diff --git a/vmware_nsxlib/tests/unit/v3/test_trust_management.py b/vmware_nsxlib/tests/unit/v3/test_trust_management.py index f5a9c3d1..0d14deda 100644 --- a/vmware_nsxlib/tests/unit/v3/test_trust_management.py +++ b/vmware_nsxlib/tests/unit/v3/test_trust_management.py @@ -64,3 +64,24 @@ class TestNsxLibTrustManagement(nsxlib_testcase.NsxClientTestCase): return_value={'results': consts.FAKE_CERT_LIST}): results = self.nsxlib.trust_management.find_cert_with_pem(pem) self.assertEqual(1, len(results)) + + def test_create_identity_with_cert(self): + fake_pem = consts.FAKE_CERT_PEM + name = "test-identity" + cert_api = self.nsxlib.trust_management + body = { + 'name': name, + 'certificate_pem': fake_pem, + 'node_id': 'test_node_id', + 'role': 'enterprise_admin', + 'is_protected': True + } + with mock.patch.object(self.nsxlib.client, 'create') as create: + cert_api.create_identity_with_cert( + name=name, + cert_pem=fake_pem, + node_id='test_node_id', + role='enterprise_admin') + create.assert_called_with( + 'trust-management/principal-identities/with-certificate', + body) diff --git a/vmware_nsxlib/v3/trust_management.py b/vmware_nsxlib/v3/trust_management.py index 024c4db9..168694de 100644 --- a/vmware_nsxlib/v3/trust_management.py +++ b/vmware_nsxlib/v3/trust_management.py @@ -19,6 +19,7 @@ from vmware_nsxlib.v3 import utils BASE_SECTION = 'trust-management' CERT_SECTION = BASE_SECTION + '/certificates' ID_SECTION = BASE_SECTION + '/principal-identities' +ID_WITH_CERT_SECTION = BASE_SECTION + '/principal-identities/with-certificate' USER_GROUP_TYPES = [ 'read_only_api_users', 'read_write_api_users', @@ -134,3 +135,11 @@ class NsxLibTrustManagement(utils.NsxLibApiBase): except nsxlib_exc.ManagerError as e: self.delete_cert(nsx_cert_id) raise e + + def create_identity_with_cert(self, name, cert_pem, + node_id, role, + is_protected=True): + body = {'name': name, 'certificate_pem': cert_pem, + 'node_id': node_id, 'role': role, + 'is_protected': is_protected} + self.client.create(ID_WITH_CERT_SECTION, body)