consul.api.acl.token module

consul.api.acl.token.parse_identities(node_identities)[source]
Parameters:

node_identities (list[str] | None)

Return type:

dict[str, list[dict[str, str]]]

Bases: TypedDict

ID: str
Name: str
class consul.api.acl.token.AclToken[source]

Bases: TypedDict

AccessorID: str
SecretID: str
Description: str
Policies: builtins.list[AclPolicyLink]
Roles: builtins.list[AclPolicyLink]
ServiceIdentities: builtins.list[dict[str, Any]]
NodeIdentities: builtins.list[dict[str, Any]]
TemplatedPolicies: builtins.list[dict[str, Any]]
Local: bool
AuthMethod: str
CreateTime: str
Hash: str
CreateIndex: int
ModifyIndex: int
class consul.api.acl.token.Token(agent)[source]

Bases: object

list(token=None)[source]

Lists all the active ACL tokens. This is a privileged endpoint, and requires a management token. token will override this client’s default token. Requires a token with acl:read capability. ACLPermissionDenied raised otherwise

Parameters:

token (str | None)

Return type:

builtins.list[AclToken]

read(accessor_id, token=None)[source]

Returns the token information for accessor_id. Requires a token with acl:read capability. :param accessor_id: The accessor ID of the token to read :param token: token with acl:read capability :return: selected token information

Parameters:
  • accessor_id (str)

  • token (str | None)

Return type:

AclToken

read_self(token=None)[source]

Returns the token information for the token used to authenticate the request (via token, or the client’s default token). Requires no specific privileges beyond possessing the token’s own secret. :param token: the token to introspect; defaults to the client’s configured token :return: the token information

Parameters:

token (str | None)

Return type:

AclToken

delete(accessor_id, token=None)[source]

Deletes the token with accessor_id. This is a privileged endpoint, and requires a token with acl:write. :param accessor_id: The accessor ID of the token to delete :param token: token with acl:write capability :return: True if the token was deleted

Parameters:
  • accessor_id (str)

  • token (str | None)

Return type:

bool

clone(accessor_id, token=None, description='')[source]

Clones the token identified by accessor_id. This is a privileged endpoint, and requires a token with acl:write. :param accessor_id: The accessor ID of the token to clone :param token: token with acl:write capability :param description: Optional new token description :return: The cloned token information

Parameters:
  • accessor_id (str)

  • token (str | None)

  • description (str)

Return type:

AclToken

create(token=None, accessor_id=None, secret_id=None, node_identities=None, policies_id=None, description='', policies_name=None, roles_id=None, roles_name=None, templated_policies=None)[source]

Create a token (optionally identified by secret_id and accessor_id). This is a privileged endpoint, and requires a token with acl:write. :param token: token with acl:write capability :param accessor_id: The accessor ID of the token to create :param secret_id: The secret ID of the token to create :param node_identities: Optional list of node identities (format: ‘nodename:datacenter’), requires consul>=1.8.1 :param description: Optional new token description :param policies_id: Optional list of policies id :param roles_id: Optional list of roles id :param roles_name: Optional list of roles name :param templated_policies: Optional list of templated policies, :return: The cloned token information

Parameters:
  • token (str | None)

  • accessor_id (str | None)

  • secret_id (str | None)

  • node_identities (builtins.list[str] | None)

  • policies_id (builtins.list[str] | None)

  • description (str)

  • policies_name (builtins.list[str] | None)

  • roles_id (builtins.list[str] | None)

  • roles_name (builtins.list[str] | None)

  • templated_policies (builtins.list[builtins.dict[str, builtins.dict[str, str]]] | None)

Return type:

AclToken

update(accessor_id, token=None, secret_id=None, node_identities=None, description='', policies_id=None, policies_name=None, roles_id=None, roles_name=None, templated_policies=None)[source]

Update a token (optionally identified by secret_id and accessor_id). This is a privileged endpoint, and requires a token with acl:write. :param accessor_id: The accessor ID of the token to update :param token: token with acl:write capability :param secret_id: Optional secret ID of the token to update :param node_identities: Optional list of node identities (format: ‘nodename:datacenter’), requires consul>=1.8.1 :param description: Optional new token description :param policies_id: Optional list of policies id :param roles_id: Optional list of roles id :param roles_name: Optional list of roles name :param templated_policies: Optional list of templated policies :return: The updated token information

Parameters:
  • accessor_id (str)

  • token (str | None)

  • secret_id (str | None)

  • node_identities (builtins.list[str] | None)

  • description (str)

  • policies_id (builtins.list[str] | None)

  • policies_name (builtins.list[str] | None)

  • roles_id (builtins.list[str] | None)

  • roles_name (builtins.list[str] | None)

  • templated_policies (builtins.list[builtins.dict[str, builtins.dict[str, str]]] | None)

Return type:

AclToken