +Shows details for a domain. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - domain: domain + - name: name + - links: links + - enabled: enabled + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-show-response.json + :language: javascript + + +Update domain +============= + +.. rest_method:: PATCH /v3/domains/{domain_id} + +Updates a domain. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain: domain + - enabled: enabled + - description: description + - name: name + - domain_id: domain_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/domain-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - domain: domain + - name: name + - links: links + - enabled: enabled + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-update-response.json + :language: javascript + + +Delete domain +============= + +.. rest_method:: DELETE /v3/domains/{domain_id} + +Deletes a domain. + +To minimize the risk of accidentally deleting a domain, you must +first disable the domain by using the update domain method. + +When you delete a domain, this call also deletes all entities owned +by it, such as users, groups, and projects, and any credentials and +granted roles that relate to those entities. + +(Since v3.6) The deletion of a non-leaf domain in a domain +hierarchy tree is not allowed and fails with a ``Bad Request +(400)`` response code. + +If you try to delete an enabled domain, this call returns the +``Forbidden (403)`` response code. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id diff --git a/api-ref/source/v3/groups.inc b/api-ref/source/v3/groups.inc new file mode 100644 index 0000000000..d5f3894d28 --- /dev/null +++ b/api-ref/source/v3/groups.inc @@ -0,0 +1,291 @@ +.. -*- rst -*- + +====================== +Groups (groups, users) +====================== + +A group is a collection of users. Each group is owned by a domain. + +When you grant a role to a group, you explicitly associate that +group with a project or domain. This action is equivalent to +granting the role to each group member on that project and domain. + +When you grant a role to a group, that role is automatically +granted to any user that you add to the group. When you revoke a +role from a group, that role is automatically revoked from any user +that you remove from the group. Any token that authenticates that +user, project, and domain is revoked. + +As with users, a group without any role grants is useless from the +perspective an OpenStack service and has no access to resources. +However, a group without role grants is permitted as a way of +acquiring or loading users and groups from external sources before +mapping them to projects and domains. + + +Show group details +================== + +.. rest_method:: GET /v3/groups/{group_id} + +Shows details for a group. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - group_id: group_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - group: group + - name: name + - links: links + - domain_id: domain_id + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/group-show-response.json + :language: javascript + + +Update group +============ + +.. rest_method:: PATCH /v3/groups/{group_id} + +Updates a group. + +If the back-end driver does not support this functionality, the +call returns the ``Not Implemented (501)`` response code. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - group: group + - description: description + - name: name + - domain_id: domain_id + - group_id: group_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/group-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - group: group + - name: name + - links: links + - domain_id: domain_id + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/group-update-response.json + :language: javascript + + +Delete group +============ + +.. rest_method:: DELETE /v3/groups/{group_id} + +Deletes a group. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - group_id: group_id + + +Add user to group +================= + +.. rest_method:: PUT /v3/groups/{group_id}/users/{user_id} + +Adds a user to a group. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - group_id: group_id + + +Remove user from group +====================== + +.. rest_method:: DELETE /v3/groups/{group_id}/users/{user_id} + +Removes a user from a group. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - group_id: group_id + + +Check whether user belongs to group +=================================== + +.. rest_method:: HEAD /v3/groups/{group_id}/users/{user_id} + +Validates that a user belongs to a group. + +Error response codes:204,413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - group_id: group_id + + +List users in group +=================== + +.. rest_method:: GET /v3/groups/{group_id}/users + +Lists the users that belong to a group. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - group_id: group_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - name: name + - links: links + - enabled: enabled + - domain_id: domain_id + - email: email + - id: id + - users: users + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/group-users-list-response.json + :language: javascript + + +Create group +============ + +.. rest_method:: POST /v3/groups + +Creates a group. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - group: group + - description: description + - name: name + - domain_id: domain_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/group-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - group: group + - name: name + - links: links + - domain_id: domain_id + - id: id + - description: description + + +List groups +=========== + +.. rest_method:: GET /v3/groups + +Lists groups. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - name: name + - domain_id: domain_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - name: name + - links: links + - domain_id: domain_id + - groups: groups + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/groups-list-response.json + :language: javascript diff --git a/api-ref/source/v3/identity_v3_OS-OAUTH1.inc b/api-ref/source/v3/identity_v3_OS-OAUTH1.inc new file mode 100644 index 0000000000..24e757da76 --- /dev/null +++ b/api-ref/source/v3/identity_v3_OS-OAUTH1.inc @@ -0,0 +1,367 @@ +.. -*- rst -*- + +======================= +OAuth OAuth (OS-OAUTH1) +======================= + +Enables users to delegate roles to third-party consumers through +`The OAuth 1.0 Protocol `_. + +A user is an Identity API user who delegates its roles and who +authorizes request tokens. + +A consumer is a third-party application that uses OAuth to access a +protected resource. + +Administrative users use an OAuth-derived token to act on behalf of +the authorizing user. + +The consumer uses a request token to get authorization from the +user. The consumer provides an OAuth verifier string with the +request token in exchange for an access token. + +The consumer uses an access token to request Identity API tokens on +behalf of the authorizing user instead of using the credentials for +the user. + +Request and access tokens use token keys to identify themselves. +For OpenStack purposes, the token key is the token ID. The consumer +uses a token secret to establish ownership of a token. Both request +and access tokens have token secrets. + +Delegated authentication through OAuth occurs as follows: + +- A user creates a consumer. + +- The consumer gets an unauthorized request token. Then, the + consumer uses the request token to initiate user authorization. + +- The user authorizes the request token. + +- The consumer exchanges the authorized request token and the OAuth + verifier for an access token. + + The authorizing user receives the request token key from the + consumer out-of-band. + +- The consumer uses the access token to request an Identity API + token. + + +Create consumer +=============== + +.. rest_method:: POST /v3/OS-OAUTH1/consumers + +Enables a user to create a consumer. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - description: description + +Request Example +--------------- + +.. literalinclude:: ./samples/OS-OAUTH1/consumers-create-request.json + :language: javascript + + +List consumers +============== + +.. rest_method:: GET /v3/OS-OAUTH1/consumers + +Lists consumers. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Response Example +---------------- + +.. literalinclude:: ./samples/OS-OAUTH1/consumers-list-response.json + :language: javascript + + +Get authorized access token +=========================== + +.. rest_method:: GET /v3/OS-OAUTH1/users/{user_id}/access_tokens/{access_token_id} + +Gets an authorized access token. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - access_token_id: access_token_id + +Response Example +---------------- + +.. literalinclude:: ./samples/OS-OAUTH1/access-token-show-response.json + :language: javascript + + +Revoke access token +=================== + +.. rest_method:: DELETE /v3/OS-OAUTH1/users/{user_id}/access_tokens/{access_token_id} + +Enables a user to revoke an access token, which prevents the consumer from requesting new Identity Service API tokens. Also, revokes any Identity Service API tokens that were issued to the consumer through that access token. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - access_token_id: access_token_id + + +Create access token +=================== + +.. rest_method:: POST /v3/OS-OAUTH1/access_token + +Enables a consumer to create an access token by exchanging a request token for an access token. + +After the user authorizes the request token, the consumer exchanges +the authorized request token and OAuth verifier for an access +token. + +Supported signature methods: HMAC-SHA1. + +The consumer must provide all required OAuth parameters in the +request. See `Consumer Obtains a Request Token +`_. + +Supported signature methods: HMAC-SHA1. + +You must provide all required OAuth parameters in the request. See +`Consumer Obtains a Request Token +`_. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Response Example +---------------- + +.. literalinclude:: ./samples/OS-OAUTH1/access-token-create-response.txt + :language: javascript + + +Get an Identity Service token +============================= + +.. rest_method:: POST /v3/auth/tokens + +Enables a consumer to get an Identity Service authentication token. + +The token represents the delegated authorization and identity +(impersonation) of the authorizing user. The roles and scope of the +generated token match those that the consumer initially requested. + +Supported signature methods: HMAC-SHA1. + +The consumer must provide required OAuth parameters in the request. +See `Consumer Obtains a Request Token +`_. + +The returned token is scoped to the requested project and with the +requested roles. In addition to the standard token response, the +token has an OAuth-specific object. + +Example OAuth-specific object in a token: + +.. code-block:: json + + "OS-OAUTH1": { + "access_token_id": "cce0b8be7" + } + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + + +List authorized access tokens +============================= + +.. rest_method:: GET /v3/OS-OAUTH1/users/{user_id}/access_tokens + +Lists authorized access tokens. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + +Response Example +---------------- + +.. literalinclude:: ./samples/OS-OAUTH1/access-tokens-list-response.json + :language: javascript + + +Show consumer details +===================== + +.. rest_method:: GET /v3/OS-OAUTH1/consumers/{consumer_id} + +Shows details for a consumer. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - consumer_id: consumer_id + +Response Example +---------------- + +.. literalinclude:: ./samples/OS-OAUTH1/consumer-show-response.json + :language: javascript + + +Delete consumer +=============== + +.. rest_method:: DELETE /v3/OS-OAUTH1/consumers/{consumer_id} + +Deletes a consumer. + +When you delete a consumer, any associated request tokens, access +tokens, and Identity API tokens are also deleted. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - consumer_id: consumer_id + + +Update consumer +=============== + +.. rest_method:: PATCH /v3/OS-OAUTH1/consumers/{consumer_id} + +Updates the description for a consumer. + +If you try to update any attribute other than description, the HTTP +400 Bad Request error is returned. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - consumer_id: consumer_id + +Request Example +--------------- + +.. literalinclude:: ./samples/OS-OAUTH1/consumer-update-request.json + :language: javascript + +Response Example +---------------- + +.. literalinclude:: ./samples/OS-OAUTH1/consumer-update-response.json + :language: javascript + + +Show unauthorized request token +=============================== + +.. rest_method:: POST /v3/OS-OAUTH1/request_token + +Enables a consumer to get an unauthorized request token. + +Supported signature methods: HMAC-SHA1. + +The consumer must provide all required OAuth parameters in the +request. See `Consumer Obtains a Request Token +`_. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - requested_project_id: requested_project_id + +Response Example +---------------- + +.. literalinclude:: ./samples/OS-OAUTH1/request-token-create-response.txt + :language: javascript + + +List roles for an access token +============================== + +.. rest_method:: GET /v3/OS-OAUTH1/users/{user_id}/access_tokens/{access_token_id}/roles + +Lists associated roles for an access token. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - access_token_id: access_token_id + + +Show role details for an access token +===================================== + +.. rest_method:: GET /v3/OS-OAUTH1/users/{user_id}/access_tokens/{access_token_id}/roles/{role_id} + +Shows details for a role for an access token. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - role_id: role_id + - access_token_id: access_token_id diff --git a/api-ref/source/v3/parameters.yaml b/api-ref/source/v3/parameters.yaml new file mode 100644 index 0000000000..e9c6ec902a --- /dev/null +++ b/api-ref/source/v3/parameters.yaml @@ -0,0 +1,1394 @@ +# variables in header +X-Auth-Token: + description: | + A valid authentication token for an + administrative user. + in: header + required: true + type: string +X-Subject-Token: + description: | + The authentication token. An authentication + response returns the token ID in this header rather than in the + response body. + in: header + required: true + type: string +X-Subject-Token_1: + description: | + The authentication token for which you want to + perform the operation. + in: header + required: true + type: string + +# variables in path +access_token_id: + description: | + The ID of the access token. + in: path + required: true + type: string +consumer_id: + description: | + The ID of the consumer. + in: path + required: false + type: string +credential_id: + description: | + The UUID for the credential. + in: path + required: false + type: string +domain_id: + description: | + Filters the response by a domain ID. + in: path + required: false + type: string +endpoint_id: + description: | + The endpoint ID. + in: path + required: false + type: string +group_1: + description: | + The group name, which is ``ldap`` or + ``identity``. + in: path + required: false + type: string +group_id: + description: | + The group ID. + in: path + required: false + type: string +option: + description: | + The option name. For the ``ldap`` group, a valid + value is ``url`` or ``user_tree_dn``. For the ``identity`` group, + a valid value is ``driver``. + in: path + required: false + type: string +policy_id: + description: | + The policy ID. + in: path + required: false + type: string +project_id: + description: | + The project ID. + in: path + required: false + type: string +region_id_2: + description: | + The region ID. + in: path + required: false + type: string +role_id: + description: | + The role ID. + in: path + required: false + type: string +service_id_2: + description: | + The service ID. + in: path + required: false + type: string +user_id: + description: | + The user ID. + in: path + required: false + type: string + +# variables in query +domain_id_7: + description: | + Filters the response by a domain ID. + in: query + required: false + type: string +enabled_11: + description: | + Filters the response by either enabled (``true``) + or disabled (``false``) users. + in: query + required: false + type: string +enabled_6: + description: | + Filters the response by either enabled (``true``) + or disabled (``false``) domains. Users can authorize against an + enabled domain and any of its projects. Users that are owned by an + enabled domain can authenticate and receive additional + authorization. Users cannot authorize against a disabled domain + or any of its projects. Users that are owned by a disabled domain + cannot authenticate or receive additional authorization. All + tokens that are authorized for a disabled domain or its projects + become no longer valid. If you reenable the domain, these tokens + are not re- enabled. + in: query + required: false + type: string +enabled_9: + description: | + Filters the response by either enabled (``true``) + or disabled (``false``) projects. + in: query + required: false + type: string +interface_2: + description: | + Filters the response by an interface. + in: query + required: false + type: string +name_10: + description: | + Filters the response by a domain name. + in: query + required: false + type: string +name_13: + description: | + Filters the response by a project name. + in: query + required: false + type: string +name_14: + description: | + Filters the response by a role name. + in: query + required: false + type: string +name_16: + description: | + Filters the response by a user name. + in: query + required: false + type: string +nocatalog: + description: | + (Since v3.1) The authentication response excludes + the service catalog. By default, the response includes the service + catalog. + in: query + required: false + type: string +parent_id_2: + description: | + (Since v3.4) Filters the response by a parent ID. + in: query + required: false + type: string +parent_region_id_1: + description: | + Filters the response by a parent region, by ID. + in: query + required: false + type: string +service_id_3: + description: | + Filters the response by a service ID. + in: query + required: false + type: string +type_4: + description: | + Filters the response by a MIME media type for the + serialized policy blob. For example, ``application/json``. + in: query + required: false + type: string +type_5: + description: | + Filters the response by a service type. A valid + value is ``compute``, ``ec2``, ``identity``, ``image``, + ``network``, or ``volume``. + in: query + required: false + type: string +user_id_3: + description: | + Filters the response by a user ID. + in: query + required: false + type: string + +# variables in body +audit_ids: + description: | + A list of one or two audit IDs. An audit ID is a + unique, randomly generated, URL-safe string that you can use to + track a token. The first audit ID is the current audit ID for the + token. The second audit ID is present for only re-scoped tokens + and is the audit ID from the token before it was re-scoped. A re- + scoped token is one that was exchanged for another token of the + same or different scope. You can use these audit IDs to track the + use of a token or chain of tokens across multiple requests and + endpoints without exposing the token ID to non-privileged users. + in: body + required: true + type: array +auth: + description: | + An ``auth`` object. + in: body + required: true + type: object +blob: + description: | + The credential itself, as a serialized blob. + in: body + required: true + type: string +blob_1: + description: | + The policy rule set itself, as a serialized blob. + in: body + required: true + type: string +blob_2: + description: | + The policy rule itself, as a serialized blob. + in: body + required: true + type: object +blob_3: + description: | + The credential itself, as a serialized blob. + in: body + required: false + type: string +catalog: + description: | + A ``catalog`` object. + in: body + required: true + type: array +config: + description: | + A ``config`` object. + in: body + required: true + type: object +credential: + description: | + A ``credential`` object. + in: body + required: true + type: object +credentials: + description: | + A ``credentials`` object. + in: body + required: true + type: array +default_project_id: + description: | + The ID of the default project for the user. + Setting this attribute does not grant any actual authorization on + the project, and is merely provided for convenience. Therefore, + the referenced project does not need to exist within the user + domain. (Since v3.1) If the user does not have authorization to + their default project, the default project is ignored at token + creation. (Since v3.1) Additionally, if your default project is + not valid, a token is issued without an explicit scope of + authorization. + in: body + required: false + type: string +default_project_id_1: + description: | + The ID of the default project for the user. + in: body + required: true + type: string +description: + description: | + The domain description. + in: body + required: false + type: string +description_1: + description: | + The group description. + in: body + required: false + type: string +description_10: + description: | + The service description. + in: body + required: true + type: string +description_11: + description: | + The user description. + in: body + required: true + type: string +description_2: + description: | + The project description. + in: body + required: false + type: string +description_3: + description: | + The region description. + in: body + required: false + type: string +description_4: + description: | + The service description. + in: body + required: false + type: string +description_5: + description: | + The user description. + in: body + required: false + type: string +description_6: + description: | + The project description. + in: body + required: true + type: string +description_7: + description: | + The domain description. + in: body + required: true + type: string +description_8: + description: | + The group description. + in: body + required: true + type: string +description_9: + description: | + The region description. + in: body + required: true + type: string +domain: + description: | + A ``domain`` object. + in: body + required: true + type: object +domain_1: + description: | + A ``domain`` object. Required if you specify a + user name. + in: body + required: false + type: object +domain_2: + description: | + Specify either ``id`` or ``name`` to uniquely + identify the domain. + in: body + required: false + type: object +domain_id_1: + description: | + The ID of the domain that owns the group. If you + omit the domain ID, defaults to the domain to which the client + token is scoped. + in: body + required: false + type: string +domain_id_2: + description: | + The ID of the domain for the project. If you + omit the domain ID, default is the domain to which your token is + scoped. + in: body + required: false + type: string +domain_id_3: + description: | + The ID of the domain for the user. + in: body + required: false + type: string +domain_id_4: + description: | + The ID of the domain for the project. + in: body + required: true + type: string +domain_id_5: + description: | + The ID of the domain for the group. + in: body + required: true + type: string +domain_id_6: + description: | + The ID of the domain for the user. + in: body + required: true + type: string +domains: + description: | + A ``domains`` object. + in: body + required: true + type: array +driver: + description: | + The Identity back-end driver. + in: body + required: true + type: string +driver_1: + description: | + The Identity back-end driver. + in: body + required: false + type: string +email: + description: | + The email address for the user. + in: body + required: false + type: string +email_1: + description: | + The email address for the user. + in: body + required: true + type: string +enabled: + description: | + Enables or disables the domain. Users can + authorize against an enabled domain and any of its projects. Users + that are owned by an enabled domain can authenticate and receive + additional authorization. Users cannot authorize against a + disabled domain or any of its projects. Users that are owned by a + disabled domain cannot authenticate or receive additional + authorization. All tokens that are authorized for a disabled + domain or its projects become no longer valid. If you reenable the + domain, these tokens are not re- enabled. To enable the domain, + set to ``true``. To disable the domain, set to ``false``. Default + is ``true``. + in: body + required: false + type: boolean +enabled_1: + description: | + Defines whether the endpoint appears in the + service catalog: - ``false``. The endpoint does not appear in the + service catalog. - ``true``. The endpoint appears in the service + catalog. Default is ``true``. + in: body + required: false + type: boolean +enabled_10: + description: | + Defines whether the service and its endpoints + appear in the service catalog: - ``false``. The service and its + endpoints do not appear in the service catalog. - ``true``. The + service and its endpoints appear in the service catalog. + in: body + required: true + type: boolean +enabled_12: + description: | + Indicates whether the domain is enabled or + disabled. If set to ``true``, the domain is enabled. Users can + authorize against an enabled domain and any of its projects. Users + that are owned by an enabled domain can authenticate and receive + additional authorization. If set to ``false``, the domain is + disabled. Users cannot authorize against a disabled domain or any + of its projects. Users that are owned by a disabled domain cannot + authenticate or receive additional authorization. All tokens that + are authorized for a disabled domain or its projects become no + longer valid. If you reenable the domain, these tokens are not re- + enabled. + in: body + required: true + type: boolean +enabled_13: + description: | + If set to ``true``, project is enabled. If set to + ``false``, project is disabled. + in: body + required: true + type: boolean +enabled_2: + description: | + Enables or disables the project. Users can + authorize against an enabled project. Users cannot authorize + against a disabled project. All tokens that are authorized for a + disabled project become no longer valid. If you reenable the + project, these tokens are not re-enabled. To enable the project, + set to ``true``. To disable the project, set to ``false``. Default + is ``true``. + in: body + required: false + type: boolean +enabled_3: + description: | + Defines whether the service and its endpoints + appear in the service catalog: - ``false``. The service and its + endpoints do not appear in the service catalog. - ``true``. The + service and its endpoints appear in the service catalog. + Default is ``true``. + in: body + required: false + type: boolean +enabled_4: + description: | + Enables or disables the user. An enabled user + can authenticate and receive authorization. A disabled user + cannot authenticate or receive authorization. Additionally, all + tokens that the user holds become no longer valid. If you reenable + this user, pre-existing tokens do not become valid. To enable the + user, set to ``true``. To disable the user, set to ``false``. + Default is ``true``. + in: body + required: false + type: boolean +enabled_5: + description: | + Enables or disables the project and its subtree. + Users can authorize against an enabled project. Users cannot + authorize against a disabled project. All tokens that are + authorized for a disabled project become no longer valid. If you + reenable the project, these tokens are not re-enabled. To enable + the project and its subtree, set to ``true``. To disable the + project and its subtree, set to ``false``. Default is ``true``. + in: body + required: true + type: boolean +enabled_7: + description: | + Indicates whether the endpoint appears in the + service catalog: - ``false``. The endpoint does not appear in the + service catalog. - ``true``. The endpoint appears in the service + catalog. + in: body + required: true + type: boolean +enabled_8: + description: | + If the user is enabled, this value is ``true``. + If the user is disabled, this value is ``false``. + in: body + required: true + type: boolean +endpoint: + description: | + An ``endpoint`` object. + in: body + required: true + type: object +endpoints: + description: | + An ``endpoints`` object. + in: body + required: true + type: array +expires_at: + description: | + The date and time when the token expires. + + The date and time stamp format is `ISO 8601 + `_: + + :: + + CCYY-MM-DDThh:mm:ss±hh:mm + + For example, ``2015-08-27T09:49:58-05:00``. + + The ``±hh:mm`` value, if included, is the time zone as an offset + from UTC. In the previous example, the offset value is ``-05:00``. + + A ``null`` value indicates that the token never expires. + in: body + required: true + type: string +extras: + description: | + A set of metadata key and value pairs, if any. + in: body + required: true + type: object +group: + description: | + A ``group`` object. + in: body + required: true + type: object +groups: + description: | + A ``groups`` object. + in: body + required: true + type: array +id: + description: | + The ID of the user. Required if you do not + specify the user name. + in: body + required: false + type: string +id_1: + description: | + The ID of the domain. If you specify a user + name, you must specify either a domain ID or domain name. + in: body + required: false + type: string +id_10: + description: | + The role ID. + in: body + required: true + type: string +id_11: + description: | + The ID of the service. + in: body + required: true + type: string +id_12: + description: | + The ID for the user. + in: body + required: true + type: string +id_13: + description: | + The ID for the region. + in: body + required: true + type: string +id_14: + description: | + The user ID. + in: body + required: true + type: string +id_2: + description: | + A token ID. + in: body + required: false + type: string +id_3: + description: | + The UUID for the credential. + in: body + required: true + type: string +id_4: + description: | + The domain ID. + in: body + required: true + type: string +id_5: + description: | + The endpoint UUID. + in: body + required: true + type: string +id_6: + description: | + The ID for the group. + in: body + required: true + type: string +id_7: + description: | + The ID of the policy. + in: body + required: true + type: string +id_8: + description: | + The ID for the project. + in: body + required: true + type: string +id_9: + description: | + A user-defined region ID. If you include + characters in the region ID that are not allowed in a URI, you + must URL-encode the ID. If you omit an ID, the API assigns an ID + to the region. + in: body + required: false + type: string +identity: + description: | + An ``identity`` object. + in: body + required: true + type: object +identity_1: + description: | + An ``identity`` object. Required to set the + identity group configuration options. + in: body + required: true + type: object +interface: + description: | + The interface type, which describes the + visibility of the endpoint. Value is: - ``public``. Visible by + end users on a publicly available network interface. - + ``internal``. Visible by end users on an unmetered internal + network interface. - ``admin``. Visible by administrative users + on a secure network interface. + in: body + required: true + type: string +interface_1: + description: | + The interface type, which describes the + visibility of the endpoint. A valid value is: - ``public``. + Visible by end users on a publicly available network interface. + - ``internal``. Visible by end users on an unmetered internal + network interface. - ``admin``. Visible by administrative users + on a secure network interface. + in: body + required: true + type: string +is_domain: + description: | + (Since v3.6) Indicates whether the project also + acts as a domain. Set to ``true`` to define this project as both + a project and domain. As a domain, the project provides a name + space in which you can create users, groups, and other projects. + Set to ``false`` to define this project as a regular project that + contains only resources. Default is ``false``. You cannot update + this parameter after you create the project. + in: body + required: false + type: boolean +is_domain_1: + description: | + (Since v3.6) Indicates whether the project also + acts as a domain. If set to ``true``, this project acts as both a + project and domain. As a domain, the project provides a name space + in which you can create users, groups, and other projects. + Otherwise, this field does not appear in the response and this + project behaves as a regular project that contains only resources. + in: body + required: false + type: boolean +issued_at: + description: | + The date and time when the token was issued. + + The date and time stamp format is `ISO 8601 + `_: + + :: + + CCYY-MM-DDThh:mm:ss±hh:mm + + For example, ``2015-08-27T09:49:58-05:00``. + + The ``±hh:mm`` value, if included, is the time zone as an offset + from UTC. In the previous example, the offset value is ``-05:00``. + in: body + required: true + type: string +ldap: + description: | + An ``ldap`` object. Required to set the LDAP + group configuration options. + in: body + required: true + type: object +links: + description: | + The links for the ``credential`` resource. + in: body + required: true + type: object +links_1: + description: | + The links for the ``domain`` resource. + in: body + required: true + type: object +links_10: + description: | + The links for the ``credentials`` resource. + in: body + required: true + type: object +links_11: + description: | + The links for the ``domains`` resource. + in: body + required: true + type: object +links_12: + description: | + The links for the ``roles`` resource. + in: body + required: true + type: object +links_13: + description: | + The links for the ``endpoints`` resource. + in: body + required: true + type: object +links_14: + description: | + The links for the ``users`` resource. + in: body + required: true + type: object +links_2: + description: | + The links for the ``endpoint`` resource. + in: body + required: true + type: object +links_3: + description: | + The links for the ``group`` resource. + in: body + required: true + type: object +links_4: + description: | + The links for the ``policy`` resource. + in: body + required: true + type: object +links_5: + description: | + The links for the ``project`` resource. + in: body + required: true + type: object +links_6: + description: | + The links for the ``region`` resource. + in: body + required: true + type: object +links_7: + description: | + The links for the ``role`` resource. + in: body + required: true + type: object +links_8: + description: | + The links for the ``service`` resource. + in: body + required: true + type: object +links_9: + description: | + The links for the ``user`` resource. + in: body + required: true + type: object +methods: + description: | + The authentication method. For password + authentication, specify ``password``. + in: body + required: true + type: array +methods_1: + description: | + The authentication method. For token + authentication, specify ``token``. + in: body + required: true + type: array +methods_2: + description: | + The authentication method, which is ``password``, + ``token``, or both methods. Indicates the accumulated set of + authentication methods that were used to obtain the token. For + example, if the token was obtained by password authentication, it + contains ``password``. Later, if the token is exchanged by using + the token authentication method one or more times, the + subsequently created tokens contain both ``password`` and + ``token`` in their ``methods`` attribute. Unlike multi-factor + authentication, the ``methods`` attribute merely indicates the + methods that were used to authenticate the user in exchange for a + token. The client is responsible for determining the total number + of authentication factors. + in: body + required: true + type: array +name: + description: | + The user name. Required if you do not specify + the ID of the user. If you specify the user name, you must also + specify the domain, by ID or name. + in: body + required: false + type: string +name_1: + description: | + The name of the domain. If you specify a user + name, you must specify either a domain ID or domain name. + in: body + required: false + type: string +name_11: + description: | + The name of the group. + in: body + required: true + type: string +name_12: + description: | + The user name. Must be unique within the domain. + in: body + required: true + type: string +name_15: + description: | + The service name. + in: body + required: true + type: string +name_17: + description: | + The domain name. + in: body + required: false + type: string +name_18: + description: | + The group name. + in: body + required: false + type: string +name_19: + description: | + The user name. + in: body + required: true + type: string +name_2: + description: | + The domain name. + in: body + required: true + type: string +name_3: + description: | + The endpoint name. + in: body + required: true + type: string +name_4: + description: | + The group name. + in: body + required: true + type: string +name_5: + description: | + The project name, which must be unique within the + owning domain. The project can have the same name as its domain. + in: body + required: true + type: string +name_6: + description: | + The role name. + in: body + required: true + type: string +name_7: + description: | + The service name. + in: body + required: false + type: string +name_8: + description: | + The user name, which must be unique within the + owning domain. + in: body + required: true + type: string +name_9: + description: | + The project name. The project can have the same + name as its domain. + in: body + required: true + type: string +original_password: + description: | + The original password for the user. + in: body + required: true + type: string +parent_id: + description: | + (Since v3.4) The ID of the parent project. If + you omit the parent project ID, the project is a top-level + project. + in: body + required: false + type: string +parent_id_1: + description: | + (Since v3.4) The ID of the parent project. If + ``null``, the project is a top-level project. + in: body + required: true + type: string +parent_region_id: + description: | + To make this region a child of another region, + set this parameter to the ID of the parent region. + in: body + required: false + type: string +parent_region_id_2: + description: | + If the region is a child of another region, the + ID for the parent region. Otherwise, this value is ``null``. + in: body + required: true + type: string +password: + description: | + The user password. + in: body + required: true + type: string +password_1: + description: | + The password for the user. + in: body + required: true + type: string +password_2: + description: | + The new password for the user. + in: body + required: true + type: string +policies: + description: | + A ``policies`` object. + in: body + required: true + type: array +policy: + description: | + A ``policy`` object. + in: body + required: true + type: object +project: + description: | + A ``project`` object. + in: body + required: true + type: object +project_id_1: + description: | + The UUID for the associated project. + in: body + required: true + type: string +project_id_2: + description: | + The UUID for the associated project. + in: body + required: false + type: string +projects: + description: | + A ``projects`` object. + in: body + required: true + type: array +region: + description: | + (Deprecated in v3.2) The geographic location of + the service endpoint. + in: body + required: true + type: string +region_1: + description: | + A ``region`` object. + in: body + required: true + type: object +region_2: + description: | + (Deprecated in v3.2) The geographic location of + the service endpoint. Use the ``region_id`` parameter instead. + in: body + required: false + type: string +region_id: + description: | + (Since v3.2) The ID of the region that contains + the service endpoint. + in: body + required: true + type: string +region_id_1: + description: | + (Since v3.2) The ID of the region that contains + the service endpoint. + in: body + required: false + type: string +regions: + description: | + A ``regions`` object. + in: body + required: true + type: array +requested_project_id: + description: | + The ID of the requested project. + in: body + required: true + type: string +role: + description: | + A ``role`` object. + in: body + required: true + type: object +role_assignments: + description: | + A ``role_assignments`` object. + in: body + required: true + type: array +roles: + description: | + A ``roles`` object. + in: body + required: true + type: array +scope: + description: | + The authorization scope. (Since v3.4) Specify + ``unscoped`` to make an explicit unscoped token request, which + returns an unscoped response without any authorization. This + request behaves the same as a token request with no scope where + the user has no default project defined. If you do not make an + explicit ``unscoped`` token request and your role has a default + project, the response might return a project- scoped token. If a + default project is not defined, a token is issued without an + explicit scope of authorization, which is the same as asking for + an explicit unscoped token. + in: body + required: false + type: string +scope_1: + description: | + The authorization scope. - Specify ``project`` + to scope to a project, by ID or name. If you specify the project + by name, you must also specify the project domain to uniquely + identify the project. Because a project can have the same name + as its owning domain, the scope is determined, as follows: - + If the project name is truly unique, the token is scoped to the + project. - If a name clash exists between a project acting as a + domain and a regular project within that domain, the token is + scoped to the regular project. - In a name-clash situation, + if the user wants the token scoped to the project acting as + the domain, you must either specify use the project ID to + specify the scope or rename either the project acting as a + domain or the regular project. Alternatively, you can use a + domain name to uniquely identify the project. - Specify + ``domain`` to scope to a domain, by ID or name with equivalent + results to project scoping. The catalog returned from a domain- + scoped request contains all endpoints of a project- scoped + catalog, excluding ones that require a project ID as part of + their URL. You cannot simultaneously scope a token to a project + and domain. + in: body + required: false + type: object +service: + description: | + A ``service`` object. + in: body + required: true + type: object +service_id: + description: | + The UUID of the service to which the endpoint + belongs. + in: body + required: true + type: string +service_id_1: + description: | + The service ID. + in: body + required: false + type: string +services: + description: | + A ``services`` object. + in: body + required: true + type: array +token: + description: | + A ``token`` object. + in: body + required: true + type: object +token_1: + description: | + A ``token`` object. The token authentication + method is used. This method is typically used in combination with + a request to change authorization scope. + in: body + required: true + type: object +type: + description: | + The endpoint type. + in: body + required: true + type: string +type_1: + description: | + The credential type, such as ``ec2`` or ``cert``. + The implementation determines the list of supported types. + in: body + required: true + type: string +type_2: + description: | + The MIME media type of the serialized policy + blob. + in: body + required: true + type: string +type_3: + description: | + The service type, which describes the API + implemented by the service. A valid value is ``compute``, + ``ec2``, ``identity``, ``image``, ``network``, or ``volume``. + in: body + required: true + type: string +type_6: + description: | + The service type, which describes the API + implemented by the service. Value is ``compute``, ``ec2``, + ``identity``, ``image``, ``network``, or ``volume``. + in: body + required: true + type: string +type_7: + description: | + The credential type, such as ``ec2`` or ``cert``. + The implementation determines the list of supported types. + in: body + required: false + type: string +url: + description: | + The endpoint URL. + in: body + required: true + type: string +url_1: + description: | + The LDAP URL. + in: body + required: true + type: string +url_2: + description: | + The LDAP URL. + in: body + required: false + type: string +user: + description: | + A ``user`` object. + in: body + required: true + type: object +user_id_1: + description: | + The ID of the user who owns the credential. + in: body + required: true + type: string +user_id_2: + description: | + The ID of the user who owns the policy. + in: body + required: false + type: string +user_id_4: + description: | + The ID of the user who owns the policy. + in: body + required: true + type: string +user_id_5: + description: | + The ID of the user who owns the credential. + in: body + required: false + type: string +user_tree_dn: + description: | + The base distinguished name (DN) of LDAP, from + where all users can be reached. For example, + ``ou=Users,dc=root,dc=org``. + in: body + required: true + type: string +user_tree_dn_1: + description: | + The base distinguished name (DN) of LDAP, from + where all users can be reached. For example, + ``ou=Users,dc=root,dc=org``. + in: body + required: false + type: string +users: + description: | + A ``users`` object. + in: body + required: true + type: array + diff --git a/api-ref/source/v3/policies.inc b/api-ref/source/v3/policies.inc new file mode 100644 index 0000000000..ea6c5d97ac --- /dev/null +++ b/api-ref/source/v3/policies.inc @@ -0,0 +1,201 @@ +.. -*- rst -*- + +=================== +Policies (policies) +=================== + +A policy is an arbitrarily serialized policy engine rule set to be +consumed by a remote service. + +You encode policy rule sets into a blob that remote services can +consume. To do so, set ``type`` to ``application/json`` and specify +policy rules as JSON strings in a ``blob``. For example: + +:: + + { + "blob":{ + "foobar_user":[ + "role:compute-user" + ] + } + } + + +Create policy +============= + +.. rest_method:: POST /v3/policies + +Creates a policy. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - policy: policy + - user_id: user_id + - project_id: project_id + - type: type + - blob: blob + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/policy-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - links: links + - blob: blob + - policy: policy + - project_id: project_id + - type: type + - id: id + + +List policies +============= + +.. rest_method:: GET /v3/policies + +Lists policies. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - type: type + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - links: links + - blob: blob + - policies: policies + - project_id: project_id + - type: type + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/policies-list-response.json + :language: javascript + + +Show policy details +=================== + +.. rest_method:: GET /v3/policies/{policy_id} + +Shows details for a policy. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - policy_id: policy_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - links: links + - blob: blob + - policy: policy + - project_id: project_id + - type: type + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/policy-show-response.json + :language: javascript + + +Update policy +============= + +.. rest_method:: PATCH /v3/policies/{policy_id} + +Updates a policy. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - policy: policy + - user_id: user_id + - project_id: project_id + - type: type + - blob: blob + - policy_id: policy_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/policy-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + - links: links + - blob: blob + - policy: policy + - project_id: project_id + - type: type + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/policy-update-response.json + :language: javascript + + +Delete policy +============= + +.. rest_method:: DELETE /v3/policies/{policy_id} + +Deletes a policy. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - policy_id: policy_id diff --git a/api-ref/source/v3/projects.inc b/api-ref/source/v3/projects.inc new file mode 100644 index 0000000000..d6ab65d950 --- /dev/null +++ b/api-ref/source/v3/projects.inc @@ -0,0 +1,291 @@ +.. -*- rst -*- + +========================================= +Projects (projects, users, groups, roles) +========================================= + +A project is the base unit of ownership. Resources are owned by a +specific project. A project is owned by a specific domain. + +(Since v3.4) You can create a hierarchy of projects by setting a +parent ID when you create projects. All projects in a hierarchy +must be owned by the same domain. + +(Since v3.6) Optionally, you can create a project that behaves both +as a project and a domain. As a domain, the project provides a name +space in which you can create users, groups, and other projects. If +you create a project that behaves as a domain, you cannot update +this project to behave like a regular project. + + +List projects +============= + +.. rest_method:: GET /v3/projects + +Lists projects. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - parent_id: parent_id + - name: name + - enabled: enabled + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - is_domain: is_domain + - description: description + - links: links + - enabled: enabled + - domain_id: domain_id + - parent_id: parent_id + - id: id + - projects: projects + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/projects-list-response.json + :language: javascript + + +Create project +============== + +.. rest_method:: POST /v3/projects + +Creates a project. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - is_domain: is_domain + - description: description + - enabled: enabled + - project: project + - parent_id: parent_id + - domain_id: domain_id + - name: name + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/project-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - is_domain: is_domain + - description: description + - links: links + - enabled: enabled + - domain_id: domain_id + - project: project + - parent_id: parent_id + - id: id + - name: name + + +Show project details +==================== + +.. rest_method:: GET /v3/projects/{project_id} + +Shows details for a project. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - project_id: project_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - is_domain: is_domain + - description: description + - links: links + - enabled: enabled + - domain_id: domain_id + - project: project + - parent_id: parent_id + - id: id + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/project-show-response.json + :language: javascript + + +Update project +============== + +.. rest_method:: PATCH /v3/projects/{project_id} + +Updates a project. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - description: description + - enabled: enabled + - project: project + - parent_id: parent_id + - domain_id: domain_id + - name: name + - project_id: project_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/project-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - is_domain: is_domain + - description: description + - links: links + - enabled: enabled + - domain_id: domain_id + - project: project + - parent_id: parent_id + - id: id + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/project-update-response.json + :language: javascript + + +Delete project +============== + +.. rest_method:: DELETE /v3/projects/{project_id} + +Deletes a project. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - project_id: project_id + + +Enable or disable project and its subtree +========================================= + +.. rest_method:: PATCH /v3/projects/{project_id}/cascade + +(Since v3.6) Enables or disables a project and its entire subtree. + +A project subtree includes all projects beneath the parent project +in the hierarchy. + +If you include attributes other than the ``enabled`` attribute, +this call fails and returns the ``Bad Request (400)`` response +code. + +If you perform this action against a project that acts as a domain +(``is_domain`` is set to ``true``, this call fails and returns the +``Forbidden (403)`` response code. + + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - project: project + - enabled: enabled + - project_id: project_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/project-enable-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - is_domain: is_domain + - description: description + - links: links + - enabled: enabled + - domain_id: domain_id + - project: project + - parent_id: parent_id + - id: id + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/project-update-response.json + :language: javascript + + +Delete project subtree +====================== + +.. rest_method:: DELETE /v3/projects/{project_id}/cascade + +(Since v3.6) Deletes a project and its entire subtree. + +A project subtree includes all projects beneath the parent project +in the hierarchy. You must disable the projects in the subtree +before you perform this operation. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - project_id: project_id diff --git a/api-ref/source/v3/regions-v3.inc b/api-ref/source/v3/regions-v3.inc new file mode 100644 index 0000000000..9a786d0742 --- /dev/null +++ b/api-ref/source/v3/regions-v3.inc @@ -0,0 +1,210 @@ +.. -*- rst -*- + +============================== +Regions (regions) (since v3.2) +============================== + +A region is a general division of an OpenStack deployment. You can +associate zero or more sub-regions with a region to create a tree- +like structured hierarchy. + +Although a region does not have a geographical connotation, a +deployment can use a geographical name for a region, such as ``us- +east``. + +You can list, create, update, show details for, and delete regions. + + +Show region details +=================== + +.. rest_method:: GET /v3/regions/{region_id} + +Shows details for a region, by ID. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - region_id: region_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - parent_region_id: parent_region_id + - region: region + - description: description + - links: links + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/region-show-response.json + :language: javascript + + +Update region +============= + +.. rest_method:: PATCH /v3/regions/{region_id} + +Updates a region. + +You can update the description or parent region ID for a region. +You cannot update the region ID. + +The following error might occur: + +- ``Not Found (404)``. The parent region ID does not exist. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - parent_region_id: parent_region_id + - region: region + - description: description + - region_id: region_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/region-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - parent_region_id: parent_region_id + - region: region + - description: description + - links: links + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/region-update-response.json + :language: javascript + + +Delete region +============= + +.. rest_method:: DELETE /v3/regions/{region_id} + +Deletes a region. + +The following error might occur: + +- ``Conflict (409)``. The region cannot be deleted because it has + child regions. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - region_id: region_id + + +List regions +============ + +.. rest_method:: GET /v3/regions + +Lists regions. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - parent_region_id: parent_region_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - regions: regions + - parent_region_id: parent_region_id + - description: description + - links: links + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/regions-list-response.json + :language: javascript + + +Create region +============= + +.. rest_method:: POST /v3/regions + +Creates a region. + +When you create the region, you can optionally specify a region ID. +If you include characters in the region ID that are not allowed in +a URI, you must URL-encode the ID. If you omit an ID, the API +assigns an ID to the region. + +The following errors might occur: + +- ``Not Found (404)``. The parent region ID does not exist. + +- ``Conflict (409)``. The parent region ID would form a circular + relationship. + +- ``Conflict (409)``. The user-defined region ID is not unique to + the OpenStack deployment. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - parent_region_id: parent_region_id + - region: region + - description: description + - id: id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/region-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - parent_region_id: parent_region_id + - region: region + - description: description + - links: links + - id: id diff --git a/api-ref/source/v3/roles.inc b/api-ref/source/v3/roles.inc new file mode 100644 index 0000000000..8e4c0b487f --- /dev/null +++ b/api-ref/source/v3/roles.inc @@ -0,0 +1,587 @@ +.. -*- rst -*- + +============= +Roles (roles) +============= + +Roles grant a user a set of permitted actions for either a specific +project or an entire domain. + +You can grant roles to a user on a project, including projects +owned by other domains. + +You can create, list, and delete roles. You can also list roles +assigned to a specified domain, project, or user. + +You can list role assignments and, since v3.6, all role assignments +within a tree of projects. Use the query parameters to filter the +list because the role assignments list can be long. Some typical +examples are: + +- List role assignments for the specified user: + + :: GET /role_assignments?user.id={user_id} + +- List role assignments for the specified project: + + :: GET /role_assignments?scope.project.id={project_id} + +- List all role assignments for a specified project and its sub- + projects: + + :: GET /role_assignments?scope.project.id={project_id}?includ + e_subtree=true + + If you specify ``include_subtree=true``, you must also specify + the ``scope.project.id``. Otherwise, this call returns the ``Bad + Request (400)`` response code. + +Each role assignment entity in the collection contains a link to +the assignment that created the entity. + +Use the ``effective`` query parameter to list effective assignments +at the user, project, and domain level. This parameter allows for +the effects of group membership. The group role assignment entities +themselves are not returned in the collection. This represents the +effective role assignments that would be included in a scoped +token. + +In the response, the ``links`` entity section for entities for +group members also contains a URL that enables access to the +membership of the group. + +You can use the other query parameters with the ``effective`` +parameter, such as: + +- Determine what a user can actually do: + + :: GET /role_assignments?user.id={user_id} & effective + +- Get the equivalent set of role assignments that are included in a + project-scoped token response: + + :: GET /role_assignments?user.id={user_id} & + scope.project.id={project_id} & effective + + +Grant role to group on project +============================== + +.. rest_method:: PUT /v3/projects/{project_id}/groups/{group_id}/roles/{role_id} + +Grants a role to a group on a project. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role_id: role_id + - project_id: project_id + - group_id: group_id + + +Check whether group has role on project +======================================= + +.. rest_method:: HEAD /v3/projects/{project_id}/groups/{group_id}/roles/{role_id} + +Validates that a group has a role on a project. + +Error response codes:204,413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role_id: role_id + - project_id: project_id + - group_id: group_id + + +Revoke role from group on project +================================= + +.. rest_method:: DELETE /v3/projects/{project_id}/groups/{group_id}/roles/{role_id} + +Revokes a role from a group on a project. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role_id: role_id + - project_id: project_id + - group_id: group_id + + +Grant role to user on project +============================= + +.. rest_method:: PUT /v3/projects/{project_id}/users/{user_id}/roles/{role_id} + +Grants a role to a user on a project. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role_id: role_id + - project_id: project_id + - user_id: user_id + + +Check whether user has role on project +====================================== + +.. rest_method:: HEAD /v3/projects/{project_id}/users/{user_id}/roles/{role_id} + +Validates that a user has a role on a project. + +Error response codes:204,413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role_id: role_id + - project_id: project_id + - user_id: user_id + + +Revoke role from user on project +================================ + +.. rest_method:: DELETE /v3/projects/{project_id}/users/{user_id}/roles/{role_id} + +Revokes a role from a user on a project. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role_id: role_id + - project_id: project_id + - user_id: user_id + + +List roles for user on project +============================== + +.. rest_method:: GET /v3/projects/{project_id}/users/{user_id}/roles + +Lists roles for a user on a project. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - project_id: project_id + - user_id: user_id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/project-user-roles-list-response.json + :language: javascript + + +List roles for group on project +=============================== + +.. rest_method:: GET /v3/projects/{project_id}/groups/{group_id}/roles + +Lists roles for a group on a project. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - project_id: project_id + - group_id: group_id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/project-group-roles-list-response.json + :language: javascript + + +Grant role to group on domain +============================= + +.. rest_method:: PUT /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id} + +Grants a role to a group on a domain. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - role_id: role_id + - group_id: group_id + + +Check whether group has role on domain +====================================== + +.. rest_method:: HEAD /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id} + +Validates that a group has a role on a domain. + +Error response codes:204,413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - role_id: role_id + - group_id: group_id + + +Revoke role from group on domain +================================ + +.. rest_method:: DELETE /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id} + +Revokes a role from a group on a domain. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - role_id: role_id + - group_id: group_id + + +List roles for user on domain +============================= + +.. rest_method:: GET /v3/domains/{domain_id}/users/{user_id}/roles + +Lists roles for a user on a domain. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - user_id: user_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - roles: roles + - id: id + - links: links + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-user-roles-list-response.json + :language: javascript + + +List roles +========== + +.. rest_method:: GET /v3/roles + +Lists roles. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - name: name + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - roles: roles + - id: id + - links: links + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/roles-list-response.json + :language: javascript + + +Create role +=========== + +.. rest_method:: POST /v3/roles + +Creates a role. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role: role + - name: name + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/role-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - role: role + - id: id + - links: links + - name: name + + +Grant role to user on domain +============================ + +.. rest_method:: PUT /v3/domains/{domain_id}/users/{user_id}/roles/{role_id} + +Grants a role to a user on a domain. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - role_id: role_id + - user_id: user_id + + +Check whether user has role on domain +===================================== + +.. rest_method:: HEAD /v3/domains/{domain_id}/users/{user_id}/roles/{role_id} + +Validates that a user has a role on a domain. + +Error response codes:204,413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - role_id: role_id + - user_id: user_id + + +Revoke role from user on domain +=============================== + +.. rest_method:: DELETE /v3/domains/{domain_id}/users/{user_id}/roles/{role_id} + +Revokes a role from a user on a domain. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - role_id: role_id + - user_id: user_id + + +List role assignments +===================== + +.. rest_method:: GET /v3/role_assignments + +Lists role assignments. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - role_assignments: role_assignments + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/role-assignments-list-response.json + :language: javascript + + +Show role details +================= + +.. rest_method:: GET /v3/roles/{role_id} + +Shows details for a role. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role_id: role_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - role: role + - id: id + - links: links + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/role-show-response.json + :language: javascript + + +Update role +=========== + +.. rest_method:: PATCH /v3/roles/{role_id} + +Updates a role. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role: role + - name: name + - role_id: role_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/role-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - role: role + - id: id + - links: links + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/role-update-response.json + :language: javascript + + +Delete role +=========== + +.. rest_method:: DELETE /v3/roles/{role_id} + +Deletes a role. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - role_id: role_id + + +List roles for group on domain +============================== + +.. rest_method:: GET /v3/domains/{domain_id}/groups/{group_id}/roles + +Lists roles for a group on a domain. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - group_id: group_id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/domain-group-roles-list-response.json + :language: javascript diff --git a/api-ref/source/v3/samples/OS-ENDPOINT-POLICY/policy-endpoint-associations-list-response.json b/api-ref/source/v3/samples/OS-ENDPOINT-POLICY/policy-endpoint-associations-list-response.json new file mode 100644 index 0000000000..e626ff169f --- /dev/null +++ b/api-ref/source/v3/samples/OS-ENDPOINT-POLICY/policy-endpoint-associations-list-response.json @@ -0,0 +1,29 @@ +{ + "endpoints": [ + { + "id": "1", + "interface": "public", + "links": { + "self": "http://identity:35357/v3/endpoints/1" + }, + "region": "north", + "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596", + "url": "http://identity:35357/" + }, + { + "id": "1", + "interface": "internal", + "links": { + "self": "http://identity:35357/v3/endpoints/1" + }, + "region": "south", + "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596", + "url": "http://identity:35357/" + } + ], + "links": { + "next": null, + "previous": null, + "self": "http://identity:35357/v3/OS-ENDPOINT-POLICY/policies/13c92821e4c4476a878d3aae7444f52f/endpoints" + } +} diff --git a/api-ref/source/v3/samples/OS-ENDPOINT-POLICY/policy-show-response.json b/api-ref/source/v3/samples/OS-ENDPOINT-POLICY/policy-show-response.json new file mode 100644 index 0000000000..a25a038da3 --- /dev/null +++ b/api-ref/source/v3/samples/OS-ENDPOINT-POLICY/policy-show-response.json @@ -0,0 +1,14 @@ +{ + "policy": { + "blob": { + "foobar_user": [ + "role:compute-user" + ] + }, + "id": "13c92821e4c4476a878d3aae7444f52f", + "links": { + "self": "http://identity:35357/v3/policies/13c92821e4c4476a878d3aae7444f52f" + }, + "type": "application/json" + } +} diff --git a/api-ref/source/v3/samples/OS-INHERIT/group-roles-domain-list-response.json b/api-ref/source/v3/samples/OS-INHERIT/group-roles-domain-list-response.json new file mode 100644 index 0000000000..fcc023bea1 --- /dev/null +++ b/api-ref/source/v3/samples/OS-INHERIT/group-roles-domain-list-response.json @@ -0,0 +1,23 @@ +{ + "roles": [ + { + "id": "91011", + "links": { + "self": "http://identity:35357/v3/roles/91011" + }, + "name": "admin" + }, + { + "id": "91011", + "links": { + "self": "http://identity:35357/v3/roles/91011" + }, + "name": "admin" + } + ], + "links": { + "self": "http://identity:35357/v3/OS-INHERIT/domains/1234/groups/5678/roles/inherited_to_projects", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/OS-INHERIT/group-roles-list-response.json b/api-ref/source/v3/samples/OS-INHERIT/group-roles-list-response.json new file mode 100644 index 0000000000..73962e438d --- /dev/null +++ b/api-ref/source/v3/samples/OS-INHERIT/group-roles-list-response.json @@ -0,0 +1,23 @@ +{ + "roles": [ + { + "id": "91011", + "links": { + "self": "http://identity:35357/v3/roles/91011" + }, + "name": "admin" + }, + { + "id": "91011", + "links": { + "self": "http://identity:35357/v3/roles/91011" + }, + "name": "admin" + } + ], + "links": { + "self": "http://identity:35357/v3/OS-INHERIT/projects/1234/groups/5678/roles/inherited_to_projects", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/OS-INHERIT/role-assignments-effective-list-response.json b/api-ref/source/v3/samples/OS-INHERIT/role-assignments-effective-list-response.json new file mode 100644 index 0000000000..4e195d2db3 --- /dev/null +++ b/api-ref/source/v3/samples/OS-INHERIT/role-assignments-effective-list-response.json @@ -0,0 +1,42 @@ +{ + "role_assignments": [ + { + "links": { + "assignment": "http://identity:35357/v3/OS-INHERIT/domains/12131/users/41516/roles/91011/inherited_to_projects" + }, + "role": { + "id": "91011" + }, + "scope": { + "project": { + "id": "1234" + } + }, + "user": { + "id": "41516" + } + }, + { + "links": { + "assignment": "http://identity:35357/v3/projects/1234/groups/5678/roles/91011", + "membership": "http://identity:35357/v3/groups/5678/users/41516" + }, + "role": { + "id": "91011" + }, + "scope": { + "project": { + "id": "1234" + } + }, + "user": { + "id": "41516" + } + } + ], + "links": { + "self": "http://identity:35357/v3/role_assignments?effective", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/OS-INHERIT/role-assignments-list-response.json b/api-ref/source/v3/samples/OS-INHERIT/role-assignments-list-response.json new file mode 100644 index 0000000000..c494793740 --- /dev/null +++ b/api-ref/source/v3/samples/OS-INHERIT/role-assignments-list-response.json @@ -0,0 +1,42 @@ +{ + "role_assignments": [ + { + "links": { + "assignment": "http://identity:35357/v3/OS-INHERIT/domains/1234/users/5678/roles/91011/inherited_to_projects" + }, + "role": { + "id": "91011" + }, + "scope": { + "domain": { + "id": "1234" + }, + "OS-INHERIT:inherited_to": "projects" + }, + "user": { + "id": "5678" + } + }, + { + "group": { + "id": "5678" + }, + "links": { + "assignment": "http://identity:35357/v3/projects/1234/groups/5678/roles/91011" + }, + "role": { + "id": "91011" + }, + "scope": { + "project": { + "id": "1234" + } + } + } + ], + "links": { + "self": "http://identity:35357/v3/role_assignments", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/OS-INHERIT/user-roles-domain-list-response.json b/api-ref/source/v3/samples/OS-INHERIT/user-roles-domain-list-response.json new file mode 100644 index 0000000000..36613cbe11 --- /dev/null +++ b/api-ref/source/v3/samples/OS-INHERIT/user-roles-domain-list-response.json @@ -0,0 +1,23 @@ +{ + "roles": [ + { + "id": "91011", + "links": { + "self": "http://identity:35357/v3/roles/91011" + }, + "name": "admin" + }, + { + "id": "91011", + "links": { + "self": "http://identity:35357/v3/roles/91011" + }, + "name": "admin" + } + ], + "links": { + "self": "http://identity:35357/v3/OS-INHERIT/domains/1234/users/5678/roles/inherited_to_projects", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/OS-INHERIT/user-roles-list-response.json b/api-ref/source/v3/samples/OS-INHERIT/user-roles-list-response.json new file mode 100644 index 0000000000..fc84817960 --- /dev/null +++ b/api-ref/source/v3/samples/OS-INHERIT/user-roles-list-response.json @@ -0,0 +1,23 @@ +{ + "roles": [ + { + "id": "91011", + "links": { + "self": "http://identity:35357/v3/roles/91011" + }, + "name": "admin" + }, + { + "id": "91011", + "links": { + "self": "http://identity:35357/v3/roles/91011" + }, + "name": "admin" + } + ], + "links": { + "self": "http://identity:35357/v3/OS-INHERIT/projects/1234/users/5678/roles/inherited_to_projects", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/OS-KDS/group-create-request.json b/api-ref/source/v3/samples/OS-KDS/group-create-request.json new file mode 100644 index 0000000000..647acfb644 --- /dev/null +++ b/api-ref/source/v3/samples/OS-KDS/group-create-request.json @@ -0,0 +1,3 @@ +{ + "key": "TXkgcHJlY2lvdXNzcy4u..." +} diff --git a/api-ref/source/v3/samples/OS-KDS/group-create-response.json b/api-ref/source/v3/samples/OS-KDS/group-create-response.json new file mode 100644 index 0000000000..d6bc9e3955 --- /dev/null +++ b/api-ref/source/v3/samples/OS-KDS/group-create-response.json @@ -0,0 +1,3 @@ +{ + "name": "--group-name--" +} diff --git a/api-ref/source/v3/samples/OS-KDS/group-key-show-response.json b/api-ref/source/v3/samples/OS-KDS/group-key-show-response.json new file mode 100644 index 0000000000..d6bc9e3955 --- /dev/null +++ b/api-ref/source/v3/samples/OS-KDS/group-key-show-response.json @@ -0,0 +1,3 @@ +{ + "name": "--group-name--" +} diff --git a/api-ref/source/v3/samples/OS-KDS/key-create-request.json b/api-ref/source/v3/samples/OS-KDS/key-create-request.json new file mode 100644 index 0000000000..647acfb644 --- /dev/null +++ b/api-ref/source/v3/samples/OS-KDS/key-create-request.json @@ -0,0 +1,3 @@ +{ + "key": "TXkgcHJlY2lvdXNzcy4u..." +} diff --git a/api-ref/source/v3/samples/OS-KDS/key-create-response.json b/api-ref/source/v3/samples/OS-KDS/key-create-response.json new file mode 100644 index 0000000000..ae69f97412 --- /dev/null +++ b/api-ref/source/v3/samples/OS-KDS/key-create-response.json @@ -0,0 +1,4 @@ +{ + "name": "TXkgcHJlY2lvdXNzcy4u...", + "generation": 2 +} diff --git a/api-ref/source/v3/samples/OS-KDS/ticket-generate-request.json b/api-ref/source/v3/samples/OS-KDS/ticket-generate-request.json new file mode 100644 index 0000000000..7aeabacab0 --- /dev/null +++ b/api-ref/source/v3/samples/OS-KDS/ticket-generate-request.json @@ -0,0 +1,4 @@ +{ + "metadata": "Zhn8yhasf8hihkf...", + "signature": "c2lnbmF0dXJl..." +} diff --git a/api-ref/source/v3/samples/OS-KDS/ticket-generate-response.json b/api-ref/source/v3/samples/OS-KDS/ticket-generate-response.json new file mode 100644 index 0000000000..f1f68ce7d5 --- /dev/null +++ b/api-ref/source/v3/samples/OS-KDS/ticket-generate-response.json @@ -0,0 +1,6 @@ +{ + "source": "scheduler.host.example.com", + "destination": "compute.host.example.com", + "timestamp": "2012-03-26T10:01:01.720000", + "nonce": 1234567890 +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/access-token-create-response.txt b/api-ref/source/v3/samples/OS-OAUTH1/access-token-create-response.txt new file mode 100644 index 0000000000..6e7838a8c5 --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/access-token-create-response.txt @@ -0,0 +1 @@ +oauth_token=accd36&oauth_token_secret=aa47da&oauth_expires_at=2013-09-11T06:07:51.501805Z \ No newline at end of file diff --git a/api-ref/source/v3/samples/OS-OAUTH1/access-token-show-response.json b/api-ref/source/v3/samples/OS-OAUTH1/access-token-show-response.json new file mode 100644 index 0000000000..cea1fed993 --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/access-token-show-response.json @@ -0,0 +1,13 @@ +{ + "access_token": { + "consumer_id": "7fea2d", + "id": "6be26a", + "expires_at": "2013-09-11T06:07:51.501805Z", + "links": { + "roles": "http://identity:35357/v3/users/ce9e07/OS-OAUTH1/access_tokens/6be26a/roles", + "self": "http://identity:35357/v3/users/ce9e07/OS-OAUTH1/access_tokens/6be26a" + }, + "project_id": "b9fca3", + "authorizing_user_id": "ce9e07" + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/access-tokens-list-response.json b/api-ref/source/v3/samples/OS-OAUTH1/access-tokens-list-response.json new file mode 100644 index 0000000000..b7524a0982 --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/access-tokens-list-response.json @@ -0,0 +1,20 @@ +{ + "access_tokens": [ + { + "consumer_id": "7fea2d", + "id": "6be26a", + "expires_at": "2013-09-11T06:07:51.501805Z", + "links": { + "roles": "http://identity:35357/v3/users/ce9e07/OS-OAUTH1/access_tokens/6be26a/roles", + "self": "http://identity:35357/v3/users/ce9e07/OS-OAUTH1/access_tokens/6be26a" + }, + "project_id": "b9fca3", + "authorizing_user_id": "ce9e07" + } + ], + "links": { + "next": null, + "previous": null, + "self": "http://identity:35357/v3/users/ce9e07/OS-OAUTH1/access_tokens" + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/authorize-update-response.json b/api-ref/source/v3/samples/OS-OAUTH1/authorize-update-response.json new file mode 100644 index 0000000000..eca11fd65a --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/authorize-update-response.json @@ -0,0 +1,5 @@ +{ + "token": { + "oauth_verifier": "8171" + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/consumer-show-response.json b/api-ref/source/v3/samples/OS-OAUTH1/consumer-show-response.json new file mode 100644 index 0000000000..c006d0ead2 --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/consumer-show-response.json @@ -0,0 +1,9 @@ +{ + "consumer": { + "id": "7fea2d", + "description": "My consumer", + "links": { + "self": "http://identity:35357/v3/OS-OAUTH1/consumers/7fea2d" + } + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/consumer-update-request.json b/api-ref/source/v3/samples/OS-OAUTH1/consumer-update-request.json new file mode 100644 index 0000000000..f3a8c34bfa --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/consumer-update-request.json @@ -0,0 +1,5 @@ +{ + "consumer": { + "description": "My new consumer" + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/consumer-update-response.json b/api-ref/source/v3/samples/OS-OAUTH1/consumer-update-response.json new file mode 100644 index 0000000000..5f9b14d2dc --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/consumer-update-response.json @@ -0,0 +1,9 @@ +{ + "consumer": { + "description": "My new consumer", + "id": "7fea2d", + "links": { + "self": "http://identity:35357/v3/OS-OAUTH1/consumers/7fea2d" + } + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/consumers-create-request.json b/api-ref/source/v3/samples/OS-OAUTH1/consumers-create-request.json new file mode 100644 index 0000000000..88cd0b7ed9 --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/consumers-create-request.json @@ -0,0 +1,5 @@ +{ + "consumer": { + "description": "My consumer" + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/consumers-create-response.json b/api-ref/source/v3/samples/OS-OAUTH1/consumers-create-response.json new file mode 100644 index 0000000000..c81bfd6484 --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/consumers-create-response.json @@ -0,0 +1,10 @@ +{ + "consumer": { + "secret": "secretsecret", + "description": "My consumer", + "id": "7fea2d", + "links": { + "self": "http://identity:35357/v3/OS-OAUTH1/consumers/7fea2d" + } + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/consumers-list-response.json b/api-ref/source/v3/samples/OS-OAUTH1/consumers-list-response.json new file mode 100644 index 0000000000..a37e8cf494 --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/consumers-list-response.json @@ -0,0 +1,22 @@ +{ + "consumers": [ + { + "id": "0c2a74", + "links": { + "self": "http://identity:35357/v3/OS-OAUTH1/consumers/0c2a74" + } + }, + { + "description": "My consumer", + "id": "7fea2d", + "links": { + "self": "http://identity:35357/v3/OS-OAUTH1/consumers/7fea2d" + } + } + ], + "links": { + "next": null, + "previous": null, + "self": "http://identity:35357/v3/OS-OAUTH1/consumers" + } +} diff --git a/api-ref/source/v3/samples/OS-OAUTH1/request-token-create-response.txt b/api-ref/source/v3/samples/OS-OAUTH1/request-token-create-response.txt new file mode 100644 index 0000000000..03928d0aa2 --- /dev/null +++ b/api-ref/source/v3/samples/OS-OAUTH1/request-token-create-response.txt @@ -0,0 +1 @@ +oauth_token=29971f&oauth_token_secret=238eb8&oauth_expires_at=2013-09-11T06:07:51.501805Z \ No newline at end of file diff --git a/api-ref/source/v3/samples/OS-TRUST/trust-create-request.json b/api-ref/source/v3/samples/OS-TRUST/trust-create-request.json new file mode 100644 index 0000000000..08b18d3131 --- /dev/null +++ b/api-ref/source/v3/samples/OS-TRUST/trust-create-request.json @@ -0,0 +1,14 @@ +{ + "trust": { + "expires_at": "2014-12-30T23:59:59.999999Z", + "impersonation": false, + "project_id": "'$PROJECT_ID'", + "roles": [ + { + "name": "admin" + } + ], + "trustee_user_id": "'$DEMO_USER_ID'", + "trustor_user_id": "'$ADMIN_USER_ID'" + } +} diff --git a/api-ref/source/v3/samples/OS-TRUST/trust-create-response.json b/api-ref/source/v3/samples/OS-TRUST/trust-create-response.json new file mode 100644 index 0000000000..0bb3545996 --- /dev/null +++ b/api-ref/source/v3/samples/OS-TRUST/trust-create-response.json @@ -0,0 +1,28 @@ +{ + "trust": { + "expires_at": "2014-12-30T23:59:59.999999Z", + "id": "394998fa61f14736b1f0c1f322882949", + "impersonation": false, + "links": { + "self": "http://localhost:5000/v3/OS-TRUST/trusts/394998fa61f14736b1f0c1f322882949" + }, + "project_id": "3d4c2c82bd5948f0bcab0cf3a7c9b48c", + "remaining_uses": null, + "roles": [ + { + "id": "c703057be878458588961ce9a0ce686b", + "links": { + "self": "http://localhost:5000/v3/roles/c703057be878458588961ce9a0ce686b" + }, + "name": "admin" + } + ], + "roles_links": { + "next": null, + "previous": null, + "self": "http: //localhost:5000/v3/OS-TRUST/trusts/394998fa61f14736b1f0c1f322882949/roles" + }, + "trustee_user_id": "269348fdd9374b8885da1418e0730af1", + "trustor_user_id": "3ec3164f750146be97f21559ee4d9c51" + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-explicit-unscoped-request.json b/api-ref/source/v3/samples/admin/auth-password-explicit-unscoped-request.json new file mode 100644 index 0000000000..17c778a249 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-explicit-unscoped-request.json @@ -0,0 +1,16 @@ +{ + "auth": { + "identity": { + "methods": [ + "password" + ], + "password": { + "user": { + "id": "ee4dfb6e5540447cb3741905149d9b6e", + "password": "devstacker" + } + } + }, + "scope": "unscoped" + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-explicit-unscoped-response.json b/api-ref/source/v3/samples/admin/auth-password-explicit-unscoped-response.json new file mode 100644 index 0000000000..b50d0f4afc --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-explicit-unscoped-response.json @@ -0,0 +1,21 @@ +{ + "token": { + "methods": [ + "password" + ], + "expires_at": "2015-11-09T01:42:57.527363Z", + "extras": {}, + "user": { + "domain": { + "id": "default", + "name": "Default" + }, + "id": "ee4dfb6e5540447cb3741905149d9b6e", + "name": "admin" + }, + "audit_ids": [ + "lC2Wj1jbQe-dLjLyOx4qPQ" + ], + "issued_at": "2015-11-09T00:42:57.527404Z" + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-project-scoped-request.json b/api-ref/source/v3/samples/admin/auth-password-project-scoped-request.json new file mode 100644 index 0000000000..3e75c97907 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-project-scoped-request.json @@ -0,0 +1,20 @@ +{ + "auth": { + "identity": { + "methods": [ + "password" + ], + "password": { + "user": { + "id": "ee4dfb6e5540447cb3741905149d9b6e", + "password": "devstacker" + } + } + }, + "scope": { + "project": { + "id": "a6944d763bf64ee6a275f1263fae0352" + } + } + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-project-scoped-response.json b/api-ref/source/v3/samples/admin/auth-password-project-scoped-response.json new file mode 100644 index 0000000000..a83d4166e2 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-project-scoped-response.json @@ -0,0 +1,401 @@ +{ + "token": { + "methods": [ + "password" + ], + "roles": [ + { + "id": "51cc68287d524c759f47c811e6463340", + "name": "admin" + } + ], + "expires_at": "2015-11-07T02:58:43.578887Z", + "project": { + "domain": { + "id": "default", + "name": "Default" + }, + "id": "a6944d763bf64ee6a275f1263fae0352", + "name": "admin" + }, + "catalog": [ + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:5000/v2.0", + "region": "RegionOne", + "interface": "public", + "id": "068d1b359ee84b438266cb736d81de97" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:35357/v2.0", + "region": "RegionOne", + "interface": "admin", + "id": "8bfc846841ab441ca38471be6d164ced" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:5000/v2.0", + "region": "RegionOne", + "interface": "internal", + "id": "beb6d358c3654b4bada04d4663b640b9" + } + ], + "type": "identity", + "id": "050726f278654128aba89757ae25950c", + "name": "keystone" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "admin", + "id": "ae36c0dbb0634e1dbf711f9fc2359975" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "internal", + "id": "d286b51530144d90a4de52d214d3ad1e" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "public", + "id": "d6e681dd4aab4ae5a0937ed60bb4ae33" + } + ], + "type": "compute_legacy", + "id": "1c4bfbabe3b346b1bbe27a4b3258964f", + "name": "nova_legacy" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v2/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "internal", + "id": "2dce7429526e44808235fe918063a914" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v2/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "public", + "id": "a9a9929e6dc645c882ac1abd8bf73d38" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v2/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "admin", + "id": "c7d5f958df7f4c8da84db91094bdc198" + } + ], + "type": "volumev2", + "id": "202382a1b8a94210bb3120af958092c4", + "name": "cinderv2" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8080", + "region": "RegionOne", + "interface": "admin", + "id": "29b58f1406804c8180ccc01793ff8038" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8080/v1/AUTH_a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "public", + "id": "4c2c2968008c4e77973a5922e192d982" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8080/v1/AUTH_a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "internal", + "id": "f6e7b28008bf41eaa114176a15ac1410" + } + ], + "type": "object-store", + "id": "52fecdef9ad543779c1312392cc2b115", + "name": "swift" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9696/", + "region": "RegionOne", + "interface": "public", + "id": "6a2840dc63bf433592cd8bca2183eb3c" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9696/", + "region": "RegionOne", + "interface": "internal", + "id": "7967cf45f8ab439a80cf24420e5ffd0e" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9696/", + "region": "RegionOne", + "interface": "admin", + "id": "84943ce595264303bd44e5d6d79bea7b" + } + ], + "type": "network", + "id": "67b993549db94296a853d635b48db3c9", + "name": "neutron" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8888", + "region": "RegionOne", + "interface": "public", + "id": "2896609ef89741148bbd8c93babf5a12" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8888", + "region": "RegionOne", + "interface": "internal", + "id": "30de385478fe4325849f98d1e45bc5e6" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8888", + "region": "RegionOne", + "interface": "admin", + "id": "41256dc4b3c942daa383f940a9a56536" + } + ], + "type": "messaging", + "id": "6fc9cc3e6b3843b899478554f9e297d3", + "name": "zaqar" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9000", + "region": "RegionOne", + "interface": "admin", + "id": "07ea5fe3ae784001a73f131fb1764bf4" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9000", + "region": "RegionOne", + "interface": "internal", + "id": "31e709ecb15d4881806dbced4eb3e60e" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9000", + "region": "RegionOne", + "interface": "public", + "id": "a0c2a150a6ae4bbc85f1d428b9d78a1b" + } + ], + "type": "messaging-websocket", + "id": "816031f798cc4ac7879eda0cf9cf033a", + "name": "zaqar-websocket" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8773/", + "region": "RegionOne", + "interface": "internal", + "id": "24df0277c2b6499ea6051bea8c59ff74" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8773/", + "region": "RegionOne", + "interface": "public", + "id": "438f4b3f3c314bbf988f1442cc3ddfa5" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8773/", + "region": "RegionOne", + "interface": "admin", + "id": "90a1c9fab54c452fa02a59ff87165029" + } + ], + "type": "ec2", + "id": "915e2a8b1f314d55bba28432c9d5c1de", + "name": "ec2" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2.1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "admin", + "id": "2511589f262a407bb0071a814a480af4" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2.1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "internal", + "id": "9cf9209ae4fc4673a7295611001cf0ae" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2.1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "public", + "id": "d200b2509e1343e3887dcc465b4fa534" + } + ], + "type": "compute", + "id": "a226b3eeb5594f50bf8b6df94636ed28", + "name": "nova" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8004/v1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "internal", + "id": "bf2fe80c2a614e438d3e55b00e85b9ff" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8004/v1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "admin", + "id": "bfc9615fc24e4045aaf719f060984bf1" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8004/v1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "public", + "id": "c76cf9930b0f4ccea6b1157f80119cfc" + } + ], + "type": "orchestration", + "id": "a5f7070bda40443fa3819fbdf1689af1", + "name": "heat" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "internal", + "id": "3e321c2c6fa04152b3e86c18b91b93ae" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "admin", + "id": "55aef0f2557449d4946dc9461b73a63b" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v1/a6944d763bf64ee6a275f1263fae0352", + "region": "RegionOne", + "interface": "public", + "id": "7c91a66a200e458ca6e4e00fddf4d98b" + } + ], + "type": "volume", + "id": "b6b5edc3fc384b6787149e91b3b31988", + "name": "cinder" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9292", + "region": "RegionOne", + "interface": "public", + "id": "512c10d230874ad295662157eeab0135" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9292", + "region": "RegionOne", + "interface": "internal", + "id": "614b1ab241da47a8b3a4e8f67b771446" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9292", + "region": "RegionOne", + "interface": "admin", + "id": "9cef78a4286c42f3b977fbe4d5f927a6" + } + ], + "type": "image", + "id": "d512f8860c0f45cf99b1c3cef86cfd97", + "name": "glance" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8000/v1", + "region": "RegionOne", + "interface": "internal", + "id": "7f776d5a83d346b48e519555362b1da6" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8000/v1", + "region": "RegionOne", + "interface": "public", + "id": "8303a7225a2d439fa39905c6a20202c3" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8000/v1", + "region": "RegionOne", + "interface": "admin", + "id": "942fa998d1c644e0b0c085d5a0995a13" + } + ], + "type": "cloudformation", + "id": "ed0805af6ee54a19ad7e5add8465ac41", + "name": "heat-cfn" + } + ], + "extras": {}, + "user": { + "domain": { + "id": "default", + "name": "Default" + }, + "id": "ee4dfb6e5540447cb3741905149d9b6e", + "name": "admin" + }, + "audit_ids": [ + "3T2dc1CGQxyJsHdDu1xkcw" + ], + "issued_at": "2015-11-07T01:58:43.578929Z" + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-unscoped-request-with-domain.json b/api-ref/source/v3/samples/admin/auth-password-unscoped-request-with-domain.json new file mode 100644 index 0000000000..47044d4f31 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-unscoped-request-with-domain.json @@ -0,0 +1,18 @@ +{ + "auth": { + "identity": { + "methods": [ + "password" + ], + "password": { + "user": { + "name": "admin", + "domain": { + "id": "default" + }, + "password": "devstacker" + } + } + } + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-unscoped-request.json b/api-ref/source/v3/samples/admin/auth-password-unscoped-request.json new file mode 100644 index 0000000000..e64944f4bc --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-unscoped-request.json @@ -0,0 +1,15 @@ +{ + "auth": { + "identity": { + "methods": [ + "password" + ], + "password": { + "user": { + "id": "423f19a4ac1e4f48bbb4180756e6eb6c", + "password": "devstacker" + } + } + } + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-unscoped-response.json b/api-ref/source/v3/samples/admin/auth-password-unscoped-response.json new file mode 100644 index 0000000000..c012a3ee9b --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-unscoped-response.json @@ -0,0 +1,21 @@ +{ + "token": { + "methods": [ + "password" + ], + "expires_at": "2015-11-06T15:32:17.893769Z", + "extras": {}, + "user": { + "domain": { + "id": "default", + "name": "Default" + }, + "id": "423f19a4ac1e4f48bbb4180756e6eb6c", + "name": "admin" + }, + "audit_ids": [ + "ZzZwkUflQfygX7pdYDBCQQ" + ], + "issued_at": "2015-11-06T14:32:17.893797Z" + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-user-name-unscoped-request.json b/api-ref/source/v3/samples/admin/auth-password-user-name-unscoped-request.json new file mode 100644 index 0000000000..47044d4f31 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-user-name-unscoped-request.json @@ -0,0 +1,18 @@ +{ + "auth": { + "identity": { + "methods": [ + "password" + ], + "password": { + "user": { + "name": "admin", + "domain": { + "id": "default" + }, + "password": "devstacker" + } + } + } + } +} diff --git a/api-ref/source/v3/samples/admin/auth-password-user-name-unscoped-response-HTTP.txt b/api-ref/source/v3/samples/admin/auth-password-user-name-unscoped-response-HTTP.txt new file mode 100644 index 0000000000..b6031e3037 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-password-user-name-unscoped-response-HTTP.txt @@ -0,0 +1,8 @@ +HTTP/1.1 201 Created +Date: Fri, 06 Nov 2015 14:29:56 GMT +Server: Apache/2.4.7 (Ubuntu) +X-Subject-Token: ffe47524401e4d61adc7310f7e5b6191 +Vary: X-Auth-Token +x-openstack-request-id: req-f2f3f6ca-e342-4cd8-bc12-71a5436ef5fc +Content-Length: 297 +Content-Type: application/json diff --git a/api-ref/source/v3/samples/admin/auth-token-scoped-request.json b/api-ref/source/v3/samples/admin/auth-token-scoped-request.json new file mode 100644 index 0000000000..045b9489e7 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-token-scoped-request.json @@ -0,0 +1,17 @@ +{ + "auth": { + "identity": { + "methods": [ + "token" + ], + "token": { + "id": "'$OS_TOKEN'" + } + }, + "scope": { + "project": { + "id": "5b50efd009b540559104ee3c03bbb2b7" + } + } + } +} diff --git a/api-ref/source/v3/samples/admin/auth-token-scoped-response.json b/api-ref/source/v3/samples/admin/auth-token-scoped-response.json new file mode 100644 index 0000000000..2692684a81 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-token-scoped-response.json @@ -0,0 +1,401 @@ +{ + "token": { + "methods": [ + "token" + ], + "roles": [ + { + "id": "5090055d6bd547dc83e0e8f070803708", + "name": "admin" + } + ], + "expires_at": "2015-11-05T22:00:11.000000Z", + "project": { + "domain": { + "id": "default", + "name": "Default" + }, + "id": "5b50efd009b540559104ee3c03bbb2b7", + "name": "admin" + }, + "catalog": [ + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9292", + "region": "RegionOne", + "interface": "admin", + "id": "b2605da9b25943beb49b2bd86aca2202" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9292", + "region": "RegionOne", + "interface": "public", + "id": "c4d1184caf8c4351bff4bf502a09684e" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9292", + "region": "RegionOne", + "interface": "internal", + "id": "cd73bda89e3948738c2721a8c3acac54" + } + ], + "type": "image", + "id": "495df2483dc145dbb6b34bfbdd787aae", + "name": "glance" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8773/", + "region": "RegionOne", + "interface": "internal", + "id": "7d03218a7f4246e8b9e3992318bf5397" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8773/", + "region": "RegionOne", + "interface": "public", + "id": "9ad7f8ce438c4212b8aac930bca04c86" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8773/", + "region": "RegionOne", + "interface": "admin", + "id": "d84aad1a45c44e4da09b719167383049" + } + ], + "type": "ec2", + "id": "54204024bb7d4665a8efc34fc758f1f7", + "name": "ec2" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9000", + "region": "RegionOne", + "interface": "admin", + "id": "1077687c18514490a3ec980eadd1bd13" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9000", + "region": "RegionOne", + "interface": "public", + "id": "1e86d8bef1514c3fba8d157a22ccce88" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9000", + "region": "RegionOne", + "interface": "internal", + "id": "f6a6b7bbba66443ead3a0e31a008c271" + } + ], + "type": "messaging-websocket", + "id": "6b8655af7d044a15bec3cdca4f2919f8", + "name": "zaqar-websocket" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8004/v1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "admin", + "id": "083663fd231e40ad97384ad3efb9f1b7" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8004/v1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "internal", + "id": "0f4b7054ea27450eac43f685a4fc1d2c" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8004/v1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "public", + "id": "5f3ea39df2e44378b1802a1a87ef9ac4" + } + ], + "type": "orchestration", + "id": "6d6346ff2ca842e5968373fbb93e231f", + "name": "heat" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2.1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "public", + "id": "bc2230a70d6a444e9fba75b85fbda41b" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2.1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "internal", + "id": "d8102dc2b9984d04b30b91b0a6037470" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2.1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "admin", + "id": "f8253a53edd749bf8b107a53a5d47a82" + } + ], + "type": "compute", + "id": "75df965385cc4120a17110c1fde00182", + "name": "nova" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:35357/v2.0", + "region": "RegionOne", + "interface": "admin", + "id": "0ceeb58592274caea5bc942a07d5473f" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:5000/v2.0", + "region": "RegionOne", + "interface": "internal", + "id": "8126f2c7021d413e9c98ec3a0ba0fd58" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:5000/v2.0", + "region": "RegionOne", + "interface": "public", + "id": "c693879254544e3fb502e795a3f6acc8" + } + ], + "type": "identity", + "id": "78aad571d38049e69c866c2abac76af6", + "name": "keystone" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "admin", + "id": "3654138dc64a45aeb5a8153f2a089c74" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "internal", + "id": "7a0d12d0b7314afd9b53d1618ab546ea" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v1/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "public", + "id": "82b68ff3aedb43e2acc8307234d3fd0b" + } + ], + "type": "volume", + "id": "80491007c0ab462daaa9087250325f59", + "name": "cinder" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8000/v1", + "region": "RegionOne", + "interface": "internal", + "id": "24dfa252fba64469b8b1a832f04bded9" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8000/v1", + "region": "RegionOne", + "interface": "public", + "id": "e0a01d6cd3be4f6abcc72367b2d87993" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8000/v1", + "region": "RegionOne", + "interface": "admin", + "id": "f33f79d42df247e1bf6daf43a548b014" + } + ], + "type": "cloudformation", + "id": "ac5cc6e3c62840818ab338c981d5603f", + "name": "heat-cfn" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9696/", + "region": "RegionOne", + "interface": "admin", + "id": "3e78c357b3c8469fbea12eb681f88a0c" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9696/", + "region": "RegionOne", + "interface": "public", + "id": "89d2aad3dc8e478fbabb21dd7db0962a" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:9696/", + "region": "RegionOne", + "interface": "internal", + "id": "b6d4a8cf5e4042848a749a3116497e55" + } + ], + "type": "network", + "id": "b33660edd1eb45e485f7e5f14401a739", + "name": "neutron" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8888", + "region": "RegionOne", + "interface": "public", + "id": "1f8287cf963948778ab0eb109d9f857d" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8888", + "region": "RegionOne", + "interface": "internal", + "id": "3adf5f9cc5184d92af5ff0fdef043e4a" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8888", + "region": "RegionOne", + "interface": "admin", + "id": "f747223060b3414f947fdcdca2ce8714" + } + ], + "type": "messaging", + "id": "cf3e38e9aed54e2d84ea64485317d7a0", + "name": "zaqar" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "public", + "id": "08f507ccb552476b98f3af7718f25557" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "admin", + "id": "d20091ba591347b2b419e5fbde9b7976" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8774/v2/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "internal", + "id": "e6b667776e7245dea6e39f2820e080b0" + } + ], + "type": "compute_legacy", + "id": "d442e96b273a48018567aeec5800c3e0", + "name": "nova_legacy" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v2/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "internal", + "id": "012c78a6694a494995c58d5955fb7822" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v2/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "admin", + "id": "802d5de210874f068ba31c7e27c29d70" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8776/v2/5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "public", + "id": "b37ada66e02e44c9a9a7976d77365503" + } + ], + "type": "volumev2", + "id": "d93e78c7967f49acbdd732b9dd97e0d0", + "name": "cinderv2" + }, + { + "endpoints": [ + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8080/v1/AUTH_5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "public", + "id": "265ce88a0e1642fc90b2ec20ccb279ff" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8080", + "region": "RegionOne", + "interface": "admin", + "id": "500b7f066d39492faff8a3f710fb5a2f" + }, + { + "region_id": "RegionOne", + "url": "http://23.253.248.171:8080/v1/AUTH_5b50efd009b540559104ee3c03bbb2b7", + "region": "RegionOne", + "interface": "internal", + "id": "a33b0684f817405280df1f5600777a75" + } + ], + "type": "object-store", + "id": "da1b1b5c529946fcb3ee3abdcf376fcb", + "name": "swift" + } + ], + "extras": {}, + "user": { + "domain": { + "id": "default", + "name": "Default" + }, + "id": "10a2e6e717a245d9acad3e5f97aeca3d", + "name": "admin" + }, + "audit_ids": [ + "wLc7nDMsQiKqf8VFU4ySpg" + ], + "issued_at": "2015-11-05T21:32:30.505384Z" + } +} diff --git a/api-ref/source/v3/samples/admin/auth-token-unscoped-request.json b/api-ref/source/v3/samples/admin/auth-token-unscoped-request.json new file mode 100644 index 0000000000..93b293f358 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-token-unscoped-request.json @@ -0,0 +1,12 @@ +{ + "auth": { + "identity": { + "methods": [ + "token" + ], + "token": { + "id": "'$OS_TOKEN'" + } + } + } +} diff --git a/api-ref/source/v3/samples/admin/auth-token-unscoped-response.json b/api-ref/source/v3/samples/admin/auth-token-unscoped-response.json new file mode 100644 index 0000000000..3224a0e538 --- /dev/null +++ b/api-ref/source/v3/samples/admin/auth-token-unscoped-response.json @@ -0,0 +1,21 @@ +{ + "token": { + "methods": [ + "token" + ], + "expires_at": "2015-11-05T22:00:11.000000Z", + "extras": {}, + "user": { + "domain": { + "id": "default", + "name": "Default" + }, + "id": "10a2e6e717a245d9acad3e5f97aeca3d", + "name": "admin" + }, + "audit_ids": [ + "mAjXQhiYRyKwkB4qygdLVg" + ], + "issued_at": "2015-11-05T21:00:33.819948Z" + } +} diff --git a/api-ref/source/v3/samples/admin/credential-create-request.json b/api-ref/source/v3/samples/admin/credential-create-request.json new file mode 100644 index 0000000000..50c9e77f27 --- /dev/null +++ b/api-ref/source/v3/samples/admin/credential-create-request.json @@ -0,0 +1,8 @@ +{ + "credential": { + "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}", + "project_id": "731fc6f265cd486d900f16e84c5cb594", + "type": "ec2", + "user_id": "bb5476fd12884539b41d5a88f838d773" + } +} diff --git a/api-ref/source/v3/samples/admin/credential-create-response.json b/api-ref/source/v3/samples/admin/credential-create-response.json new file mode 100644 index 0000000000..c46c2f994e --- /dev/null +++ b/api-ref/source/v3/samples/admin/credential-create-response.json @@ -0,0 +1,12 @@ +{ + "credential": { + "user_id": "bb5476fd12884539b41d5a88f838d773", + "links": { + "self": "http://localhost:5000/v3/credentials/3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510" + }, + "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}", + "project_id": "731fc6f265cd486d900f16e84c5cb594", + "type": "ec2", + "id": "3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510" + } +} diff --git a/api-ref/source/v3/samples/admin/credential-show-response.json b/api-ref/source/v3/samples/admin/credential-show-response.json new file mode 100644 index 0000000000..4d5385ac5f --- /dev/null +++ b/api-ref/source/v3/samples/admin/credential-show-response.json @@ -0,0 +1,12 @@ +{ + "credential": { + "user_id": "bb5476fd12884539b41d5a88f838d773", + "links": { + "self": "http://localhost:5000/v3/credentials/207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7" + }, + "blob": "{\"access\": \"a42a27755ce6442596b049bd7dd8a563\", \"secret\": \"71faf1d40bb24c82b479b1c6fbbd9f0c\", \"trust_id\": null}", + "project_id": "6e01855f345f4c59812999b5e459137d", + "type": "ec2", + "id": "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7" + } +} diff --git a/api-ref/source/v3/samples/admin/credential-update-request.json b/api-ref/source/v3/samples/admin/credential-update-request.json new file mode 100644 index 0000000000..2da3a1c3da --- /dev/null +++ b/api-ref/source/v3/samples/admin/credential-update-request.json @@ -0,0 +1,8 @@ +{ + "credential": { + "blob": "{\"access\":\"181920\",\"secrete\":\"secretKey\"}", + "project_id": "731fc6f265cd486d900f16e84c5cb594", + "type": "ec2", + "user_id": "bb5476fd12884539b41d5a88f838d773" + } +} diff --git a/api-ref/source/v3/samples/admin/credential-update-response.json b/api-ref/source/v3/samples/admin/credential-update-response.json new file mode 100644 index 0000000000..5a65b5b192 --- /dev/null +++ b/api-ref/source/v3/samples/admin/credential-update-response.json @@ -0,0 +1,12 @@ +{ + "credential": { + "user_id": "bb5476fd12884539b41d5a88f838d773", + "links": { + "self": "http://localhost:5000/v3/credentials/207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7" + }, + "blob": "{\"access\":\"181920\",\"secrete\":\"secretKey\"}", + "project_id": "731fc6f265cd486d900f16e84c5cb594", + "type": "ec2", + "id": "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7" + } +} diff --git a/api-ref/source/v3/samples/admin/credentials-list-response.json b/api-ref/source/v3/samples/admin/credentials-list-response.json new file mode 100644 index 0000000000..c6b8a19010 --- /dev/null +++ b/api-ref/source/v3/samples/admin/credentials-list-response.json @@ -0,0 +1,109 @@ +{ + "credentials": [ + { + "user_id": "bb5476fd12884539b41d5a88f838d773", + "links": { + "self": "http://localhost:5000/v3/credentials/207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7" + }, + "blob": "{\"access\": \"a42a27755ce6442596b049bd7dd8a563\", \"secret\": \"71faf1d40bb24c82b479b1c6fbbd9f0c\", \"trust_id\": null}", + "project_id": "6e01855f345f4c59812999b5e459137d", + "type": "ec2", + "id": "207e9b76935efc03804d3dd6ab52d22e9b22a0711e4ada4ff8b76165a07311d7" + }, + { + "user_id": "6f556708d04b4ea6bc72d7df2296b71a", + "links": { + "self": "http://localhost:5000/v3/credentials/2441494e52ab6d594a34d74586075cb299489bdd1e9389e3ab06467a4f460609" + }, + "blob": "{\"access\": \"7da79ff0aa364e1396f067e352b9b79a\", \"secret\": \"7a18d68ba8834b799d396f3ff6f1e98c\", \"trust_id\": null}", + "project_id": "1a1d14690f3c4ec5bf5f321c5fde3c16", + "type": "ec2", + "id": "2441494e52ab6d594a34d74586075cb299489bdd1e9389e3ab06467a4f460609" + }, + { + "user_id": "c14107e65d5c4a7f8894fc4b3fc209ff", + "links": { + "self": "http://localhost:5000/v3/credentials/3397b204b5f04c495bcdc8f34c8a39996f280f9172658241873e15f070ec79d7" + }, + "blob": "{\"access\": \"db9c58a558534a10a070110de4f9f20c\", \"secret\": \"973e790b88db447ba6f93bca02bc745b\", \"trust_id\": null}", + "project_id": "7396e43183db40dcbf40dd727637b548", + "type": "ec2", + "id": "3397b204b5f04c495bcdc8f34c8a39996f280f9172658241873e15f070ec79d7" + }, + { + "user_id": "915cc5f8cca6466aba6c6be06cbabfdf", + "links": { + "self": "http://localhost:5000/v3/credentials/352d5dd7a4aa19c4f2f23ee288bf65dc23a0bc293f40ffd2128ffe6a8cf3e871" + }, + "blob": "{\"access\": \"817c6c3487a440c1a0b1d3f92b30ca37\", \"secret\": \"47d681117d1c46e69a0c9ec811dae2e9\", \"trust_id\": null}", + "project_id": "2bf9767f9db949ee8364262a28a23062", + "type": "ec2", + "id": "352d5dd7a4aa19c4f2f23ee288bf65dc23a0bc293f40ffd2128ffe6a8cf3e871" + }, + { + "user_id": "bb5476fd12884539b41d5a88f838d773", + "links": { + "self": "http://localhost:5000/v3/credentials/3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510" + }, + "blob": "{\"access\":\"181920\",\"secret\":\"secretKey\"}", + "project_id": "731fc6f265cd486d900f16e84c5cb594", + "type": "ec2", + "id": "3d3367228f9c7665266604462ec60029bcd83ad89614021a80b2eb879c572510" + }, + { + "user_id": "bb5476fd12884539b41d5a88f838d773", + "links": { + "self": "http://localhost:5000/v3/credentials/6b7d803fc03b85866904b6b79e0a8fa1f4013b584163b4477eed96717eb402c0" + }, + "blob": "{\"access\": \"f2ba45670b504a518b46e920d760fde2\", \"secret\": \"bf7fff2b3a844730b2db793411756e55\", \"trust_id\": null}", + "project_id": "731fc6f265cd486d900f16e84c5cb594", + "type": "ec2", + "id": "6b7d803fc03b85866904b6b79e0a8fa1f4013b584163b4477eed96717eb402c0" + }, + { + "user_id": "2b657f6742ac416697e6821b3b2ee785", + "links": { + "self": "http://localhost:5000/v3/credentials/7d391b869631e5c4836708ea3bb3e0a5cbe0481201b5f0ddd5685ad3b3faa564" + }, + "blob": "{\"access\": \"a1525da4e7c0438ebf3058372d637b59\", \"secret\": \"c9165d2542b141e8b2a1ff61a5f5487c\", \"trust_id\": null}", + "project_id": "2bf9767f9db949ee8364262a28a23062", + "type": "ec2", + "id": "7d391b869631e5c4836708ea3bb3e0a5cbe0481201b5f0ddd5685ad3b3faa564" + }, + { + "user_id": "bb5476fd12884539b41d5a88f838d773", + "links": { + "self": "http://localhost:5000/v3/credentials/7ef4faa904ae7b8b4ddc7bad15b05ee359dad7d7a9b82861d4ad92fdbbb2eb4e" + }, + "blob": "{\"access\": \"7d7559359b57419eb5f5f5dcd65ab57d\", \"secret\": \"570652bcf8c2483c86eb29e9734eed3c\", \"trust_id\": null}", + "project_id": "731fc6f265cd486d900f16e84c5cb594", + "type": "ec2", + "id": "7ef4faa904ae7b8b4ddc7bad15b05ee359dad7d7a9b82861d4ad92fdbbb2eb4e" + }, + { + "user_id": "aedb193e9bb8400485f8d8426f7a031f", + "links": { + "self": "http://localhost:5000/v3/credentials/9c1c428d8e0e8338a5e16489ecfff9962f2b00f984ce4c7e9015e4003f478df8" + }, + "blob": "{\"access\": \"b3a6e5f4427c47e9b202264d91a19e49\", \"secret\": \"d9eb470f503f4b46932de38db7a79402\", \"trust_id\": null}", + "project_id": "a2672ecf9dd34c6980448b25a47e0947", + "type": "ec2", + "id": "9c1c428d8e0e8338a5e16489ecfff9962f2b00f984ce4c7e9015e4003f478df8" + }, + { + "user_id": "c14107e65d5c4a7f8894fc4b3fc209ff", + "links": { + "self": "http://localhost:5000/v3/credentials/e2c35ac2becb0fca3c3c2f035692a4f46a9cbf3b6e86c8a47f5aafe837d78a05" + }, + "blob": "{\"access\": \"1ed843b1bd4a409f9562400085adbaa4\", \"secret\": \"236ab24db1f04ec995fcf618ed4fc0f5\", \"trust_id\": null}", + "project_id": "6e01855f345f4c59812999b5e459137d", + "type": "ec2", + "id": "e2c35ac2becb0fca3c3c2f035692a4f46a9cbf3b6e86c8a47f5aafe837d78a05" + } + ], + "links": { + "self": "http://localhost:5000/v3/credentials", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/domain-config-group-option-show-response.json b/api-ref/source/v3/samples/admin/domain-config-group-option-show-response.json new file mode 100644 index 0000000000..fc4c140e5b --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-group-option-show-response.json @@ -0,0 +1,3 @@ +{ + "url": "http://myldap/root" +} diff --git a/api-ref/source/v3/samples/admin/domain-config-group-option-update-request.json b/api-ref/source/v3/samples/admin/domain-config-group-option-update-request.json new file mode 100644 index 0000000000..3c4642dd90 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-group-option-update-request.json @@ -0,0 +1,3 @@ +{ + "url": "http://myldap/my_other_root" +} diff --git a/api-ref/source/v3/samples/admin/domain-config-group-option-update-response.json b/api-ref/source/v3/samples/admin/domain-config-group-option-update-response.json new file mode 100644 index 0000000000..6367de3444 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-group-option-update-response.json @@ -0,0 +1,11 @@ +{ + "config": { + "identity": { + "driver": "keystone.identity.backends.ldap.Identity" + }, + "ldap": { + "url": "http://myldap/my_other_root", + "user_tree_dn": "ou=Users,dc=my_new_root,dc=org" + } + } +} diff --git a/api-ref/source/v3/samples/admin/domain-config-group-show-response.json b/api-ref/source/v3/samples/admin/domain-config-group-show-response.json new file mode 100644 index 0000000000..b03ba83633 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-group-show-response.json @@ -0,0 +1,6 @@ +{ + "ldap": { + "url": "http://myldap/root", + "user_tree_dn": "ou=Users,dc=root,dc=org" + } +} diff --git a/api-ref/source/v3/samples/admin/domain-config-group-update-request.json b/api-ref/source/v3/samples/admin/domain-config-group-update-request.json new file mode 100644 index 0000000000..b0a8409763 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-group-update-request.json @@ -0,0 +1,8 @@ +{ + "config": { + "ldap": { + "url": "http://myldap/my_new_root", + "user_tree_dn": "ou=Users,dc=my_new_root,dc=org" + } + } +} diff --git a/api-ref/source/v3/samples/admin/domain-config-group-update-response.json b/api-ref/source/v3/samples/admin/domain-config-group-update-response.json new file mode 100644 index 0000000000..fa2259e319 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-group-update-response.json @@ -0,0 +1,11 @@ +{ + "config": { + "identity": { + "driver": "keystone.identity.backends.ldap.Identity" + }, + "ldap": { + "url": "http://myldap/my_new_root", + "user_tree_dn": "ou=Users,dc=my_new_root,dc=org" + } + } +} diff --git a/api-ref/source/v3/samples/admin/domain-config-show-response.json b/api-ref/source/v3/samples/admin/domain-config-show-response.json new file mode 100644 index 0000000000..60f10084ec --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-show-response.json @@ -0,0 +1,11 @@ +{ + "config": { + "identity": { + "driver": "keystone.identity.backends.ldap.Identity" + }, + "ldap": { + "url": "http://myldap/root", + "user_tree_dn": "ou=Users,dc=root,dc=org" + } + } +} diff --git a/api-ref/source/v3/samples/admin/domain-config-update-request.json b/api-ref/source/v3/samples/admin/domain-config-update-request.json new file mode 100644 index 0000000000..b0a8409763 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-update-request.json @@ -0,0 +1,8 @@ +{ + "config": { + "ldap": { + "url": "http://myldap/my_new_root", + "user_tree_dn": "ou=Users,dc=my_new_root,dc=org" + } + } +} diff --git a/api-ref/source/v3/samples/admin/domain-config-update-response.json b/api-ref/source/v3/samples/admin/domain-config-update-response.json new file mode 100644 index 0000000000..fa2259e319 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-config-update-response.json @@ -0,0 +1,11 @@ +{ + "config": { + "identity": { + "driver": "keystone.identity.backends.ldap.Identity" + }, + "ldap": { + "url": "http://myldap/my_new_root", + "user_tree_dn": "ou=Users,dc=my_new_root,dc=org" + } + } +} diff --git a/api-ref/source/v3/samples/admin/domain-create-request.json b/api-ref/source/v3/samples/admin/domain-create-request.json new file mode 100644 index 0000000000..d1439bf3de --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-create-request.json @@ -0,0 +1,7 @@ +{ + "domain": { + "description": "Domain description", + "enabled": true, + "name": "myDomain" + } +} diff --git a/api-ref/source/v3/samples/admin/domain-create-response.json b/api-ref/source/v3/samples/admin/domain-create-response.json new file mode 100644 index 0000000000..56eae571f7 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-create-response.json @@ -0,0 +1,11 @@ +{ + "domain": { + "description": "Domain description", + "enabled": true, + "id": "161718", + "links": { + "self": "http://identity:35357/v3/domains/161718" + }, + "name": "myDomain" + } +} diff --git a/api-ref/source/v3/samples/admin/domain-group-roles-list-response.json b/api-ref/source/v3/samples/admin/domain-group-roles-list-response.json new file mode 100644 index 0000000000..161c5ddafd --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-group-roles-list-response.json @@ -0,0 +1,23 @@ +{ + "roles": [ + { + "id": "123456", + "links": { + "self": "http://identity:35357/v3/roles/123456" + }, + "name": "admin" + }, + { + "id": "123457", + "links": { + "self": "http://identity:35357/v3/roles/123457" + }, + "name": "manager" + } + ], + "links": { + "self": "http://identity:35357/v3/domains/161718/groups/101112/roles", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/domain-group-update-request.json b/api-ref/source/v3/samples/admin/domain-group-update-request.json new file mode 100644 index 0000000000..b0a8409763 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-group-update-request.json @@ -0,0 +1,8 @@ +{ + "config": { + "ldap": { + "url": "http://myldap/my_new_root", + "user_tree_dn": "ou=Users,dc=my_new_root,dc=org" + } + } +} diff --git a/api-ref/source/v3/samples/admin/domain-show-response.json b/api-ref/source/v3/samples/admin/domain-show-response.json new file mode 100644 index 0000000000..1106b1973f --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-show-response.json @@ -0,0 +1,11 @@ +{ + "domain": { + "description": "Owns users and tenants (i.e. projects) available on Identity API v2.", + "enabled": true, + "id": "default", + "links": { + "self": "http://localhost:5000/v3/domains/default" + }, + "name": "Default" + } +} diff --git a/api-ref/source/v3/samples/admin/domain-update-request.json b/api-ref/source/v3/samples/admin/domain-update-request.json new file mode 100644 index 0000000000..34c834aa76 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-update-request.json @@ -0,0 +1,5 @@ +{ + "domain": { + "description": "Owns users and projects on Identity API v2." + } +} diff --git a/api-ref/source/v3/samples/admin/domain-update-response.json b/api-ref/source/v3/samples/admin/domain-update-response.json new file mode 100644 index 0000000000..fe1034bb53 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-update-response.json @@ -0,0 +1,11 @@ +{ + "domain": { + "links": { + "self": "http://localhost:5000/v3/domains/default" + }, + "enabled": true, + "description": "Owns users and projects on Identity API v2.", + "name": "Default", + "id": "default" + } +} diff --git a/api-ref/source/v3/samples/admin/domain-user-roles-list-response.json b/api-ref/source/v3/samples/admin/domain-user-roles-list-response.json new file mode 100644 index 0000000000..1d27b4648a --- /dev/null +++ b/api-ref/source/v3/samples/admin/domain-user-roles-list-response.json @@ -0,0 +1,23 @@ +{ + "roles": [ + { + "id": "123456", + "links": { + "self": "http://identity:35357/v3/roles/123456" + }, + "name": "admin" + }, + { + "id": "123457", + "links": { + "self": "http://identity:35357/v3/roles/123457" + }, + "name": "manager" + } + ], + "links": { + "self": "http://identity:35357/v3/domains/161718/users/313233/roles", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/domains-list-response.json b/api-ref/source/v3/samples/admin/domains-list-response.json new file mode 100644 index 0000000000..945c864587 --- /dev/null +++ b/api-ref/source/v3/samples/admin/domains-list-response.json @@ -0,0 +1,27 @@ +{ + "domains": [ + { + "description": "Used for swift functional testing", + "enabled": true, + "id": "5a75994a383c449184053ff7270c4e91", + "links": { + "self": "http://localhost:5000/v3/domains/5a75994a383c449184053ff7270c4e91" + }, + "name": "swift_test" + }, + { + "description": "Owns users and tenants (i.e. projects) available on Identity API v2.", + "enabled": true, + "id": "default", + "links": { + "self": "http://localhost:5000/v3/domains/default" + }, + "name": "Default" + } + ], + "links": { + "next": null, + "previous": null, + "self": "http://localhost:5000/v3/domains" + } +} diff --git a/api-ref/source/v3/samples/admin/endpoint-create-request.json b/api-ref/source/v3/samples/admin/endpoint-create-request.json new file mode 100644 index 0000000000..6d0890992d --- /dev/null +++ b/api-ref/source/v3/samples/admin/endpoint-create-request.json @@ -0,0 +1,9 @@ +{ + "endpoint": { + "interface": "public", + "name": "ec2-2", + "region_id": "RegionOne", + "url": "http://identity:35357/v3/endpoints/828384", + "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596" + } +} diff --git a/api-ref/source/v3/samples/admin/endpoint-create-response.json b/api-ref/source/v3/samples/admin/endpoint-create-response.json new file mode 100644 index 0000000000..daad8538db --- /dev/null +++ b/api-ref/source/v3/samples/admin/endpoint-create-response.json @@ -0,0 +1,15 @@ +{ + "endpoint": { + "region_id": "RegionOne", + "links": { + "self": "http://localhost:5000/v3/endpoints/e9b475a8742d4ff1a81b353c5a37e138" + }, + "url": "http://identity:35357/v3/endpoints/828384", + "region": "RegionOne", + "enabled": true, + "interface": "public", + "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596", + "id": "e9b475a8742d4ff1a81b353c5a37e138", + "name": "ec2-2" + } +} diff --git a/api-ref/source/v3/samples/admin/endpoint-show-response.json b/api-ref/source/v3/samples/admin/endpoint-show-response.json new file mode 100644 index 0000000000..cc0ff650c2 --- /dev/null +++ b/api-ref/source/v3/samples/admin/endpoint-show-response.json @@ -0,0 +1,14 @@ +{ + "endpoint": { + "enabled": true, + "id": "01c3d5b92f7841ac83fb4b26173c12c7", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/01c3d5b92f7841ac83fb4b26173c12c7" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "3b2d6ad7e02c4cde8498a547601f1b8f", + "url": "http://23.253.211.234:9696/" + } +} diff --git a/api-ref/source/v3/samples/admin/endpoint-update-request.json b/api-ref/source/v3/samples/admin/endpoint-update-request.json new file mode 100644 index 0000000000..5f6c82be43 --- /dev/null +++ b/api-ref/source/v3/samples/admin/endpoint-update-request.json @@ -0,0 +1,9 @@ +{ + "endpoint": { + "interface": "public", + "name": "Name", + "region_id": "north", + "url": "http://identity:35357/v3/endpoints/828384", + "service_id": "345678" + } +} diff --git a/api-ref/source/v3/samples/admin/endpoint-update-response.json b/api-ref/source/v3/samples/admin/endpoint-update-response.json new file mode 100644 index 0000000000..5a84dd72ff --- /dev/null +++ b/api-ref/source/v3/samples/admin/endpoint-update-response.json @@ -0,0 +1,13 @@ +{ + "endpoint": { + "id": "828384", + "interface": "internal", + "links": { + "self": "http://identity:35357/v3/endpoints/828384" + }, + "name": "the internal volume endpoint", + "region_id": "north", + "service_id": "686766", + "url": "http://identity:35357/v3/endpoints/828384" + } +} diff --git a/api-ref/source/v3/samples/admin/endpoints-list-response.json b/api-ref/source/v3/samples/admin/endpoints-list-response.json new file mode 100644 index 0000000000..ed35c76ef1 --- /dev/null +++ b/api-ref/source/v3/samples/admin/endpoints-list-response.json @@ -0,0 +1,333 @@ +{ + "endpoints": [ + { + "enabled": true, + "id": "0649c5be323f4792afbc1efdd480847d", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/0649c5be323f4792afbc1efdd480847d" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "ef6b15e425814dc69d830361baae0e33", + "url": "http://23.253.211.234:8080/v1/AUTH_$(tenant_id)s" + }, + { + "enabled": true, + "id": "06b85ed2aa57413ca0b1813daed329a9", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/06b85ed2aa57413ca0b1813daed329a9" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "98cfd5347fb84601b2f88f3afd8dddd4", + "url": "http://23.253.211.234:8776/v1/$(tenant_id)s" + }, + { + "enabled": true, + "id": "070102f162e04f91a52c7887d0604163", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/070102f162e04f91a52c7887d0604163" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "312f401c14d143d8b3e3f4daf0418add", + "url": "http://23.253.211.234:8774/v2.1/$(tenant_id)s" + }, + { + "enabled": true, + "id": "0fd73b621e424cc0a172853264519cbc", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/0fd73b621e424cc0a172853264519cbc" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "17a877162c8e405b81d563d95ec4e3f8", + "url": "http://23.253.211.234:8776/v2/$(tenant_id)s" + }, + { + "enabled": true, + "id": "1899667a3b1544ccb355fdfc4184d7d7", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/1899667a3b1544ccb355fdfc4184d7d7" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "9b67aed49e0d4c2fb46ca9476a3b9243", + "url": "http://23.253.211.234:9292" + }, + { + "enabled": true, + "id": "3b3611ea2e554ee7b85e7f2213b02c33", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/3b3611ea2e554ee7b85e7f2213b02c33" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "2a662f90700b4478929d4b24cc6a320b", + "url": "http://23.253.211.234:9696/" + }, + { + "enabled": true, + "id": "3ea2b420306f48c6bf0cf51c2fefea03", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/3ea2b420306f48c6bf0cf51c2fefea03" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "736fb9bb21ef498287db9abcc55b20d9", + "url": "http://23.253.211.234:8774/v2/$(tenant_id)s" + }, + { + "enabled": true, + "id": "41b122182f574a44b0e246aff6ca29c5", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/41b122182f574a44b0e246aff6ca29c5" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "9b67aed49e0d4c2fb46ca9476a3b9243", + "url": "http://23.253.211.234:9292" + }, + { + "enabled": true, + "id": "44a736dd5eeb4347acec66b5f11c8f80", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/44a736dd5eeb4347acec66b5f11c8f80" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "2a662f90700b4478929d4b24cc6a320b", + "url": "http://23.253.211.234:9696/" + }, + { + "enabled": true, + "id": "499e8f6718ef466ba3fb315fa8f9e0b8", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/499e8f6718ef466ba3fb315fa8f9e0b8" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "312f401c14d143d8b3e3f4daf0418add", + "url": "http://23.253.211.234:8774/v2.1/$(tenant_id)s" + }, + { + "enabled": true, + "id": "545b1e9f126248428c5cdbec7420c353", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/545b1e9f126248428c5cdbec7420c353" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "736fb9bb21ef498287db9abcc55b20d9", + "url": "http://23.253.211.234:8774/v2/$(tenant_id)s" + }, + { + "enabled": true, + "id": "629dc5a64e954ad09a45e87bc48299ba", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/629dc5a64e954ad09a45e87bc48299ba" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "2a662f90700b4478929d4b24cc6a320b", + "url": "http://23.253.211.234:9696/" + }, + { + "enabled": true, + "id": "642a329a660544fdaab2420c0da7d49b", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/642a329a660544fdaab2420c0da7d49b" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "ef6b15e425814dc69d830361baae0e33", + "url": "http://23.253.211.234:8080/v1/AUTH_$(tenant_id)s" + }, + { + "enabled": true, + "id": "72f8fc8536e44a19bc3388218efcc741", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/72f8fc8536e44a19bc3388218efcc741" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "9b67aed49e0d4c2fb46ca9476a3b9243", + "url": "http://23.253.211.234:9292" + }, + { + "enabled": true, + "id": "74121e71962e4947ac622c41706f0ee7", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/74121e71962e4947ac622c41706f0ee7" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "17a877162c8e405b81d563d95ec4e3f8", + "url": "http://23.253.211.234:8776/v2/$(tenant_id)s" + }, + { + "enabled": true, + "id": "7431a4f971dc4abb8d0e387434a06817", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/7431a4f971dc4abb8d0e387434a06817" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596", + "url": "http://23.253.211.234:8773/" + }, + { + "enabled": true, + "id": "7cffc75a14ca4334b458e475750bd84f", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/7cffc75a14ca4334b458e475750bd84f" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "efeb249cbcd3412496bc4b194ea058da", + "url": "http://23.253.211.234:5000/v2.0" + }, + { + "enabled": true, + "id": "a422a6fa163b4a6ba8309e067ce3750b", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/a422a6fa163b4a6ba8309e067ce3750b" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "312f401c14d143d8b3e3f4daf0418add", + "url": "http://23.253.211.234:8774/v2.1/$(tenant_id)s" + }, + { + "enabled": true, + "id": "ac6a74efe9944afdb129d4df70cde0ec", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/ac6a74efe9944afdb129d4df70cde0ec" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596", + "url": "http://23.253.211.234:8773/" + }, + { + "enabled": true, + "id": "adf43d7ff0d14d0fa1e8a5187f40e1af", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/adf43d7ff0d14d0fa1e8a5187f40e1af" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "efeb249cbcd3412496bc4b194ea058da", + "url": "http://23.253.211.234:5000/v2.0" + }, + { + "enabled": true, + "id": "b18be64a118244d39217db72534f8b33", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/b18be64a118244d39217db72534f8b33" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "736fb9bb21ef498287db9abcc55b20d9", + "url": "http://23.253.211.234:8774/v2/$(tenant_id)s" + }, + { + "enabled": true, + "id": "c828983c9c214d819674649aa693cdff", + "interface": "public", + "links": { + "self": "http://localhost:5000/v3/endpoints/c828983c9c214d819674649aa693cdff" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "98cfd5347fb84601b2f88f3afd8dddd4", + "url": "http://23.253.211.234:8776/v1/$(tenant_id)s" + }, + { + "enabled": true, + "id": "d062ebdb244f447498768fc0ced32e2d", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/d062ebdb244f447498768fc0ced32e2d" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "98cfd5347fb84601b2f88f3afd8dddd4", + "url": "http://23.253.211.234:8776/v1/$(tenant_id)s" + }, + { + "enabled": true, + "id": "d281219ec0df4cf2b7c681463d5dcf51", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/d281219ec0df4cf2b7c681463d5dcf51" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "17a877162c8e405b81d563d95ec4e3f8", + "url": "http://23.253.211.234:8776/v2/$(tenant_id)s" + }, + { + "enabled": true, + "id": "d8e0824a17404431b5d978a87ac1bede", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/d8e0824a17404431b5d978a87ac1bede" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "efeb249cbcd3412496bc4b194ea058da", + "url": "http://23.253.211.234:35357/v2.0" + }, + { + "enabled": true, + "id": "d9b54bdc063046828ac3c6487bea8047", + "interface": "internal", + "links": { + "self": "http://localhost:5000/v3/endpoints/d9b54bdc063046828ac3c6487bea8047" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "9242e05f0c23467bbd1cf1f7a6e5e596", + "url": "http://23.253.211.234:8773/" + }, + { + "enabled": true, + "id": "ea74f9771dec475eabfc2cdff5364413", + "interface": "admin", + "links": { + "self": "http://localhost:5000/v3/endpoints/ea74f9771dec475eabfc2cdff5364413" + }, + "region": "RegionOne", + "region_id": "RegionOne", + "service_id": "ef6b15e425814dc69d830361baae0e33", + "url": "http://23.253.211.234:8080" + } + ], + "links": { + "next": null, + "previous": null, + "self": "http://localhost:5000/v3/endpoints" + } +} diff --git a/api-ref/source/v3/samples/admin/group-create-request.json b/api-ref/source/v3/samples/admin/group-create-request.json new file mode 100644 index 0000000000..4c35eb48e7 --- /dev/null +++ b/api-ref/source/v3/samples/admin/group-create-request.json @@ -0,0 +1,7 @@ +{ + "group": { + "description": "Contract developers", + "domain_id": "default", + "name": "Contract developers" + } +} diff --git a/api-ref/source/v3/samples/admin/group-create-response.json b/api-ref/source/v3/samples/admin/group-create-response.json new file mode 100644 index 0000000000..112218d48b --- /dev/null +++ b/api-ref/source/v3/samples/admin/group-create-response.json @@ -0,0 +1,11 @@ +{ + "group": { + "domain_id": "default", + "description": "Contract developers", + "id": "c0d675eac29945ad9dfd08aa1bb75751", + "links": { + "self": "http://localhost:5000/v3/groups/c0d675eac29945ad9dfd08aa1bb75751" + }, + "name": "Contract developers" + } +} diff --git a/api-ref/source/v3/samples/admin/group-show-response.json b/api-ref/source/v3/samples/admin/group-show-response.json new file mode 100644 index 0000000000..112218d48b --- /dev/null +++ b/api-ref/source/v3/samples/admin/group-show-response.json @@ -0,0 +1,11 @@ +{ + "group": { + "domain_id": "default", + "description": "Contract developers", + "id": "c0d675eac29945ad9dfd08aa1bb75751", + "links": { + "self": "http://localhost:5000/v3/groups/c0d675eac29945ad9dfd08aa1bb75751" + }, + "name": "Contract developers" + } +} diff --git a/api-ref/source/v3/samples/admin/group-update-request.json b/api-ref/source/v3/samples/admin/group-update-request.json new file mode 100644 index 0000000000..961838b571 --- /dev/null +++ b/api-ref/source/v3/samples/admin/group-update-request.json @@ -0,0 +1,6 @@ +{ + "group": { + "description": "Contract developers 2016", + "name": "Contract developers 2016" + } +} diff --git a/api-ref/source/v3/samples/admin/group-update-response.json b/api-ref/source/v3/samples/admin/group-update-response.json new file mode 100644 index 0000000000..6a3ee33951 --- /dev/null +++ b/api-ref/source/v3/samples/admin/group-update-response.json @@ -0,0 +1,11 @@ +{ + "group": { + "domain_id": "default", + "description": "Contract developers 2016", + "id": "c0d675eac29945ad9dfd08aa1bb75751", + "links": { + "self": "http://localhost:5000/v3/groups/c0d675eac29945ad9dfd08aa1bb75751" + }, + "name": "Contract developers 2016" + } +} diff --git a/api-ref/source/v3/samples/admin/group-users-list-response.json b/api-ref/source/v3/samples/admin/group-users-list-response.json new file mode 100644 index 0000000000..68bef1237f --- /dev/null +++ b/api-ref/source/v3/samples/admin/group-users-list-response.json @@ -0,0 +1,19 @@ +{ + "users": [ + { + "name": "admin", + "links": { + "self": "http://localhost:5000/v3/users/fff603a0829d41e48bc0dd0d72ad61ce" + }, + "domain_id": "default", + "enabled": true, + "email": null, + "id": "fff603a0829d41e48bc0dd0d72ad61ce" + } + ], + "links": { + "self": "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92/users", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/groups-list-response.json b/api-ref/source/v3/samples/admin/groups-list-response.json new file mode 100644 index 0000000000..4984bc6004 --- /dev/null +++ b/api-ref/source/v3/samples/admin/groups-list-response.json @@ -0,0 +1,27 @@ +{ + "links": { + "self": "http://localhost:5000/v3/groups", + "previous": null, + "next": null + }, + "groups": [ + { + "domain_id": "default", + "description": "non-admin group", + "id": "96372bbb152f475aa37e9a76a25a029c", + "links": { + "self": "http://localhost:5000/v3/groups/96372bbb152f475aa37e9a76a25a029c" + }, + "name": "nonadmins" + }, + { + "domain_id": "default", + "description": "openstack admin group", + "id": "9ce0ad4e58a84d7a97b92f7955d10c92", + "links": { + "self": "http://localhost:5000/v3/groups/9ce0ad4e58a84d7a97b92f7955d10c92" + }, + "name": "admins" + } + ] +} diff --git a/api-ref/source/v3/samples/admin/identity-version-response.json b/api-ref/source/v3/samples/admin/identity-version-response.json new file mode 100644 index 0000000000..0f1d5eaa6d --- /dev/null +++ b/api-ref/source/v3/samples/admin/identity-version-response.json @@ -0,0 +1,19 @@ +{ + "version": { + "id": "v3.4", + "links": [ + { + "href": "http://localhost:5000/v3/", + "rel": "self" + } + ], + "media-types": [ + { + "base": "application/json", + "type": "application/vnd.openstack.identity-v3+json" + } + ], + "status": "stable", + "updated": "2015-03-30T00:00:00Z" + } +} diff --git a/api-ref/source/v3/samples/admin/identity-versions-response.json b/api-ref/source/v3/samples/admin/identity-versions-response.json new file mode 100644 index 0000000000..5cbc45adc4 --- /dev/null +++ b/api-ref/source/v3/samples/admin/identity-versions-response.json @@ -0,0 +1,45 @@ +{ + "versions": { + "values": [ + { + "id": "v3.4", + "links": [ + { + "href": "http://localhost:5000/v3/", + "rel": "self" + } + ], + "media-types": [ + { + "base": "application/json", + "type": "application/vnd.openstack.identity-v3+json" + } + ], + "status": "stable", + "updated": "2015-03-30T00:00:00Z" + }, + { + "id": "v2.0", + "links": [ + { + "href": "http://localhost:5000/v2.0/", + "rel": "self" + }, + { + "href": "http://docs.openstack.org/", + "rel": "describedby", + "type": "text/html" + } + ], + "media-types": [ + { + "base": "application/json", + "type": "application/vnd.openstack.identity-v2.0+json" + } + ], + "status": "stable", + "updated": "2014-04-17T00:00:00Z" + } + ] + } +} diff --git a/api-ref/source/v3/samples/admin/policies-list-response.json b/api-ref/source/v3/samples/admin/policies-list-response.json new file mode 100644 index 0000000000..3a2ae71587 --- /dev/null +++ b/api-ref/source/v3/samples/admin/policies-list-response.json @@ -0,0 +1,37 @@ +{ + "links": { + "next": null, + "previous": null, + "self": "http://localhost:5000/v3/policies" + }, + "policies": [ + { + "blob": { + "foobar_user": [ + "role:compute-user" + ] + }, + "id": "717273", + "links": { + "self": "http://identity:35357/v3/policies/717273" + }, + "project_id": "456789", + "type": "application/json", + "user_id": "616263" + }, + { + "blob": { + "foobar_user": [ + "role:compute-user" + ] + }, + "id": "717274", + "links": { + "self": "http://identity:35357/v3/policies/717274" + }, + "project_id": "456789", + "type": "application/json", + "user_id": "616263" + } + ] +} diff --git a/api-ref/source/v3/samples/admin/policy-create-request.json b/api-ref/source/v3/samples/admin/policy-create-request.json new file mode 100644 index 0000000000..20293393ca --- /dev/null +++ b/api-ref/source/v3/samples/admin/policy-create-request.json @@ -0,0 +1,8 @@ +{ + "policy": { + "blob": "{'foobar_user': 'role:compute-user'}", + "project_id": "0426ac1e48f642ef9544c2251e07e261", + "type": "application/json", + "user_id": "0ffd248c55b443eaac5253b4e9cbf9b5" + } +} diff --git a/api-ref/source/v3/samples/admin/policy-create-response.json b/api-ref/source/v3/samples/admin/policy-create-response.json new file mode 100644 index 0000000000..5b62c1b0a1 --- /dev/null +++ b/api-ref/source/v3/samples/admin/policy-create-response.json @@ -0,0 +1,12 @@ +{ + "policy": { + "user_id": "0ffd248c55b443eaac5253b4e9cbf9b5", + "links": { + "self": "http://identity:35357/v3/policies/88f5b83f8f8e41daba4c25eed1a7bbc6" + }, + "blob": "{'foobar_user': 'role:compute-user'}", + "project_id": "0426ac1e48f642ef9544c2251e07e261", + "type": "application/json", + "id": "88f5b83f8f8e41daba4c25eed1a7bbc6" + } +} diff --git a/api-ref/source/v3/samples/admin/policy-show-response.json b/api-ref/source/v3/samples/admin/policy-show-response.json new file mode 100644 index 0000000000..245c774aa8 --- /dev/null +++ b/api-ref/source/v3/samples/admin/policy-show-response.json @@ -0,0 +1,16 @@ +{ + "policy": { + "blob": { + "foobar_user": [ + "role:compute-user" + ] + }, + "id": "717273", + "links": { + "self": "http://identity:35357/v3/policies/717273" + }, + "project_id": "456789", + "type": "application/json", + "user_id": "616263" + } +} diff --git a/api-ref/source/v3/samples/admin/policy-update-request.json b/api-ref/source/v3/samples/admin/policy-update-request.json new file mode 100644 index 0000000000..a10f6362b8 --- /dev/null +++ b/api-ref/source/v3/samples/admin/policy-update-request.json @@ -0,0 +1,12 @@ +{ + "policy": { + "blob": { + "foobar_user": [ + "role:compute-user" + ] + }, + "project_id": "456789", + "type": "application/json", + "user_id": "616263" + } +} diff --git a/api-ref/source/v3/samples/admin/policy-update-response.json b/api-ref/source/v3/samples/admin/policy-update-response.json new file mode 100644 index 0000000000..245c774aa8 --- /dev/null +++ b/api-ref/source/v3/samples/admin/policy-update-response.json @@ -0,0 +1,16 @@ +{ + "policy": { + "blob": { + "foobar_user": [ + "role:compute-user" + ] + }, + "id": "717273", + "links": { + "self": "http://identity:35357/v3/policies/717273" + }, + "project_id": "456789", + "type": "application/json", + "user_id": "616263" + } +} diff --git a/api-ref/source/v3/samples/admin/project-create-request.json b/api-ref/source/v3/samples/admin/project-create-request.json new file mode 100644 index 0000000000..76c9411556 --- /dev/null +++ b/api-ref/source/v3/samples/admin/project-create-request.json @@ -0,0 +1,9 @@ +{ + "project": { + "description": "My new project", + "domain_id": "default", + "enabled": true, + "is_domain": true, + "name": "myNewProject" + } +} diff --git a/api-ref/source/v3/samples/admin/project-create-response.json b/api-ref/source/v3/samples/admin/project-create-response.json new file mode 100644 index 0000000000..e1e3ba677c --- /dev/null +++ b/api-ref/source/v3/samples/admin/project-create-response.json @@ -0,0 +1,14 @@ +{ + "project": { + "is_domain": true, + "description": "My new project", + "links": { + "self": "http://localhost:5000/v3/projects/93ebbcc35335488b96ff9cd7d18cbb2e" + }, + "enabled": true, + "id": "93ebbcc35335488b96ff9cd7d18cbb2e", + "parent_id": null, + "domain_id": "default", + "name": "myNewProject" + } +} diff --git a/api-ref/source/v3/samples/admin/project-enable-request.json b/api-ref/source/v3/samples/admin/project-enable-request.json new file mode 100644 index 0000000000..ed87ef8426 --- /dev/null +++ b/api-ref/source/v3/samples/admin/project-enable-request.json @@ -0,0 +1,5 @@ +{ + "project": { + "enabled": true + } +} diff --git a/api-ref/source/v3/samples/admin/project-group-roles-list-response.json b/api-ref/source/v3/samples/admin/project-group-roles-list-response.json new file mode 100644 index 0000000000..e89caa0e3b --- /dev/null +++ b/api-ref/source/v3/samples/admin/project-group-roles-list-response.json @@ -0,0 +1,23 @@ +{ + "roles": [ + { + "id": "123456", + "links": { + "self": "http://identity:35357/v3/roles/123456" + }, + "name": "admin" + }, + { + "id": "123457", + "links": { + "self": "http://identity:35357/v3/roles/123457" + }, + "name": "manager" + } + ], + "links": { + "self": "http://identity:35357/v3/projects/456789/groups/101112/roles", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/project-show-response.json b/api-ref/source/v3/samples/admin/project-show-response.json new file mode 100644 index 0000000000..7fc8ca5c2b --- /dev/null +++ b/api-ref/source/v3/samples/admin/project-show-response.json @@ -0,0 +1,13 @@ +{ + "project": { + "description": null, + "domain_id": "default", + "enabled": true, + "id": "0c4e939acacf4376bdcd1129f1a054ad", + "links": { + "self": "http://localhost:5000/v3/projects/0c4e939acacf4376bdcd1129f1a054ad" + }, + "name": "admin", + "parent_id": null + } +} diff --git a/api-ref/source/v3/samples/admin/project-update-request.json b/api-ref/source/v3/samples/admin/project-update-request.json new file mode 100644 index 0000000000..6cc0bdb34b --- /dev/null +++ b/api-ref/source/v3/samples/admin/project-update-request.json @@ -0,0 +1,8 @@ +{ + "project": { + "description": "My updated project", + "domain_id": "default", + "enabled": true, + "name": "myUpdatedProject" + } +} diff --git a/api-ref/source/v3/samples/admin/project-update-response.json b/api-ref/source/v3/samples/admin/project-update-response.json new file mode 100644 index 0000000000..c56eb4a2a7 --- /dev/null +++ b/api-ref/source/v3/samples/admin/project-update-response.json @@ -0,0 +1,17 @@ +{ + "project": { + "is_domain": true, + "description": "My updated project", + "links": { + "self": "http://localhost:5000/v3/projects/93ebbcc35335488b96ff9cd7d18cbb2e" + }, + "extra": { + "is_domain": true + }, + "enabled": true, + "id": "93ebbcc35335488b96ff9cd7d18cbb2e", + "parent_id": null, + "domain_id": "default", + "name": "myUpdatedProject" + } +} diff --git a/api-ref/source/v3/samples/admin/project-user-roles-list-response.json b/api-ref/source/v3/samples/admin/project-user-roles-list-response.json new file mode 100644 index 0000000000..2704f65a63 --- /dev/null +++ b/api-ref/source/v3/samples/admin/project-user-roles-list-response.json @@ -0,0 +1,16 @@ +{ + "links": { + "self": "http://localhost:5000/v3/projects/9e5a15e2c0dd42aab0990a463e839ac1/users/b964a9e51c0046a4a84d3f83a135a97c/roles", + "previous": null, + "next": null + }, + "roles": [ + { + "id": "3b5347fa7a144008ba57c0acea469cc3", + "links": { + "self": "http://localhost:5000/v3/roles/3b5347fa7a144008ba57c0acea469cc3" + }, + "name": "admin" + } + ] +} diff --git a/api-ref/source/v3/samples/admin/projects-list-response.json b/api-ref/source/v3/samples/admin/projects-list-response.json new file mode 100644 index 0000000000..0a770030a1 --- /dev/null +++ b/api-ref/source/v3/samples/admin/projects-list-response.json @@ -0,0 +1,97 @@ +{ + "links": { + "next": null, + "previous": null, + "self": "http://localhost:5000/v3/projects" + }, + "projects": [ + { + "description": null, + "domain_id": "default", + "enabled": true, + "id": "0c4e939acacf4376bdcd1129f1a054ad", + "links": { + "self": "http://localhost:5000/v3/projects/0c4e939acacf4376bdcd1129f1a054ad" + }, + "name": "admin", + "parent_id": null + }, + { + "description": null, + "domain_id": "default", + "enabled": true, + "id": "0cbd49cbf76d405d9c86562e1d579bd3", + "links": { + "self": "http://localhost:5000/v3/projects/0cbd49cbf76d405d9c86562e1d579bd3" + }, + "name": "demo", + "parent_id": null + }, + { + "description": null, + "domain_id": "default", + "enabled": true, + "id": "2db68fed84324f29bb73130c6c2094fb", + "links": { + "self": "http://localhost:5000/v3/projects/2db68fed84324f29bb73130c6c2094fb" + }, + "name": "swifttenanttest2", + "parent_id": null + }, + { + "description": null, + "domain_id": "default", + "enabled": true, + "id": "3d594eb0f04741069dbbb521635b21c7", + "links": { + "self": "http://localhost:5000/v3/projects/3d594eb0f04741069dbbb521635b21c7" + }, + "name": "service", + "parent_id": null + }, + { + "description": null, + "domain_id": "default", + "enabled": true, + "id": "43ebde53fc314b1c9ea2b8c5dc744927", + "links": { + "self": "http://localhost:5000/v3/projects/43ebde53fc314b1c9ea2b8c5dc744927" + }, + "name": "swifttenanttest1", + "parent_id": null + }, + { + "description": "", + "domain_id": "1bc2169ca88e4cdaaba46d4c15390b65", + "enabled": true, + "id": "4b1eb781a47440acb8af9850103e537f", + "links": { + "self": "http://localhost:5000/v3/projects/4b1eb781a47440acb8af9850103e537f" + }, + "name": "swifttenanttest4", + "parent_id": null + }, + { + "description": null, + "domain_id": "default", + "enabled": true, + "id": "5961c443439d4fcebe42643723755e9d", + "links": { + "self": "http://localhost:5000/v3/projects/5961c443439d4fcebe42643723755e9d" + }, + "name": "invisible_to_admin", + "parent_id": null + }, + { + "description": null, + "domain_id": "default", + "enabled": true, + "id": "fdb8424c4e4f4c0ba32c52e2de3bd80e", + "links": { + "self": "http://localhost:5000/v3/projects/fdb8424c4e4f4c0ba32c52e2de3bd80e" + }, + "name": "alt_demo", + "parent_id": null + } + ] +} diff --git a/api-ref/source/v3/samples/admin/region-create-request.json b/api-ref/source/v3/samples/admin/region-create-request.json new file mode 100644 index 0000000000..c20f1ed635 --- /dev/null +++ b/api-ref/source/v3/samples/admin/region-create-request.json @@ -0,0 +1,7 @@ +{ + "region": { + "description": "My subregion", + "id": "RegionOneSubRegion", + "parent_region_id": "RegionOne" + } +} diff --git a/api-ref/source/v3/samples/admin/region-create-response.json b/api-ref/source/v3/samples/admin/region-create-response.json new file mode 100644 index 0000000000..ad37413ec9 --- /dev/null +++ b/api-ref/source/v3/samples/admin/region-create-response.json @@ -0,0 +1,10 @@ +{ + "region": { + "parent_region_id": "RegionOne", + "id": "RegionOneSubRegion", + "links": { + "self": "http://localhost:5000/v3/regions/RegionOneSubRegion" + }, + "description": "My subregion" + } +} diff --git a/api-ref/source/v3/samples/admin/region-show-response.json b/api-ref/source/v3/samples/admin/region-show-response.json new file mode 100644 index 0000000000..512130d41d --- /dev/null +++ b/api-ref/source/v3/samples/admin/region-show-response.json @@ -0,0 +1,10 @@ +{ + "region": { + "description": "My subregion 3", + "id": "RegionThree", + "links": { + "self": "http://localhost:5000/v3/regions/RegionThree" + }, + "parent_region_id": "RegionOne" + } +} diff --git a/api-ref/source/v3/samples/admin/region-update-request.json b/api-ref/source/v3/samples/admin/region-update-request.json new file mode 100644 index 0000000000..9b8f1c0c88 --- /dev/null +++ b/api-ref/source/v3/samples/admin/region-update-request.json @@ -0,0 +1,5 @@ +{ + "region": { + "description": "My subregion 3" + } +} diff --git a/api-ref/source/v3/samples/admin/region-update-response.json b/api-ref/source/v3/samples/admin/region-update-response.json new file mode 100644 index 0000000000..bb644b1ddc --- /dev/null +++ b/api-ref/source/v3/samples/admin/region-update-response.json @@ -0,0 +1,10 @@ +{ + "region": { + "parent_region_id": "RegionOne", + "id": "RegionThree", + "links": { + "self": "http://localhost:5000/v3/regions/RegionThree" + }, + "description": "My subregion 3" + } +} diff --git a/api-ref/source/v3/samples/admin/regions-list-response.json b/api-ref/source/v3/samples/admin/regions-list-response.json new file mode 100644 index 0000000000..24ca02e9c3 --- /dev/null +++ b/api-ref/source/v3/samples/admin/regions-list-response.json @@ -0,0 +1,17 @@ +{ + "links": { + "next": null, + "previous": null, + "self": "http://localhost:5000/v3/regions" + }, + "regions": [ + { + "description": "", + "id": "RegionOne", + "links": { + "self": "http://localhost:5000/v3/regions/RegionOne" + }, + "parent_region_id": null + } + ] +} diff --git a/api-ref/source/v3/samples/admin/role-assignments-effective-list-response.json b/api-ref/source/v3/samples/admin/role-assignments-effective-list-response.json new file mode 100644 index 0000000000..42c4067e91 --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-assignments-effective-list-response.json @@ -0,0 +1,42 @@ +{ + "role_assignments": [ + { + "links": { + "assignment": "http://identity:35357/v3/domains/161718/users/313233/roles/123456" + }, + "role": { + "id": "123456" + }, + "scope": { + "domain": { + "id": "161718" + } + }, + "user": { + "id": "313233" + } + }, + { + "links": { + "assignment": "http://identity:35357/v3/projects/456789/groups/101112/roles/123456", + "membership": "http://identity:35357/v3/groups/101112/users/313233" + }, + "role": { + "id": "123456" + }, + "scope": { + "project": { + "id": "456789" + } + }, + "user": { + "id": "313234" + } + } + ], + "links": { + "self": "http://identity:35357/v3/role_assignments?effective", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/role-assignments-effective-list-response.txt b/api-ref/source/v3/samples/admin/role-assignments-effective-list-response.txt new file mode 100644 index 0000000000..d7fd103698 --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-assignments-effective-list-response.txt @@ -0,0 +1 @@ +GET /role_assignments?user.id={user_id}&scope.project.id={project_id}&effective diff --git a/api-ref/source/v3/samples/admin/role-assignments-list-response.json b/api-ref/source/v3/samples/admin/role-assignments-list-response.json new file mode 100644 index 0000000000..a6372b2ef3 --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-assignments-list-response.json @@ -0,0 +1,41 @@ +{ + "role_assignments": [ + { + "links": { + "assignment": "http://identity:35357/v3/domains/161718/users/313233/roles/123456" + }, + "role": { + "id": "123456" + }, + "scope": { + "domain": { + "id": "161718" + } + }, + "user": { + "id": "313233" + } + }, + { + "group": { + "id": "101112" + }, + "links": { + "assignment": "http://identity:35357/v3/projects/456789/groups/101112/roles/123456" + }, + "role": { + "id": "123456" + }, + "scope": { + "project": { + "id": "456789" + } + } + } + ], + "links": { + "self": "http://identity:35357/v3/role_assignments", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/role-assignments-list-response.txt b/api-ref/source/v3/samples/admin/role-assignments-list-response.txt new file mode 100644 index 0000000000..d7fd103698 --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-assignments-list-response.txt @@ -0,0 +1 @@ +GET /role_assignments?user.id={user_id}&scope.project.id={project_id}&effective diff --git a/api-ref/source/v3/samples/admin/role-create-request.json b/api-ref/source/v3/samples/admin/role-create-request.json new file mode 100644 index 0000000000..67e4099eba --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-create-request.json @@ -0,0 +1,5 @@ +{ + "role": { + "name": "developer" + } +} diff --git a/api-ref/source/v3/samples/admin/role-create-response.json b/api-ref/source/v3/samples/admin/role-create-response.json new file mode 100644 index 0000000000..a78cdf3c89 --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-create-response.json @@ -0,0 +1,9 @@ +{ + "role": { + "id": "1e443fa8cee3482a8a2b6954dd5c8f12", + "links": { + "self": "http://localhost:5000/v3/roles/1e443fa8cee3482a8a2b6954dd5c8f12" + }, + "name": "developer" + } +} diff --git a/api-ref/source/v3/samples/admin/role-show-response.json b/api-ref/source/v3/samples/admin/role-show-response.json new file mode 100644 index 0000000000..c435f1393a --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-show-response.json @@ -0,0 +1,9 @@ +{ + "role": { + "id": "1e443fa8cee3482a8a2b6954dd5c8f12", + "links": { + "self": "http://localhost:5000/v3/roles/1e443fa8cee3482a8a2b6954dd5c8f12" + }, + "name": "Developer" + } +} diff --git a/api-ref/source/v3/samples/admin/role-update-request.json b/api-ref/source/v3/samples/admin/role-update-request.json new file mode 100644 index 0000000000..9a13ea7243 --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-update-request.json @@ -0,0 +1,5 @@ +{ + "role": { + "name": "Developer" + } +} diff --git a/api-ref/source/v3/samples/admin/role-update-response.json b/api-ref/source/v3/samples/admin/role-update-response.json new file mode 100644 index 0000000000..c435f1393a --- /dev/null +++ b/api-ref/source/v3/samples/admin/role-update-response.json @@ -0,0 +1,9 @@ +{ + "role": { + "id": "1e443fa8cee3482a8a2b6954dd5c8f12", + "links": { + "self": "http://localhost:5000/v3/roles/1e443fa8cee3482a8a2b6954dd5c8f12" + }, + "name": "Developer" + } +} diff --git a/api-ref/source/v3/samples/admin/roles-list-response.json b/api-ref/source/v3/samples/admin/roles-list-response.json new file mode 100644 index 0000000000..3ec4743980 --- /dev/null +++ b/api-ref/source/v3/samples/admin/roles-list-response.json @@ -0,0 +1,51 @@ +{ + "links": { + "next": null, + "previous": null, + "self": "http://localhost:5000/v3/roles" + }, + "roles": [ + { + "id": "5318e65d75574c17bf5339d3df33a5a3", + "links": { + "self": "http://localhost:5000/v3/roles/5318e65d75574c17bf5339d3df33a5a3" + }, + "name": "admin" + }, + { + "id": "642bcfc75c384fd181adf34d9b2df897", + "links": { + "self": "http://localhost:5000/v3/roles/642bcfc75c384fd181adf34d9b2df897" + }, + "name": "anotherrole" + }, + { + "id": "779a76d74f544224a7ef8762ca0de627", + "links": { + "self": "http://localhost:5000/v3/roles/779a76d74f544224a7ef8762ca0de627" + }, + "name": "Member" + }, + { + "id": "9fe2ff9ee4384b1894a90878d3e92bab", + "links": { + "self": "http://localhost:5000/v3/roles/9fe2ff9ee4384b1894a90878d3e92bab" + }, + "name": "_member_" + }, + { + "id": "ba2dfba61c934ee89e3110de36273229", + "links": { + "self": "http://localhost:5000/v3/roles/ba2dfba61c934ee89e3110de36273229" + }, + "name": "ResellerAdmin" + }, + { + "id": "f127b97616f24d3ebceb7be840210adc", + "links": { + "self": "http://localhost:5000/v3/roles/f127b97616f24d3ebceb7be840210adc" + }, + "name": "service" + } + ] +} diff --git a/api-ref/source/v3/samples/admin/service-create-request.json b/api-ref/source/v3/samples/admin/service-create-request.json new file mode 100644 index 0000000000..b09f3319fc --- /dev/null +++ b/api-ref/source/v3/samples/admin/service-create-request.json @@ -0,0 +1,7 @@ +{ + "service": { + "type": "compute", + "name": "compute2", + "description": "Compute service 2" + } +} diff --git a/api-ref/source/v3/samples/admin/service-create-response.json b/api-ref/source/v3/samples/admin/service-create-response.json new file mode 100644 index 0000000000..445f2e899d --- /dev/null +++ b/api-ref/source/v3/samples/admin/service-create-response.json @@ -0,0 +1,12 @@ +{ + "service": { + "name": "compute2", + "links": { + "self": "http://localhost:5000/v3/services/3f552eb79c48436db2868e948d8cf330" + }, + "enabled": true, + "type": "compute", + "id": "3f552eb79c48436db2868e948d8cf330", + "description": "Compute service 2" + } +} diff --git a/api-ref/source/v3/samples/admin/service-show-response.json b/api-ref/source/v3/samples/admin/service-show-response.json new file mode 100644 index 0000000000..56c93b6398 --- /dev/null +++ b/api-ref/source/v3/samples/admin/service-show-response.json @@ -0,0 +1,12 @@ +{ + "service": { + "description": "Keystone Identity Service", + "enabled": true, + "id": "686766", + "links": { + "self": "http://identity:5000/v3/services/686766" + }, + "name": "keystone", + "type": "identity" + } +} diff --git a/api-ref/source/v3/samples/admin/service-update-request.json b/api-ref/source/v3/samples/admin/service-update-request.json new file mode 100644 index 0000000000..e5152dc0b7 --- /dev/null +++ b/api-ref/source/v3/samples/admin/service-update-request.json @@ -0,0 +1,5 @@ +{ + "service": { + "description": "Block Storage Service V2" + } +} diff --git a/api-ref/source/v3/samples/admin/service-update-response.json b/api-ref/source/v3/samples/admin/service-update-response.json new file mode 100644 index 0000000000..f104d9532c --- /dev/null +++ b/api-ref/source/v3/samples/admin/service-update-response.json @@ -0,0 +1,12 @@ +{ + "service": { + "name": "cinderv2", + "links": { + "self": "http://localhost:5000/v3/services/5789da9864004dd088fce14c1c626a4b" + }, + "enabled": true, + "type": "volumev2", + "id": "5789da9864004dd088fce14c1c626a4b", + "description": "Block Storage Service V2" + } +} diff --git a/api-ref/source/v3/samples/admin/services-list-response.json b/api-ref/source/v3/samples/admin/services-list-response.json new file mode 100644 index 0000000000..f7a694ee3c --- /dev/null +++ b/api-ref/source/v3/samples/admin/services-list-response.json @@ -0,0 +1,99 @@ +{ + "links": { + "next": null, + "previous": null, + "self": "http://localhost:5000/v3/services" + }, + "services": [ + { + "description": "Nova Compute Service", + "enabled": true, + "id": "1999c3a858c7408fb586817620695098", + "links": { + "self": "http://localhost:5000/v3/services/1999c3a858c7408fb586817620695098" + }, + "name": "nova", + "type": "compute" + }, + { + "description": "Cinder Volume Service V2", + "enabled": true, + "id": "39216610e75547f1883037e11976fc0f", + "links": { + "self": "http://localhost:5000/v3/services/39216610e75547f1883037e11976fc0f" + }, + "name": "cinderv2", + "type": "volumev2" + }, + { + "description": "Neutron Service", + "enabled": true, + "id": "4fe41a27de3341af9100123f765eac0d", + "links": { + "self": "http://localhost:5000/v3/services/4fe41a27de3341af9100123f765eac0d" + }, + "name": "neutron", + "type": "network" + }, + { + "description": "EC2 Compatibility Layer", + "enabled": true, + "id": "61d3d05bdd1449f18923c83f52a4d762", + "links": { + "self": "http://localhost:5000/v3/services/61d3d05bdd1449f18923c83f52a4d762" + }, + "name": "ec2", + "type": "ec2" + }, + { + "description": "Glance Image Service", + "enabled": true, + "id": "69afa3d57d1948ea988beeb252bbaa5d", + "links": { + "self": "http://localhost:5000/v3/services/69afa3d57d1948ea988beeb252bbaa5d" + }, + "name": "glance", + "type": "image" + }, + { + "description": "Nova Compute Service V2.1", + "enabled": true, + "id": "79b691ee7be649d9bf8613efc0960206", + "links": { + "self": "http://localhost:5000/v3/services/79b691ee7be649d9bf8613efc0960206" + }, + "name": "novav21", + "type": "computev21" + }, + { + "description": "Swift Service", + "enabled": true, + "id": "92419b70ebe64c6c873bd20b14360e6b", + "links": { + "self": "http://localhost:5000/v3/services/92419b70ebe64c6c873bd20b14360e6b" + }, + "name": "swift", + "type": "object-store" + }, + { + "description": "Keystone Identity Service", + "enabled": true, + "id": "b8f8454fc07b46b781204d2a436f9d1c", + "links": { + "self": "http://localhost:5000/v3/services/b8f8454fc07b46b781204d2a436f9d1c" + }, + "name": "keystone", + "type": "identity" + }, + { + "description": "Cinder Volume Service", + "enabled": true, + "id": "cdda3bea0742407f95e70f4758f46558", + "links": { + "self": "http://localhost:5000/v3/services/cdda3bea0742407f95e70f4758f46558" + }, + "name": "cinder", + "type": "volume" + } + ] +} diff --git a/api-ref/source/v3/samples/admin/token-validate-request.txt b/api-ref/source/v3/samples/admin/token-validate-request.txt new file mode 100644 index 0000000000..6181da9e84 --- /dev/null +++ b/api-ref/source/v3/samples/admin/token-validate-request.txt @@ -0,0 +1,3 @@ +Headers: +X-Auth-Token: 1dd7e3 +X-Subject-Token: c67580 diff --git a/api-ref/source/v3/samples/admin/user-create-request.json b/api-ref/source/v3/samples/admin/user-create-request.json new file mode 100644 index 0000000000..d03f98825b --- /dev/null +++ b/api-ref/source/v3/samples/admin/user-create-request.json @@ -0,0 +1,11 @@ +{ + "user": { + "default_project_id": "263fd9", + "description": "James Doe user", + "domain_id": "1789d1", + "email": "jdoe@example.com", + "enabled": true, + "name": "James Doe", + "password": "secretsecret" + } +} diff --git a/api-ref/source/v3/samples/admin/user-create-response.json b/api-ref/source/v3/samples/admin/user-create-response.json new file mode 100644 index 0000000000..d90134ea69 --- /dev/null +++ b/api-ref/source/v3/samples/admin/user-create-response.json @@ -0,0 +1,14 @@ +{ + "user": { + "default_project_id": "263fd9", + "description": "James Doe user", + "domain_id": "1789d1", + "email": "jdoe@example.com", + "enabled": true, + "id": "ff4e51", + "links": { + "self": "https://identity:35357/v3/users/ff4e51" + }, + "name": "James Doe" + } +} diff --git a/api-ref/source/v3/samples/admin/user-groups-list-response.json b/api-ref/source/v3/samples/admin/user-groups-list-response.json new file mode 100644 index 0000000000..2a2c4ce283 --- /dev/null +++ b/api-ref/source/v3/samples/admin/user-groups-list-response.json @@ -0,0 +1,27 @@ +{ + "groups": [ + { + "description": "Developers cleared for work on all general projects", + "domain_id": "1789d1", + "id": "ea167b", + "links": { + "self": "https://identity:35357/v3/groups/ea167b" + }, + "name": "Developers" + }, + { + "description": "Developers cleared for work on secret projects", + "domain_id": "1789d1", + "id": "a62db1", + "links": { + "self": "https://identity:35357/v3/groups/a62db1" + }, + "name": "Secure Developers" + } + ], + "links": { + "self": "http://identity:35357/v3/users/9fe1d3/groups", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/user-password-update-request.json b/api-ref/source/v3/samples/admin/user-password-update-request.json new file mode 100644 index 0000000000..592b99be1f --- /dev/null +++ b/api-ref/source/v3/samples/admin/user-password-update-request.json @@ -0,0 +1,6 @@ +{ + "user": { + "password": "old_secretsecret", + "original_password": "secretsecret" + } +} diff --git a/api-ref/source/v3/samples/admin/user-projects-list-response.json b/api-ref/source/v3/samples/admin/user-projects-list-response.json new file mode 100644 index 0000000000..5f8da932c1 --- /dev/null +++ b/api-ref/source/v3/samples/admin/user-projects-list-response.json @@ -0,0 +1,31 @@ +{ + "projects": [ + { + "description": "description of this project", + "domain_id": "161718", + "enabled": true, + "id": "456788", + "parent_id": "212223", + "links": { + "self": "http://identity:35357/v3/projects/456788" + }, + "name": "a project name" + }, + { + "description": "description of this project", + "domain_id": "161718", + "enabled": true, + "id": "456789", + "parent_id": "212223", + "links": { + "self": "http://identity:35357/v3/projects/456789" + }, + "name": "another domain" + } + ], + "links": { + "self": "http://identity:35357/v3/users/313233/projects", + "previous": null, + "next": null + } +} diff --git a/api-ref/source/v3/samples/admin/user-show-response.json b/api-ref/source/v3/samples/admin/user-show-response.json new file mode 100644 index 0000000000..3df411e1dc --- /dev/null +++ b/api-ref/source/v3/samples/admin/user-show-response.json @@ -0,0 +1,14 @@ +{ + "user": { + "default_project_id": "263fd9", + "description": "John Smith's user", + "domain_id": "1789d1", + "email": "jsmith@example.com", + "enabled": true, + "id": "9fe1d3", + "links": { + "self": "https://identity:35357/v3/users/9fe1d3" + }, + "name": "jsmith" + } +} diff --git a/api-ref/source/v3/samples/admin/user-update-request.json b/api-ref/source/v3/samples/admin/user-update-request.json new file mode 100644 index 0000000000..74962f1cfe --- /dev/null +++ b/api-ref/source/v3/samples/admin/user-update-request.json @@ -0,0 +1,8 @@ +{ + "user": { + "default_project_id": "263fd9", + "description": "James Doe's user", + "email": "jamesdoe@example.com", + "enabled": true + } +} diff --git a/api-ref/source/v3/samples/admin/user-update-response.json b/api-ref/source/v3/samples/admin/user-update-response.json new file mode 100644 index 0000000000..f93bfdf5f5 --- /dev/null +++ b/api-ref/source/v3/samples/admin/user-update-response.json @@ -0,0 +1,14 @@ +{ + "user": { + "default_project_id": "263fd9", + "description": "James Doe's user", + "domain_id": "1789d1", + "email": "jamesdoe@example.com", + "enabled": true, + "id": "ff4e51", + "links": { + "self": "https://identity:35357/v3/users/ff4e51" + }, + "name": "jamesdoe" + } +} diff --git a/api-ref/source/v3/samples/admin/users-list-response.json b/api-ref/source/v3/samples/admin/users-list-response.json new file mode 100644 index 0000000000..08c3e6a51a --- /dev/null +++ b/api-ref/source/v3/samples/admin/users-list-response.json @@ -0,0 +1,139 @@ +{ + "links": { + "next": null, + "previous": null, + "self": "http://localhost:5000/v3/users" + }, + "users": [ + { + "domain_id": "default", + "email": null, + "enabled": true, + "id": "2844b2a08be147a08ef58317d6471f1f", + "links": { + "self": "http://localhost:5000/v3/users/2844b2a08be147a08ef58317d6471f1f" + }, + "name": "glance" + }, + { + "domain_id": "default", + "email": "test@example.com", + "enabled": true, + "id": "4ab84ab39de54f4d96eaff8f2145a7cd", + "links": { + "self": "http://localhost:5000/v3/users/4ab84ab39de54f4d96eaff8f2145a7cd" + }, + "name": "swiftusertest1" + }, + { + "domain_id": "default", + "email": null, + "enabled": true, + "id": "56696a9a04864d63877a3d06a6f0b24b", + "links": { + "self": "http://localhost:5000/v3/users/56696a9a04864d63877a3d06a6f0b24b" + }, + "name": "swift" + }, + { + "domain_id": "default", + "email": "alt_demo@example.com", + "enabled": true, + "id": "5acb638d15da44fc8de41b9a4bd41875", + "links": { + "self": "http://localhost:5000/v3/users/5acb638d15da44fc8de41b9a4bd41875" + }, + "name": "alt_demo" + }, + { + "domain_id": "default", + "email": "demo@example.com", + "enabled": true, + "id": "7596e862b1af473c8ed6ae99d35b51e3", + "links": { + "self": "http://localhost:5000/v3/users/7596e862b1af473c8ed6ae99d35b51e3" + }, + "name": "demo" + }, + { + "domain_id": "default", + "email": null, + "enabled": true, + "id": "802edb2141b44e77bbde241417450749", + "links": { + "self": "http://localhost:5000/v3/users/802edb2141b44e77bbde241417450749" + }, + "name": "nova" + }, + { + "domain_id": "592ab0800d3745baaf45c610fa41950a", + "email": "test4@example.com", + "enabled": true, + "id": "9aca3883784647fe9aff3a50d922489a", + "links": { + "self": "http://localhost:5000/v3/users/9aca3883784647fe9aff3a50d922489a" + }, + "name": "swiftusertest4" + }, + { + "domain_id": "default", + "email": "test3@example.com", + "enabled": true, + "id": "a1251b011f9345e68c2458b841152034", + "links": { + "self": "http://localhost:5000/v3/users/a1251b011f9345e68c2458b841152034" + }, + "name": "swiftusertest3" + }, + { + "domain_id": "default", + "email": null, + "enabled": true, + "id": "a43f46eb318041f6b712143862e3ad70", + "links": { + "self": "http://localhost:5000/v3/users/a43f46eb318041f6b712143862e3ad70" + }, + "name": "neutron" + }, + { + "domain_id": "default", + "email": null, + "enabled": true, + "id": "b964a9e51c0046a4a84d3f83a135a97c", + "links": { + "self": "http://localhost:5000/v3/users/b964a9e51c0046a4a84d3f83a135a97c" + }, + "name": "admin" + }, + { + "domain_id": "default", + "email": null, + "enabled": true, + "id": "dc87e591c0d247d5ac04e873bd8a1646", + "links": { + "self": "http://localhost:5000/v3/users/dc87e591c0d247d5ac04e873bd8a1646" + }, + "name": "cinder" + }, + { + "domain_id": "default", + "email": "glance-swift@example.com", + "enabled": true, + "id": "ed214dc1c2c6468b926c96eca6c8aee9", + "links": { + "self": "http://localhost:5000/v3/users/ed214dc1c2c6468b926c96eca6c8aee9" + }, + "name": "glance-swift" + }, + { + "domain_id": "default", + "email": "test2@example.com", + "enabled": true, + "id": "f4f6587b058a4f46a00242549b430d37", + "links": { + "self": "http://localhost:5000/v3/users/f4f6587b058a4f46a00242549b430d37" + }, + "name": "swiftusertest2" + } + ] +} diff --git a/api-ref/source/v3/service-catalog.inc b/api-ref/source/v3/service-catalog.inc new file mode 100644 index 0000000000..a9d43eac32 --- /dev/null +++ b/api-ref/source/v3/service-catalog.inc @@ -0,0 +1,392 @@ +.. -*- rst -*- + +=================================================== +Service catalog and endpoints (services, endpoints) +=================================================== + +A service is an OpenStack web service that you can access through a +URL, or endpoint. + +A service catalog lists the services that are available to the +caller based upon the current authorization. + +You can create, list, show details for, update, and delete +services. When you create or update a service, you can enable the +service, which causes it and its endpoints to appear in the service +catalog. + +You can create, list, show details for, update, and delete +endpoints. + + +List services +============= + +.. rest_method:: GET /v3/services + +Lists all services. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - type: type + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - name: name + - links: links + - enabled: enabled + - services: services + - type: type + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/services-list-response.json + :language: javascript + + +Create service +============== + +.. rest_method:: POST /v3/services + +Creates a service. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - description: description + - service: service + - enabled: enabled + - service_id: service_id + - type: type + - name: name + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/service-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - name: name + - service: service + - links: links + - type: type + - id: id + - description: description + + +Show endpoint details +===================== + +.. rest_method:: GET /v3/endpoints/{endpoint_id} + +Shows details for an endpoint. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - endpoint_id: endpoint_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - endpoint: endpoint + - name: name + - links: links + - url: url + - region: region + - interface: interface + - service_id: service_id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/endpoint-show-response.json + :language: javascript + + +Update endpoint +=============== + +.. rest_method:: PATCH /v3/endpoints/{endpoint_id} + +Updates an endpoint. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - endpoint: endpoint + - name: name + - url: url + - region: region + - interface: interface + - service_id: service_id + - endpoint_id: endpoint_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/endpoint-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - endpoint: endpoint + - name: name + - links: links + - url: url + - region: region + - interface: interface + - service_id: service_id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/endpoint-update-response.json + :language: javascript + + +Delete endpoint +=============== + +.. rest_method:: DELETE /v3/endpoints/{endpoint_id} + +Deletes an endpoint. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - endpoint_id: endpoint_id + + +List endpoints +============== + +.. rest_method:: GET /v3/endpoints + +Lists all available endpoints. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - interface: interface + - service_id: service_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - region_id: region_id + - links: links + - url: url + - region: region + - enabled: enabled + - interface: interface + - service_id: service_id + - endpoints: endpoints + - id: id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/endpoints-list-response.json + :language: javascript + + +Create endpoint +=============== + +.. rest_method:: POST /v3/endpoints + +Creates an endpoint. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - endpoint: endpoint + - name: name + - url: url + - enabled: enabled + - interface: interface + - service_id: service_id + - region_id: region_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/endpoint-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - endpoint: endpoint + - name: name + - links: links + - url: url + - region: region + - enabled: enabled + - interface: interface + - service_id: service_id + - id: id + - region_id: region_id + + +Show service details +==================== + +.. rest_method:: GET /v3/services/{service_id} + +Shows details for a service. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - service_id: service_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - name: name + - service: service + - links: links + - type: type + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/service-show-response.json + :language: javascript + + +Update service +============== + +.. rest_method:: PATCH /v3/services/{service_id} + +Updates a service. + +The request body is the same as the create service request body, +except that you include only those attributes that you want to +update. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - type: type + - enabled: enabled + - description: description + - service: service + - name: name + - service_id: service_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/service-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - name: name + - service: service + - links: links + - type: type + - id: id + - description: description + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/service-update-response.json + :language: javascript + + +Delete service +============== + +.. rest_method:: DELETE /v3/services/{service_id} + +Deletes a service. + +If you try to delete a service that still has associated endpoints, +this call either deletes all associated endpoints or fails until +all endpoints are deleted. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - service_id: service_id diff --git a/api-ref/source/v3/users.inc b/api-ref/source/v3/users.inc new file mode 100644 index 0000000000..8c2ea3b3d7 --- /dev/null +++ b/api-ref/source/v3/users.inc @@ -0,0 +1,288 @@ +.. -*- rst -*- + +====================================== +Users (users, groups, projects, roles) +====================================== + +A user is an individual API consumer that is owned by a domain. A +role explicitly associates a user with projects or domains. A user +with no assigned roles has no access to OpenStack resources. + +You can list, create, show details for, update, delete, and change +the password for users. + +You can also list groups, projects, and roles for a specified user. +To list user roles, see `Roles `_. + + +Show user details +================= + +.. rest_method:: GET /v3/users/{user_id} + +Shows details for a user. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - description: description + - links: links + - user: user + - enabled: enabled + - email: email + - default_project_id: default_project_id + - id: id + - domain_id: domain_id + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/user-show-response.json + :language: javascript + + +Update user +=========== + +.. rest_method:: PATCH /v3/users/{user_id} + +Updates the password for or enables or disables a user. + +If the back-end driver does not support this functionality, this +call might return the HTTP ``Not Implemented (501)`` response code. + +Normal response codes: 200 +Error response codes:413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - name: name + - user: user + - enabled: enabled + - email: email + - default_project_id: default_project_id + - password: password + - domain_id: domain_id + - description: description + - user_id: user_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/user-update-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - description: description + - links: links + - user: user + - enabled: enabled + - email: email + - default_project_id: default_project_id + - id: id + - domain_id: domain_id + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/user-update-response.json + :language: javascript + + +Delete user +=========== + +.. rest_method:: DELETE /v3/users/{user_id} + +Deletes a user. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + + +List groups to which a user belongs +=================================== + +.. rest_method:: GET /v3/users/{user_id}/groups + +Lists groups to which a user belongs. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/user-groups-list-response.json + :language: javascript + + +Change password for user +======================== + +.. rest_method:: POST /v3/users/{user_id}/password + +Changes the password for a user. + +Error response codes:204,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - original_password: original_password + - password: password + - user: user + - user_id: user_id + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/user-password-update-request.json + :language: javascript + + +Create user +=========== + +.. rest_method:: POST /v3/users + +Creates a user. + +Error response codes:201,413,415,405,404,403,401,400,503,409, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - name: name + - user: user + - enabled: enabled + - email: email + - default_project_id: default_project_id + - password: password + - domain_id: domain_id + - description: description + +Request Example +--------------- + +.. literalinclude:: ./samples/admin/user-create-request.json + :language: javascript + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - description: description + - links: links + - user: user + - enabled: enabled + - email: email + - default_project_id: default_project_id + - id: id + - domain_id: domain_id + - name: name + + +List users +========== + +.. rest_method:: GET /v3/users + +Lists users. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - domain_id: domain_id + - name: name + - enabled: enabled + +Response Parameters +------------------- + +.. rest_parameters:: parameters.yaml + + - description: description + - links: links + - enabled: enabled + - email: email + - default_project_id: default_project_id + - id: id + - users: users + - domain_id: domain_id + - name: name + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/users-list-response.json + :language: javascript + + +List projects for user +====================== + +.. rest_method:: GET /v3/users/{user_id}/projects + +List projects for a user. + +Normal response codes: 200 +Error response codes:413,405,404,403,401,400,503, + +Request +------- + +.. rest_parameters:: parameters.yaml + + - user_id: user_id + +Response Example +---------------- + +.. literalinclude:: ./samples/admin/user-projects-list-response.json + :language: javascript diff --git a/keystone/version/__init__.py b/keystone/version/__init__.py index e69de29bb2..479ce1b2ac 100644 --- a/keystone/version/__init__.py +++ b/keystone/version/__init__.py @@ -0,0 +1,15 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + + +def release_string(): + return 'v3.6' diff --git a/test-requirements.txt b/test-requirements.txt index 3df57c7ccb..40ca96bb3e 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -22,6 +22,7 @@ mock>=1.2 # BSD oslotest>=1.10.0 # Apache-2.0 # required to build documentation sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 # BSD +os-api-ref>=0.1.0 # Apache-2.0 # test wsgi apps without starting an http server WebTest>=2.0 # MIT diff --git a/tox.ini b/tox.ini index eee1e4bd8d..ca0c391820 100644 --- a/tox.ini +++ b/tox.ini @@ -1,7 +1,7 @@ [tox] minversion = 2.3.1 skipsdist = True -envlist = py34,py27,pep8,docs,genconfig,releasenotes +envlist = py34,py27,pep8,api-ref,docs,genconfig,releasenotes [testenv] usedevelop = True @@ -17,6 +17,21 @@ whitelist_externals = find passenv = http_proxy HTTP_PROXY https_proxy HTTPS_PROXY no_proxy NO_PROXY PBR_VERSION +[testenv:api-ref] +# This environment is called from CI scripts to test and publish +# the API Ref to developer.openstack.org. +# NOTE(sdague): this target does not use constraints because +# upstream infra does not yet support it. Once that's fixed, we can +# drop the install_command. +# +# we do not used -W here because we are doing some slightly tricky +# things to build a single page document, and as such, we are ok +# ignoring the duplicate stanzas warning. +install_command = pip install -U --force-reinstall {opts} {packages} +commands = + rm -rf api-ref/build + sphinx-build -W -b html -d api-ref/build/doctrees api-ref/source api-ref/build/html + [testenv:legacy_drivers] deps = -r{toxinidir}/test-requirements.txt nose