kazoo.security
¶
Kazoo Security
Public API¶
- class
kazoo.security.
ACL
[source]¶An ACL for a Zookeeper Node
An ACL object is created by using an
Id
object along with aPermissions
setting. For convenience,make_digest_acl()
should be used to create an ACL object with the desired scheme, id, and permissions.
- class
kazoo.security.
Id
(scheme, id)¶
kazoo.security.
make_digest_acl
(username, password, read=False, write=False, create=False, delete=False, admin=False, all=False)[source]¶Create a digest ACL for Zookeeper with the given permissions
This method combines
make_digest_acl_credential()
andmake_acl()
to create anACL
object appropriate for use with Kazoo’s ACL methods.
Parameters:
- username – Username to use for the ACL.
- password – A plain-text password to hash.
- write (bool) – Write permission.
- create (bool) – Create permission.
- delete (bool) – Delete permission.
- admin (bool) – Admin permission.
- all (bool) – All permissions.
Return type:
Private API¶
kazoo.security.
make_acl
(scheme, credential, read=False, write=False, create=False, delete=False, admin=False, all=False)[source]¶Given a scheme and credential, return an
ACL
object appropriate for use with Kazoo.
Parameters:
- scheme – The scheme to use. I.e. digest.
- credential – A colon separated username, password. The password should be hashed with the scheme specified. The
make_digest_acl_credential()
method will create and return a credential appropriate for use with the digest scheme.- write (bool) – Write permission.
- create (bool) – Create permission.
- delete (bool) – Delete permission.
- admin (bool) – Admin permission.
- all (bool) – All permissions.
Return type:
kazoo.security.
make_digest_acl_credential
(username, password)[source]¶Create a SHA1 digest credential.
Note
This function uses UTF-8 to encode non-ASCII codepoints, whereas ZooKeeper uses the “default locale” for decoding. It may be a good idea to start the JVM with -Dfile.encoding=UTF-8 in non-UTF-8 locales. See: https://github.com/python-zk/kazoo/pull/584