Merge "Improve IPv6 documentation for access rules"
This commit is contained in:
commit
636f255546
@ -578,36 +578,45 @@ access_to:
|
|||||||
description: |
|
description: |
|
||||||
The value that defines the access. The back end
|
The value that defines the access. The back end
|
||||||
grants or denies the access to it. A valid value is one of these
|
grants or denies the access to it. A valid value is one of these
|
||||||
values: - ``ip``. Authenticates an instance through its IP
|
values:
|
||||||
address. A valid format is ``XX.XX.XX.XX`` or
|
|
||||||
``XX.XX.XX.XX/XX``. For example ``0.0.0.0/0``. - ``cert``.
|
- ``ip``:
|
||||||
Authenticates an instance through a TLS certificate. Specify the
|
Authenticates a client through its IP address, that can be IPv4 or IPv6.
|
||||||
TLS identity as the IDENTKEY. A valid value is any string up to
|
You may specify a single client IP address or a range of IP addresses in
|
||||||
64 characters long in the common name (CN) of the certificate.
|
CIDR notation. For example ``0.0.0.0/0`` for IPv4 or ``::/0`` for IPv6.
|
||||||
The meaning of a string depends on its interpretation. -
|
- ``cert``:
|
||||||
``user``. Authenticates by a user or group name. A valid value is
|
Authenticates an instance through a TLS certificate. Specify the TLS
|
||||||
an alphanumeric string that can contain some special characters
|
identity as the IDENTKEY. A valid value is any string up to 64 characters
|
||||||
and is from 4 to 32 characters long.
|
long in the common name (CN) of the certificate. The meaning of a string
|
||||||
|
depends on its interpretation.
|
||||||
|
- ``user``:
|
||||||
|
Authenticates by a user or group name. A valid value is an alphanumeric
|
||||||
|
string that can contain some special characters and is from 4 to 32
|
||||||
|
characters long.
|
||||||
in: body
|
in: body
|
||||||
required: true
|
required: true
|
||||||
type: string
|
type: string
|
||||||
access_type:
|
access_type:
|
||||||
description: |
|
|
||||||
The access rule type. A valid value for the
|
|
||||||
share access rule type is one of the following values: - ``ip``.
|
|
||||||
Authenticates an instance through its IP address. A valid format
|
|
||||||
is ``XX.XX.XX.XX`` or ``XX.XX.XX.XX/XX``. For example
|
|
||||||
``0.0.0.0/0``. - ``cert``. Authenticates an instance through a
|
|
||||||
TLS certificate. Specify the TLS identity as the IDENTKEY. A
|
|
||||||
valid value is any string up to 64 characters long in the common
|
|
||||||
name (CN) of the certificate. The meaning of a string depends on
|
|
||||||
its interpretation. - ``user``. Authenticates by a user or
|
|
||||||
group name. A valid value is an alphanumeric string that can
|
|
||||||
contain some special characters and is from 4 to 32 characters
|
|
||||||
long.
|
|
||||||
in: body
|
in: body
|
||||||
required: true
|
required: true
|
||||||
type: string
|
type: string
|
||||||
|
description: |
|
||||||
|
The access rule type. A valid value for the share access rule type is one
|
||||||
|
of the following values:
|
||||||
|
|
||||||
|
- ``ip``:
|
||||||
|
Authenticates a client through its IP address, that can be IPv4 or IPv6.
|
||||||
|
You may specify a single client IP address or a range of IP addresses in
|
||||||
|
CIDR notation. For example ``0.0.0.0/0`` for IPv4 or ``::/0`` for IPv6.
|
||||||
|
- ``cert``:
|
||||||
|
Authenticates a client through a TLS certificate. Specify the TLS
|
||||||
|
identity as the IDENTKEY. A valid value is any string up to 64 characters
|
||||||
|
long in the common name (CN) of the certificate. The meaning of a string
|
||||||
|
depends on its interpretation.
|
||||||
|
- ``user``:
|
||||||
|
Authenticates by a user or group name. A valid value is an alphanumeric
|
||||||
|
string that can contain some special characters and is from 4 to 32
|
||||||
|
characters long.
|
||||||
action_id_body:
|
action_id_body:
|
||||||
in: body
|
in: body
|
||||||
required: true
|
required: true
|
||||||
|
@ -330,7 +330,11 @@ Allow read-write access
|
|||||||
| metadata | {'key1': 'value1'} |
|
| metadata | {'key1': 'value1'} |
|
||||||
+--------------+--------------------------------------+
|
+--------------+--------------------------------------+
|
||||||
|
|
||||||
.. note::
|
.. note::
|
||||||
|
Since API version 2.38, access rules of type IP supports IPv6 addresses
|
||||||
|
and subnets in CIDR notation.
|
||||||
|
|
||||||
|
.. note::
|
||||||
Since API version 2.45, metadata can be added, removed and updated for
|
Since API version 2.45, metadata can be added, removed and updated for
|
||||||
share access rules in a form of key=value pairs. Metadata can help you
|
share access rules in a form of key=value pairs. Metadata can help you
|
||||||
identify and filter access rules.
|
identify and filter access rules.
|
||||||
@ -355,14 +359,14 @@ Allow read-only access
|
|||||||
|
|
||||||
.. code-block:: console
|
.. code-block:: console
|
||||||
|
|
||||||
$ manila access-allow myshare ip 20.0.0.0/24 --access-level ro
|
$ manila access-allow myshare ip fd31:7ee0:3de4:a41b::/64 --access-level ro
|
||||||
+--------------+--------------------------------------+
|
+--------------+--------------------------------------+
|
||||||
| Property | Value |
|
| Property | Value |
|
||||||
+--------------+--------------------------------------+
|
+--------------+--------------------------------------+
|
||||||
| id | 45b0a030-306a-4305-9e2a-36aeffb2d5b7 |
|
| id | 45b0a030-306a-4305-9e2a-36aeffb2d5b7 |
|
||||||
| share_id | 83b0772b-00ad-4e45-8fad-106b9d4f1719 |
|
| share_id | 83b0772b-00ad-4e45-8fad-106b9d4f1719 |
|
||||||
| access_level | ro |
|
| access_level | ro |
|
||||||
| access_to | 20.0.0.0/24 |
|
| access_to | fd31:7ee0:3de4:a41b::/64 |
|
||||||
| access_type | ip |
|
| access_type | ip |
|
||||||
| state | queued_to_apply |
|
| state | queued_to_apply |
|
||||||
| access_key | None |
|
| access_key | None |
|
||||||
@ -376,12 +380,12 @@ Allow read-only access
|
|||||||
.. code-block:: console
|
.. code-block:: console
|
||||||
|
|
||||||
$ manila access-list myshare
|
$ manila access-list myshare
|
||||||
+--------------------------------------+-------------+-------------+--------------+--------+------------+----------------------------+------------+
|
+--------------------------------------+-------------+----------------------------+--------------+--------+------------+----------------------------+------------+
|
||||||
| id | access_type | access_to | access_level | state | access_key | created_at | updated_at |
|
| id | access_type | access_to | access_level | state | access_key | created_at | updated_at |
|
||||||
+--------------------------------------+-------------+-------------+--------------+--------+------------+----------------------------+------------+
|
+--------------------------------------+-------------+----------------------------+--------------+--------+------------+----------------------------+------------+
|
||||||
| 45b0a030-306a-4305-9e2a-36aeffb2d5b7 | ip | 20.0.0.0/24 | ro | active | None | 2020-08-07T05:28:35.000000 | None |
|
| 45b0a030-306a-4305-9e2a-36aeffb2d5b7 | ip | fd31:7ee0:3de4:a41b::/64 | ro | active | None | 2020-08-07T05:28:35.000000 | None |
|
||||||
| e30bde96-9217-4f90-afdc-27c092af1c77 | ip | 10.0.0.0/24 | rw | active | None | 2020-08-07T05:27:27.000000 | None |
|
| e30bde96-9217-4f90-afdc-27c092af1c77 | ip | 10.0.0.0/24 | rw | active | None | 2020-08-07T05:27:27.000000 | None |
|
||||||
+--------------------------------------+-------------+-------------+--------------+--------+------------+----------------------------+------------+
|
+--------------------------------------+-------------+----------------------------+--------------+--------+------------+----------------------------+------------+
|
||||||
|
|
||||||
Another access rule is created.
|
Another access rule is created.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user