kazoo.security

Kazoo Security

Public API

class kazoo.security.ACL(perms, id)[source]

An ACL for a Zookeeper Node

An ACL object is created by using an Id object along with a Permissions setting. For convenience, make_digest_acl() should be used to create an ACL object with the desired scheme, id, and permissions.

class kazoo.security.Id(scheme, id)
kazoo.security.make_digest_acl(username, password, read=False, write=False, create=False, delete=False, admin=False, all=False)[source]

Create a digest ACL for Zookeeper with the given permissions

This method combines make_digest_acl_credential() and make_acl() to create an ACL object appropriate for use with Kazoo’s ACL methods.

Parameters:
  • username – Username to use for the ACL.

  • password – A plain-text password to hash.

  • write (bool) – Write permission.

  • create (bool) – Create permission.

  • delete (bool) – Delete permission.

  • admin (bool) – Admin permission.

  • all (bool) – All permissions.

Return type:

ACL

Private API

kazoo.security.make_acl(scheme, credential, read=False, write=False, create=False, delete=False, admin=False, all=False)[source]

Given a scheme and credential, return an ACL object appropriate for use with Kazoo.

Parameters:
  • scheme – The scheme to use. I.e. digest.

  • credential – A colon separated username, password. The password should be hashed with the scheme specified. The make_digest_acl_credential() method will create and return a credential appropriate for use with the digest scheme.

  • write (bool) – Write permission.

  • create (bool) – Create permission.

  • delete (bool) – Delete permission.

  • admin (bool) – Admin permission.

  • all (bool) – All permissions.

Return type:

ACL

kazoo.security.make_digest_acl_credential(username, password)[source]

Create a SHA1 digest credential.

Note

This function uses UTF-8 to encode non-ASCII codepoints, whereas ZooKeeper uses the “default locale” for decoding. It may be a good idea to start the JVM with -Dfile.encoding=UTF-8 in non-UTF-8 locales. See: https://github.com/python-zk/kazoo/pull/584