kazoo.security

Kazoo Security

Public API

class kazoo.security.ACL[source]

An ACL for a Zookeeper Node

An ACL object is created by using an Id object along with a Permissions setting. For convenience, make_digest_acl() should be used to create an ACL object with the desired scheme, id, and permissions.

class kazoo.security.Id

Id(scheme, id)

kazoo.security.make_digest_acl(username, password, read=False, write=False, create=False, delete=False, admin=False, all=False)[source]

Create a digest ACL for Zookeeper with the given permissions

This method combines make_digest_acl_credential() and make_acl() to create an ACL object appropriate for use with Kazoo’s ACL methods.

Parameters:
  • username – Username to use for the ACL.
  • password – A plain-text password to hash.
  • write (bool) – Write permission.
  • create (bool) – Create permission.
  • delete (bool) – Delete permission.
  • admin (bool) – Admin permission.
  • all (bool) – All permissions.
Return type:

ACL

Private API

kazoo.security.make_acl(scheme, credential, read=False, write=False, create=False, delete=False, admin=False, all=False)[source]

Given a scheme and credential, return an ACL object appropriate for use with Kazoo.

Parameters:
  • scheme – The scheme to use. I.e. digest.
  • credential – A colon separated username, password. The password should be hashed with the scheme specified. The make_digest_acl_credential() method will create and return a credential appropriate for use with the digest scheme.
  • write (bool) – Write permission.
  • create (bool) – Create permission.
  • delete (bool) – Delete permission.
  • admin (bool) – Admin permission.
  • all (bool) – All permissions.
Return type:

ACL

kazoo.security.make_digest_acl_credential(username, password)[source]

Create a SHA1 digest credential