pythonopenstackkeystoneopenstack-python-api

Openstack python api: How create a connection using Application Credentials?


Currently I am using (of course with more elaborate variables):

conn = openstack.connect(
                load_yaml_config=False,
                load_envvars=False,
                auth_url=AL,
                project_name=PN,
                username=UN,
                password=PW,
                region_name=RN,
                user_domain_name=UDN,
                project_domain_name=PDN,
                app_name=42,
                app_version=42
            )

to connect to projects. But in the future I would like to offer using application credentials, too. While there is plenty of documentation on how to authenticate with said credentials, I can't find anything about authenticating a connection with it. How is it done?

So what I am looking for is a way to create a connection without username and password, but credentials instead.

Existing authenticated session

This might be an option:

From existing authenticated Session
-----------------------------------

For applications that already have an authenticated Session, simply passing
it to the :class:`~openstack.connection.Connection` constructor is all that
is needed:

.. code-block:: python

    from openstack import connection

    conn = connection.Connection(
        session=session,
        region_name='example-region',
        compute_api_version='2',
        identity_interface='internal')

but I have to investigate further.


Solution

  • I couldn't find any documentation, but apparently it is possible to create a connection like this:

        openstack.connect(
            load_yaml_config=False,
            load_envvars=False,
            auth_url=AU,
            region_name=RN,
            application_credential_id=ACI,
            application_credential_secret=ACS,
            auth_type=AT
        )
    

    and that will return a connection object just like before. auth_type has to be "v3applicationcredential" when using application credentials.