4c107e6f1b
When using Keystone's policy.v3cloudsample.json policy file, a project admin is supposed to be able to manage role assignments. Unfortunately, a project admin isn't allowed to perform these operations using python-openstackclient, as we attempt to perform list operations for any of the object types specified (users, groups, projects). This is done in an attempt to lookup the id of the object by name, but we perform this list operation even when the user specifies everything by id. This causes 403 errors. This patch still attempts to look up the object id by name, but we catch the 403 and assume that the user specified an id if the list operation is not allowed. This is similar to what we do with the --domain option for other commands. Closes-bug: #1445528 Change-Id: Id95a8520e935c1092d5a22ecd8ea01f572334ac8 |
||
|---|---|---|
| doc | ||
| examples | ||
| functional | ||
| openstackclient | ||
| python-openstackclient/locale | ||
| tools | ||
| .coveragerc | ||
| .gitignore | ||
| .gitreview | ||
| .mailmap | ||
| .testr.conf | ||
| babel.cfg | ||
| HACKING.rst | ||
| LICENSE | ||
| MANIFEST.in | ||
| openstack-common.conf | ||
| post_test_hook.sh | ||
| README.rst | ||
| requirements.txt | ||
| run_tests.sh | ||
| setup.cfg | ||
| setup.py | ||
| test-requirements.txt | ||
| tox.ini | ||
OpenStackClient
OpenStackClient (aka OSC) is a command-line client for OpenStack that brings the command set for Compute, Identity, Image, Object Store and Volume APIs together in a single shell with a uniform command structure.
The primary goal is to provide a unified shell command structure and a common language to describe operations in OpenStack.
- PyPi - package installation
- Online Documentation
- Launchpad project - release management
- Blueprints - feature specifications
- Bugs - issue tracking
- Source
- License: Apache 2.0
Getting Started
OpenStack Client can be installed from PyPI using pip:
pip install python-openstackclientThere are a few variants on getting help. A list of global options
and supported commands is shown with --help:
openstack --helpThere is also a help command that can be used to get
help text for a specific command:
openstack help
openstack help server createConfiguration
The CLI is configured via environment variables and command-line options as listed in http://docs.openstack.org/developer/python-openstackclient/authentication.html.
Authentication using username/password is most commonly used:
export OS_AUTH_URL=<url-to-openstack-identity>
export OS_PROJECT_NAME=<project-name>
export OS_USERNAME=<username>
export OS_PASSWORD=<password> # (optional)The corresponding command-line options look very similar:
--os-auth-url <url>
--os-project-name <project-name>
--os-username <username>
[--os-password <password>]If a password is not provided above (in plaintext), you will be interactively prompted to provide one securely.
Authentication may also be performed using an already-acquired token and a URL pointing directly to the service API that presumably was acquired from the Service Catalog:
export OS_TOKEN=<token>
export OS_URL=<url-to-openstack-service>The corresponding command-line options look very similar:
--os-token <token>
--os-url <url-to-openstack-service>