consul.api.acl.binding_rule module

class consul.api.acl.binding_rule.AclBindingRule[source]

Bases: TypedDict

ID: str
Description: str
AuthMethod: str
Selector: str
BindType: str
BindName: str
BindVars: dict[str, Any]
CreateIndex: int
ModifyIndex: int
class consul.api.acl.binding_rule.BindingRule(agent)[source]

Bases: object

list(auth_method=None, token=None)[source]

Lists all the ACL binding rules. Requires a token with acl:read capability. :param auth_method: Optional auth method name to filter the results by. :param token: token with acl:read capability :return: the list of binding rules

Parameters:
  • auth_method (str | None)

  • token (str | None)

Return type:

list[AclBindingRule]

read(binding_rule_id, token=None)[source]

Returns the binding rule information for binding_rule_id. Requires a token with acl:read capability. :param binding_rule_id: The ID of the binding rule to read :param token: token with acl:read capability :return: selected binding rule information

Parameters:
  • binding_rule_id (str)

  • token (str | None)

Return type:

AclBindingRule

delete(binding_rule_id, token=None)[source]

Deletes the binding rule with binding_rule_id. Requires a token with acl:write capability. :param binding_rule_id: The ID of the binding rule to delete :param token: token with acl:write capability :return: True if the binding rule was deleted

Parameters:
  • binding_rule_id (str)

  • token (str | None)

Return type:

bool

create(auth_method, bind_type, bind_name, token=None, description='', selector='', bind_vars=None)[source]

Create a binding rule. Requires a token with acl:write capability. :param auth_method: The name of the auth method this rule applies to. Immutable once created. :param bind_type: One of “service”, “node”, “role” or “templated-policy”. :param bind_name: Name (may use HIL templating) applied to the bound object at login. :param token: token with acl:write capability :param description: Free form human-readable description of the binding rule. :param selector: Expression matched against verified identity attributes at login. :param bind_vars: Template variables, only used when bind_type is “templated-policy”. :return: The created binding rule information

Parameters:
  • auth_method (str)

  • bind_type (Literal['service', 'node', 'role', 'templated-policy'])

  • bind_name (str)

  • token (str | None)

  • description (str)

  • selector (str)

  • bind_vars (dict[str, Any] | None)

Return type:

AclBindingRule

update(binding_rule_id, auth_method, bind_type, bind_name, token=None, description='', selector='', bind_vars=None)[source]

Update the binding rule identified by binding_rule_id. Requires a token with acl:write capability. :param binding_rule_id: The ID of the binding rule to update :param auth_method: The (unchanged) name of the auth method this rule applies to. :param bind_type: One of “service”, “node”, “role” or “templated-policy”. :param bind_name: Name (may use HIL templating) applied to the bound object at login. :param token: token with acl:write capability :param description: Free form human-readable description of the binding rule. :param selector: Expression matched against verified identity attributes at login. :param bind_vars: Template variables, only used when bind_type is “templated-policy”. :return: The updated binding rule information

Parameters:
  • binding_rule_id (str)

  • auth_method (str)

  • bind_type (Literal['service', 'node', 'role', 'templated-policy'])

  • bind_name (str)

  • token (str | None)

  • description (str)

  • selector (str)

  • bind_vars (dict[str, Any] | None)

Return type:

AclBindingRule