Merge "Improve IPv6 documentation for access rules"
This commit is contained in:
commit
636f255546
@ -578,36 +578,45 @@ access_to:
|
||||
description: |
|
||||
The value that defines the access. The back end
|
||||
grants or denies the access to it. A valid value is one of these
|
||||
values: - ``ip``. Authenticates an instance through its IP
|
||||
address. A valid format is ``XX.XX.XX.XX`` or
|
||||
``XX.XX.XX.XX/XX``. For example ``0.0.0.0/0``. - ``cert``.
|
||||
Authenticates an instance through a TLS certificate. Specify the
|
||||
TLS identity as the IDENTKEY. A valid value is any string up to
|
||||
64 characters long in the common name (CN) of the certificate.
|
||||
The meaning of a string depends on its interpretation. -
|
||||
``user``. Authenticates by a user or group name. A valid value is
|
||||
an alphanumeric string that can contain some special characters
|
||||
and is from 4 to 32 characters long.
|
||||
values:
|
||||
|
||||
- ``ip``:
|
||||
Authenticates a client through its IP address, that can be IPv4 or IPv6.
|
||||
You may specify a single client IP address or a range of IP addresses in
|
||||
CIDR notation. For example ``0.0.0.0/0`` for IPv4 or ``::/0`` for IPv6.
|
||||
- ``cert``:
|
||||
Authenticates an instance through a TLS certificate. Specify the TLS
|
||||
identity as the IDENTKEY. A valid value is any string up to 64 characters
|
||||
long in the common name (CN) of the certificate. The meaning of a string
|
||||
depends on its interpretation.
|
||||
- ``user``:
|
||||
Authenticates by a user or group name. A valid value is an alphanumeric
|
||||
string that can contain some special characters and is from 4 to 32
|
||||
characters long.
|
||||
in: body
|
||||
required: true
|
||||
type: string
|
||||
access_type:
|
||||
description: |
|
||||
The access rule type. A valid value for the
|
||||
share access rule type is one of the following values: - ``ip``.
|
||||
Authenticates an instance through its IP address. A valid format
|
||||
is ``XX.XX.XX.XX`` or ``XX.XX.XX.XX/XX``. For example
|
||||
``0.0.0.0/0``. - ``cert``. Authenticates an instance through a
|
||||
TLS certificate. Specify the TLS identity as the IDENTKEY. A
|
||||
valid value is any string up to 64 characters long in the common
|
||||
name (CN) of the certificate. The meaning of a string depends on
|
||||
its interpretation. - ``user``. Authenticates by a user or
|
||||
group name. A valid value is an alphanumeric string that can
|
||||
contain some special characters and is from 4 to 32 characters
|
||||
long.
|
||||
in: body
|
||||
required: true
|
||||
type: string
|
||||
description: |
|
||||
The access rule type. A valid value for the share access rule type is one
|
||||
of the following values:
|
||||
|
||||
- ``ip``:
|
||||
Authenticates a client through its IP address, that can be IPv4 or IPv6.
|
||||
You may specify a single client IP address or a range of IP addresses in
|
||||
CIDR notation. For example ``0.0.0.0/0`` for IPv4 or ``::/0`` for IPv6.
|
||||
- ``cert``:
|
||||
Authenticates a client through a TLS certificate. Specify the TLS
|
||||
identity as the IDENTKEY. A valid value is any string up to 64 characters
|
||||
long in the common name (CN) of the certificate. The meaning of a string
|
||||
depends on its interpretation.
|
||||
- ``user``:
|
||||
Authenticates by a user or group name. A valid value is an alphanumeric
|
||||
string that can contain some special characters and is from 4 to 32
|
||||
characters long.
|
||||
action_id_body:
|
||||
in: body
|
||||
required: true
|
||||
|
@ -330,7 +330,11 @@ Allow read-write access
|
||||
| metadata | {'key1': 'value1'} |
|
||||
+--------------+--------------------------------------+
|
||||
|
||||
.. note::
|
||||
.. note::
|
||||
Since API version 2.38, access rules of type IP supports IPv6 addresses
|
||||
and subnets in CIDR notation.
|
||||
|
||||
.. note::
|
||||
Since API version 2.45, metadata can be added, removed and updated for
|
||||
share access rules in a form of key=value pairs. Metadata can help you
|
||||
identify and filter access rules.
|
||||
@ -355,14 +359,14 @@ Allow read-only access
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
$ manila access-allow myshare ip 20.0.0.0/24 --access-level ro
|
||||
$ manila access-allow myshare ip fd31:7ee0:3de4:a41b::/64 --access-level ro
|
||||
+--------------+--------------------------------------+
|
||||
| Property | Value |
|
||||
+--------------+--------------------------------------+
|
||||
| id | 45b0a030-306a-4305-9e2a-36aeffb2d5b7 |
|
||||
| share_id | 83b0772b-00ad-4e45-8fad-106b9d4f1719 |
|
||||
| access_level | ro |
|
||||
| access_to | 20.0.0.0/24 |
|
||||
| access_to | fd31:7ee0:3de4:a41b::/64 |
|
||||
| access_type | ip |
|
||||
| state | queued_to_apply |
|
||||
| access_key | None |
|
||||
@ -376,12 +380,12 @@ Allow read-only access
|
||||
.. code-block:: console
|
||||
|
||||
$ manila access-list myshare
|
||||
+--------------------------------------+-------------+-------------+--------------+--------+------------+----------------------------+------------+
|
||||
| id | access_type | access_to | access_level | state | access_key | created_at | updated_at |
|
||||
+--------------------------------------+-------------+-------------+--------------+--------+------------+----------------------------+------------+
|
||||
| 45b0a030-306a-4305-9e2a-36aeffb2d5b7 | ip | 20.0.0.0/24 | ro | active | None | 2020-08-07T05:28:35.000000 | None |
|
||||
| e30bde96-9217-4f90-afdc-27c092af1c77 | ip | 10.0.0.0/24 | rw | active | None | 2020-08-07T05:27:27.000000 | None |
|
||||
+--------------------------------------+-------------+-------------+--------------+--------+------------+----------------------------+------------+
|
||||
+--------------------------------------+-------------+----------------------------+--------------+--------+------------+----------------------------+------------+
|
||||
| id | access_type | access_to | access_level | state | access_key | created_at | updated_at |
|
||||
+--------------------------------------+-------------+----------------------------+--------------+--------+------------+----------------------------+------------+
|
||||
| 45b0a030-306a-4305-9e2a-36aeffb2d5b7 | ip | fd31:7ee0:3de4:a41b::/64 | ro | active | None | 2020-08-07T05:28:35.000000 | None |
|
||||
| e30bde96-9217-4f90-afdc-27c092af1c77 | ip | 10.0.0.0/24 | rw | active | None | 2020-08-07T05:27:27.000000 | None |
|
||||
+--------------------------------------+-------------+----------------------------+--------------+--------+------------+----------------------------+------------+
|
||||
|
||||
Another access rule is created.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user